Languages
Pages
Legal
libraryfreedomproject.org/resources/privacy-toolkit-for-librarians/
PRIVACY TOOLKIT FOR LIBRARIANS
THREAT MODELING
● assets● adversaries● capabilities● consequences
how much trouble are you willing to go through in order to try to prevent those?
FOSS: the freedom to run, copy, distribute, study, change and improve the software
(gnu.org)
-vs. proprietary software-why does this matter for privacy?-most of these tools are free software
FREE SOFTWARE
SAFER BROWSING
● who owns your browser?
● what is a browser extension?
● Firefox and Tor
● Firefox privacy settings
● Firefox extensions menu
● what is encryption?1. confidentiality2. authenticity3. integrity
● http vs https● HTTPS Everywhere● Let's Encrypt
ENCRYPTED WEBSITES
● cookies● widgets● analytics● beacons● behavioral
advertising● Privacy Badger
This is a real image from an online marketing company.
THIRD PARTY TRACKING
SEARCH TRACKING● Google, Bing, and Yahoo collect and store your
searches ● DuckDuckGo does not. They even have an
extension!● alerting patrons: “You might notice that your
search engine looks different”
● embedded Google searchbars: Google Sharing
Image credit: xkcd.com
E.U.L.A. = end user license agreement
Terms of Service; Didn't Read
TERMS OF SERVICE
● Open wifi access and plausible deniability
● Closed wifiencryption (authenticity
– and integrity)● Wired network snooping
is possible but requires a physical connection
WIFI SECURITY
Clean system and protect privacy:trash, logs, recent places, cache, session data, etc
CCLeaner – Windows and Mac OSX, not FOSS*Windows users, do not ever use the registry cleaner!
Bleachbit – Windows and Linux, FOSS
Deep Freeze/Clean Slate on patron PCs: very useful, easy to use, but not totally secure deletion.
FILE DELETION
ANONYMITY
● Tor Browser: anonymous and ephemeral● Tor vs. Firefox● Tor extensions: HTTPS Everywhere and NoScript● Tor best practices● more with Tor● strengthening the Tor network
Tails: The Amnesiac Incognito Live System
operating system for anonymity and leaving no trace
requires:-Tails iso-CD-R (recommended) or 4GB USB stick-installation instructions-ability to boot from external device
● differences between viruses and malware● relationship to privacy● good practices
antivirus: ClamAVantimalware: MalwareBytes (free vs pro)for govt malware: Detekt
VIRUSES AND MALWARE
● Strong passwords-high entropy-NO PATTERNS
● xkcd method ● diceware list● KeyPassX:
-encrypted-FOSS
● Hardware tokensimage credit: xkcd.com
PASSWORDS
MOBILE DEVICES● your pocket tracking device and you● location services, wifi, bluetooth = off
even better = airplane mode● cover cameras● exif removal● hardening Android: Replicant and Cyanogenmod● device encryption● high security situations
MOBILE APPS
The Guardian Project (Android)
Signal (iPhone)
Redphone/ Textsecure (Android)
SnoopSnitch (Android with root access)
who can read your email?
● your email service provider● operators of intermediate network connections ● your intended recipient's email service provider● anyone who accesses those servers ● worse if you're not using TLS connections
PGP email encryption● email self-defense from FSF
email providers ● pobox.com● riseup.net● mykolab● alumni email● a server you trust
● what is a VPN?what to look for when choosing a VPN
OpenVPN (FOSS, harder)commercial VPNs
VPNs
● don't log patron data!! what's your data retention policy?
keep software up to dateNinite (email me for how-to with Deep Freeze)
guest passes for anonymity
MISCELLANY
● server-side security● cover cameras on laptops and other devices
● PRISM BREAK● Surveillance Self-Defense from EFF● Cryptoparty● Library Freedom Project ● Digital Rights in Libraries
EXTRA CREDIT
Patron class curricula! Tech help! Successes and failures! More ideas!
Attribution-ShareAlike 4.0 International www.creativecommons.org
Top Related