Skip to content

What is the thesis about?

Privacy can co-exist with today’s technology, providing a privacy lifestyle is chosen.


**Grades Update**

Masters in Computer Security – Distinction

BSc (Hons) Information Security – First


Schneier believes that “data collectors” are one of the three emerging cyber threats – and the one that can do you most harm.  What does he mean “harm”?  Lets explain this.  Did you know that the EU found, a quarter of all job applicants are rejected without an interview, after an employer checked their Facebook profile? (Source: EU Data Protection Day).

So these potential employees were effectively blacklisted, simply due to their facebook profile.  You see Privacy is about context… what you say to friends, is not how you would speak to your employer.

Your doctor is allowed to know your medical history… yet Gmail retains sensitive data when it reads billions of emails – which has been called “wiretapping” (EPIC case against Gmail).    Your email is wiretapped in order to profile your religion, medical history, politics and even your exercise habits.  How come?

Social media sites resell this data to Insurance companies. Your correspondence will be resold many times, and aggregated to gain a microscopic profile of your life.  This now becomes politically charged, as this same information could blacklist you from medical insurance or employment.  Technically it’s classed as “marketing data” which has little to no Data Protection.  Your friends will not misuse the data, but insurance companies will.  So what can you do?

The solution to “Big Data” is to stop data collection by using special privacy tools such as or

These sites deliberately do not store your IP, they do not track you, and actively secure your connections.  They keep no logs, so that court orders cannot be complied with.  This “privacy technology” has been termed “PET’s” within Europe.  Use startpage servers to access the Google search engine – startpage strip out your IP and prevent Google tracking you.


Search Engines – Step 1 of Privacy

Make sure that your search engines that NEVER record your IP (like or

Your local council, divorce lawyer, tax office can all retrieve search queries from engines like Google and Bing.  Never use Google or Bing, for your own protection – this is a MANDATORY step.

VPN’s – Check they keep no server logs – Step 2 of Privacy

If you select a VPN ensure they do not keep server logs, check out the torrentfreak reviews on anonymity, or use the awesome IVPN.

So please.  Use privacy tools to prohibit data collection.

As Schneier commented… Data Collection is a bigger issue than Cyber Warfare.

Data collection is NOT innocent. Check out this US Senate Report.

‘Data brokers’ selling personal info of rape victims to marketers – report

“There are consumer list brokers that sell lists of individually identifiable consumers grouped by characteristics. To our knowledge, it is not practically possible for an individual to find out if he or she is on these lists,” said Pam Dixon, executive director of the World Privacy Forum, in her testimony. “If a consumer learns that he or she is on a list, there is usually no way to get off the list.”

Dixon named one broker, MEDbase200, that has auctioned off lists of rape and domestic violence victims.

Upon questioning from the Wall Street Journal, MEDbase200 also nixed lists of HIV/AIDS patients and “peer pressure sufferers” that were for sale.

The committee found another, Epsilon, that offered at least one list of people who allegedly have medical conditions including anxiety, depression, diabetes, high blood pressure, insomnia, and osteoporosis.

So if you or anyone in your family has medical conditions, diabetes, high blood pressure or even have suffered some traumatic event  – then you’re “on the list”.  Do you agree with this?  Should sensitive data be classified as “marketing data”. Having cancer or diabetes, is someone’s life we’re talking about.  If we change the context, this medical data could blacklist them with employers, or even holiday companies who won’t want to insure them. Where do we draw the line?


City Campus – University of South Wales

The “Prettiest”, most Iconic University.

City Campus is  Iconic, Inspirational and Stunning.  The culture is open and friendly.  It’s a winning combination.

  1. Hey, it looks like we’re both pretty much working on the same theme for the Year 3 project. Can’t wait to see your presentation in October.


  2. See you in October!
    Just let me know when your presentation is….you can go first, and I’ll copy🙂🙂

    Either way, we can “bounce” ideas, and everyone gains. I’m siding with the German ICO, anyone links to Facebook and it’s a 50k euro fine. Woohoo!!

    Yay, **blows kisses** to the German ICO.


  3. Really liking the StartPage privacy ethos. Thanks for the heads up


  4. are awesome. 🙂
    Try out too – that’s another 10 out of 10 product.🙂


  5. I liked your blog! Would you write about German Universities offering Masters degree in Information Security?


    • Hi Umair,

      I’ve found this link – there are several Masters in InfoSec in Germany – but alas, I don’t have the personal experience, to know which German Universities are the best.|di-24|lv-master||b505b8a0

      Germany has a major advantage in privacy systems and information security. There are 6 books in German on OpenVPN and only 3 in English.

      There are many superb German experts in Cryptography and Encryption.

      I read the works of Softsky, (Privacy – a manifesto) which has been translated from German into English by Princeton University.

      Germany’s Federal Office of Information Security offers some of the best InfoSec guides available….

      The Privacy ethos of Germany is wonderful – and German Data Protection is probably the best in the world. I struggle to get German works translated into English…

      It’s fair to say that I admire Germany Data Protection, InfoSec and privacy. They are the leaders, that I follow🙂


    • I found this link – again it’s noting the need for German Masters in InfoSec. Go for the Masters – you won’t regret it🙂

      Good luck!


  6. merke permalink

    blog outdated
    Sorry, but is blocked
    openvpn can’t anymore automate login
    rsa article (x509 – own certificat) about openvpn is irrelevant : rsa works with nsa


    • Hi Merke,
      Sorry, to disagree with you, but here goes…

      Openvpn still automates logins – it’s a security risk to use automated services, but OpenVPN will allow this. works without issue… I use their services every day.
      Are you saying that a port for IVPN is blocked, and if so, which port?

      RSA Bsafe – random number generator using Dual_EC_DRBB is definitely exploited by the NSA.

      RSA asymmetrical encryption has not been breached as far as we can tell. I recommend you use RSA 4096 bit keys.. Never use RSA 1028 bit.

      Use TLS not SSL. Opt for TLS v1.2 if you can. Disable all old SSL protocols.

      The only AES ciper safe is AES-GCM (Galois Counter Mode). Opt for AES-128-GCM or AES-256-GCM but not AES-CBC ciphers. CBC ciphers are vulnerable to the BEAST and lucky 13 timing attacks.

      Hope that helps.


  7. scott permalink

    G’Day, fantastic blog with great information thay is well researched. With the new spying laws being passed in Australia, privacy is more important than ever. Any chance of you doing a blog for private/secure email services?


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: