Alexander Zangerl: Practical Online Anonymity with Open Source Software and Open Services - OSDC
Privacy and the preservation thereof has become a very problematic issue with the recent shift towards the Internet as the communication channel and the increased feasibility of collecting and mining vast amounts of personal data. On one hand calls for privacy-protecting legislation are being heard, on the other hand there is an opposing trend towards stricter identification and governmental control of all communications which we believe is a dangerous development. A healthy society needs the equivalent of an anonymous letter or post card as part of the checks and balances that keep governmental and commercial powers from sliding towards corruption and totalitarian regimes. Today an ever increasing amount of personal data is mined by all kinds of parties, and and with the inevitable feature creep most information is repurposed and reused way beyond the originally intended purposes. It is thus advisable for everybody to take steps that limit the accumulation of personal data in others' hands - and this dissemination control requires both technical support as well as a security-conscious mindset. Our goal for this paper is to examine practical mechanisms that are generally available for protecting one's anonymity online, focusing specifically on open source software and open services. We decided to concentrate on anonymity rather than the wider-ranging concept of privacy, because protecting the latter post-disclosure relies on the other involved parties not using or leaking your information beyond the terms originally agreed upon. Looking at the recent history of unauthorized information disclosures leads us to the conclusion that the battle is lost for all practical purposes once your information is in others' hands, and to prevent your personal data from getting we believe that enforcing full anonymity is the only reliable means of achieving this goal. Dr Alexander Zangerl is an Austrian who has been living in Australia for most of this decade. Since 1993 he's been working as a Software Designer and Developer and after finishing his (roughly masters-equivalent) degree in Technical Mathematics (University of Technology, Vienna) in 1996 his focus shifted more to System Administration and R&D in an ISP environment. Later on he's worked as a Security Consultant and Network Engineer, and eventually he joined Bond University as Assistant Professor (and system administration specialist for tricky stuff, being an outspoken member of the Unix Guerilla at Bond) in 2001. On the side he completed a PhD degree in 2006/07 which covered the development of a tamper-resistant storage system using peer-to-peer technologies and related trust issues. In his Copious Free Time he risks his neck flying paragliders and occasionally his sanity contributing to the Debian Project. Check out http://2011.OSDC.com.au/PRAC for more information.
Privacy and the preservation thereof has become a very problematic issue with the recent shift towards the Internet as the communication channel and the increased feasibility of collecting and mining vast amounts of personal data. On one hand calls for privacy-protecting legislation are being heard, on the other hand there is an opposing trend towards stricter identification and governmental control of all communications which we believe is a dangerous development. A healthy society needs the equivalent of an anonymous letter or post card as part of the checks and balances that keep governmental and commercial powers from sliding towards corruption and totalitarian regimes. Today an ever increasing amount of personal data is mined by all kinds of parties, and and with the inevitable feature creep most information is repurposed and reused way beyond the originally intended purposes. It is thus advisable for everybody to take steps that limit the accumulation of personal data in others' hands - and this dissemination control requires both technical support as well as a security-conscious mindset. Our goal for this paper is to examine practical mechanisms that are generally available for protecting one's anonymity online, focusing specifically on open source software and open services. We decided to concentrate on anonymity rather than the wider-ranging concept of privacy, because protecting the latter post-disclosure relies on the other involved parties not using or leaking your information beyond the terms originally agreed upon. Looking at the recent history of unauthorized information disclosures leads us to the conclusion that the battle is lost for all practical purposes once your information is in others' hands, and to prevent your personal data from getting we believe that enforcing full anonymity is the only reliable means of achieving this goal. Dr Alexander Zangerl is an Austrian who has been living in Australia for most of this decade. Since 1993 he's been working as a Software Designer and Developer and after finishing his (roughly masters-equivalent) degree in Technical Mathematics (University of Technology, Vienna) in 1996 his focus shifted more to System Administration and R&D in an ISP environment. Later on he's worked as a Security Consultant and Network Engineer, and eventually he joined Bond University as Assistant Professor (and system administration specialist for tricky stuff, being an outspoken member of the Unix Guerilla at Bond) in 2001. On the side he completed a PhD degree in 2006/07 which covered the development of a tamper-resistant storage system using peer-to-peer technologies and related trust issues. In his Copious Free Time he risks his neck flying paragliders and occasionally his sanity contributing to the Debian Project. Check out http://2011.OSDC.com.au/PRAC for more information.