0 00:00:00,000 --> 00:00:30,000 Dear viewer, these subtitles were generated by a machine via the service Trint and therefore are (very) buggy. If you are capable, please help us to create good quality subtitles: https://c3subtitles.de/talk/377 Thanks! 1 00:00:15,970 --> 00:00:17,649 I don't think I have to explain anything, 2 00:00:17,650 --> 00:00:18,670 it says it all up there. 3 00:00:19,720 --> 00:00:22,059 OK, Michael, you're free. 4 00:00:22,060 --> 00:00:24,159 And everyone said, Michael, I work 5 00:00:24,160 --> 00:00:25,449 for the international human rights 6 00:00:25,450 --> 00:00:27,759 organization ACCESS 7 00:00:27,760 --> 00:00:30,249 and I'm going to be talking about 8 00:00:30,250 --> 00:00:32,529 threats to civil society, but 9 00:00:32,530 --> 00:00:34,779 also responses to those threats. 10 00:00:34,780 --> 00:00:36,249 And I'm actually going to try to focus a 11 00:00:36,250 --> 00:00:39,069 little bit more on the response. 12 00:00:39,070 --> 00:00:41,469 In the past, we've done this talk 13 00:00:41,470 --> 00:00:43,779 at home in 2013, for instance, 14 00:00:43,780 --> 00:00:45,699 and it was very much on threats, which 15 00:00:45,700 --> 00:00:47,949 are always exciting and 16 00:00:47,950 --> 00:00:50,319 always changing. 17 00:00:50,320 --> 00:00:53,169 But it's become more interesting 18 00:00:53,170 --> 00:00:55,449 for me anyway on ways 19 00:00:55,450 --> 00:00:57,519 of building a 20 00:00:57,520 --> 00:00:59,350 response to those threats, 21 00:01:00,370 --> 00:01:03,129 groups, organizations working together 22 00:01:03,130 --> 00:01:05,259 to have infrastructure to be able 23 00:01:05,260 --> 00:01:07,359 to respond 24 00:01:07,360 --> 00:01:08,739 to these threats better. So I'm going to 25 00:01:08,740 --> 00:01:10,180 be talking about these threats briefly, 26 00:01:11,380 --> 00:01:12,579 the rapid response 27 00:01:13,660 --> 00:01:15,339 to those threats and then some of the 28 00:01:15,340 --> 00:01:17,829 things that we're looking forward to 29 00:01:17,830 --> 00:01:19,209 in twenty fifteen. 30 00:01:21,040 --> 00:01:23,439 So I probably 31 00:01:23,440 --> 00:01:25,569 don't need to go too deep into 32 00:01:25,570 --> 00:01:27,849 the threats that are being faced by 33 00:01:27,850 --> 00:01:30,039 civil society today, but. 34 00:01:31,910 --> 00:01:34,069 Civil society is always going to be at 35 00:01:34,070 --> 00:01:35,959 a disadvantage when compared to 36 00:01:35,960 --> 00:01:38,419 corporations or governments 37 00:01:38,420 --> 00:01:39,950 in protecting themselves 38 00:01:41,060 --> 00:01:43,249 from attack, and some 39 00:01:43,250 --> 00:01:45,029 of that is just based on capacity. 40 00:01:45,030 --> 00:01:47,049 Some of that is because they focused 41 00:01:47,050 --> 00:01:49,129 they're non technical civil society 42 00:01:49,130 --> 00:01:50,269 organizations or groups. 43 00:01:50,270 --> 00:01:52,729 Maybe they're activists and 44 00:01:52,730 --> 00:01:54,829 social, political or 45 00:01:54,830 --> 00:01:57,469 otherwise, and they are not 46 00:01:57,470 --> 00:01:59,449 interested, or at least initially not 47 00:01:59,450 --> 00:02:01,519 interested in digital security, 48 00:02:01,520 --> 00:02:03,709 but rather their activism or their 49 00:02:03,710 --> 00:02:04,710 work. 50 00:02:05,870 --> 00:02:07,969 What we see is more and 51 00:02:07,970 --> 00:02:10,189 more and we 52 00:02:10,190 --> 00:02:12,139 have been seeing this more in the news as 53 00:02:12,140 --> 00:02:14,209 well, that groups 54 00:02:14,210 --> 00:02:15,709 such as journalists, especially 55 00:02:15,710 --> 00:02:17,599 investigative journalists, independent 56 00:02:17,600 --> 00:02:18,800 media websites, 57 00:02:19,970 --> 00:02:22,039 all varieties of activists and all 58 00:02:22,040 --> 00:02:24,739 sorts of contexts, lawyers 59 00:02:24,740 --> 00:02:26,240 and others, are getting targeted. 60 00:02:27,710 --> 00:02:30,229 And what's also interesting is the 61 00:02:30,230 --> 00:02:32,329 groups and organizations and 62 00:02:32,330 --> 00:02:34,219 foundations that fund and support these 63 00:02:34,220 --> 00:02:36,409 groups are also 64 00:02:36,410 --> 00:02:37,490 a potential factor 65 00:02:38,630 --> 00:02:41,389 for attack, but also potentially 66 00:02:41,390 --> 00:02:43,849 as a strong ally in providing 67 00:02:43,850 --> 00:02:45,919 this additional capacity for these 68 00:02:45,920 --> 00:02:47,239 groups. 69 00:02:47,240 --> 00:02:48,949 So the perspective that I'm going to be 70 00:02:48,950 --> 00:02:51,169 speaking from, um, 71 00:02:51,170 --> 00:02:53,719 wow, that's washed out, but is 72 00:02:53,720 --> 00:02:55,399 through our helpline, what we call it, 73 00:02:55,400 --> 00:02:58,459 which is three offices 74 00:02:58,460 --> 00:03:00,769 around the world that focus on 75 00:03:00,770 --> 00:03:03,079 providing this, uh, rapid 76 00:03:03,080 --> 00:03:05,089 response support, as well as digital 77 00:03:05,090 --> 00:03:07,159 security advice to civil society 78 00:03:07,160 --> 00:03:08,359 groups. 79 00:03:08,360 --> 00:03:10,909 The oldest one is based in Tunis. 80 00:03:10,910 --> 00:03:12,829 It's been around since around February of 81 00:03:12,830 --> 00:03:14,299 2013. 82 00:03:14,300 --> 00:03:16,459 It's got most importantly, one shift 83 00:03:16,460 --> 00:03:18,319 lead in two incident handlers. 84 00:03:18,320 --> 00:03:20,509 Um, then we 85 00:03:20,510 --> 00:03:22,699 opened an office in San Jose with a shift 86 00:03:22,700 --> 00:03:24,799 lead, an incident handler, and 87 00:03:24,800 --> 00:03:27,169 most recently in Manila with 88 00:03:27,170 --> 00:03:29,059 a shift lead and an incident handler. 89 00:03:29,060 --> 00:03:31,549 In addition to those core 90 00:03:31,550 --> 00:03:33,619 staff members 91 00:03:33,620 --> 00:03:35,809 who are available, 92 00:03:35,810 --> 00:03:38,179 we also have various support folks 93 00:03:38,180 --> 00:03:40,610 such as technologists, developers 94 00:03:41,660 --> 00:03:43,099 and a trainer. 95 00:03:43,100 --> 00:03:45,139 So why do why they're 96 00:03:46,610 --> 00:03:49,399 part of it or a lot of it is timezone. 97 00:03:49,400 --> 00:03:51,799 So what we want to be able to provide is 98 00:03:51,800 --> 00:03:53,899 somebody who doesn't have to stay up 99 00:03:53,900 --> 00:03:56,119 the whole night and 100 00:03:56,120 --> 00:03:59,029 in a very unsustainable way, provide 101 00:03:59,030 --> 00:04:01,129 digital security support to, 102 00:04:01,130 --> 00:04:03,379 uh, a group or 103 00:04:03,380 --> 00:04:05,569 an organization, regardless of what 104 00:04:05,570 --> 00:04:07,249 times on in. 105 00:04:07,250 --> 00:04:09,439 So by being in these 106 00:04:09,440 --> 00:04:10,999 different time zones, we're able to pass 107 00:04:11,000 --> 00:04:13,519 jobs from one office to the other 108 00:04:13,520 --> 00:04:15,949 during kind of regular hours. 