All your data are belong to us!
This post is about one of our basic rights, the right for privacy. Privacy is about being protected from unwanted intrusion in our private lives. And I think this is a basic human right.
Unfortunately, more and more entities are becoming obsessed with collecting our information and in many ways even without our explicit consent. Governments are trying to intercept everything we do online, for the reason of “protecting” us from bad guys.
https://www.nytimes.com/2018/12/06/world/australia/encryption-bill-nauru.html
Advertising companies are collecting every single bit of information they can gather, to display us targeted suggestions about what and where to buy next.
But I do not have anything to hide? So I don’t mind some agencies checking on me? Really? I don’t think so. If you don’t mind, please share all your pictures on social media with everyone publicly, leave your house door open, don’t whisper anymore but shout out all you think to everyone. Hand out all your passwords so everyone can see all emails.
Sounds strange? Indeed.
In the old times, information traveled much slower and mostly only local. News were spread by talking to neighbors and friends only verbally. This has dramatically changed on the internet and with all different kinds of social media.
The really bad thing is, that today, we even are giving away our information freely. Think about all of us, what we share willingly on social media. I cannot count the friends who even share many of their private pics of their kids and private life online.
Combine it now with one of the biggest business currently on the planet, the money to be made with all of our private data for tracking and advertising.
Privacy is not about hiding information but it is mainly about control. WE want to decide with whom we want to share what kind of information and we do not want anyone to interfere without our consent and our knowledge. This is one of the fundamental rights and one of the stones, liberty is built upon, in my opinion.
Let’s just look at how do advertising agencies track us. Everyone has most likely heard of cookies but it is just one small part. Today’s tracking is much more sophisticated.
Check out this website here:
https://panopticlick.eff.org
Companies are tracking us via a combination of many parameters, like installed fonts, screen resolution, canvas extraction and many more.
To mitigate this kind of tracking, we can start to use safe methods for accessing the internet such as Tor.
The Tor project is one of the tools that allows us to access websites in a secure way and to a big extent, prevent us from being tracked and spied upon.
This puts companies in a difficult situation. Tor, as many other tools can and should be used by people to protect their privacy, but on the other hand, it is also used by trojans and especially ransomware to create a hidden backdoor. For example, the payment process from ransomware is done via bitcoin and a tor connection.
You can read more about it in the 2018 Cisco Security Report.
As a company , for sure you do not want to have those requests inside your network. And if you cannot prevent them, detect them as soon as possible. As a person concerned about privacy, you shouldn’t use your companies network for doing your personal and private things on the internet, honestly. Especially if it is from company owned and controlled equipment.
So what can we do?
There are many different approaches and I would like to discuss some of them in my breakout session at Ciscolive, talking about Garlic and Onions and some Cisco Security Technology:
https://ciscolive.cisco.com/emea/learn/sessions/content-catalog/?search=BRKSEC-2011#/
There is another very good session I would like to recommend, if you are interested in bitcoin miners, how they work and how to mitigate them:
https://ciscolive.cisco.com/emea/learn/sessions/content-catalog/?search=BRKSEC-2323#/
Cu in Barcelona!
P.S. if you wonder about the title of this blog post, read here:
https://en.wikipedia.org/wiki/All_your_base_are_belong_to_us
Share:
from Cisco Blog » Security http://bit.ly/2VIdySN