1
00:00:07,640 --> 00:00:09,640
So, encryption. Why?

2
00:00:09,680 --> 00:00:10,720
Is it…

3
00:00:10,760 --> 00:00:12,520
In the discussion here before,

4
00:00:12,560 --> 00:00:17,120
the… One of the common points is that it’s, well, hiding my big one secret.

5
00:00:17,640 --> 00:00:22,480
I’ve been trying to find a big fun image here, but you have to input it yourself.

6
00:00:23,120 --> 00:00:26,240
So, is it hiding my big secret?

7
00:00:26,280 --> 00:00:27,280
No,

8
00:00:27,320 --> 00:00:29,760
it’s not about hiding your big secret,

9
00:00:29,800 --> 00:00:33,280
it’s actually about control.

10
00:00:33,320 --> 00:00:34,040
You,

11
00:00:34,080 --> 00:00:36,080
every people have, you know,

12
00:00:36,120 --> 00:00:38,440
what they call “private” information,

13
00:00:38,480 --> 00:00:39,920
and “public” information.

14
00:00:40,360 --> 00:00:42,920
People have public information

15
00:00:42,960 --> 00:00:45,840
which they actually try to, you know, keep

16
00:00:45,880 --> 00:00:47,960
secret from the public’s eye,

17
00:00:48,000 --> 00:00:48,960
and

18
00:00:49,000 --> 00:00:53,440
I think it’s actually not good to talk about “hiding” when you talk encryption,

19
00:00:53,480 --> 00:00:57,120
because “hiding” is not about the same thing as “private”.

20
00:00:57,160 --> 00:00:59,160
I have a lot of things that are private,

21
00:00:59,200 --> 00:01:01,960
but I don’t try to actually hide them.

22
00:01:02,000 --> 00:01:02,920
I mean,

23
00:01:02,960 --> 00:01:05,720
I don’t have web cams in my room always

24
00:01:05,760 --> 00:01:08,280
looking at me,

25
00:01:08,320 --> 00:01:10,640
Observing every move I make.

26
00:01:10,680 --> 00:01:13,640
That’s not because I’m trying to hide what I do

27
00:01:13,680 --> 00:01:15,400
at my own home,

28
00:01:15,440 --> 00:01:18,720
it’s simply because I see my own home as private.

29
00:01:20,440 --> 00:01:21,840
So,

30
00:01:21,880 --> 00:01:24,960
This control you have of all your information;

31
00:01:25,000 --> 00:01:29,400
first of all, how do you lose it? Well, you can lose it in full by giving it away,

32
00:01:29,440 --> 00:01:32,840
and that’s a very wrong way to be giving out information.

33
00:01:33,920 --> 00:01:34,640
So,

34
00:01:34,680 --> 00:01:36,360
Google is

35
00:01:36,400 --> 00:01:38,400
a key example here on Gmail.

36
00:01:38,440 --> 00:01:39,080
You

37
00:01:39,120 --> 00:01:44,720
send your email, or actually other people send their emails to email servers,

38
00:01:44,760 --> 00:01:48,520
They have the email, they actually see the email as theirs.

39
00:01:48,560 --> 00:01:51,880
It’s not your emails, you have the right to read emails,

40
00:01:51,920 --> 00:01:54,080
you have the right to copy the emails,

41
00:01:54,120 --> 00:01:57,400
but the emails are actually not yours, it’s theirs.

42
00:01:57,440 --> 00:02:00,120
So, trying to control,

43
00:02:01,600 --> 00:02:03,920
to keep the emails private, is actually

44
00:02:03,960 --> 00:02:06,440
kind of impossible because they’re not yours anymore.

45
00:02:06,480 --> 00:02:09,920
The same thing goes for most online sites,

46
00:02:11,000 --> 00:02:13,960
Google Docs is a good example, FaceBook, Flickr,

47
00:02:14,000 --> 00:02:15,320
every one of those sites,

48
00:02:15,360 --> 00:02:17,720
or most of those sites, have

49
00:02:17,760 --> 00:02:18,840
a rule that says

50
00:02:18,880 --> 00:02:20,920
“You give information to us,

51
00:02:20,960 --> 00:02:25,600
and you get some free doodads, some free web things.”

52
00:02:26,200 --> 00:02:28,000
Beware of the cloud!