109 00:04:15,950 --> 00:04:17,958 And hopefully that makes it more 110 00:04:17,959 --> 00:04:20,328 sustainable for us as a support 111 00:04:20,329 --> 00:04:21,800 organization. In addition, 112 00:04:22,910 --> 00:04:25,609 it allows us to have language coverage 113 00:04:25,610 --> 00:04:27,049 in these different regions, as well as 114 00:04:27,050 --> 00:04:29,209 regional expertize and 115 00:04:29,210 --> 00:04:31,819 relationships with regional organizations 116 00:04:31,820 --> 00:04:32,820 and all of that. 117 00:04:35,420 --> 00:04:37,549 So, uh, what 118 00:04:37,550 --> 00:04:39,589 type of cases have we seen or 119 00:04:40,940 --> 00:04:42,619 in on our helpline? 120 00:04:42,620 --> 00:04:43,620 So. 121 00:04:44,930 --> 00:04:47,210 The three twenty thirteen 122 00:04:48,230 --> 00:04:49,369 we had around 123 00:04:50,480 --> 00:04:52,549 twelve point six on 124 00:04:52,550 --> 00:04:54,589 average cases per month, 125 00:04:56,330 --> 00:04:58,039 up to twenty fourteen, we're now 126 00:04:58,040 --> 00:05:00,169 averaging thirty seven cases. 127 00:05:00,170 --> 00:05:01,549 So what that basically means is we have 128 00:05:01,550 --> 00:05:03,589 more than one new case per day. 129 00:05:03,590 --> 00:05:05,719 And to be clear, these are external 130 00:05:05,720 --> 00:05:07,729 non tort abuse cases. 131 00:05:07,730 --> 00:05:09,889 So we also run a number of 132 00:05:09,890 --> 00:05:12,199 exit nodes and 133 00:05:12,200 --> 00:05:15,199 we handle the abuse of those 134 00:05:15,200 --> 00:05:16,200 as well. 135 00:05:16,700 --> 00:05:19,159 So cases are increasing. 136 00:05:19,160 --> 00:05:21,529 Our capacity is also increasing. 137 00:05:21,530 --> 00:05:23,839 And most importantly, what I think speaks 138 00:05:23,840 --> 00:05:25,969 to the increasing case load 139 00:05:25,970 --> 00:05:28,369 is that our internal kind of workflows 140 00:05:28,370 --> 00:05:30,169 and processes are improving. 141 00:05:30,170 --> 00:05:32,119 So, you know, because we've dealt with 142 00:05:32,120 --> 00:05:34,549 problem X before, we can now 143 00:05:34,550 --> 00:05:36,709 have a template for that 144 00:05:36,710 --> 00:05:38,249 and maybe we've created a walk through or 145 00:05:38,250 --> 00:05:39,949 we found the appropriate resources that 146 00:05:39,950 --> 00:05:42,239 are online that are effective for that. 147 00:05:42,240 --> 00:05:44,449 Um, and so we're looking forward 148 00:05:44,450 --> 00:05:46,639 to further 149 00:05:46,640 --> 00:05:49,309 solidifying those workflows and then also 150 00:05:49,310 --> 00:05:51,079 making sure that those are audited with 151 00:05:51,080 --> 00:05:52,609 other organizations that do similar 152 00:05:52,610 --> 00:05:54,889 things so that we're doing the best 153 00:05:54,890 --> 00:05:55,999 practice that we can. 154 00:05:58,040 --> 00:06:00,589 Looking at these cases from another way, 155 00:06:00,590 --> 00:06:02,599 also kind of splitting it arbitrarily 156 00:06:02,600 --> 00:06:03,600 between the two years 157 00:06:06,740 --> 00:06:08,539 we've done cases in more than 60 158 00:06:08,540 --> 00:06:11,749 countries, the 159 00:06:11,750 --> 00:06:14,689 countries very pretty wildly. 160 00:06:14,690 --> 00:06:15,690 It's not 161 00:06:17,060 --> 00:06:19,699 as interesting data 162 00:06:19,700 --> 00:06:21,229 as you would think in terms of the 163 00:06:21,230 --> 00:06:23,689 rankings because there were such 164 00:06:23,690 --> 00:06:25,339 a higher number of cases in twenty 165 00:06:25,340 --> 00:06:26,239 fourteen. 166 00:06:26,240 --> 00:06:29,239 Um, you know, you know, 167 00:06:29,240 --> 00:06:31,639 you could still have a greater 168 00:06:31,640 --> 00:06:33,409 number of Malaysia cases in twenty 169 00:06:33,410 --> 00:06:34,879 fourteen as you had in twenty thirteen, 170 00:06:34,880 --> 00:06:36,589 but it doesn't make it to the top ten, 171 00:06:36,590 --> 00:06:37,939 that type of thing. 172 00:06:37,940 --> 00:06:40,039 Um, so there 173 00:06:40,040 --> 00:06:42,379 are a couple of different contexts that 174 00:06:42,380 --> 00:06:44,479 maybe are shared between these different 175 00:06:44,480 --> 00:06:46,519 countries that we definitely saw. 176 00:06:46,520 --> 00:06:49,129 So presidential elections are definitely 177 00:06:49,130 --> 00:06:51,559 a ripe time for the targeting of 178 00:06:51,560 --> 00:06:54,229 independent media sites or activists 179 00:06:54,230 --> 00:06:56,479 and protests and civil unrest 180 00:06:56,480 --> 00:06:58,459 for sure. One of the interesting things 181 00:06:58,460 --> 00:07:00,709 is the prominence of 182 00:07:00,710 --> 00:07:01,999 the United States. 183 00:07:02,000 --> 00:07:04,129 So in the US, there 184 00:07:04,130 --> 00:07:06,289 are many international organizations that 185 00:07:06,290 --> 00:07:08,809 are based there that do work elsewhere 186 00:07:08,810 --> 00:07:10,699 in the world. And so a lot of that work 187 00:07:10,700 --> 00:07:13,129 is actually helping these organizations, 188 00:07:13,130 --> 00:07:15,259 such as advocacy 189 00:07:15,260 --> 00:07:17,629 organizations or other 190 00:07:17,630 --> 00:07:19,789 do that work in a safe and effective way. 191 00:07:19,790 --> 00:07:21,199 That's not putting their local partners 192 00:07:21,200 --> 00:07:22,439 at risk. 193 00:07:22,440 --> 00:07:24,770 And so that also speaks to kind of the 194 00:07:26,270 --> 00:07:28,099 lack of depth that we've started 195 00:07:28,100 --> 00:07:29,299 categorizing things. 196 00:07:29,300 --> 00:07:31,849 Still, we haven't differentiated 197 00:07:31,850 --> 00:07:33,859 those cases within the actual target 198 00:07:33,860 --> 00:07:34,969 countries. 199 00:07:34,970 --> 00:07:37,279 Twenty fourteen you have hacking 200 00:07:37,280 --> 00:07:39,049 groups, the targeting of LGBTI 201 00:07:39,050 --> 00:07:41,359 communities and as well as independent 202 00:07:41,360 --> 00:07:43,219 media and journalists. 203 00:07:43,220 --> 00:07:45,889 I'm going to take a brief look at Vietnam 204 00:07:45,890 --> 00:07:48,319 just because it's a the number 205 00:07:48,320 --> 00:07:50,659 one, uh, country that we worked in 206 00:07:50,660 --> 00:07:51,739 for this year. 207 00:07:51,740 --> 00:07:54,589 And it's represents 208 00:07:54,590 --> 00:07:56,719 a case that 209 00:07:56,720 --> 00:07:58,609 or it represents a lot of issues that are 210 00:07:58,610 --> 00:08:00,769 faced in a lot of places and it gets 211 00:08:00,770 --> 00:08:01,770 them all. 212 00:08:02,640 --> 00:08:04,819 So what's 213 00:08:04,820 --> 00:08:06,499 interesting about Vietnam is you actually 214 00:08:06,500 --> 00:08:08,329 do have access to Facebook and you do 215 00:08:08,330 --> 00:08:10,489 have access to popular 216 00:08:10,490 --> 00:08:12,679 platforms that are censored in Iran 217 00:08:12,680 --> 00:08:14,659 or China or other places. 218 00:08:14,660 --> 00:08:16,429 But what that means is then you have 219 00:08:16,430 --> 00:08:18,889 provision hacking groups and other folks 220 00:08:18,890 --> 00:08:20,749 taking advantage of those platforms to 221 00:08:20,750 --> 00:08:21,859 try to target folks. 222 00:08:21,860 --> 00:08:24,499 So we get a lot of account recovery 223 00:08:24,500 --> 00:08:26,389 or compromised accounts. 224 00:08:26,390 --> 00:08:28,999 You get a lot of abuse 225 00:08:29,000 --> 00:08:31,069 of abuse mechanisms on these 226 00:08:31,070 --> 00:08:32,089 platforms. 227 00:08:32,090 --> 00:08:34,699 So the classic examples of that is 228 00:08:34,700 --> 00:08:36,379 real name policy. 