Tech Demo - Privacy across ages and spaces

written by Silvia Puglisi [Hiro] on 2019-06-12

This demo is about creating and running ephemeral .onion services to share websites or simple web applications. We present different use cases for onion services and a wrapper app that allows you to start a .onion and start sharing a static website or a web application. Because .onion services live on the Tor network, you do not need hosting or a public ip address to offer some service via .onion address. The .onion is hosted on your computer for the time you desire, allowing the people visiting your site to remain anonymous, and also you. We believe anonymity to be very important since it can free people, allowing them to decide how to expose themselves or to make themselves visible on their own terms.

Link

Slides

venue: "Rightscon"

location: "Tunis, Tunisia"

Ephemereal Onions

written by Silvia Puglisi [Hiro] on 2019-06-06

Tor is an important tool for providing privacy and anonymity online. We provide privacy at the application level through the Tor Browser, and with .onion services, Tor allows users to hide their locations while offering various kinds of services. Because .onion services live on the Tor network, you do not need hosting or a public IP address to offer some app via an .onion address. The .onion is hosted on your computer for the time you desire, allowing the people visiting your site to remain anonymous, and you too. This talk is about creating and running ephemeral .onion services to share websites or simple web applications. We will present different use cases for onion services and a wrapper app that allows you to start an .onion and start sharing a static website or a web application.

Slides

venue: "We are developers world congress"

location: "Berlin, Germany"

Privacy Web Docs

written by Silvia Puglisi [Hiro] on 2019-04-02

Tor is an important tool providing privacy and anonymity online. The property of anonymity itself is more than just providing an encrypted connection between the source and the destination of a given conversation. There is in fact a lot of information that can be still learned by just observing encrypted communications. The Tor Browser was designed to provide privacy while surfing the web and defend users against both network and local forensic adversaries, There are two main categories of requirements for the Tor Browser: Security Requirements, and Privacy Requirements. Security Requirements are the minimum properties in order for a browser to be able to support Tor and similar privacy proxies safely. Privacy requirements are primarily concerned with reducing linkability: the ability for a user's activity on one site to be linked with their activity on another site without their knowledge or explicit consent. The Tor Browser is based on Mozilla's Extended Support Release (ESR) Firefox branch. We have a series of patches against this browser to enhance privacy and security. Browser behavior is additionally augmented through the Torbutton extension, and we also change a number of Firefox preferences from their defaults. This session is going to explore what tool and resources are missing for website and web applications to embrace more privacy friendly practices, and work seamlessly on Tor browser. We well answer some fundamental questions, like: - Why tor browser is slightly different from Firefox (or another browser) - Why does my app work differently in tor browser? What can I do to make it work smoothly? - How can I make my app compatible for people that do not use JS? - How can I configure an onion service? - What should I consider in order not to expose sensitive information about myself or visitors to my website? Code examples for css, js and backend configurations will be shared.

Pad

Link

webprivacy.rocks

Slides

venue: "Internet Freedom Festival"

location: "Valencia, Spain"