What if Petraeus was a hacker? Email privacy for the rest of us

Presented at DerbyCon 3.0 All in the Family (2013), Sept. 28, 2013, 6 p.m. (25 minutes).

Almost every day there are new revelations about violations of user’s online privacy. Usually these infractions are for the monetary gain of an online entity, but at other times it can be part of censorship, a surveillance state or even a government breaking the law when accessing such data. With email being so personal, webmail (which is generally hosted free of charge by for-profit providers) is a particularly vulnerable space where people are not doing enough to protect themselves. When a highly decorated four-star general is brought down because he couldn’t secure his online webmail, what hope do we have in terms of guaranteeing our own online privacy? The Electronic Communications Privacy Act of 1986 states that after 6 months, email messages lose their status as protected communication and no longer requires a warrant, only a subpoena, for a government agency to force email providers to produce copies of user’s data. Email privacy is a right we have taken too lightly. Attendees of this talk will learn real world techniques that will enable them to make educated decisions about how to properly protect their webmail. Generally, you have little email privacy with US-based email services, so we will focus on offshore hosting where laws better regulate your data protection and online privacy. A survey of current options, with details from the speaker’s own trials of multiple solutions, will provide a framework for you to replicate, allowing you the online email privacy everyone deserves.


Presenters:

  • Phil Cryer (@faker)
    I am a hacker, open source technologist, writer and speaker at conferences like DEF CON, B-SidesLV, SecureWorld and SEMAFOR. As an active member of the EFF, I lead and moderate discussions about electronic privacy rights and civil liberties while educating users how their data is being used by companies. I enjoy researching companies weaknesses and failures in safeguarding user’s personal data. I’m constantly learning new techniques to solve technical challenges, sharing what I learn online via posts or code. I listen to music constantly, hold a bachelor’s degree in fine arts, am a practicing troublemaker and like to keep it real.

Similar Presentations: