Vera Verba

The German magazine “Die Zeit” did an interview with me about online privacy concerns. As with the many previous times I have been interviewed, reading it later, I never remember saying exactly what appears in print, but in this case it was especially weird, as I was apparently speaking fluent German - a language I can only barely read. :-)

Here is the link to the interview at Die Zeit Online:

http://www.zeit.de/2008/20/II-Gesellschaft_-InterviewHastings?page=1

And here is a an English translation:

PRIVATE WAS YESTERDAY

DIE ZEIT, 08.05.2008 No. 20

Photo (c): Sarah Shatz, Die Zeit, Delta E

The American computer security expert Sean Hastings lives in the USA and advises organizations and companies. His recent book is titled “God Wants You Dead”

Sean Hastings advises you to keep only really important secrets

DIE ZEIT: Rather radical - your data security idea from the year 2000: To set up your computers on an air defense station off the English coast, where no government had access…

Sean Hastings: It was about the right to disseminate what you want on the Internet, unmolested by governments. There may still be a market for that.

Zeit: Today there seems to be a different pressing data protection problem - governments and enterprises spy more than ever on the net.

Hastings: Yes, mostly secretly and electronically, by using viruses, Trojan horses, with hacker methods. For these issues it does not help to to set up your computer at a far place.

Zeit: How does one protect oneself against the Schnuefflern?

Hastings: There have been many companies, which made highly effective systems for anonymous surfing and communicating available on the Internet. But rarely have they found enough customers to make this very profitable. These things will be successful in the long term only free of charge, built into all browsers and E-Mail programs. Like so many today use built in cryptography for things such as home banking.

Zeit: Because people are unwilling to pay for privacy?

Hastings: There is still another better reason. What drives the cost of using encrypted e-mail and similar matters higher, is that they can draw attention. If you use an encryption program for your e-mail use, people can immediately see that a message has been encrypted. So whoever is interested in people who have something to hide, can systematically search for such e-mails.

Zeit: There must be a way to solve that problem.

Hastings: This requires still more effort. There is a technology called Steganography, with which secret messages are hidden in apparently everyday files, such as in photos and videos. Of these millions are dispatched per hour around the world. This is not noticeable to anybody.

Zeit: Do you have recommendations for such programs?

PART 2

Hastings: there are many of them on the internet that are even free of charge. My recommendation is to use only those that make their code publicly available on the Internet. Then a whole world of experts can try to break the coding methods. This increases your chance of security enormously.

Zeit: What would you recommend to people, who really want to keep their secrets to themselves?

Hastings: First of all steganography. Second, great care to make sure that no traces of unencrypted messages can be found on their computer. At a minimum they should encrypt everything on their hard drives. Even safer, however, is a computer that has no hard drive, but boots each time from a DVD-ROM containing their encryption program.

Zeit: The other privacy problem on the internet is that whether you surf or downloading a music file or do anything at all, you are observed at every turn.

Hastings: Use someone else’s Internet connection for that! Then you can’t be blamed.

Zeit: Now seriously.

Hastings: I mean that seriously! Nearly everywhere in the civilized world there are free hotspots for the Internet - unencrypted connections, which some neighbor has left open. Nobody can know that it was you who went online. Although every computer sends a so-called MAC address to the wireless network, so that in principle it can be identified, this can be easily forged: You install a program, and then its effortless.

Zeit: That is not a solution for surfing from home..

Hastings: If you are using a wireless connection at home, then you leave it open, without encryption or entrance barriers! You can always say, “How, did someone hack the computers of the Minister of the Interior from my Internet address? They must have used my wireless network. For weeks I have planned to set up a password, but I just never got around to it…”

Zeit: Many people voluntarily send everything about themselves to sites such as MySpace,  on the Internet - including address, consumer habits, private photos…

Hastings: Of course, and the scammers can use this. But I am not sure whether this is all negative. It lets other people know what you want them to know.

PART 3

Zeit: The half naked photos of yourself as a young person partying? The future boss could be the prudish type…

Hastings: (laughs) We should eventually expect everyone to have such pictures of themselves on the Internet. Then nobody can afford more to be so prudish.

Zeit: That cannot be true! One expert for data security and secrecy we interviewed says: Should everything you do be on the Internet?

Hastings: Okay, seriously now: There is no privacy anyway. No one should expect it anymore. Not only you are getting all kinds of other people putting all sorts of information about you on the net. Our whereabouts are constantly monitored. Cameras are getting smaller.

Zeit: If its like that, should one not bother to try to surf and send messages secretly?

Hastings: No, but you should make it clear: It requires special effort to keep a secret, not just in the realm of electronics but also in choosing whom to trust. Otherwise, you must assume that everything is public, whatever you are doing.

Zeit: What sort of secrets do you have that are worth this kind of effort?

Hastings: I have no reason to answer that question.

The interview was conducted by Thomas Fischermann

The American computer security expert Sean Hastings decided in 2000 that America was no t a safe place for his computers. So he took them to Sealand, to an inhospitable former air defense station in the English Channel, which had been occupied into the 1960s by an eccentric Brit and been declared an independent principality. From there Hastings sold server collocation to a geheimniskrämerische clientele, afraid of public access. Today he lives again in the U.S. and advises organizations and companies. His recent book is titled “God Wants You Dead“

This entry was posted on Sunday, May 11th, 2008 at 10:10 am and is filed under Privacy. You can subscribe via RSS 2.0 feed to this post's comments. You can skip to the end and leave a response. Pinging is currently not allowed.