LFI.3 Week five discussion

  • How can we use threat modeling to advise people about the safety of online collaboration tools?
  • What threat models need alternative, more secure platforms?
  • How can we introduce alternative platforms to our communities?

How can we use threat modeling to advise people about the safety of online collaboration tools?

I think that there is a lot of education to be done around the first two questions in the EFF threat model, what do you want to protect and who do you want to protect it from. Most people, if they think about cybersecurity at all, assume that this is a problem meant for their IT departments to deal with. Now, with everyone adopting new technologies at a rapid clip, I would imagine most people don’t even know where to start. Between Zoom-bombing, information about people that is gleaned from backgrounds, choppy internet connections, attention monitoring devices, private messages becoming public, and so much more, people don’t know what they don’t know.

A great example of this is watching my husband attend Torah study through Zoom at his temple. He has walked several older people through how to set up the software, but you can see their discomfort and lack of knowledge about the platform every time they log in (sound issues, video concerns, looking for the chat, etc.). A lot of this stuff was moved so quickly that people were never educated how to use it basically so more esoteric concerns have not reached the level of consciousness.

What threat models need alternative, more secure platforms?

Education. Health. Finance. Anything where data is already protected on federal or state levels where those protections need to be extended into the new environment.

How can we introduce alternative platforms to our communities?

I think that alternative platforms are done for this quarantine (at least in the business environment). Everyone has their platform of choice (typically Hangouts, Zoom, or Teams), and they’re unlikely to move off of the platform since they don’t have the time, infrastructure, or mental capacity to take something new on. However, implementing better options is absolutely part of the recovery part of this disaster, and they can and should be implemented into future disaster response plans.

Sharing with the broader community, I believe the best way to go is personal contact. There is so much misinformation out there right now, that blasting to a general audience is just one more shout in the noise. But sharing concerns, better alternatives, processes, and advice to our colleagues and community members that we already have personal connections and trust with is a way to make a measurable change in our communities.

1 Like

[quote=“alison, post:1, topic:584, full:true”]

  • How can we use threat modeling to advise people about the safety of online collaboration tools?

Threat modeling assessments are a great way to advise people about the safety of online collaboration. What do you want to protect? Who do you want to protect if from? In most instances the public discourse around this in the last few weeks has centered students in an online learning environment. Administrators and teachers are examining these questions in regard to what is at stake for them and their students. As libraries we will want to have the same considerations for our patrons - the unveiling of the problems surrounding Zoom offer everyone a list of questions to answer when looking at any of the video conferencing sites.

  • What threat models need alternative, more secure platforms?

So much of our life is online - if platforms are secretly gathering data from other sites while a person is logged on then I see that all threat models need more secure platforms -

  • How can we introduce alternative platforms to our communities?

Introducing alternative platforms to our communities can follow some of the same ways we reach our communities - by talking to them. Although we are kept from doing that in person at the moment, we still have channels and outlets - I see it as a matter of putting together a training - maybe as a blog post on websites or an actual video training posted online -

1 Like

Not to mention the stress of living under corona! If we are going to reach people, we have to make the info readily available to them and simple to implement, otherwise it’s not gonna happen.

Great example. And that’s a threat model that needs particular consideration! Jewish communities will be prime targets for right wing threats.

Definitely, we need to be thinking about the future after this.

Totally agree. It’s harder, no question, and takes more time. But it’s the only way to have meaningful influence. Now, how do we maintain those personal connections with our patrons when we can’t see them in person?

You’re so right that there hasn’t really been something for a more general audience, or for other threat models besides students.

Yes and I think we’ll have to try a bunch of different outlets to see what actually sticks. That’s what I hope we can work on in our dissemination plans.

  • How can we use threat modeling to advise people about the safety of online collaboration tools?
    Following this week’s discussion, I actually wrote a blog post for my library regarding protecting one’s privacy online with the newly popular tools that so many have to use now as we work and learn from home. Without using the phrase “threat modeling,” which can seem very aggressive and fear-mongering to some patrons who are already intimidated by computers, I explained how important it was to know what the tools, apps, etc. that we use are collecting and how that might impact our lives. Then, leave it up to them, just as the last consideration of threat modeling suggests: if this worth some sort of change in behavior on your part?

  • What threat models need alternative, more secure platforms?
    Talking with Lindsay Oliver really opened my eyes regarding online education or distance learning tools. Previously, I had mostly heard about issues regarding the digital divide, and I wasn’t super familiar with surveillance risks. As someone who has used Canvas and Moodle in higher education, it makes me wonder what kind of data my schools collected about me. At least I wasn’t a minor at the time I was using these tools! We need to make sure that our kids are protected from data mining, especially those who are particularly at-risk such as LGBT+ kids and those might be undocumented or have family who are undocumented, and librarians can and should create a resource that provides this information WITHOUT the tech jargon.