229 00:08:36,380 --> 00:08:38,178 So this is something that's especially 230 00:08:38,179 --> 00:08:40,399 prevalent with Facebook. 231 00:08:40,400 --> 00:08:42,859 And for a time it 232 00:08:42,860 --> 00:08:45,170 was a significant threat because 233 00:08:46,340 --> 00:08:48,559 if enough people, 234 00:08:48,560 --> 00:08:51,079 uh, reported your profile, 235 00:08:51,080 --> 00:08:53,179 then Facebook would ask you for 236 00:08:53,180 --> 00:08:55,429 an identity card or information, 237 00:08:55,430 --> 00:08:57,409 and this would be likely an individual 238 00:08:57,410 --> 00:08:58,969 that's, you know, working under a 239 00:08:58,970 --> 00:09:01,099 pseudonym. And they would be 240 00:09:01,100 --> 00:09:02,539 thinking that they're authenticating 241 00:09:02,540 --> 00:09:04,699 themselves to Facebook when in fact, 242 00:09:04,700 --> 00:09:07,009 they might be authenticating themselves 243 00:09:07,010 --> 00:09:10,009 to their entire network, um, 244 00:09:10,010 --> 00:09:12,139 which means they provide their 245 00:09:12,140 --> 00:09:13,609 information to Facebook. 246 00:09:13,610 --> 00:09:16,129 Then Facebook publishes that new updated 247 00:09:16,130 --> 00:09:18,169 information to their profile, basically 248 00:09:18,170 --> 00:09:19,849 outing them. So that's obviously 249 00:09:19,850 --> 00:09:22,429 something that you want to prevent. 250 00:09:22,430 --> 00:09:24,169 In addition, Vietnam is interesting 251 00:09:24,170 --> 00:09:26,389 because, uh, there's a lot of 252 00:09:26,390 --> 00:09:27,500 infrastructure 253 00:09:28,880 --> 00:09:30,470 or potential infrastructure attacks 254 00:09:32,060 --> 00:09:34,009 on the website side. 255 00:09:34,010 --> 00:09:36,459 Websites get, uh, 256 00:09:36,460 --> 00:09:38,809 of independent media and civil society 257 00:09:38,810 --> 00:09:39,799 groups get targeted. 258 00:09:39,800 --> 00:09:41,539 And so there's a lot of needs regarding 259 00:09:41,540 --> 00:09:43,969 updated and heartening details 260 00:09:43,970 --> 00:09:46,169 for. And there's a lot of existing 261 00:09:46,170 --> 00:09:48,869 organizations that we can connect 262 00:09:48,870 --> 00:09:51,689 groups with, so such as deflect 263 00:09:51,690 --> 00:09:53,999 cloud flares, project Galileo 264 00:09:54,000 --> 00:09:56,129 or Google as Project Shield, 265 00:09:56,130 --> 00:09:58,049 that I'll provide free protection to 266 00:09:58,050 --> 00:09:59,129 civil society. 267 00:09:59,130 --> 00:10:01,139 And then, of course, there's a host of 268 00:10:01,140 --> 00:10:04,739 other secure communications and anonymity 269 00:10:04,740 --> 00:10:06,989 concerns there more 270 00:10:06,990 --> 00:10:09,119 generally in 271 00:10:09,120 --> 00:10:11,219 the countries and communities 272 00:10:11,220 --> 00:10:12,309 that we've worked in. 273 00:10:12,310 --> 00:10:14,429 There's there's obviously a wide 274 00:10:14,430 --> 00:10:16,169 spectrum of need, but maybe some of the 275 00:10:16,170 --> 00:10:18,149 ones that are most interesting or most 276 00:10:18,150 --> 00:10:20,399 familiar to you guys are 277 00:10:20,400 --> 00:10:22,469 secure email, GPG 278 00:10:22,470 --> 00:10:24,539 encrypted email is still very tough for 279 00:10:24,540 --> 00:10:26,219 a lot of folks. 280 00:10:26,220 --> 00:10:27,220 And so 281 00:10:28,290 --> 00:10:30,539 mail pile is also obviously something 282 00:10:30,540 --> 00:10:32,849 that we're anticipating greatly. 283 00:10:32,850 --> 00:10:35,009 But we can't put all of our faith 284 00:10:35,010 --> 00:10:36,010 in one tool, 285 00:10:37,290 --> 00:10:39,239 secure file sharing and collaboration. 286 00:10:39,240 --> 00:10:41,429 There isn't really one cross from 287 00:10:41,430 --> 00:10:43,499 one cross platform 288 00:10:43,500 --> 00:10:45,689 solution for that, unfortunately, 289 00:10:45,690 --> 00:10:47,219 but there are some very interesting ones. 290 00:10:47,220 --> 00:10:49,439 So like BitTorrent 291 00:10:49,440 --> 00:10:51,809 sync, for instance, friend, 292 00:10:51,810 --> 00:10:53,369 for example, on mobile is very 293 00:10:53,370 --> 00:10:55,379 interesting, but it's not Phos 294 00:10:57,300 --> 00:10:58,549 website security. 295 00:10:59,760 --> 00:11:02,069 There's a lot of targeting 296 00:11:02,070 --> 00:11:04,139 of websites because there's a lot of 297 00:11:04,140 --> 00:11:06,299 poor practices out there and people 298 00:11:06,300 --> 00:11:08,489 have a lot of difficulty if you're a 299 00:11:08,490 --> 00:11:11,069 non technical organization 300 00:11:11,070 --> 00:11:13,080 in keeping those websites up to date, 301 00:11:14,100 --> 00:11:16,349 let alone kind of hard and or secure. 302 00:11:16,350 --> 00:11:18,509 And so one of the big needs for 303 00:11:18,510 --> 00:11:20,619 a lot of organizations is 304 00:11:20,620 --> 00:11:22,079 what's termed secure hosting. 305 00:11:22,080 --> 00:11:23,939 So basically a hosting provider that will 306 00:11:23,940 --> 00:11:26,009 proactively make sure that things are 307 00:11:26,010 --> 00:11:27,210 up to date and 308 00:11:28,590 --> 00:11:31,199 protect against threats that 309 00:11:31,200 --> 00:11:32,279 are coming out. 310 00:11:32,280 --> 00:11:34,409 And unfortunately, that costs 311 00:11:34,410 --> 00:11:36,579 a fair bit of money for and so 312 00:11:36,580 --> 00:11:38,489 are out of reach for a lot of these civil 313 00:11:38,490 --> 00:11:39,659 society organizations. 314 00:11:40,800 --> 00:11:42,149 And then I already talked about real name 315 00:11:42,150 --> 00:11:43,150 policy a little bit. 316 00:11:45,240 --> 00:11:47,579 So what are some of the ways 317 00:11:47,580 --> 00:11:49,979 that people are that 318 00:11:49,980 --> 00:11:52,079 that organizations are trying to 319 00:11:52,080 --> 00:11:54,179 support this work and try 320 00:11:54,180 --> 00:11:55,809 to improve this work? 321 00:11:55,810 --> 00:11:56,810 So 322 00:11:58,500 --> 00:12:00,899 one piece of this is improving 323 00:12:00,900 --> 00:12:02,999 the workflows that we have for 324 00:12:03,000 --> 00:12:04,469 responding to these attacks. 325 00:12:04,470 --> 00:12:08,249 So a number of organizations 326 00:12:08,250 --> 00:12:10,769 such as Digital Defenders Partnership 327 00:12:12,030 --> 00:12:14,159 Circle, if 328 00:12:14,160 --> 00:12:16,259 Internews and others 329 00:12:16,260 --> 00:12:17,999 as well as ourselves put a thing called 330 00:12:18,000 --> 00:12:19,949 Digital First Aid Kit, which is basically 331 00:12:19,950 --> 00:12:22,439 the first step towards trying to 332 00:12:22,440 --> 00:12:24,629 audit these workflows and how we respond 333 00:12:24,630 --> 00:12:27,599 to these situations. 334 00:12:27,600 --> 00:12:29,759 But it's not just for the existing 335 00:12:29,760 --> 00:12:31,829 community in order to build some 336 00:12:31,830 --> 00:12:34,079 type of general foundation 337 00:12:34,080 --> 00:12:35,579 of response, let's say, to targeted 338 00:12:35,580 --> 00:12:37,829 malware or whatnot. 