Cloud computing
The use of remote servers for storing and accessing content. Gamil, Evernote and Dropbox are among the best-known cloud computing services for the general public. Cloud computing allows you to access your files at any time and from any computer or mobile phone. You have ease of access but there is a drawback – you do not control where your data is located.
Deep Packet Inspection or DPI is the interception and close inspection of data “packets” as they transit through the Internet. Use of DPI allows those engaged in surveillance to access the content of emails, instant messaging and VoIP conversations and to find out whether content is encrypted. The greater the detail desired from the inspection, the greater the resources that must be invested in the DPI systems.
The European Telecommunications Standards Institute (ETSI) is a non-profit organization that establishes standards in telecommunications.
A portmanteau of hacker and activist. Hacktivists are hackers who use their IT skills to further their political beliefs. Their activities range from developing censorship circumvention tools for use by human rights defenders, and providing instruction in their use, to hacking into remote computers in order remove data and deface websites as a protest.
Hyper Text Transfer Protocol Secure is a protocol for the secure transfer of data over the Internet. It combines HTTP, the basic Internet data transfer protocol, with a layer of TLS or SSL encryption. When a computer accesses a webpage, use of HTTPS ensures that the connection from the computer to the webpage’s host server is encrypted from end to end. It is often used for online financial transactions in order to protect the Internet user’s banking details.The protocol’s security is based on an exchange of digital certificates – the digital equivalents of ID cards – between the website’s server and the visitor’s browser. When a network is under surveillance, use of HTTPS should prevent cyber-spies from seeing visited webpages, exchanged data or data entered into forms – as long as the server certificates have not been compromised.
A Man-in-the-Middle Attack or MITM is a way of sabotaging SSL or TLS encryption in an HTTPS connection to a website. Attackers surreptitiously insert themselves between the Internet user and the HTTPS server by using a false digital certificate or a real one that has been compromised. Very sophisticated MITM attacks were used in Iran in 2011, when hackers got into the systems of DigiNotar, a Dutch company that specialized in issuing digital certificates, and used their access to obtain fraudulent certificates.
Net Neutrality
Non-discrimination in the handling of data circulating on the Internet, the principle that all data packets should be treated equally and should be sent to their destination with equal speed regardless of who sends them or receives them, and regardless of whether they are carrying email, instant messaging, webpage content, VoIP, video or anything else.By ensuring equal treatment for all data, Net Neutrality also helps to guarantee everyone’s right to express themselves freely within the limits set by the law and to access the content and services they desire, whether free or paid.
A method of fraud, typically in the form of an email appearing to come from a trustworthy source such as a bank or government office, which tries to trick the recipient into providing personal details such as passwords, credit card numbers, birthdates and so on for the purposes of identity theft. The phishing email may also try to lure the recipient into clicking on a link that downloads spyware.
A server or application that acts an intermediary between other elements in the transmission of data. Proxies can be used for different purposes. At the national level, a proxy between a network’s users and the rest of the world can be used for filtering and surveillance. It can intercept all web requests, forwarding those for permitted sites, blocking others, identifying which Internet user connects to which site and capturing personal information (such usernames, passwords and IP addresses).
RAT, spyware, malware, Trojan
Once a Remote Access Trojan or RAT (also known as spyware, malware or Trojan) is installed on computer, it can access all of its files, control its systems (including microphone and webcam), record Skype conversations, use keystroke logging to capture passwords and generally spy on the computer’s owner without his or her knowledge. All the data obtained is sent over the Internet to a server for recovery by the person who planted the Trojan.
A Virtual Private Network or (VPN) can be used to create a secure tunnel (or virtual connection) through the Internet between two geographical distant networks. Data transmitted through this tunnel is encrypted. This ensures, that in the event of hostile interception (spying, intrusion and so on), third parties cannot read the data. Read the article on VPN in our digital survival kit.