  • How can we introduce alternative platforms to our communities?
    One option could be a comparison chart that is easy to read and understand. For example, collect the most popular videoconferencing software and have a section that says “End-to-end encrypted?” then have the checks or x’s based on whether the software has that kind of privacy safeguard in place. I don’t think we as librarians should ever shame people for the platforms they use, and I appreciated the way Mallory Hanora talked about doing things DIFFERENTLY rather than doing things BETTER. Having an easy to read guide like this would allow us to share this information in an unbiased way (we are only sharing the facts after all) and allow our patrons to consider the pros and cons based on their personal threat models. It being a chart, it would also be easy to update as companies (hopefully) get better.

1 Like

I’ve been thinking about these things on two very different levels:

  1. Library relationships with IT
  2. Threat modeling for people trying to organize in the midst of corona

Re: 1) I don’t know about y’all, but my experiences with our campus IT are middling at best. During this crisis and the lead up to us getting off campus, IT was pushing hard for the use of Zoom which they’d just sunk a bunch of money into, but they offered zero training or guidance as they didn’t know how to use it themselves. I stepped in to help train people, even though I am far from being an expert; I figured me bumbling around and encouraging people to learn together was better than them being totally left to their own devices.

In my experience in academic libraries and less so in publics, IT often wants a lot of control over things and gets extremely pissy when you ask them to consider going any kind of extra mile, not only for security and privacy but for instruction as well. This has led to some really puzzling and unfortunate situations at Olin, like we have a Canvas account but it’s the free version which is apparently not FERPA compliant and no one in IT knows how to use it. As a result, no two classes at Olin have the same course page/online presence. Most instructors use personal or Google sites or handspun things on the school’s web server. There’s a lot of accessibility issues and syllabus inconsistency as a result.

I’m bringing this up because I’m guessing other folks in the cohort are navigating similar problems, and it factors into an approach for adopting tools if IT is hesitant or standing in the way. I’ve had some success in the past with showing IT that while we may need their help with implementation, there will be a time when the new thing is handed off to the library and isn’t creating more work for them. IT departments also forget that what we’re trying to do is coming from a customer service angle, and we’re more focused on the end goal than the process. Trying your best to understand the process and giving them a sense of the time commitment can be helpful, generally the more specific the better.

I’d love to know others’ thoughts about and experiences with successfully (or unsuccessfully) navigating relationships with IT!

Re: 2) After our Close The Libraries/LFI solidarity call last night, I’ve been thinking a lot about how to threat model and recommend strategies for people who are attempting to do labor organizing of any type in the midst of quarantine. A bunch of concerns came up about how to contact people via personal email addresses vs work ones, and how to get people together when physical meetups aren’t possible.

It seems to me that the work email could still be a starting place to contact people and grab their personal address if it’s done vaguely and strategically enough. I also liked one of the presenters’ ideas about starting a Google doc or Cryptpad and having folks pass it around to fill out collaboratively. I’d recommend organizers tell the people they’re reaching out to to permanently delete whatever messages are sent, no matter how vague or euphemistic. From both a privacy and functionality standpoint (I think it’s much easier to organize with a real-time messaging service), switching to a Signal thread instead of email seems like a good idea, too.

I run the New England Radical Reference Collective calls on Zoom right now and I use the waiting room and password features; I also ask people who have no display name or just a phone number shown to tell the group who they are. This can be a little awkward but I do feel it’s necessary, and members of the group feel more at ease knowing who’s who and that someone we don’t want to be listening in hasn’t shown up. I also only send the meeting info out via the Rad Ref email list, the Rad Ref Slack, and a couple of Mass Library Association email lists for committees I work with.

To conclude this little ramble, Slack is an interesting choice for organizing that I’d love to better understand the security & privacy implications of (does anyone out there know?). I manually invited people to the channel upon request, but I don’t personally know who all of these people are. So I hope it’s a safe space, but so far it’s been about a dozen highly active members communicating and another 50 or so who haven’t really gotten engaged.

2 Likes

Sorry, I know this not answering the specific questions, but it’s related and has been on my mind all week. I taught my first synchronous online information literacy session this week and it was a lesson in how most people’s threat models have not changed with the move to a totally different classroom paradigm (likely because their whole lives have been turned upside down and that’s not as high on their list of concerns as, like, survival). Normally, when I teach in-person, some students may volunteer personal information to me, but, in this case, I got a whole window into these students’ lives because they had their cameras on, their mics unmuted, and I could hear and see everything going on around them. I got to listen to a man yell at his female partner (who is in the class) about not wanting to have to listen to the session. I got to listen to a mom in the class discipline her whining child. I saw that one student lived in a really fancy-looking house (we have a high % of students living in poverty at our college). All that in the two minutes before I got host control and muted everyone. It all felt really intimate and really weird in a “classroom setting.”

Moving classes online is bigger than just using different technologies; it brings the public classroom into our private spaces. It made me think about power dynamics of the classroom and how weird that is to have that suddenly in your home when you probably haven’t had time to consider the ramifications. I got my MLIS online and I taught online for San Jose State University for a decade, but it was so different because these were students who chose online learning vs. students who are now forced into it and may never have thought about the logistics. Maybe I’m more private than most, but I know I would never have wanted my instructors to know intimate details about my personal life. And I really haven’t seen my college or others addressing that change and explaining to students how they can protect themselves if they want to. Even under the best circumstances, which this certainly isn’t, privacy almost never comes up in online learning’s trainings about the use of instructional technologies at my college.

My college has instituted new precautions with our institutional Zoom subscription (requiring a password by default, etc.), but it’s mainly in light of the Zoom bombing issue. They’re not offering advice to faculty on what is and isn’t reasonable to expect from students in this new paradigm. And on our faculty listserv, faculty have complained about students not turning on their webcams, as if their comfort trumps students’ privacy.

I really want to create some guidance and curated resources for faculty and students around privacy, surveillance, and trust in online learning (omg, why do some people treat all of their students like cheaters?!?!?), but, like everyone else, I’m scrambling to support the classes I’m working with. I just wish I had been able to communicate with that class prior to the session so I could caution them about how to protect their privacy in Zoom if they didn’t want their private lives viewed by the whole class. I love @alexandra.bernson’s suggestion of a chart for of each option of a certain type of instructional technology (web conferencing being the big need now) with the affordances and limitations of each clearly spelled out. Maybe that even already exists and it just needs to be promoted. It’s really hard even for privacy-focused librarians to figure out which technology both meets specific needs and protects privacy, so an instructor who is totally new to online teaching certainly isn’t going to have the bandwidth to do due diligence.

It’s all just so much right now, for everyone… for all of us, isn’t it?

How can we use threat modeling to advise people about the safety of online collaboration tools?
What threat models need alternative, more secure platforms?
How can we introduce alternative platforms to our communities?

I’ve been thinking a lot about what @meredithf brought up as well. All of the information students are giving away with not having a Zoom background turned on. Everyone is home and having to login from personal spaces that they never expected to have to share with their classmates. I think instructors should be more sensitive to that. I’ve talked with a friend who teaches middle school (ages 11-14ish) who is using Zoom to have classes now. She has experienced students who do not turn on video because they are low income and don’t want to share their homes with classmates who have nicer houses. Maybe a solution would be to create a guide that lists all the information you can gain from seeing someone’s background in their home/bedroom. So when instructors ask students to turn on video they would be more aware of all the information being shared.

Laura, I think something like that could be really helpful. If your threat model just says “someone might see what your home looks like!” a lot of people are going to shrug and completely fail to understand why that could be important to someone.

1 Like

I would love to see your post!

Totally agree with this. Sometimes I call it a “risk assessment”, sometimes I don’t call it anything, I just use the framework.

Very common experience. When we hear from Becky Yoose in a few weeks, she’s going to talk about working with IT and the various issues that might come up. Would love to hear what’s worked for people here too.

I would love to see you and/or others work on this as part of the final project!

I think this is a pretty useful summary of the issues with Slack: https://threatpost.com/beyond-zoom-safe-slack-collaboration-apps/154446/

Think of them as suggestions!

It’s not that their threat models haven’t changed, it’s that they don’t think they’ve changed and as you said, have higher priorities. So what do we do about that? It seems to me like setting good privacy defaults on the instruction side is a big part of it. Another part of it is addressing the problem meaningfully. I bet you anything that most of those people who were inadvertently revealing private things would actually change their behavior if they had noticed what was happening, but as you said, they had other things on their minds. Even taking a few minutes at the beginning of the class to address some privacy stuff like muting and using the virtual backgrounds.

Absolutely, so let’s remember that even small steps are significant.

I’m really into all these ideas about creating some kind of a guide for better online learning environment privacy. Maybe two columns, like, here’s the privacy violation you didn’t necessarily think about, here’s the solution or something close to a solution.

That’s great. I’m currently working on a blog post about email security because many of our patrons are asking new questions to our IT and Reference staff in the past few weeks. I’m trying to frame it more as “spring cleaning online security” and sharing sources like monitor.firefox.com and haveibeenpwned.com.

Would you mind sharing a link to your work?

It hasn’t been published yet! I’ll post a link once it is :slight_smile:

2 Likes
  • How can we use threat modeling to advise people about the safety of online collaboration tools?

I think we can help people be brave as they take on online platforms for new work, learning, and social activities in this strange time by talking about the worst case scenarios and then unpacking how to mitigate them. Then we could address the best case scenarios and remind them how these goals are achieved with best practices.

  • What threat models need alternative, more secure platforms?

Social media use and newly connected home devices to work. Seeing lots of jobs asking employees to use their personal social media account for virtual programming and posting and expecting staff to use home internet, home computer and personal phone for labor. The perspective of conversation talking about home VPN use and understanding the need to create a social media account for work or at least a walk thru on privacy settings has changed again.

  • How can we introduce alternative platforms to our communities?

Connecting with community stakeholders like mayors, local team sports players, school superintendents to talk about them and working together to share their value with our connected, broader audience on social media, websites, etc.

1 Like