DOCSLIB.ORG

Nlnet Foundation Annual Report 2017

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Nlnet Foundation Annual Report 2017 Annual // Report 2017 Since 1997 NLnet foundation (after its historical contribution to the early internet inside and outside of Europe) has been financially supporting organizations and people that contribute to an open information society It funds those with ideas to fi# the safety$ robustness and pri%acy of the internet The articles of association for the NLnet foundation state' "to promote the exchange of electronic information and all that is related or beneficial to that purpose" Stichting NLnet is a recognised philantropic non(profit foundation according to the Netherlands Ta# Authority (*elastingdienst) The internet has no borders$ and neither does NLnet It operates internationally$ and is dri%en by donations from indi%iduals and from pri%ate and public organisations NLnet is independent$ and all pro+ects are based on open standards$ open source soft"are$ hardware and content Annual Report NLnet Foundation 2017 1 Introduction L.S., 2017 was a year of celebration for NLnet. It was an incredible 35 years ago this year when NLnet's history started with an informal announce ent to a s all grou" of com"!ter people. At the $!ropean %NIX users Spring e'ent in (aris )e!s Hagen re'ealed the E%net, on the face of it a s all initiati'e that would howe'er have ajor conse,!ences. )he Netherlands national center for athe atics, CWI, would act as the central node. A few years down the line the h! ble U%-( infrastruct!re would !nleash the open internet outside of the %SA, and one can e,!ally say it was a critical win for the global adoption of %NI& / which was b!t one of many operating syste s in use at the ti e. If it were not for that e'ent, today our com"!ters might be using di0erent instruction sets and we might have had an alternati'e 'internet' b!ilt on one of the competing technologies de'ised in for instance France, the U2 or Swit3erland. *owe'er, the prag atic combination of the internet protocol and UNI& proved a winning form!la. The combination had already been put to good use in Amsterdam act!ally two years before that, in the conte4t of another scientific instit!te at the Science Park in # sterdam. At the national instit!te for particle physics NI2*$1. *agen's CWI colleag!e Jaap Akkerh!is and his NI2*$1 counterpart Ted Lindgreen had b!ilt a groundbreaking optical I(/based network, to process the data from the linear particle accellerator 7a predecessor to C$RN) which was housed at NI2*$1. Lindgreen later became the director of NLnet when the informal acti'ities became a real organisation in 1:;:, while Akkerh!is le< for the USA and would re+oin the team a few years later. As the internet grew would spend countless nights and weekends in setting !" and deb!gging connections and first international gateways - for countries all the way u" to Australia, 'ia Japan and South Korea. Well before the first official public connection to the internet outside of the %SA was ade at CWI, Jaap personally con'inced 6on Postel to allocate hi a range of I(/addresses to avoid fut!re collisions. =n Septe ber 1:th 2017 6aap Akkerh!is recei'ed international recognition for his pioneering work when he was inducted into the Internet Hall of 1ame, alongside his former CWI>NLnet colleag!es )e!s *agen and ?aniel Karrenberg. 2017 was also the year in which NLnet celebrated two decades of being a public benefit organisation, and a relentless s!pporter of the open internet. )he operational parts of NLnet was sold to %%net in 1::7, and so that year marks the point when its initial trust fund was established. )hat generous act created an instit!tion we are all very proud of, and which has proven re arkably s!ccessful with 'ery li ited b!dgets. =f course there are challenges@ while NLnet was about 25A of all of the internet in $!rope at the ti e, 1::7 was still early days. The 'e4it' was made prior to the h!ge increase in re'en!e throughout the sector, and the relati'ely odest s! of the endow ent is not enough to make the e0ort s!stainable by itself. NLnet really depends on donations, grants, legacies and other forms of income to contin!e doing its work. Part of that work is gi'ing away strategic money to the right people sol'ing the right proble s in the right way, and we like to thin5 we are among the 'ery best in the world in doing so. 2017 howe'er was hardly about looking bac5 on the past for us, we spent all our energy on creating new history. .e were 'ery happy with the contin!ed cooperation with )he Com ons Conservancy and the $!ropean association of research networks GCANT. .e were com issioned a 'ery prestigeous st!dy together with Gartner $!rope, helping to de'elop the vision and strategy for the $!ropean Com ision's !pco ing flagshi" e0ort Ne4t Generation Internet. In order to do that we !ndertook a h!ge e0ort where we engaged with many di0erent technical com !nities, and dug deep into the trove of iss!es of todays internet. The res!lts were validated with a workshop at -.I, which brought Annual Report NLnet Foundation 2017 2 together a uni,!e grou" of e4perts / and of course echoed the i portant role that instit!tion has played in our history and the history of the E!ropean internet. We published some intermediate res!lts in 2017, b!t the final report of the NGI st!dy is e4pected in 201;. =!r reg!lar work contin!ed as well. .e managed to b!ild on the s!ccess of the Internet Hardening 1!nd, set !" with a si3able donation from the Netherlands ministry of Economic Affairs. .e were able to fund a n! ber of very interesting projects with significant donations from various international research networks, from the Netherlands national standardisation foru and from other foundations like Vietsch 1oundation. For one of the projects we +ointly operate with The Com ons Conservancy - Internet of Coins - we s!pported a very s!ccessful and innovati'e fundraiser which was able to raise illions of E!ro's worth of funding for their open source project. #nother way to sec!re income, is to earn it. We were 'ery happy to see contin!ed growth at Radically =pen Sec!rity, the not/for-profit sec!rity company set !" by dr. Melanie Rieback, John Sinte!r and others in 201F. %ni,!ely, 8=S chose not to send its profits to shareholders - instead it decided from the very start to sends its profits to NLnet. From a legal point of view, it uses a !ni,!e legal facility called 'fiscal fundraising entity' to allow those donations to directly benefit NLnet. 1or the first ti e since its transition to a charity, NLnet started a company in 2017. )he Com ons Caretakers B.V. H as the name says H helps organisations that !se and benefit from Com ons to gi'e bac5 and/or 'pay it forward' to take care of those Com ons. With hel" from any vol!nteers and in partic!lar a collaboration with The Com ons Conservancy and its 'arious Program e Boards, the company was already able to raise some funds for a n! ber of our projects in its first few weeks / and we hope the company will be contin!ing that s!ccess in the years ahead. Last b!t not least, saw the depart!re of Marc Bauw. Earc had worked for NLnet since 201F, and was a dri'ing force behind the set!" of ?INL, the Trusted Networks initiati'e and the Holland Strikes Gac5 e'ents. We take this opport!nity to than5 hi for his e0orts througho!t these years, and we wish hi great l!c5 in his fut!re endeavours. =n behalf of the NLnet team, Gob Goudriaan Eichiel Leenaars Chair Governing Board Director of Strategy Annual Report NLnet Foundation 2017 3 Table of Contents Introduction.....................................................................................................................2 Table of Contents...............................................................................................................4 1 NLnet organisation..........................................................................................................! History................................................................................................................................................6 Funding source...................................................................................................................................6 Domicile..............................................................................................................................................6 Supervisory Board..............................................................................................................................6 Governing Board.................................................................................................................................7 Operations..........................................................................................................................................7 Operations support.............................................................................................................................7 Review Committee Internet Hardening Fund......................................................................................7 2 Overvie$........................................................................................................................% Statutory goal and Mission................................................................................................................." Free So#ware & Open Source% Open Content% Open Hardware..........................................................." &ot'for-profit......................................................................................................................................" Co'operation......................................................................................................................................."
Load more

Recommended publications
  • Libressl Presentatie2
    Birth of LibreSSL and its current status Frank Timmers Consutant, Snow B.V. Background What is LibreSSL • A fork of OpenSSL 1.0.1g • Being worked on extensively by a number of OpenBSD developers What is OpenSSL • OpenSSL is an open source SSL/TLS crypto library • Currently the de facto standard for many servers and clients • Used for securing http, smtp, imap and many others Alternatives • Netscape Security Services (NSS) • BoringSSL • GnuTLS What is Heartbleed • Heartbleed was a bug leaking of private data (keys) from both client and server • At this moment known as “the worst bug ever” • Heartbeat code for DTLS over UDP • So why was this also included in the TCP code? • Not the reason to create a fork Why did this happen • Nobody looked • Or at least didn’t admit they looked Why did nobody look • The code is horrible • Those who did look, quickly looked away and hoped upstream could deal with it Why was the code so horrible • Buggy re-implementations of standard libc functions like random() and malloc() • Forces all platforms to use these buggy implementations • Nested #ifdef, #ifndefs (up to 17 layers deep) through out the code • Written in “OpenSSL C”, basically their own dialect • Everything on by default Why was it so horrible? crypto_malloc • Never frees memory (Tools like Valgrind, Coverity can’t spot bugs) • Used LIFO recycling (Use after free?) • Included debug malloc by default, logging private data • Included the ability to replace malloc/free at runtime #ifdef trees • #ifdef, #elif, #else trees up to 17 layers deep • Throughout the complete source • Some of which could never be reached • Hard to see what is or not compiled in 1.