339 00:12:37,830 --> 00:12:39,389 It's also to make it easier to build 340 00:12:39,390 --> 00:12:42,149 additional rapid response 341 00:12:42,150 --> 00:12:44,219 groups and communities 342 00:12:44,220 --> 00:12:46,409 around the world, because what's 343 00:12:46,410 --> 00:12:48,959 most helpful is it's not one organization 344 00:12:48,960 --> 00:12:51,269 doing this, but it's a number of 345 00:12:51,270 --> 00:12:53,369 organizations that international and 346 00:12:53,370 --> 00:12:55,919 regional and local and community levels 347 00:12:57,270 --> 00:12:58,270 doing this work 348 00:13:00,030 --> 00:13:02,579 in terms of improving 349 00:13:02,580 --> 00:13:04,200 these processes as well. 350 00:13:05,880 --> 00:13:08,489 There's been the recent listing of 351 00:13:08,490 --> 00:13:11,279 civil society certa to try to improve 352 00:13:11,280 --> 00:13:13,319 this coordination between the civil 353 00:13:13,320 --> 00:13:15,059 society community. 354 00:13:15,060 --> 00:13:17,459 And you can check it out. 355 00:13:17,460 --> 00:13:19,919 It's not accredited yet as a cert. 356 00:13:19,920 --> 00:13:22,019 We're also hoping to 357 00:13:22,020 --> 00:13:23,519 go through this same process. 358 00:13:24,600 --> 00:13:26,879 And a lot of this is to help audit our 359 00:13:26,880 --> 00:13:28,949 workflows and help make 360 00:13:28,950 --> 00:13:30,959 sure that all the things that we do are 361 00:13:30,960 --> 00:13:32,580 our best practice and 362 00:13:33,750 --> 00:13:35,939 are easily shareable 363 00:13:35,940 --> 00:13:38,729 publicly so that other groups can also 364 00:13:38,730 --> 00:13:40,859 build these types of infrastructure 365 00:13:40,860 --> 00:13:42,869 and support mechanisms for civil society. 366 00:13:44,610 --> 00:13:45,509 Hello. 367 00:13:45,510 --> 00:13:47,039 And so this is kind of zoomed in a bit. 368 00:13:47,040 --> 00:13:48,040 But 369 00:13:49,320 --> 00:13:51,419 one of the interesting aspects of 370 00:13:51,420 --> 00:13:53,489 the helpline work that we do and the 371 00:13:53,490 --> 00:13:55,739 response that we have is actually only 372 00:13:55,740 --> 00:13:57,869 50 percent or 50 one percent 373 00:13:57,870 --> 00:14:00,059 of our cases are reactive in 374 00:14:00,060 --> 00:14:02,879 the sense that someone is urgently 375 00:14:02,880 --> 00:14:05,069 contacting us and they need X, 376 00:14:05,070 --> 00:14:06,070 Y or Z done. 377 00:14:07,200 --> 00:14:08,999 About half of our cases are instead 378 00:14:09,000 --> 00:14:11,310 people picking us, most likely 379 00:14:12,630 --> 00:14:14,219 organizations or individuals that we 380 00:14:14,220 --> 00:14:16,229 already have a relationship with, from 381 00:14:16,230 --> 00:14:17,669 working with them in the past that are 382 00:14:17,670 --> 00:14:19,769 asking for proactive help 383 00:14:19,770 --> 00:14:22,199 to secure communications 384 00:14:22,200 --> 00:14:24,299 in some variety or implement or trying 385 00:14:24,300 --> 00:14:26,609 out some tool or have a training 386 00:14:26,610 --> 00:14:29,519 on a particular practice. 387 00:14:29,520 --> 00:14:31,799 And so what this does is actually put 388 00:14:31,800 --> 00:14:34,139 rapid response organizations 389 00:14:34,140 --> 00:14:36,239 in a difficult position because 390 00:14:36,240 --> 00:14:38,489 they're nominally focused on 391 00:14:38,490 --> 00:14:41,099 this reactive type of support, 392 00:14:41,100 --> 00:14:43,169 but in building these relationships with 393 00:14:43,170 --> 00:14:44,439 these different organ. Associations or 394 00:14:44,440 --> 00:14:46,659 groups, you're you 395 00:14:46,660 --> 00:14:48,729 become involved in these more long 396 00:14:48,730 --> 00:14:50,919 term fiscal 397 00:14:50,920 --> 00:14:51,940 capacity building. 398 00:14:53,380 --> 00:14:54,380 And so 399 00:14:55,720 --> 00:14:57,789 some of the ways 400 00:14:57,790 --> 00:14:59,889 of helping that is by bridging the gap 401 00:14:59,890 --> 00:15:02,079 between the rapid responders 402 00:15:02,080 --> 00:15:03,399 and the training community. 403 00:15:03,400 --> 00:15:04,599 So the training community 404 00:15:05,650 --> 00:15:07,119 are the folks that do this type of 405 00:15:07,120 --> 00:15:10,029 capacity building for organizations 406 00:15:10,030 --> 00:15:11,619 and individuals. 407 00:15:11,620 --> 00:15:13,269 But as of now, there isn't a great 408 00:15:13,270 --> 00:15:15,129 interaction between the two communities. 409 00:15:16,240 --> 00:15:18,610 And and so, for instance, 410 00:15:20,260 --> 00:15:22,509 a lot of the materials that are created 411 00:15:22,510 --> 00:15:24,579 for training are targeting 412 00:15:24,580 --> 00:15:27,129 end users rather than targeting 413 00:15:27,130 --> 00:15:28,130 folks, 414 00:15:29,290 --> 00:15:30,399 training other people. 415 00:15:30,400 --> 00:15:32,859 So a rapid responder doesn't necessarily 416 00:15:32,860 --> 00:15:35,139 have a lot of 417 00:15:35,140 --> 00:15:37,329 materials in which that they can learn 418 00:15:37,330 --> 00:15:39,549 how to best communicate secure 419 00:15:39,550 --> 00:15:41,949 communications issues to 420 00:15:41,950 --> 00:15:43,419 a given community. 421 00:15:43,420 --> 00:15:44,420 But that's 422 00:15:45,850 --> 00:15:48,429 getting filled at least at some level. 423 00:15:48,430 --> 00:15:50,139 There's the level up project, which is 424 00:15:50,140 --> 00:15:51,729 currently being managed by inertness, and 425 00:15:51,730 --> 00:15:54,069 there's also the safe type project, also 426 00:15:54,070 --> 00:15:55,509 currently being management and use that 427 00:15:55,510 --> 00:15:57,339 are very exciting. 428 00:15:57,340 --> 00:15:59,649 Level up is focused on trainers and safe 429 00:15:59,650 --> 00:16:02,139 on auditors of 430 00:16:02,140 --> 00:16:03,519 the security of organizations. 431 00:16:03,520 --> 00:16:05,229 So these are ways of filling in these 432 00:16:05,230 --> 00:16:07,960 gaps between rapid response 433 00:16:09,010 --> 00:16:11,079 and the training of end users and 434 00:16:11,080 --> 00:16:12,459 trying to fill in. Like what about 435 00:16:12,460 --> 00:16:13,779 organizational level? 436 00:16:13,780 --> 00:16:15,430 What about getting more trainers 437 00:16:16,930 --> 00:16:19,329 that can kind of work in that spectrum? 438 00:16:19,330 --> 00:16:21,339 On the other side, trainers often fall 439 00:16:21,340 --> 00:16:23,799 into the an issue 440 00:16:23,800 --> 00:16:25,929 where they're funded to 441 00:16:25,930 --> 00:16:28,239 go to a certain place and do a training 442 00:16:28,240 --> 00:16:30,969 for a week or five days or three days 443 00:16:30,970 --> 00:16:32,889 with a number of different organizations 444 00:16:32,890 --> 00:16:34,539 on a set number of topics. 445 00:16:35,610 --> 00:16:37,899 And that's all that they're funded to do. 446 00:16:37,900 --> 00:16:39,039 And maybe they're not even an 447 00:16:39,040 --> 00:16:40,239 organization, but a number of 448 00:16:40,240 --> 00:16:41,139 consultants. 449 00:16:41,140 --> 00:16:43,329 And so one 450 00:16:43,330 --> 00:16:45,609 way of helping support that 451 00:16:45,610 --> 00:16:48,009 initial interaction with digital security 452 00:16:48,010 --> 00:16:50,289 tools and practices is to have 453 00:16:50,290 --> 00:16:52,569 these rapid response responder 454 00:16:52,570 --> 00:16:54,789 groups supporting the trainers when 455 00:16:54,790 --> 00:16:56,739 they're going to these places and coming 456 00:16:56,740 --> 00:16:58,899 out of those trainings so that those 457 00:16:58,900 --> 00:17:01,239 organizations can continue to 458 00:17:01,240 --> 00:17:03,099 engage on those topics. 