What is the thesis about?
Hypothesis:
Privacy can co-exist with today’s technology, providing a privacy lifestyle is chosen.
**Grades Update**
Masters in Computer Security – Distinction
BSc (Hons) Information Security – First
*****
Schneier believes that “data collectors” are one of the three emerging cyber threats – and the one that can do you most harm. What does he mean “harm”? Lets explain this. Did you know that the EU found, a quarter of all job applicants are rejected without an interview, after an employer checked their Facebook profile? (Source: EU Data Protection Day).
So these potential employees were effectively blacklisted, simply due to their facebook profile. You see Privacy is about context… what you say to friends, is not how you would speak to your employer.
Social media sites resell this data to Insurance companies. Your correspondence will be resold many times, and aggregated to gain a microscopic profile of your life. This now becomes politically charged, as this same information could blacklist you from medical insurance or employment. Technically it’s classed as “marketing data” which has little to no Data Protection. So what can you do?
The solution to “Big Data” is to stop data collection by using special privacy tools such as http://www.startpage.com or http://www.ivpn.net.
*****
Search Engines – Step 1 of Privacy
Make sure that your search engines that NEVER record your IP (like http://www.startpage.com or http://www.duckduckgo.com).
Your local council, divorce lawyer, tax office can all retrieve search queries from engines like Google and Bing. Never use Google or Bing, for your own protection – this is a MANDATORY step.
VPN’s – Check they keep no server logs – Step 2 of Privacy
If you select a VPN ensure they do not keep server logs, check out the torrentfreak reviews on anonymity, or use the awesome IVPN.
So please. Use privacy tools to prohibit data collection.
As Schneier commented… Data Collection is a bigger issue than Cyber Warfare.
Data collection is NOT innocent. Check out this US Senate Report.
‘Data brokers’ selling personal info of rape victims to marketers – report
“There are consumer list brokers that sell lists of individually identifiable consumers grouped by characteristics. To our knowledge, it is not practically possible for an individual to find out if he or she is on these lists,” said Pam Dixon, executive director of the World Privacy Forum, in her testimony. “If a consumer learns that he or she is on a list, there is usually no way to get off the list.”
Dixon named one broker, MEDbase200, that has auctioned off lists of rape and domestic violence victims.
Upon questioning from the Wall Street Journal, MEDbase200 also nixed lists of HIV/AIDS patients and “peer pressure sufferers” that were for sale.
The committee found another, Epsilon, that offered at least one list of people who allegedly have medical conditions including anxiety, depression, diabetes, high blood pressure, insomnia, and osteoporosis.
‘Data brokers’ selling personal info of rape victims to marketers – report
Should sensitive data be classified as “marketing data”. Having cancer or diabetes, is someone’s life we’re talking about. Once this data has been taken, it will be resold, without your knowledge or consent, and may harm you.
*******
City Campus is Iconic, Inspirational and Stunning. The culture is open and friendly. It’s a winning combination.
University of South Wales: Cyber University of the year: Four years running: 2019, 2020, 2021, 2022 
Hey, it looks like we’re both pretty much working on the same theme for the Year 3 project. Can’t wait to see your presentation in October.
LikeLike
See you in October!
Just let me know when your presentation is….you can go first, and I’ll copy 🙂 🙂
Either way, we can “bounce” ideas, and everyone gains. I’m siding with the German ICO, anyone links to Facebook and it’s a 50k euro fine. Woohoo!!
Yay, **blows kisses** to the German ICO.
LikeLiked by 1 person
Really liking the StartPage privacy ethos. Thanks for the heads up
LikeLike
Startpage.com are awesome. 🙂
Try out privacyfix.com too – that’s another 10 out of 10 product. 🙂
LikeLike
I liked your blog! Would you write about German Universities offering Masters degree in Information Security?
LikeLike
Hi Umair,
I’ve found this link – there are several Masters in InfoSec in Germany – but alas, I don’t have the personal experience, to know which German Universities are the best.
http://www.mastersportal.eu/search/?q=ci-11|di-24|lv-master||b505b8a0
Germany has a major advantage in privacy systems and information security. There are 6 books in German on OpenVPN and only 3 in English.
There are many superb German experts in Cryptography and Encryption.
I read the works of Softsky, (Privacy – a manifesto) which has been translated from German into English by Princeton University.
Germany’s Federal Office of Information Security offers some of the best InfoSec guides available….
The Privacy ethos of Germany is wonderful – and German Data Protection is probably the best in the world. I struggle to get German works translated into English…
It’s fair to say that I admire Germany Data Protection, InfoSec and privacy. They are the leaders, that I follow 🙂
LikeLike
I found this link – again it’s noting the need for German Masters in InfoSec. Go for the Masters – you won’t regret it 🙂
http://www.cased.de/en/further_education/master/it_securitymaster_chances.html
Good luck!
LikeLike
blog outdated
Sorry, but http://www.ivpn.net is blocked
openvpn can’t anymore automate login
rsa article (x509 – own certificat) about openvpn is irrelevant : rsa works with nsa
etc.
LikeLike
Hi Merke,
Sorry, to disagree with you, but here goes…
Openvpn still automates logins – it’s a security risk to use automated services, but OpenVPN will allow this.
Ivpn.net works without issue… I use their services every day.
Are you saying that a port for IVPN is blocked, and if so, which port?
RSA Bsafe – random number generator using Dual_EC_DRBB is definitely exploited by the NSA.
RSA asymmetrical encryption has not been breached as far as we can tell. I recommend you use RSA 4096 bit keys.. Never use RSA 1028 bit.
Use TLS not SSL. Opt for TLS v1.2 if you can. Disable all old SSL protocols.
The only AES ciper safe is AES-GCM (Galois Counter Mode). Opt for AES-128-GCM or AES-256-GCM but not AES-CBC ciphers. CBC ciphers are vulnerable to the BEAST and lucky 13 timing attacks.
Hope that helps.
LikeLike
G’Day, fantastic blog with great information thay is well researched. With the new spying laws being passed in Australia, privacy is more important than ever. Any chance of you doing a blog for private/secure email services?
LikeLike
Hi Scott,
We could start here:
Epic have a massive list of privacy tools for email.
Cryptocat is great for online chat.
I’m a beta test for Startmail.com, which should come online anytime soon, as they’re gearing up to offer totally encrypted email.
There is a German email provider that has had good reviews.
But EPIC detail a lot of services that available straight away – including private email.
Good luck!
LikeLike