    [Show full text]
  • IPFS and Friends: a Qualitative Comparison of Next Generation Peer-To-Peer Data Networks Erik Daniel and Florian Tschorsch
    1 IPFS and Friends: A Qualitative Comparison of Next Generation Peer-to-Peer Data Networks Erik Daniel and Florian Tschorsch Abstract—Decentralized, distributed storage offers a way to types of files [1]. Napster and Gnutella marked the beginning reduce the impact of data silos as often fostered by centralized and were followed by many other P2P networks focusing on cloud storage. While the intentions of this trend are not new, the specialized application areas or novel network structures. For topic gained traction due to technological advancements, most notably blockchain networks. As a consequence, we observe that example, Freenet [2] realizes anonymous storage and retrieval. a new generation of peer-to-peer data networks emerges. In this Chord [3], CAN [4], and Pastry [5] provide protocols to survey paper, we therefore provide a technical overview of the maintain a structured overlay network topology. In particular, next generation data networks. We use select data networks to BitTorrent [6] received a lot of attention from both users and introduce general concepts and to emphasize new developments. the research community. BitTorrent introduced an incentive Specifically, we provide a deeper outline of the Interplanetary File System and a general overview of Swarm, the Hypercore Pro- mechanism to achieve Pareto efficiency, trying to improve tocol, SAFE, Storj, and Arweave. We identify common building network utilization achieving a higher level of robustness. We blocks and provide a qualitative comparison. From the overview, consider networks such as Napster, Gnutella, Freenet, BitTor- we derive future challenges and research goals concerning data rent, and many more as first generation P2P data networks, networks.
    [Show full text]
  • A Transport Layer Abstraction for Peer-To-Peer Networks Ronaldo A
    A Transport Layer Abstraction for Peer-to-Peer Networks Ronaldo A. Ferreira, Christian Grothoff and Paul Ruth Department of Computer Sciences Purdue University g frf,grothoff,ruth @cs.purdue.edu http://www.gnu.org/software/GNUnet/ B Abstract— The initially unrestricted host-to-host communica- same peer-to-peer network. In fact, two peers A and may tion model provided by the Internet Protocol has deteriorated want to use differentmodes of communicationon the same link. due to political and technical changes caused by Internet growth. For example, suppose node B is behind a NAT box and cannot While this is not a problem for most client-server applications, peer-to-peer networks frequently struggle with peers that are be reached directly via UDP or TCP. In a system with multiple only partially reachable. We describe how a peer-to-peer frame- transport protocols, A could initiate a connection by sending an B A work can hide diversity and obstacles in the underlying Internet e-mail to B (SMTP) and then have contact via TCP, al- and provide peer-to-peer applications with abstractions that hide lowing A to continue further communication on a bidirectional transport specific details. We present the details of an implemen- TCP connection. tation of a transport service based on SMTP. Small-scale bench- marks are used to compare transport services over UDP, TCP, and We will use GNUnet as our reference peer-to-peer system, SMTP. but it should be clear that the idea of a transport abstraction can be applied to other systems. GNUnet is a peer-to-peer frame- work whose main focus is on security [1], [5].
    [Show full text]
  • The Future of Free Speech, Trolls, Anonymity and Fake News Online.” Pew Research Center, March 2017
    NUMBERS, FACTS AND TRENDS SHAPING THE WORLD FOR RELEASE MARCH 29, 2017 BY Lee Rainie, Janna Anderson, and Jonathan Albright FOR MEDIA OR OTHER INQUIRIES: Lee Rainie, Director, Internet, Science and Technology research Prof. Janna Anderson, Director, Elon University’s Imagining the Internet Center Asst. Prof. Jonathan Albright, Elon University Dana Page, Senior Communications Manager 202.419.4372 www.pewresearch.org RECOMMENDED CITATION: Rainie, Lee, Janna Anderson and Jonathan Albright. The Future of Free Speech, Trolls, Anonymity and Fake News Online.” Pew Research Center, March 2017. Available at: http://www.pewinternet.org/2017/03/29/the-future-of-free-speech- trolls-anonymity-and-fake-news-online/ 1 PEW RESEARCH CENTER About Pew Research Center Pew Research Center is a nonpartisan fact tank that informs the public about the issues, attitudes and trends shaping America and the world. It does not take policy positions. The Center conducts public opinion polling, demographic research, content analysis and other data-driven social science research. It studies U.S. politics and policy; journalism and media; internet, science, and technology; religion and public life; Hispanic trends; global attitudes and trends; and U.S. social and demographic trends. All of the Center’s reports are available at www.pewresearch.org. Pew Research Center is a subsidiary of The Pew Charitable Trusts, its primary funder. For this project, Pew Research Center worked with Elon University’s Imagining the Internet Center, which helped conceive the research as well as collect and analyze the data. © Pew Research Center 2017 www.pewresearch.org 2 PEW RESEARCH CENTER The Future of Free Speech, Trolls, Anonymity and Fake News Online The internet supports a global ecosystem of social interaction.