459 00:17:03,100 --> 00:17:05,949 If they have issues with their, you know, 460 00:17:05,950 --> 00:17:07,899 Thunderbird in an email installation or 461 00:17:07,900 --> 00:17:10,299 something like that, they'll have folks 462 00:17:10,300 --> 00:17:13,449 that have the capacity to respond 463 00:17:13,450 --> 00:17:15,279 in a meaningful manner and all that type 464 00:17:15,280 --> 00:17:16,479 of stuff. 465 00:17:16,480 --> 00:17:18,368 So those are kind of my pitches for ways 466 00:17:18,369 --> 00:17:19,779 of tying those two 467 00:17:20,859 --> 00:17:22,509 threads together. 468 00:17:22,510 --> 00:17:24,909 On the other side, you also have rapid 469 00:17:24,910 --> 00:17:27,159 responders and developers. 470 00:17:28,390 --> 00:17:30,309 So a lot of trainers and rapid responders 471 00:17:30,310 --> 00:17:32,379 receive very interesting user 472 00:17:32,380 --> 00:17:35,079 feedback on these tools 473 00:17:35,080 --> 00:17:37,269 because they're working in high risk 474 00:17:37,270 --> 00:17:40,149 environments with targeted communities. 475 00:17:40,150 --> 00:17:42,519 And it's the type of information 476 00:17:42,520 --> 00:17:44,649 that a developer hopefully would find 477 00:17:44,650 --> 00:17:45,650 valuable. 478 00:17:46,750 --> 00:17:47,919 However, they don't really have the 479 00:17:47,920 --> 00:17:49,989 capacity or time to be going 480 00:17:49,990 --> 00:17:52,089 to a developer and 481 00:17:52,090 --> 00:17:54,729 trying to formulate 482 00:17:54,730 --> 00:17:56,829 their feedback in a bug report 483 00:17:56,830 --> 00:17:58,809 or multiple bug reports, et cetera. 484 00:17:58,810 --> 00:18:00,489 And so there's not a lot of capacity 485 00:18:00,490 --> 00:18:02,469 currently to kind of connect that loop. 486 00:18:02,470 --> 00:18:04,389 And so one project that's an exception to 487 00:18:04,390 --> 00:18:06,009 that is open. ATP's security is a 488 00:18:06,010 --> 00:18:08,049 practice project, which is actually just 489 00:18:08,050 --> 00:18:09,519 one person. 490 00:18:09,520 --> 00:18:12,189 So obviously more 491 00:18:12,190 --> 00:18:13,239 capacity there. 492 00:18:13,240 --> 00:18:14,240 It would be awesome 493 00:18:15,730 --> 00:18:18,999 for the developers to train side. 494 00:18:19,000 --> 00:18:20,109 One of the things that we're looking 495 00:18:20,110 --> 00:18:22,389 forward to trying to do in 2015 496 00:18:22,390 --> 00:18:25,089 is interact more with the developers 497 00:18:25,090 --> 00:18:27,159 of some of the secure communication 498 00:18:27,160 --> 00:18:29,469 tools that are relied 499 00:18:29,470 --> 00:18:31,569 on by these communities and trying 500 00:18:31,570 --> 00:18:33,909 to, instead of the developers, having 501 00:18:33,910 --> 00:18:36,519 to provide support for these communities, 502 00:18:36,520 --> 00:18:38,709 which, you know, is great of them 503 00:18:38,710 --> 00:18:40,749 when they're able to do it, but also have 504 00:18:40,750 --> 00:18:42,549 rapid responders and trainers supporting 505 00:18:42,550 --> 00:18:44,680 them when they're interacting. 506 00:18:47,610 --> 00:18:48,610 Some are generally. 507 00:18:49,880 --> 00:18:52,069 I hope I kind of spelled out 508 00:18:52,070 --> 00:18:54,349 in a general overview the rapid 509 00:18:54,350 --> 00:18:56,779 response community and 510 00:18:56,780 --> 00:18:59,059 going into twenty fifteen 511 00:18:59,060 --> 00:19:01,699 kind of the continued standardization 512 00:19:01,700 --> 00:19:04,129 and auditing of the existing workflows 513 00:19:04,130 --> 00:19:05,659 that we have. 514 00:19:05,660 --> 00:19:07,819 And and part of that is also 515 00:19:07,820 --> 00:19:09,919 trying to get it more publicly available 516 00:19:09,920 --> 00:19:11,809 so that more groups, 517 00:19:12,950 --> 00:19:15,199 you know, at a lower level can 518 00:19:15,200 --> 00:19:17,629 be built around these 519 00:19:17,630 --> 00:19:19,549 this documentation and these workflows 520 00:19:20,630 --> 00:19:23,029 continue to focus on specific 521 00:19:23,030 --> 00:19:25,219 communities that are being 522 00:19:25,220 --> 00:19:27,109 targeted, improving these different 523 00:19:27,110 --> 00:19:30,049 interactions between rapid responders 524 00:19:30,050 --> 00:19:32,599 and training groups, as well as 525 00:19:32,600 --> 00:19:34,669 these these loops with 526 00:19:34,670 --> 00:19:36,419 developers. 527 00:19:36,420 --> 00:19:37,420 So thank you. 528 00:19:47,670 --> 00:19:49,469 Michael, here it is. 529 00:19:49,470 --> 00:19:50,470 Wow. 530 00:19:51,060 --> 00:19:53,379 We'll be taking questions, please, 531 00:19:53,380 --> 00:19:56,009 if you as this thing is streamed, 532 00:19:56,010 --> 00:19:58,799 will you please walk up to the mikes? 533 00:19:58,800 --> 00:20:01,049 Number one, number two, number three 534 00:20:01,050 --> 00:20:02,050 and number four 535 00:20:03,210 --> 00:20:04,559 and talk into the mike. 536 00:20:04,560 --> 00:20:07,019 So we got it on the street. 537 00:20:07,020 --> 00:20:09,089 The young man, number three 538 00:20:09,090 --> 00:20:10,259 is the first. 539 00:20:10,260 --> 00:20:12,279 Number one will be the second. 540 00:20:12,280 --> 00:20:13,529 OK. 541 00:20:13,530 --> 00:20:14,999 Hello and thank you for the talk. 542 00:20:16,080 --> 00:20:18,269 My question would be, 543 00:20:18,270 --> 00:20:20,339 are yourself as an organization 544 00:20:20,340 --> 00:20:23,159 being targeted at times and 545 00:20:23,160 --> 00:20:25,739 to have any luck, 546 00:20:25,740 --> 00:20:27,029 are you careful about that? 547 00:20:27,030 --> 00:20:29,039 To have any operational security 548 00:20:29,040 --> 00:20:30,329 regarding that? 549 00:20:30,330 --> 00:20:31,499 Sure, yeah. That's a really good 550 00:20:31,500 --> 00:20:33,779 question. So we 551 00:20:33,780 --> 00:20:35,309 certainly try to take a lot of 552 00:20:35,310 --> 00:20:37,229 precautions and the infrastructure that 553 00:20:37,230 --> 00:20:38,939 we build and the practice that we have. 554 00:20:38,940 --> 00:20:41,009 So, for instance, on 555 00:20:41,010 --> 00:20:43,289 the back end for ticketing, 556 00:20:43,290 --> 00:20:46,499 we use for Cross Tracker, which can 557 00:20:46,500 --> 00:20:49,379 be incorporated GPG, 558 00:20:49,380 --> 00:20:51,389 so that all the emails that it sends out 559 00:20:51,390 --> 00:20:52,769 to folks are encrypted. 560 00:20:52,770 --> 00:20:55,199 We have an encrypted SCHLUTER mailing 561 00:20:55,200 --> 00:20:57,299 list where we coordinate 562 00:20:57,300 --> 00:20:58,139 stuff. 563 00:20:58,140 --> 00:21:00,239 Um, we try 564 00:21:00,240 --> 00:21:03,779 to in order to access, 565 00:21:03,780 --> 00:21:06,149 uh, the request 566 00:21:06,150 --> 00:21:06,539 tracker. 567 00:21:06,540 --> 00:21:08,759 In the first instance, 568 00:21:08,760 --> 00:21:11,369 um, you need to 569 00:21:11,370 --> 00:21:14,069 connect to a VPN where 570 00:21:14,070 --> 00:21:16,319 you're authenticated, you know, via 571 00:21:16,320 --> 00:21:17,639 a certificate. 