53
00:02:35,320 --> 00:02:37,120
So, what other ways can you

54
00:02:37,160 --> 00:02:40,800
get control away? Well, it can be taken away, of course.

55
00:02:40,840 --> 00:02:46,040
And of course the way we think about it, we can think about either, you know, thieves in the dark,

56
00:02:46,080 --> 00:02:48,320
you know, airports and laptops and all that.

57
00:02:49,200 --> 00:02:51,440
And we have also

58
00:02:51,480 --> 00:02:53,960
industrial espionage or, you know…

59
00:02:54,600 --> 00:03:02,280
I’ve actually heard a few times about a university losing information because people actually go in and steal briefcases and stuff like that from researchers

60
00:03:02,760 --> 00:03:04,880
You know, my own university in a

61
00:03:04,920 --> 00:03:05,960
small

62
00:03:06,000 --> 00:03:07,920
town called Ronneby,

63
00:03:07,960 --> 00:03:11,160
have actually people from another country

64
00:03:11,200 --> 00:03:14,640
actually spying on researchers there.

65
00:03:14,680 --> 00:03:19,200
It’s not that common, but it’s not that uncommon either.

66
00:03:20,480 --> 00:03:25,200
And of course you have this nice thing called “shared space”, you know,

67
00:03:25,240 --> 00:03:28,200
in a data center, university computer lab,

68
00:03:28,240 --> 00:03:32,040
or when you actually, you know, buy or rent a VM computer somewhere.

69
00:03:32,080 --> 00:03:34,320
From your hosting provider or similar.

70
00:03:35,360 --> 00:03:43,440
A common expression is, or people say that “Oh, my hosting provider is completely utterly secure, because they’re in a nuclear bunker” (or

71
00:03:43,480 --> 00:03:48,520
a room in a mountain or…) “and they’re completely secure from all kinds of penetration and espionage!” and

72
00:03:48,560 --> 00:03:49,520
all that stuff.

73
00:03:49,560 --> 00:03:51,000
So where’s the mouse?

74
00:03:52,440 --> 00:03:54,080
There’s a small movie here,

75
00:03:54,120 --> 00:03:56,000
relevant to this discussion.

76
00:04:02,760 --> 00:04:03,720
So yeah,

77
00:04:03,760 --> 00:04:06,600
if you share a space,

78
00:04:06,640 --> 00:04:10,160
the shared space will, can be seen as one entity.

79
00:04:10,200 --> 00:04:15,000
And if anyone can see something as “Oh, it’s this group of people.”,

80
00:04:15,040 --> 00:04:16,400
then you actually,

81
00:04:16,440 --> 00:04:17,080
you know,

82
00:04:17,120 --> 00:04:19,040
you don’t have any rights beyond

83
00:04:19,080 --> 00:04:22,000
what they think is “the group”, OK. It could be

84
00:04:22,040 --> 00:04:24,520
a data center, it could be a house,

85
00:04:24,560 --> 00:04:26,160
it could be an apartment

86
00:04:26,200 --> 00:04:29,640
— it all depends on who is looking and who is saying what.

87
00:04:31,520 --> 00:04:32,080
So,

88
00:04:32,120 --> 00:04:34,280
what is the common answer when not encrypting?

89
00:04:34,320 --> 00:04:34,880
OK,

90
00:04:34,920 --> 00:04:35,640
one

91
00:04:35,680 --> 00:04:38,280
very common answer that I see online and

92
00:04:38,320 --> 00:04:40,800
on surveys done on this subject is,

93
00:04:40,840 --> 00:04:41,560
they say

94
00:04:41,600 --> 00:04:45,760
“But my computer will be slow! Doesn’t encryption with all those

95
00:04:45,800 --> 00:04:48,360
math and these bits going

96
00:04:48,400 --> 00:04:49,600
from one side to another –

97
00:04:49,640 --> 00:04:52,000
doesn’t that slow down everything?”.

98
00:04:52,040 --> 00:04:55,000
And the real answer is “Not really.”.

99
00:04:55,040 --> 00:04:56,160
And

100
00:04:56,200 --> 00:05:00,760
if you need to move, like, I don’t know, 100 Megabytes per second

101
00:05:00,800 --> 00:05:02,160
to the server

102
00:05:02,200 --> 00:05:08,520
regularly, like every day, and have web servers depending on what those 100 Megabytes writing all the time,

103
00:05:08,560 --> 00:05:11,800
yeah, you might get a bit slower computer.