    [Show full text]
  • What Will Historians' Verdict Be 50 Years from Now About the Impact Of
    FOR RELEASE OCTOBER 29, 2019 What Will Historians’ Verdict be 50 Years from Now About the Impact of the Internet on People’s Lives Today? Experts expect that by 2069 today’s period of human-tech evolution could come to be seen as a risks-ridden time that eventually led to a grand redefinition of civilization or it could be seen as a ‘wasted opportunity’ that simply ‘updated and replicated legacy colonial hierarchies’ By Janna Anderson Executive director, Elon University’s Imagining the Internet Center FOR MEDIA OR OTHER INQUIRIES: Owen Covington, News Bureau Director, Elon University 336.278.7413 www.elon.edu RECOMMENDED CITATION Elon University’s Imagining the Internet Center, October 29, 2019, “2069 Historians’ Verdict of Internet Impact 2019” About the Imagining the Internet Center Elon University’s Imagining the Internet Center explores and provides insights into emerging network innovations, global development, dynamics, diffusion and governance. Its research holds a mirror to humanity’s use of communications technologies, informs policy development, exposes potential futures and provides a historic record. It works to illuminate issues in order to serve the greater good, making its work public, free and open. The Imagining the Internet Center sponsors work that brings people together to share their visions for the future of communications and the future of the world. What will historians’ verdict be 50 years from now about the impact of the internet on people’s lives today? Experts expect that by 2069 today’s period of human-tech
    [Show full text]
  • Securing Information Systems in an Uncertain World Enterprise Level Security 1 William R
    Proceedings of IMCIC - ICSIT 2016 Securing Information Systems in an Uncertain World Enterprise Level Security 1 William R. Simpson Institute for Defense Analyses, 4850 Mark Center Dr. Alexandria, Virginia 22311 1 The publication of this paper does not indicate endorsement by the Department of Defense or IDA, nor should the contents be construed as reflecting the official position of these organizations. maintenance. Of course that wasn’t going be tolerated! ABSTRACT They doubled down (Special woods, Special Increasing threat intrusions to enterprise computing systems formulated sealants, Special paints). They still leaked. have led to a formulation of guarded enterprise systems. The A set of boat builders examined the history and came to 2 approach was to put in place steel gates and prevent hostile an epiphany – boats leak . Like all epiphanies, it entities from entering the enterprise domain. The current allows us to re-examine how we handle things. The complexity level has made the fortress approach to security design was modified so that the inside of boats could implemented throughout the defense, banking, and other high accommodate leakage. Drains and channels were added trust industries unworkable. The alternative security approach to funnel water to an area, the bilge, where the water presented in this paper is the result of a concentrated fourteen could be dealt with, manually at first, and then with year program of pilots and research. Its distributed approach automated pumps. A well-sealed boat was still required has no need for passwords or accounts and derives from a set of tenets that form the basic security model requirements.