572 00:21:17,640 --> 00:21:19,709 Then you go to a website that's 573 00:21:19,710 --> 00:21:21,299 not publicly available, that's only 574 00:21:21,300 --> 00:21:22,769 available through the VPN where you're 575 00:21:22,770 --> 00:21:25,859 authenticated via a certificate, 576 00:21:25,860 --> 00:21:28,499 then you authenticate with your the 577 00:21:28,500 --> 00:21:30,659 account name and password. 578 00:21:30,660 --> 00:21:33,569 So I think that's three factors. 579 00:21:33,570 --> 00:21:36,209 So we definitely try to implement 580 00:21:36,210 --> 00:21:38,339 practices to protect this type 581 00:21:38,340 --> 00:21:40,439 of information and make sure 582 00:21:40,440 --> 00:21:42,150 that the trust that people put in us, 583 00:21:43,240 --> 00:21:44,430 you know, is well placed. 584 00:21:46,900 --> 00:21:48,099 OK, thank you, 585 00:21:49,370 --> 00:21:51,159 number one, please. 586 00:21:51,160 --> 00:21:53,319 OK, so, um, the question 587 00:21:53,320 --> 00:21:55,419 is about the party's need for secure 588 00:21:55,420 --> 00:21:56,469 file sharing. 589 00:21:56,470 --> 00:21:58,549 So, uh, what about 590 00:21:58,550 --> 00:21:59,049 unclad? 591 00:21:59,050 --> 00:22:00,849 Because I use my organization. 592 00:22:00,850 --> 00:22:03,399 It's not a frontline situation, but 593 00:22:03,400 --> 00:22:05,589 I know the security audits 594 00:22:05,590 --> 00:22:06,999 are badly needed. 595 00:22:07,000 --> 00:22:08,949 But have you considered it? 596 00:22:08,950 --> 00:22:11,289 And did you find it unusable 597 00:22:11,290 --> 00:22:13,569 because that was the prerequisite? 598 00:22:13,570 --> 00:22:16,359 Sorry, what was the tool on Gload 599 00:22:16,360 --> 00:22:18,189 Unplugged? I've not I've not played 600 00:22:18,190 --> 00:22:20,029 around with the project. 601 00:22:20,030 --> 00:22:20,979 OK, I'll check it out. 602 00:22:20,980 --> 00:22:22,779 I mean, that's one of the great examples 603 00:22:22,780 --> 00:22:24,519 of what we need to do is have 604 00:22:26,050 --> 00:22:28,299 some type or more capacity 605 00:22:28,300 --> 00:22:30,359 to be testing out new tools. 606 00:22:30,360 --> 00:22:32,709 And then once they reach a certain 607 00:22:32,710 --> 00:22:34,869 level of we want to be using them, 608 00:22:34,870 --> 00:22:36,879 then have them be security audited by the 609 00:22:36,880 --> 00:22:38,979 community and then finally incorporate 610 00:22:38,980 --> 00:22:40,450 them into the workflows. 611 00:22:41,620 --> 00:22:43,489 Cool. Thanks. Thanks. 612 00:22:43,490 --> 00:22:44,799 OK, do it sequentially. 613 00:22:44,800 --> 00:22:46,659 Number two, please. 614 00:22:46,660 --> 00:22:48,879 OK, Michael, thanks a lot for 615 00:22:48,880 --> 00:22:50,229 your nice talk. I mean, thanks a lot for 616 00:22:50,230 --> 00:22:51,459 all the work. 617 00:22:51,460 --> 00:22:54,159 I mean maybe I'm not so what. 618 00:22:54,160 --> 00:22:55,929 Informed about it but I was wondering how 619 00:22:55,930 --> 00:22:57,219 do you get your funding. And the other 620 00:22:57,220 --> 00:22:59,289 question was, um, 621 00:22:59,290 --> 00:23:01,569 I mean most of the search around they 622 00:23:01,570 --> 00:23:03,669 are private sector search or 623 00:23:03,670 --> 00:23:05,559 governmental search. I was wondering, do 624 00:23:05,560 --> 00:23:07,059 you find it easy to work with them? 625 00:23:07,060 --> 00:23:09,369 Are there obstacles that go 626 00:23:09,370 --> 00:23:10,599 on the top of your list that you would 627 00:23:10,600 --> 00:23:11,529 like to see removed? 628 00:23:11,530 --> 00:23:13,239 Are you sure? 629 00:23:13,240 --> 00:23:15,339 So on the first ask, so 630 00:23:15,340 --> 00:23:17,049 we actually have a Web page on our 631 00:23:17,050 --> 00:23:19,179 website. So websites access. 632 00:23:19,180 --> 00:23:21,519 Now, Doug and I have a funding page. 633 00:23:21,520 --> 00:23:23,919 I think it's slash about slash funding 634 00:23:23,920 --> 00:23:25,899 and it has our funding policy as well as 635 00:23:25,900 --> 00:23:27,489 where we get all of our money from, like 636 00:23:27,490 --> 00:23:29,559 specifically for each project, 637 00:23:29,560 --> 00:23:31,899 um, for the helpline or 638 00:23:31,900 --> 00:23:33,279 for access in general. 639 00:23:33,280 --> 00:23:35,349 It's like two thirds foundation and 640 00:23:35,350 --> 00:23:37,449 one third corporate government and 641 00:23:37,450 --> 00:23:39,459 individual donation. 642 00:23:39,460 --> 00:23:41,049 But you can see it like further broken 643 00:23:41,050 --> 00:23:43,599 down. Um, but yeah, that policy 644 00:23:43,600 --> 00:23:46,239 ends up, uh, meaning 645 00:23:46,240 --> 00:23:47,979 in practice that like we don't accept 646 00:23:47,980 --> 00:23:49,269 money from the US government, for 647 00:23:49,270 --> 00:23:51,369 instance, and some other 648 00:23:51,370 --> 00:23:52,449 entities. 649 00:23:52,450 --> 00:23:55,029 And that just comes out of our history. 650 00:23:55,030 --> 00:23:57,309 We originally were providing 651 00:23:57,310 --> 00:23:59,709 this type of digital security 652 00:23:59,710 --> 00:24:02,049 support to the Green Movement 653 00:24:02,050 --> 00:24:04,539 in Iran in 2009, 2010, 654 00:24:04,540 --> 00:24:06,209 and then we expanded. 655 00:24:06,210 --> 00:24:08,289 And so obviously in the Middle East, 656 00:24:08,290 --> 00:24:10,929 it's, uh, and a lot of communities 657 00:24:10,930 --> 00:24:12,849 getting US government funding is a 658 00:24:12,850 --> 00:24:13,850 nonstarter 659 00:24:15,250 --> 00:24:16,239 for the second one for certain. 660 00:24:16,240 --> 00:24:17,650 I'm actually a terrible person to 661 00:24:18,670 --> 00:24:20,739 ask that question. Rafael, who's sitting 662 00:24:20,740 --> 00:24:23,049 in the front would be much better 663 00:24:23,050 --> 00:24:25,239 at answering how it is interacting 664 00:24:25,240 --> 00:24:26,439 with private certs. 665 00:24:26,440 --> 00:24:27,549 I don't know if you want to like. 666 00:24:29,800 --> 00:24:32,019 OK, Michael, I think your computer 667 00:24:32,020 --> 00:24:34,269 is on 10 percent or something like that, 668 00:24:34,270 --> 00:24:35,410 at least that's what it says. 669 00:24:37,180 --> 00:24:39,999 OK, so I 670 00:24:40,000 --> 00:24:41,919 work in Luxembourg National Surf there. 671 00:24:41,920 --> 00:24:44,139 So that's basically 672 00:24:44,140 --> 00:24:45,379 I'm helping also. 673 00:24:45,380 --> 00:24:47,439 I'm trying to help civil society to have 674 00:24:47,440 --> 00:24:48,369 to improve our security. 675 00:24:48,370 --> 00:24:50,589 So it's it's not 676 00:24:50,590 --> 00:24:52,719 really a problem of the 677 00:24:52,720 --> 00:24:55,179 most complex part to deal with other the 678 00:24:55,180 --> 00:24:56,739 to get the trust on. 679 00:24:56,740 --> 00:24:58,659 It's also sort of the same problem you 680 00:24:58,660 --> 00:25:00,219 will have all the time in such 681 00:25:00,220 --> 00:25:02,289 situations. So it's not 682 00:25:02,290 --> 00:25:04,239 really more complicated with a cell than 683 00:25:04,240 --> 00:25:06,429 any other organization as soon 684 00:25:06,430 --> 00:25:08,319 as you have to trust your phone. 