29 Oct 2022
a survivability onion for privacy tools?
Starting with some good news. There are several versions of the Survivability Onion but most appear to be US government work and so not copyrighted. I’m going to borrow it because it looks like a good starting point for setting priorities for designing a privacy tools and and services stack. Yes, in the long run, the real impact of individual privacy measures will be not so much in how you’re protected as an individual, but in how you help drive future investments away from surveillance and toward more constructive projects.
It would be good to get more privacy people leveled up:
Level 1 mix of effective and ineffective actions
Level 2 effective actions, but applied haphazardly (this is about where I am now)
Level 3 effective actions, efficiently selected and applied
If you want privacy, prepare for surveillance? All right, onion time.
A survivability onion is a way to visualize layers of protection. From Integrated Survivability Assessment:
The separate and independent “layers” of functions, which the threat has to “penetrate” to kill the system in a typical engagement, are most often represented mathematically by independent probabilities; thus, the overall probability of survival is the product of the independent component probabilities.
Since you have limited resources when designing an armored vehicle or whatever, you can apply your limited weight and money budgets to the most effective combinations of layers. The object is to maximize the probability of survival, which is the product of the probabilities of the attack getting through each layer.
And hey, that sounds familiar. We have a limited amount of time, money, and political juice for privacy stuff too. I think we can visualize the protection options in a similar way. Here’s a first attempt at a survivability onion for a personal privacy stack, with some examples of what fits into what layer.
Don’t do a trackable activity (delete a surveillance app, don’t visit a surveilled location, boycott a vendor)
Don’t send tracking info (block tracking traffic, either by using a tool like Privacy Badger to keep a tracking script from loading, or using a network filter like Pi-hole to prevent tracking SDKs from communicating with their hosts)
Send tracking info that is hard to link to your real info (use an auto-generated email address system like Firefox Relay, churn tracking cookies with Cookie AutoDelete)
Object or opt out when doing a tracked activity (Global Privacy Control)
Object, exercise the right to delete, or opt out later, after data has been collected but before you are targeted (Authorized Agent services like Permission Slip by CR, RtD automation tools like Mine)
So that’s step one—define the layers of the onion.
Next step: assessing threats. (Will add a link here soon.)
Bonus links
Devs: It’s Time to Consider IPFS as an Alternative to HTTP
The Remote Control Killers Behind Russia’s Cruise Missile Strikes on Ukraine
Keep your family’s internet private with Total Cookie Protection on Firefox
Collections: Strategic Airpower 101