    [Show full text]
  • Black-Box Security Analysis of State Machine Implementations Joeri De Ruiter
    Black-box security analysis of state machine implementations Joeri de Ruiter 18-03-2019 Agenda 1. Why are state machines interesting? 2. How do we know that the state machine is implemented correctly? 3. What can go wrong if the implementation is incorrect? What are state machines? • Almost every protocol includes some kind of state • State machine is a model of the different states and the transitions between them • When receiving a messages, given the current state: • Decide what action to perform • Which message to respond with • Which state to go the next Why are state machines interesting? • State machines play a very important role in security protocols • For example: • Is the user authenticated? • Did we agree on keys? And if so, which keys? • Are we encrypting our traffic? • Every implementation of a protocol has to include the corresponding state machine • Mistakes can lead to serious security issues! State machine example Confirm transaction Verify PIN 0000 Failed Init Failed Verify PIN 1234 OK Verified Confirm transaction OK State machines in specifications • Often specifications do not explicitly contain a state machine • Mainly explained in lots of prose • Focus usually on happy flow • What to do if protocol flow deviates from this? Client Server ClientHello --------> ServerHello Certificate* ServerKeyExchange* CertificateRequest* <-------- ServerHelloDone Certificate* ClientKeyExchange CertificateVerify* [ChangeCipherSpec] Finished --------> [ChangeCipherSpec] <-------- Finished Application Data <-------> Application Data
    [Show full text]
  • Vetting SSL Usage in Applications with SSLINT
    2015 IEEE Symposium on Security and Privacy Vetting SSL Usage in Applications with SSLINT Boyuan He1, Vaibhav Rastogi2, Yinzhi Cao3, Yan Chen2, V.N. Venkatakrishnan4, Runqing Yang1, and Zhenrui Zhang1 1Zhejiang University 2Northwestern University 3Columbia University 4University of Illinois, Chicago [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] Abstract—Secure Sockets Layer (SSL) and Transport Layer In particular, we ask the following research question: Is it Security (TLS) protocols have become the security backbone of possible to design scalable techniques that detect incorrect use the Web and Internet today. Many systems including mobile of APIs in applications using SSL/TLS libraries? This question and desktop applications are protected by SSL/TLS protocols against network attacks. However, many vulnerabilities caused poses the following challenges: by incorrect use of SSL/TLS APIs have been uncovered in recent • Defining and representing correct use. Given an SSL years. Such vulnerabilities, many of which are caused due to poor library, how do we model correct use of the API to API design and inexperience of application developers, often lead to confidential data leakage or man-in-the-middle attacks. In this facilitate detection? paper, to guarantee code quality and logic correctness of SSL/TLS • Analysis techniques for incorrect usage in software. applications, we design and implement SSLINT, a scalable, Given a representation of correct usage, how do we de- automated, static analysis system for detecting incorrect use sign techniques for analyzing programs to detect incorrect of SSL/TLS APIs.
    [Show full text]
  • You Really Shouldn't Roll Your Own Crypto: an Empirical Study of Vulnerabilities in Cryptographic Libraries
    You Really Shouldn’t Roll Your Own Crypto: An Empirical Study of Vulnerabilities in Cryptographic Libraries Jenny Blessing Michael A. Specter Daniel J. Weitzner MIT MIT MIT Abstract A common aphorism in applied cryptography is that cryp- The security of the Internet rests on a small number of open- tographic code is inherently difficult to secure due to its com- source cryptographic libraries: a vulnerability in any one of plexity; that one should not “roll your own crypto.” In par- them threatens to compromise a significant percentage of web ticular, the maxim that complexity is the enemy of security traffic. Despite this potential for security impact, the character- is a common refrain within the security community. Since istics and causes of vulnerabilities in cryptographic software the phrase was first popularized in 1999 [52], it has been in- are not well understood. In this work, we conduct the first voked in general discussions about software security [32] and comprehensive analysis of cryptographic libraries and the vul- cited repeatedly as part of the encryption debate [26]. Conven- nerabilities affecting them. We collect data from the National tional wisdom holds that the greater the number of features Vulnerability Database, individual project repositories and in a system, the greater the risk that these features and their mailing lists, and other relevant sources for eight widely used interactions with other components contain vulnerabilities. cryptographic libraries. Unfortunately, the security community lacks empirical ev- Among our most interesting findings is that only 27.2% of idence supporting the “complexity is the enemy of security” vulnerabilities in cryptographic libraries are cryptographic argument with respect to cryptographic software.