685 00:25:08,320 --> 00:25:09,320 Yeah. 686 00:25:11,880 --> 00:25:14,069 OK, number 687 00:25:14,070 --> 00:25:15,070 three, please. 688 00:25:16,590 --> 00:25:19,169 Yeah, I was in the, 689 00:25:19,170 --> 00:25:21,689 um, um, uh, 690 00:25:21,690 --> 00:25:24,089 uh, yesterday in room number one, 691 00:25:24,090 --> 00:25:26,369 Krypto Tales from the Trenches where 692 00:25:26,370 --> 00:25:28,649 the journalist talked a little bit about 693 00:25:28,650 --> 00:25:30,719 the whole issue, about using 694 00:25:30,720 --> 00:25:32,669 crypto tools for communication. 695 00:25:32,670 --> 00:25:34,409 And they seem to be running into a lot of 696 00:25:34,410 --> 00:25:35,829 the same issues that you guys are 697 00:25:35,830 --> 00:25:37,649 encountering when you do the work with 698 00:25:37,650 --> 00:25:40,379 the people out on the front. 699 00:25:40,380 --> 00:25:42,989 Are you connected to each other in a way, 700 00:25:42,990 --> 00:25:44,429 because I like the approach that you're 701 00:25:44,430 --> 00:25:46,139 closing the link to the developers. 702 00:25:46,140 --> 00:25:48,359 And I think it would be very smart that 703 00:25:48,360 --> 00:25:50,519 you all sort of joined forces 704 00:25:50,520 --> 00:25:52,499 now in the next time to come, because it 705 00:25:52,500 --> 00:25:54,179 seems to be a rather big issue to come 706 00:25:54,180 --> 00:25:56,489 up, uh, for many people. 707 00:25:56,490 --> 00:25:58,379 Yeah, I fully support that and I 708 00:25:58,380 --> 00:25:59,549 definitely want that to happen. 709 00:25:59,550 --> 00:26:01,979 It's just a little bit slow. 710 00:26:01,980 --> 00:26:04,849 Um, but it definitely is happening. 711 00:26:04,850 --> 00:26:07,219 Yeah, OK, there's 712 00:26:07,220 --> 00:26:09,469 somebody at number one, please. 713 00:26:09,470 --> 00:26:11,089 And was that a sign or. 714 00:26:11,090 --> 00:26:12,090 Yeah, OK. 715 00:26:15,460 --> 00:26:17,319 Talking to the microphone, it's not 716 00:26:17,320 --> 00:26:19,069 working. It's working OK now. 717 00:26:19,070 --> 00:26:20,349 Thank you. 718 00:26:20,350 --> 00:26:21,999 Well, first of all, thank you for a great 719 00:26:22,000 --> 00:26:24,309 book. I think it's a tremendous 720 00:26:24,310 --> 00:26:26,319 help for many people. 721 00:26:26,320 --> 00:26:28,389 And I would like to ask a 722 00:26:28,390 --> 00:26:30,459 question about this United 723 00:26:30,460 --> 00:26:32,619 States on rank two or 724 00:26:32,620 --> 00:26:34,629 something. And you said it was mainly 725 00:26:34,630 --> 00:26:36,039 because they are working abroad. 726 00:26:36,040 --> 00:26:38,469 But do you also have, 727 00:26:38,470 --> 00:26:40,839 you know, questions about, 728 00:26:40,840 --> 00:26:42,369 um, being being 729 00:26:43,510 --> 00:26:45,669 targeted by Western 730 00:26:45,670 --> 00:26:47,769 governments? And do you 731 00:26:47,770 --> 00:26:49,329 deal with that as well? 732 00:26:49,330 --> 00:26:50,499 Yeah, that's a great question. 733 00:26:50,500 --> 00:26:53,199 And certainly, um, so communities 734 00:26:53,200 --> 00:26:54,729 that are targeted by 735 00:26:55,750 --> 00:26:57,489 us, um, 736 00:26:58,540 --> 00:27:01,119 so there's like journalists, 737 00:27:01,120 --> 00:27:04,119 as I mentioned, more generally, um, 738 00:27:04,120 --> 00:27:06,549 lawyers dealing with 739 00:27:06,550 --> 00:27:08,619 topics, um, that the U.S. 740 00:27:08,620 --> 00:27:10,959 government doesn't enjoy 741 00:27:10,960 --> 00:27:13,179 activists. I think 742 00:27:13,180 --> 00:27:15,339 it's not dissimilar from the 743 00:27:15,340 --> 00:27:16,869 types of communities that would be 744 00:27:16,870 --> 00:27:18,969 targeted and in the 745 00:27:18,970 --> 00:27:20,950 U.K. or similar. 746 00:27:24,160 --> 00:27:26,289 OK, there's two more 747 00:27:26,290 --> 00:27:27,339 questions here. 748 00:27:27,340 --> 00:27:28,779 And this is Germany. 749 00:27:28,780 --> 00:27:30,729 We're trying to keep the timetables, so 750 00:27:30,730 --> 00:27:32,439 we'll take a maximum of three. 751 00:27:32,440 --> 00:27:34,929 Go ahead, Fabio. 752 00:27:34,930 --> 00:27:37,239 On Global Links, I want to ask 753 00:27:37,240 --> 00:27:39,339 you if it does happen 754 00:27:39,340 --> 00:27:41,199 for the kind of job that you're doing, 755 00:27:41,200 --> 00:27:43,629 especially on the preemptive activities 756 00:27:43,630 --> 00:27:45,549 that relate to the training and the 757 00:27:45,550 --> 00:27:47,739 training activity to work 758 00:27:47,740 --> 00:27:49,929 with the, let's say, project 759 00:27:49,930 --> 00:27:52,749 based initiative, what I mean 760 00:27:52,750 --> 00:27:55,059 with global links, but probably also 761 00:27:55,060 --> 00:27:57,219 other software, you 762 00:27:57,220 --> 00:27:59,409 end up supporting a group 763 00:27:59,410 --> 00:28:02,889 typically in a vulnerable society 764 00:28:02,890 --> 00:28:05,109 where it's not your main job 765 00:28:05,110 --> 00:28:07,269 to do the digital security training, but 766 00:28:07,270 --> 00:28:09,759 you end up often working with people that 767 00:28:09,760 --> 00:28:11,469 require to have the digital security 768 00:28:11,470 --> 00:28:12,399 skills. 769 00:28:12,400 --> 00:28:14,619 And OK, we end 770 00:28:14,620 --> 00:28:16,449 up doing the training when it's needed, 771 00:28:16,450 --> 00:28:17,949 but it's not our job. 772 00:28:17,950 --> 00:28:20,109 And what you say about 773 00:28:20,110 --> 00:28:22,449 the past training critical 774 00:28:22,450 --> 00:28:24,909 points is exactly what we experience 775 00:28:24,910 --> 00:28:25,929 in several projects. 776 00:28:25,930 --> 00:28:28,059 So my meaning is, does it happen 777 00:28:28,060 --> 00:28:30,279 that when there are projects that 778 00:28:30,280 --> 00:28:32,469 involve civil society that need 779 00:28:32,470 --> 00:28:34,659 to be planted, that are already a set of 780 00:28:34,660 --> 00:28:37,269 partner, you can get engaged 781 00:28:37,270 --> 00:28:39,339 for the training, training 782 00:28:39,340 --> 00:28:41,289 and support for everything that's related 783 00:28:41,290 --> 00:28:42,849 to digital security. 784 00:28:42,850 --> 00:28:45,249 That's a core component 785 00:28:45,250 --> 00:28:46,250 of a project. 786 00:28:47,410 --> 00:28:49,929 But maybe who is leading it 787 00:28:49,930 --> 00:28:51,909 doesn't have specifically that kind of 788 00:28:51,910 --> 00:28:54,669 preparation and especially that kind of 789 00:28:54,670 --> 00:28:56,979 organized stuff to do training 790 00:28:56,980 --> 00:28:58,719 and training especially. 791 00:28:59,830 --> 00:29:00,159 Yeah. 792 00:29:00,160 --> 00:29:02,289 So I if I 793 00:29:02,290 --> 00:29:04,449 get what your question is, we would 794 00:29:04,450 --> 00:29:06,879 be more than happy to support, 795 00:29:06,880 --> 00:29:09,279 uh, like an organization such as yours 796 00:29:09,280 --> 00:29:10,869 when you're doing those types of 797 00:29:10,870 --> 00:29:11,829 activities. 798 00:29:11,830 --> 00:29:14,199 If you want to coordinate beforehand, 799 00:29:14,200 --> 00:29:15,429 that's even better. 