104
00:05:12,360 --> 00:05:13,720
That’s not really common.

105
00:05:13,760 --> 00:05:17,280
Maybe movie makers need to do that, but they don’t have web

106
00:05:17,320 --> 00:05:20,840
tools that need to access that quickly, so I don’t really know.

107
00:05:20,880 --> 00:05:22,200
It’s…

108
00:05:22,240 --> 00:05:23,320
The big

109
00:05:23,360 --> 00:05:24,040
thing

110
00:05:24,080 --> 00:05:28,760
in performance is CPU, and CPU don’t have to be a big issue nowadays.

111
00:05:29,080 --> 00:05:31,440
If you have really slow CPU

112
00:05:31,480 --> 00:05:33,400
and that is your biggest problem,

113
00:05:33,440 --> 00:05:34,080
OK,

114
00:05:34,120 --> 00:05:35,680
encryption won’t help it,

115
00:05:35,720 --> 00:05:38,480
but if you buy a, if you have a new computer or,

116
00:05:38,520 --> 00:05:41,880
you know, CPU is not the biggest problem in the world,

117
00:05:41,920 --> 00:05:44,400
this is not going to slow it down.

118
00:05:45,000 --> 00:05:47,640
So, is it hard to install?

119
00:05:48,680 --> 00:05:49,960
One step.

120
00:05:50,440 --> 00:05:51,400
And that’s it!

121
00:05:51,440 --> 00:05:55,640
That is the base install. OK, this is a simple version, but

122
00:05:55,680 --> 00:05:58,440
it doesn’t need to get much harder than this.

123
00:05:59,800 --> 00:06:00,880
So, passwords.

124
00:06:00,920 --> 00:06:04,760
Aren’t they a little bit boring? “I don’t like to type in my password too often!”

125
00:06:04,800 --> 00:06:07,040
Well, are you doing it once already?

126
00:06:07,080 --> 00:06:10,520
Like, you know, logging in to my computer already?

127
00:06:10,560 --> 00:06:14,240
Then you can just replace that step with encryption,

128
00:06:14,280 --> 00:06:20,240
so you get the same thing, you need to log in, you need to type in the password to log in, and it works the same way as,

129
00:06:20,280 --> 00:06:22,680
you know, Windows login or whatever you use.

130
00:06:23,320 --> 00:06:26,600
Servers have long been a problem because you want to reboot them,

131
00:06:26,640 --> 00:06:33,000
and then you don’t have to go in and climb into the server room which might be cold or might not have all the keyboards plugged in.

132
00:06:33,800 --> 00:06:39,840
And typing in all those passwords on all the servers is not fun, after a power outage or something similar.

133
00:06:40,440 --> 00:06:43,160
That is actually why we started this project.

134
00:06:44,160 --> 00:06:45,040
So.

135
00:06:49,400 --> 00:06:50,720
Just a quick notice:

136
00:06:50,760 --> 00:06:52,880
If you have a web

137
00:06:52,920 --> 00:06:54,920
or mail server in your home

138
00:06:54,960 --> 00:06:56,920
I actually think you should encrypt it.

139
00:06:56,960 --> 00:07:03,200
It should never be unencrypted, because you are actually responsible for your users, even if you’re just yourself or if you’re responsible…

140
00:07:03,240 --> 00:07:03,840
Yeah,

141
00:07:03,880 --> 00:07:05,480
well, if it’s only yourself, then you should

142
00:07:05,520 --> 00:07:08,720
actually think about your own privacy a little bit, but otherwise

143
00:07:08,760 --> 00:07:10,800
you should always try to protect your users.

144
00:07:11,960 --> 00:07:16,680
That is, you’re not responsible for what they do, but you are responsible for keeping their data safe,

145
00:07:16,720 --> 00:07:18,760
because you’ve taken on that responsibility.

146
00:07:19,240 --> 00:07:22,880
And if somebody takes your server, for whatever reason,

147
00:07:22,920 --> 00:07:25,000
you should be able to confidently say that

148
00:07:25,040 --> 00:07:27,920
your users’ data has not been compromisd.

149
00:07:27,960 --> 00:07:29,760
You owe it to them.