The Why and How of Privacy and Security

PrivacySecurity
Written By Clo S

Trigger warning: authoritarianism, state surveillance, the Holocaust. If you want to avoid these topics, please jump to the last paragraph of this introduction, starting with ‘Enough about the depressing stuff.’

Before we start, I feel like I need to give a bit of background on why I care so deeply about privacy. It’s partly historical. Being Ashkenazi, I learnt from a very young age about the importance of sensitive information, and who you give that information to. My grandfather broke the law by not going to the police station to register himself as a Jew. The Holocaust saw 76,000 Jews deported to death camps from France alone - around 1/4th of the country’s Jewish population at the time. There’s a chance that not being part of the Jewish census saved his life. Lesson: be careful who you give sensitive information to.

That grandfather and two of his brothers left Paris in the middle of the war, and took a train south with no plan, no luggage, no contact, and no destination other than, well, heading south. They were helped by strangers and survived. Their mother however, along with two other siblings, had a plan. They had a deal with a smuggler to reach unoccupied France. The smuggler informed the Nazis, and all 3 of them died in deportation. Lesson: each person who has information on you represents an additional chance for it to be leaked.

And yes, we can raise the irony of mentioning my Jewish grandpa to warn you against sharing sensitive information online. There, I just did. 

While this happened in the 1940’s, a data point’s lifespan is drastically different today. It’s possible that you posted something online 10 years ago, and it was fine back then, but 20 years from now you will hope that no one finds it. My message is: the Internet never forgets, cultures change, and retroactive laws exist. People can get screwed over digital data. Let’s take the obvious example: China’s state surveillance has an eye on literally each and every move of its inhabitants, whether physical or digital. The state uses extensive data to allocate social scores, which can have a drastic impact on Chinese people’s life, including banning them from purchasing train or plane tickets, providing them with lower Internet speed, and denying them visas and loans. China also makes use of this surveillance system against its Uyghur population, detaining between 1 and 2 million people - the estimates vary - in concentration camps, where prisoners suffer extensively reported torture, brainwashing and forced labour

Apart from governmental issues, there’s also the topic of pervasive tracking and ads, championed by Facebook and Google. I’m yet to see the difference between today’s digital advertising and individually-customised mass manipulation. Maybe because there is none. Please try and change my mind if you have any conclusive elements.

Enough about the depressing stuff. I’ve explained why your privacy matters, and we’re now about to dive into a few security concepts. I wrote this article with lp1, as he knows much more about these concepts than I do. So here’s my first pro tip for you, unrelated to privacy or security: date people you admire. Now, let’s get into the technical aspects.

CIA

The CIA “triad” is a summary of the main concepts of information security. There are 3 aspects regarding information which are targeted by infosec:

  • Confidentiality: the assurance that a piece of information can only be observed by authorised third parties.

  • Integrity: the assurance that a piece of information is and stays accurate over time.

  • Availability: the assurance that a piece of information can be accessed by an authorised user when they need it.

Encryption: Server-side vs. Client-side

Encryption secures data and aims to maintain its confidentiality and integrity.

We differentiate server-side from client-side encryption. Server-side means that only information stored on said server is encrypted. This means that the company has the encryption key, and therefore can access your communication (yes, including your nudes). However, server-side encryption doesn’t apply to the transmission of your communication. The data you share is not necessarily encrypted, only the storage is, which is why you should favour platforms that use https.

Client-side – or end-to-end – encryption means that the transmission of your information is encrypted, and that only your device has the key. If you log in from a different device, you won’t be able to see the exchanges. Since the company does not have the key, they cannot access your messages. As a result, even if they were to store your exchanges, said exchanges would automatically be encrypted. However, this also means that you won’t be able to recover your messages, should you lose the key.

In the case of a communication service, this means that the nudes you're sending are encrypted from your device to the company's server, as well as from their server to your trusted partner's device. Without encryption however, anyone on your network can see and tamper with all your communications. By “tamper with”, we mean any kind of modification by an unauthorised third party. Examples include someone changing your password and email address on a platform to take over your account, deleting your private files on a cloud file storage service, replacing software in your online backups with malware, etc.

An illustration of the difference between server-side encryption and client-side encryption.

A recent example is the July 2020 Twitter hack, during which hackers managed to read users' messages from Twitter's admin control panel.  With end-to-end encrypted DMs, no one at Twitter would have been able to access them.

Encryption vs. Hashing

A distinction has to be made between two important notions: encryption and hashing. Encrypting information means that you turn it into scrambled text which can be decoded with a key. For instance, it's useful to make sure a communication between two peers cannot be read by an unauthorised person. 

Hashing a piece of data on the other hand means that you turn it into a unique signature which cannot be reversed into its original readable state. The only way for someone to obtain the original input based on the hashing output, is to try inputs themselves until their output matches. Hashing is not intended as a cypher to decrypt, which is why encryption and hashing serve different purposes and are used in different cases. Hashing is noticeably useful to store passwords, because you avoid storing the actual easy-to-steal-and-reuse passwords. Instead, you compare the hashing output that you store to the hashing output of what a user entered while trying to log in. If you get the same hash that you’ve stored, then the password is correct.

An illustration of how hashing works, with an example.

100% secure does not exist

Flaws and vulnerabilities can always be found. However, the sturdier your tools, the safer you'll be. And contrary to what A-ha used to sing, it is better to be safe than sorry.

Free vs. Open source

Free and open source software are specific philosophies, based on specific values. Free software specifically refers to the notion of users' freedom, which isn't the case in open-source software. As the GNU website puts it: 'To understand the concept, you should think of “free” as in “free speech,” not as in “free beer”'.

There are 4 criteria for software to be free:

  • Freedom 0: The freedom to run the programme as you wish, for any purpose.

  • Freedom 1: The freedom to study how the programme works, and change it so it does your computing as you wish. This entails having access to the source code.

  • Freedom 2: The freedom to redistribute copies so you can help others.

  • Freedom 3: The freedom to distribute copies of your modified versions to others.

On the other hand, open-source software has a less strict definition, and a different philosophy. You can also see the source code, amongst other things.

If you want to get into the political aspect of these terminologies, here’s a good explanation.

Credential stuffing attack

Credential stuffing is a popular attack whose goal is to automatically test a user’s known credentials on multiple platforms on a large scale. Nowadays, it is widely used by malicious intruders because of the online accessibility of billions of credentials gathered from data leaks (MySpace, Dailymotion, Dropbox to name some of the biggest).

And there you have it, a roundup of the main security concepts. Feel free to reach out to lp1 or me on Twitter. For a list of the privacy and security tools we frequently use and recommend, you can check out part 2 of this series.

If you’re looking for a UX researcher or UX designer to work in the privacy and security sphere, I’d love to have a chat with you!

Get the Digital Wellness newsletter

I write and curate the best resources on mindful UX, digital wellness, mental health, and privacy.

Illustration of a purple envelope, open, containing a white page

Non-overwhelming newsletter, sent to your inbox every 2 weeks.

    I respect your privacy. No spam, no ads, no sharing your email address with other people, I promise. Unsubscribe at any time.

    Built with ConvertKit
    Previous

    Privacy and Security Tools for Beginners
    Next

    Mindful Productivity framework