The tragic terrorist attacks in Paris have fueled, even more than before, a strong campaign against widespread adoption of encryption tools, even if it soon became clear that the terrorists hadn't used any. While in USA plans for the adoption of compulsory backdoors, in order to circumvent encryption, have been apparently abandoned, many European States seem to perceive encryption software and devices as one of the worst evils. Which is the role of FOSS and FOSS developers in this scenario? How can we enhance communication privacy, without breaking any regulations?
Andrea Hill Featured in Canadian Lawyer as SkyLaw Recognized as a Top Boutique
Importance of FOSS Surveillance Era
1. Free as in freedom.
The importance of FOSS
in the surveillance era
Avv. Giovanni Battista Gallus
LL.M. Ph.d. ISO 27001 Lead Auditor
2. 2
The “Circolo dei Giuristi Telematici", founded
in 1998, is the oldest Italian association of
“cyberlawyers”
Very active mailing list, with many members,
including attorneys, in-house lawyers,
consultants, law professors and forensics
experts.
More information (Italian only):
info@giuristitelematici.net
http://www.giuristitelematici.it
@CircoloGT
11. @gbgallusAvv. Giovanni Battista Gallus
"Even though the prime minister has declared that "there are presently no
plans to attack [Tor-type] anonimizaton", we expect that the coming laws
(for instance the one extending for another 3 months the state of
emergency) might include anti-strong crypto provisions, either directly
in the law project or through amendments during the Parliamentary
deliberation. We consider that this is the most critical issue on the
agenda of digital issues stricto sensu (the rest belonging to the no
less worrying domain of general tramping on fundamental rigths).”
Philippe Agrain, La Quadrature du Net
13. @gbgallusAvv. Giovanni Battista Gallus
Simplified
workflow for the
war on terror
May be
used by
terrorists
X
(device,
infrastructure,
software...)
BAN!!! OK!
START
STOP
Yes No
17. @gbgallusAvv. Giovanni Battista Gallus
By NicoBZH from Saint Etienne - Loire, France [CC BY-
SA 2.0, via Wikimedia Commons
Let me be crystal clear:
Weakening encryption or taking
it away harms good people who
are using it for the right reason
Tim Cook
16 January 2016 (Encryption in France)
France may prohibit strong encryption.
If that happens, I may be unable ever to
go to France again.
RMS
Very unlikely allies ...
20. @gbgallusAvv. Giovanni Battista Gallus
●
"The easiest way for someone to
eavesdrop on your communications
isn’t to intercept them in transit
anymore; it’s to hack your computer.
And there’s a lot of government
hacking going on.”
Bruce Schneier, Data and Goliath,
2015
23. @gbgallusAvv. Giovanni Battista Gallus
●
Food for thoughts
It is a lie that the state of emergency
protects democracy. Historians do
know that it is the opposite.
The state of emergency is the
device which has been used by
totalitarian regimes in Europe
Giorgio Agamben, Le Monde
24. @gbgallusAvv. Giovanni Battista Gallus
●
Food for thoughts
The "security" they talk about does not aim at
preventing terrostist act (which is really
difficult [...]), but rather to establish a
widespread and limitless controll on the
population (that's why they are so focused on
the total control of citizens' data, including
full access to the content of any device)
Giorgio Agamben, Le Monde
26. @gbgallusAvv. Giovanni Battista Gallus
●
Develop secure SW
"The real problem is that few
developers learn how to develop
secure software, even though nearly
all programs are under attack
(because they connect to the Internet
or take data from the Internet)”
David A. Wheeler
How to Prevent the next Heartbleed
27. @gbgallusAvv. Giovanni Battista Gallus
●
Use a standard FLOSS
license
"I believe that much more code
review and many more contributions
would occur if OpenSSL used a
standard widely-used license.”
David A. Wheeler
How to Prevent the next Heartbleed
28. @gbgallusAvv. Giovanni Battista Gallus
●
What can we do?
Fight the FUD!
Become active citizens, and raise
awareness
Develop better & simpler tools
Support all advocacy groups which are
fighting the costly battle for
fundamental rights
29. @gbgallusAvv. Giovanni Battista Gallus
By NicoBZH from Saint Etienne - Loire, France [CC BY-
SA 2.0, via Wikimedia Commons
He who sacrifices [free software] freedom for
security deserves neither
Benjamin Franklin meets RMS
31. @gbgallusAvv. Giovanni Battista Gallus
●
Thank you
Avv. Giovanni Battista Gallus
gallus@array.eu @gbgallus
Unless stated otherwise,
all texts are distributed
under a Creative Commons
Attribution – non
commercial – sharealike
3.0 Unported license