Privacy Café Nijmegen

In spite of the snow the first Privacy Café in Nijmegen was a success!

With (only) four volunteers (from Bits of Freedom and the Free Software Foundation Europe) we managed to help 60 to 80 visitors to better protect their privacy.

Some of the Linux Nijmegen folks came by as well.

The Dutch “menu” can be found here (pdf) and the slides here. English versions can be found here (pdf) and here.

For some background on the Privacy Café in English, see my earlier post.

I’d like to thank all volunteers and visitors! See you next time.

- Felix

My T-DOSE talk: The “Internet of Things”: Opportunities and Dangers

I recently gave a talk at T-DOSE, where I also helped out at the FSFE booth and the Privacy Café.

The slides are on github and you can watch the talk on youtube.

The abstract:

The “Internet of Things” is around the corner. What does this mean for us as software developers? And what are the dangers and opportunities when it comes to Freedom, Privacy and Security?

We live in interesting times. The time that a “computer” was a room full of electronics, or even a beige box on a desk is behind us. Computers are everywhere. And there will soon be even more of them, in even more places.

The IoT provides us with wonderful opportunities to remotely monitor, manage and automate. And we as a software development community are the ones building it.

But security is too often an afterthought (if that). Now that the IoT is around the corner, security is not just something that impacts those beige boxes on our desks — or the smartphones we carry around — but also the medical devices that monitor our health and keep us alive, the automobiles we drive, the electronics that monitor our homes, and the public infrastructure we depend on. It now impacts public safety, human life, privacy, freedom and democracy.

Who is responsible for making sure the systems and devices that make up the IoT are under the control of their users? Whether we like it or not, the responsibility for ensuring freedom, privacy, security, and (digital) civil rights rest on our shoulders. So instead of asking ourselves (as we usually do) “can we do this?”, we should ask ourselves “should we do this?

We need development practices that take security into account. We need to build systems that are secure from the ground up. And we need Free Software to make sure that the answer to “who controls our computers?” — including the IoT — is “the users”.

But we also need relevant authorities to ensure policies and laws mandate privacy and security and ensure open standards. And we need public awareness of the impact of the IoT on — and the importance of — privacy and security.

The IoT is on its way. It’s up to us to build it right. And to have lots of fun along the way.

- Felix

Workshop on Privacy and Free Software

I led a workshop on Privacy and Free Software at FSFE’s Germanophone Team Meeting 2014. Here’s a summary.

Privacy Café

The Privacy Café is an initiative of Dutch digital rights organisation Bits of Freedom. Its purpose is to teach people to protect their privacy. They call it “digital self-defence”.

Whilst the Privacy Café has a lot in common with CryptoParties, there are some notable differences:

  • It usually takes place in a public library (instead of e.g. a hackerspace).
  • It targets a non-technical audience (which is why a public library is a very good venue).

The Privacy Café has a “menu” with

  • starters like Firefox, https everywhere, startpage.com, choosing good passwords, automatic updates, screen locking, hard disk encryption;
  • main courses like Tor, GnuPG, OTR, Tails;
  • and desserts like tosdr.org, prism-break.org, xkcd.com.

Volunteers from Bits of Freedom and hackerspaces (and sometimes FSFE) are there to answer questions, help people choose from the menu and install and configure the software.

Sometimes, there are also lightning talks. I gave one about the importance of Free Software at the Privacy Café in Utrecht.

Handouts: → Dutch (april), → Dutch (may), → English (june)

Software Freedom

The people that go to a Privacy Café are already aware of issues surrounding privacy and freedom. This gives us an opportunity to tell them about Free Software. A good place to start is by asking them “who controls the software?”.