800 00:29:16,930 --> 00:29:19,359 I don't know if any organization 801 00:29:19,360 --> 00:29:20,360 has a full 802 00:29:21,460 --> 00:29:23,949 map of what they want to be doing 803 00:29:23,950 --> 00:29:25,119 for the next five years. 804 00:29:25,120 --> 00:29:27,429 So we're more than happy to provide 805 00:29:27,430 --> 00:29:29,619 that support as issues 806 00:29:29,620 --> 00:29:30,639 come up. 807 00:29:30,640 --> 00:29:32,799 So, you know, if it's 808 00:29:32,800 --> 00:29:35,649 initially localization and support on 809 00:29:35,650 --> 00:29:37,449 secure communications to talk about 810 00:29:37,450 --> 00:29:39,729 global leaks or the like, 811 00:29:39,730 --> 00:29:42,009 we're happy to do it as it comes up, 812 00:29:42,010 --> 00:29:43,719 but happy to talk more later, if I 813 00:29:43,720 --> 00:29:44,529 understand your question. 814 00:29:44,530 --> 00:29:45,729 OK, thank you. 815 00:29:45,730 --> 00:29:47,529 Last question. Hang on, folks. 816 00:29:47,530 --> 00:29:49,269 When you're leaving, please, can you keep 817 00:29:49,270 --> 00:29:51,279 it quiet for the last two minutes? 818 00:29:51,280 --> 00:29:52,280 Go ahead. 819 00:29:53,190 --> 00:29:55,769 Do you have a model 820 00:29:55,770 --> 00:29:58,139 for letting people volunteer to provide 821 00:29:58,140 --> 00:29:59,849 instant handling sports to sort of like 822 00:29:59,850 --> 00:30:02,009 the the sand storm center 823 00:30:02,010 --> 00:30:04,469 where folks can be on call to provide 824 00:30:04,470 --> 00:30:06,989 detailed triage investigation, 825 00:30:06,990 --> 00:30:07,990 that sort of thing? 826 00:30:10,810 --> 00:30:13,599 That's a good question. So if you're, 827 00:30:13,600 --> 00:30:15,669 uh, volunteering for 828 00:30:15,670 --> 00:30:18,219 a project like a 829 00:30:18,220 --> 00:30:20,439 secure communications tool 830 00:30:20,440 --> 00:30:22,720 or anonymity tool or some other project, 831 00:30:24,400 --> 00:30:26,679 we're more than happy to interact with 832 00:30:26,680 --> 00:30:28,509 you in with that project. 833 00:30:28,510 --> 00:30:30,219 For instance, if you end up getting some 834 00:30:30,220 --> 00:30:32,709 type of emergency response that you 835 00:30:32,710 --> 00:30:34,329 don't have the capacity for, we don't 836 00:30:34,330 --> 00:30:36,519 currently accept volunteers for 837 00:30:36,520 --> 00:30:38,289 this type of work just because it's 838 00:30:38,290 --> 00:30:40,059 usually rather sensitive. 839 00:30:40,060 --> 00:30:42,609 And it requires, um, 840 00:30:42,610 --> 00:30:44,589 it would require us to implement more, I 841 00:30:44,590 --> 00:30:47,199 guess, user control, um, 842 00:30:47,200 --> 00:30:49,479 in the back end to be able to 843 00:30:49,480 --> 00:30:51,699 incorporate that at this stage 844 00:30:51,700 --> 00:30:52,700 at least. 845 00:30:53,540 --> 00:30:55,639 Um, did you want me 846 00:30:55,640 --> 00:30:56,829 to ask something before 847 00:30:57,970 --> 00:31:00,139 I've seen you, but thank 848 00:31:00,140 --> 00:31:02,079 you for your question. 849 00:31:02,080 --> 00:31:04,209 I just checked your website and I 850 00:31:04,210 --> 00:31:06,309 would be curious to know if you have been 851 00:31:06,310 --> 00:31:08,559 to South Korea concerning the 852 00:31:08,560 --> 00:31:10,689 ITU planetary session 853 00:31:10,690 --> 00:31:12,819 and you had this campaign, 854 00:31:12,820 --> 00:31:15,259 you and I would be very, 855 00:31:15,260 --> 00:31:17,169 uh. How do you appreciate if you could 856 00:31:17,170 --> 00:31:19,689 tell us more about what a successful, 857 00:31:19,690 --> 00:31:21,789 uh, did you achieved something 858 00:31:21,790 --> 00:31:24,459 during this meeting? 859 00:31:24,460 --> 00:31:26,649 Sure. So in addition to 860 00:31:26,650 --> 00:31:28,149 the technical work that we do, we also 861 00:31:28,150 --> 00:31:30,639 have a policy and advocacy teams so that 862 00:31:30,640 --> 00:31:32,829 the ITU Internet governance stuff 863 00:31:32,830 --> 00:31:34,089 is more on the policy team. 864 00:31:34,090 --> 00:31:36,159 So I can't talk to that in particular. 865 00:31:36,160 --> 00:31:37,569 But I'd be more than happy to connect you 866 00:31:37,570 --> 00:31:39,039 with the policy folks that did go to 867 00:31:39,040 --> 00:31:40,570 South Korea and did work on that. 868 00:31:41,980 --> 00:31:44,709 OK, really, last question. 869 00:31:44,710 --> 00:31:46,629 How do you raise your how do you raise 870 00:31:46,630 --> 00:31:48,189 your profile and reach groups? 871 00:31:48,190 --> 00:31:49,389 How do they come across you? 872 00:31:49,390 --> 00:31:51,589 And of the, 873 00:31:51,590 --> 00:31:53,769 um, proactive, 874 00:31:53,770 --> 00:31:56,919 um, cases in which 875 00:31:56,920 --> 00:31:58,599 civil society actors sought out your 876 00:31:58,600 --> 00:32:01,119 help? What percentage of those had 877 00:32:01,120 --> 00:32:03,040 previously sought help or support? 878 00:32:05,210 --> 00:32:07,399 So for the first one, 879 00:32:07,400 --> 00:32:09,649 it's through, I guess, word of mouth 880 00:32:09,650 --> 00:32:11,809 currently that folks hear 881 00:32:11,810 --> 00:32:14,239 about us and get connected 882 00:32:14,240 --> 00:32:17,299 and there is a benefit because there's 883 00:32:17,300 --> 00:32:19,489 an implicit reference or referral 884 00:32:19,490 --> 00:32:21,589 in that. And so that helps us 885 00:32:21,590 --> 00:32:23,779 in the vetting process by, you 886 00:32:23,780 --> 00:32:25,669 know, already having one trusted partner 887 00:32:25,670 --> 00:32:27,710 know this organization or individual. 888 00:32:28,790 --> 00:32:31,549 But it is an internal discussion about 889 00:32:31,550 --> 00:32:33,769 how much more public we want to make it 890 00:32:33,770 --> 00:32:36,199 or have contact form 891 00:32:36,200 --> 00:32:38,659 on the website or things like that. 892 00:32:38,660 --> 00:32:41,089 But that's kind of an ongoing discussion 893 00:32:41,090 --> 00:32:42,349 for the preventative. 894 00:32:43,490 --> 00:32:45,969 Um, that's a really good question. 895 00:32:45,970 --> 00:32:48,469 I would say the majority 896 00:32:48,470 --> 00:32:51,139 of preventative cases are probably 897 00:32:51,140 --> 00:32:53,420 folks that we've already interacted with 898 00:32:54,500 --> 00:32:57,109 who might have initially 899 00:32:57,110 --> 00:32:59,179 heard about work that we've 900 00:32:59,180 --> 00:33:01,429 done from other folks or 901 00:33:01,430 --> 00:33:03,589 we've done reactive, 902 00:33:03,590 --> 00:33:04,910 rapid response for them. 903 00:33:06,290 --> 00:33:08,389 But as you kind of see in 904 00:33:08,390 --> 00:33:10,309 some of the stats, we're still kind of 905 00:33:10,310 --> 00:33:12,229 working on analyzing our statistics. 906 00:33:12,230 --> 00:33:14,089 So, like, I didn't try to look at that, 907 00:33:14,090 --> 00:33:16,399 but I'd be happy to look at that more and 908 00:33:16,400 --> 00:33:17,420 be able to share it later. 909 00:33:18,950 --> 00:33:21,229 OK, let's have a final hand 910 00:33:21,230 --> 00:33:23,299 from Michael. And thank you very much for 911 00:33:23,300 --> 00:33:24,300 that, John.