Particle der Woche #004 – Security & Privacy

Maybe some of you have followed the news on cyber attacks and breaches during the past months. It is becoming more and more obvious that we have entered an area in which internet security and cyber warfare are a daily reality. Still a lot of virtual citizens and internet user seem not to care that much about there security and the right to keep their lives private. States and private organizations seem to have lost their ethical compasses and instead of an exception it has become the new norm to intrude on peoples privacy. Advocates of digital liberty and self-sovereignty like Eduard Snowden have warned about theses developments. Since nation states have become under huge pressure due to the pandemic and rising global tensions between the U.S, China and Russia it seems justifiable that free citizens become more and more the victim of private and state-run mass-surveillance. Even though the free-software movement tries to gain back some privacy and liberty in the virtual world and in the cyberspace the problem run much deeper.

The vast majority of vulnerabilities that are later discovered and exploited by the Insecurity Industry are introduced, for technical reasons related to how a computer keeps track of what it’s supposed to be doing, at the exact time the code is written, which makes choosing a safer language a crucial protection… and yet it’s one that few ever undertake.” The Insecurity Industry – Eduard Snowden

Eduard Snowden points out that on the most fundamental layer, the code language vulnerabilities are inherent. Even software engineers of Google acknowledge the fact that more works on the kernel of Linux is necessary to compensate for the vulnerabilities of the coding language.

With Linux written in C, it will continue to have a long tail of associated problems. Linux must be designed to take proactive steps to defend itself from its own risks. Cars have seat belts not because we want to crash, but because it is guaranteed to happen sometimes.” Linux Kernel Security Done Right – Kees Cook

This shows how fragile the internet and the infrastructure actually is. Even though most user experience the internet still as a bit bumpy sometimes, the general impression most often is, that if adequate security measures are in place the whole things is supposed to work properly. But taking the arguments of Eduard Snowden and Kees Cook into account, the opposite seems to be true.

As security and privacy are absolutely crucial to the evolution of a society, we will explore this topic in more depth.

What solutions are available to improve your privacy and internet security? What projects and communities try to improve the status quo? …. to be continued….