Remarks from the Workshop

  • The timing is right, since awareness of privacy themes is very high at the moment and those who worry about privacy are already aware of the importance of freedom. This makes it much easier to show the link between freedom and control and Free Software.
  • It is unfortunate that the theme of Free Software is not already at the foreground, even though it is necessary for privacy.
  • We need all four freedoms, not just the ability to audit the software (i.e. source availability).
  • The menu metaphor is good (like the tools metaphor in the “tools leaflet”).
  • Using a public library as a venue is good, since it takes privacy out of the domain of hackers and “nerds” and makes it more approachable for non-technical people.
  • Free Software and encryption can be made more attractive with proper attention to presentation (e.g. websites and handouts).

Ideas from the Workshop

  • Making it more “fun” by using symbols (for signatures), stickers (for laptops) to show e.g. what “level” one has achieved.
  • Finish Lucile’s privacy flyer draft so it can be used for similar events.
  • Organise something similar (e.g. in Unperfekthaus).

non-free encryption software

What to do when those groups who teach encryption do so using non-free software?

  • Working together is desirable, so we have more Free Software people in the group and can explain our topic.
  • We should keep emphasising that only Free Software can ensure security (Kerckhoffs’s principle).
  • FSFE will never promote non-free software, and advises volunteers to also not recommend non-free software, but rather explain the issues mentioned above.

Links from the Workshop

- Felix

The Importance of Free Software

Computers have become an essential part of our daily lives, which increasingly take place online. Those computers, smartphones and other devices are controlled by software. We need to ask ourselves: “who controls that software?” Because when we don’t control the software we use, it controls us. And whoever controls the software therefore controls us.

Free Software grants you (and others) these four essential freedoms:

  • to run freely, for any purpose
  • to study and adapt to your needs
  • to redistribute, so you can help others
  • to release improvements, so everyone benefits

It:

  • Provides fundamental freedoms in the digital age.
  • Helps to bridge the “digital divide” (by being available to all).
  • Does not depend on a single party; instead it puts control in the hands of its users.
  • Allows us (and others) to verify that it does what we want and contains no malicious features or hidden weaknesses (which means we don’t need to worry about our computers, televisions and other devices spying on us).
  • Can be trusted (unlike software whose inner workings are barred from public inspection).
  • Allows our files to still be opened years later, thanks to Open Standards (so we don’t need to keep buying new versions of software because of incompatibility with older versions or planned obsolescence).

And:

  • Is a public good that anyone (including individuals, businesses, NGOs and administrations) can contribute to and benefit from.
  • Fosters a culture of making new technologies instead of only using them.
  • Respects users’ freedom and promotes solidarity and cooperation in digital communities.
  • Is a generative technologythat:
    • Promotes the dissemination of knowledge.
    • Allows SMEs, non-profits, students and individuals to create new and improved technologies.
    • Stimulates economic growth and scientific and technological advancement.
  • Fosters a level playing field in an independent, service-oriented economy.
  • Is strategically relevant as a way of enforcing sovereignty, controlling public expenses and achieving sustainable development.

Free Software has millions of users. The infrastructure of the internet relies on it, as do the servers of businesses large and small. Without it, the internet as we know it would not exist. Examples of widely-used Free Software are: GNU/Linux, Firefox, LibreOffice and VLC. And there are many more.

Using (exclusively) Free Software puts you in full control and is the only way to guarantee privacy, security and autonomy.

The importance of Free Software is not limited to our personal computers. We also need to be able to trust the software that controls (public) services, (vital) infrastructure, voting machines, the computers used by elected officials, etc.

Because of the importance of Free Software:

  • Public services should be available to all citizens, including those who use Free Software.
  • Software developed with public funds or used by public services and administrations should be Free Software.
  • We should strive to eliminate threats to our digital freedom, such as:
    • Bundled sales, vendor lock-in and closed formats.
    • Software Patents (which impede innovation and fair competition).
    • Digital Restrictions Management (which turns computers and devices against their owners).
    • “Trusted Computing” (“Treacherous Computing”) (which, unless implemented so as to be under the control of the user, takes control of our computers away from us and unfairly restricts competition and interoperability).

- Felix