The joy of PETs: Guard dogs of the internet
Recipes, travel directions, theories of the universe — the Internet has them in abundance.
Privacy, however, is in short supply.
That problem has held Ian Goldberg’s interest for years. As a graduate student at the University of California, Berkeley in 1995 — his Bachelor of Mathematics degree still fresh from the University of Waterloo — Goldberg and fellow student David Wagner poked a hole in the web’s leading web browser at the time.
They cracked Netscape Navigator’s secure sockets layer (SSL), which kept uninvited eyes off information that needed secure handling. Now an associate professor and University Research Chair at Waterloo’s David R. Cheriton School of Computer Science, Goldberg reminds people that they leave crumb trails on the Internet in the form of credit card numbers, shopping habits, communication patterns, and personal interests, and gives them tools to help them shield their online activities.
“A lot people just don’t know how much information about themselves is available online,” Goldberg says. “Data brokers collect all kinds of information on you, and more and more companies are buying profiles from them.
“Just as a lot of companies do credit checks, they can do this as well,” says Goldberg, an Early Researcher Award recipient. Goldberg also received the 2011 Outstanding Young Computer Science Researcher Award from the Canadian Association for Computer Science, and the Pioneer Award from the Electronic Frontier Foundation.
We have the technology
The tools that help people protect their personal information online are called privacy enhancing technologies, or PETs. Goldberg and his research group work on open-source PETs to increase privacy in the digital world, such as:
- Telex, an anti-censorship program to get around Internet blockages imposed by restrictive governments;
- Off-The-Record Messaging, software that enables hundreds of thousands of people around the world to exchange instant messages securely and privately;
- Tor, a program that randomly zig-zags information through several places on the Internet between seeker and provider. At any one of those points of contact, says Goldberg, “nobody has enough information to know who you are and what you are doing.”
Score one for the good guys
Crooks already use malicious software — malware — to break into personal computers. They can steal information off these computers or use them to mask their own activities.
“The bad guys are already able to hide their actions by compromising other people's computers,” Goldberg says. “My goal is to give the good guys the tools to maintain their privacy when they go online.”
Open-sourcing means others can build on his work, and find parts that need improving. Goldberg isn’t bothered.
“That’s how science moves forward,” he says.