PRISMWhat the hell is it

Some backgroundLittle intro to the internet

This is your internet connection

Client Web Server

Client

Client Web Server

Connection

Client Web Server

Web Server

Client Web Server

For anonymity and privacy you need to secure all 3:

Secure your Client

Secure your connection

Secure your Web server

Client

If someone manages to install spyware on your machine they can see everything you do on your client

So it’s your job to make sure there’s no spyware on your client

You are responsible to secure this, and you can--because you own it

Client Web Server

Connection

Someone performing a wire-tap can see everything you do online

If you want to remain secure you can encrypt the data flow

SSL connection to the Web Server or VPN would resolve this

Client Web Server

Web Server

Client Web Server

• Your Web server in most cases stores a huge amount of data on you

• But you don’t own it and can’t control the security of it

• However, Google and Facebook have better security than you

If I secure them all…am I safe?

Even if you secure them all…

Client Web Server

The NSA has figured out…

The internet is Public

And the NSA has tapped the Public Internet just before the likes of Google, Facebook, Microsoft…

While most of the data is encrypted, some of it isn’t.

What is PRISMHow it works

So what did they do?

Client Web Server

Your email exiting Gmail is not encrypted… so they tapped it.

And they stored it…

Prism

NSA datacenter

And there’s more

Email

Photos

Chats

File transfers

Login activity

Social media Profiles

All stored here

And stored for eternity

Could include encrypted data (for decryption when future computing power allows it)

Unfortunately, we don’t know anything for sure.

They have HUGE storage capacity and no qualms about storing data for non-Americans…i.e. 80% of the users of these services

Why is it called PRISMBecause a PRISM splits light

Why is it called PRISM?

Client Web Server

• Your internet connection is Fibre-Optic

• Which means the signal is light

• To split light…you use a PRISM

Why is it called PRISM?

Client Web Server

Prism

• Light split between the webserver you want to access and;

• The NSA Datacenter

Why is it called Prism?

Prism

NSA datacenter

Prism

Does TOR protect you?

Client Web Server

NO! TOR doesn’t help

Does VPN protect you?

Client Web Server

VPN doesn’t help either

YES!You should be worried

Nothing muchYou can do about it

Thanks toSteve Gibson for his AMAZING Analysis on Twit Security

https://www.youtube.com/watch?v=fX8CSMPiTs4

https://www.grc.com/

Byekeithrozario.com