    [Show full text]
  • Xerox® Igen™ 150 Press 3 Party Software License Disclosure
    Xerox® iGen™ 150 Press 3rd Party Software License Disclosure October 2013 The following software packages are copyrighted for use in this product according to the license stated. Full terms and conditions of all 3rd party software licenses are available from the About screen under the Help menu on the Press Interface or by accessing the Support & Drivers page located on the http://www.xerox.com website. Adobe Icons and Web Logos, license: Adobe Icons and Web Logos License Apache log4j 1.2.8, Apache log4j 1.2.9, Apache Web Services XML-RPC 1.2.b1, Apache Lucene Java 1.3, Apache Tomcat 4.1.27, license: Apache License 1.1 Apache Axis 1.x 1.4, Apache Jakarta Commons HttpClient 3.0.alpha1, Apache Jakarta Commons Logging 1.0.4, Apache Jakarta Lucene 1.9.1, Apache XML Security Java 1.3.0, saxpath 1.0 FCS, Skin Look And Feel (skinlf) 1.2.8, Spring Framework Utilities 0.7, Apache Web Services Axis 1.2rc3, Apache Xerces Java XML Parser 2.7.1, Apache XML Xalan-Java 2.7.0, Jetty - Java HTTP Servlet Server 4.0.D0, Lucene Snowball, Streaming API for XML (StAX) - JSR-173 20040819, license: Apache License 2.0 Perl 5.8.5, Perl 5.10.0, AppConfig-1.66, Archive-Tar-1.58, Compress::Zlib-2.020, Expect.pm- 1.21, File-NCopy-0.36, File-NFSLock-1.20, Filesys-Df-0.92, Filesys-DiskFree-0.06, HTML- Parser-3.69, HTML-Tagset-3.20, HTML-Template-2.9, IO-Stty-0.02, IO-Tty-1.08, IO-Zlib- 1.09, libxml-perl-0.08, Net-Netmask-1.9015, Net-Telnet-3.03, perl-5.8.3, perlindex-1.605, Pod- Escapes-1.04, Pod-POM-0.25, Pod-Simple-3.13, Proc-ProcessTable-0.45, Socket6-0.23, Stat-
    [Show full text]
  • Recognition and Investigation of Listening in Anonymous Communication Systems 1 K
    AEGAEUM JOURNAL ISSN NO: 0776-3808 Recognition and investigation of listening in anonymous communication systems 1 K. Balasubramanian, 2 Dr. S. Kannan, 3 S. Sharmila 1Associate Professor, Department of CSE, E.G.S Pillay Engineering College, Nagapattinam, Tamil Nadu, India. Email: [email protected] 2, Professor, Department of CSE, E.G.S Pillay Engineering College, Nagapattinam, Tamil Nadu, India. 3, P.G Student, Department of CSE, E.G.S Pillay Engineering College, Nagapattinam, Tamil Nadu, India. Abstract components through which client activity is steered can Mysterious correspondence systems similar to listen in and get delicate information, for example, user Tor, mostly secure the secrecy of client activity by verification qualifications. This circumstance can scrambling all interchanges inside the overlay system. conceivably decline when clients utilize intermediary based frameworks to get to similar administrations However, when the transferred activity achieves the without utilizing end-to-end encryption, as the quantity limits of the system, toward its end, the first client of hosts or hubs that can listen stealthily on their activity is definitely presented to the last node on the movement increments. Different open and private path. Accordingly, users sending sensitive information, systems may square access to interpersonal interaction similar to verification accreditations, over such and other prominent online administrations for systems, risk having their information between different reasons. Under these conditions, users accepted and uncovered, unless end-to-end encryption regularly depend on utilizing disseminated proxying frameworks to prevent their activity from being is utilized. Listening can be performed by malicious or filtered. They fall back on such mechanisms so as to compromised relay nodes, and additionally any rebel evade system activity filtering in light of source, goal, arrange substance on the way toward the actual end.
    [Show full text]
  • Tools for Breaking out of PRISM
    Tools for Breaking out of PRISM Christian Grothoff The GNUnet Project \Never doubt your ability to change the world." {Glenn Greenwald Everybody Has Secrets I Business & Trade Secrets I Political opinions I Illegal activities Send everything to US in plaintext Keeping Secrets I Encryption: baseline I Hide meta-data: state of the art I Practice today? Keeping Secrets I Encryption: baseline I Hide meta-data: state of the art I Practice today? Send everything to US in plaintext I PRISM enables real-time surveillance and access to stored content I Data collected: E-mails, instant messages, videos, photos, stored data (likely files), voice chats, file transfers, video conferences, log-in times, and social network profiles I Tiny part of NSA: $20 M budget I Guardian: \The PRISM program allows the intelligence services direct access to the companies servers." I Cooperating providers: Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL, Apple I Guardian: \The PRISM program allows the intelligence services direct access to the companies servers." I Cooperating providers: Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL, Apple I PRISM enables real-time surveillance and access to stored content I Data collected: E-mails, instant messages, videos, photos, stored data (likely files), voice chats, file transfers, video conferences, log-in times, and social network profiles I Tiny part of NSA: $20 M budget US discussion focuses on spying on US citizens and legality under US law. Frank Church (D-Idaho): \The NSA's capability at any
    [Show full text]