younited

Would you trust Finland?

younitedI’m proud to tell you about younited, F-secure’s brand new personal cloud service. Actually so new that it isn’t open for the public yet. But you can sign up to be a tester at younited.com. We will start to send invitations to registered users in November, and the service is scheduled to open to the public in early 2014.

Why younited? It is our vision about how cloud storage can be made engaging, fun and safe. It’s a supercloud that collects data from your other cloud services and helps you manage it in one place. It’s also built for privacy from the ground up. The second argument is certainly a hot topic right now so it’s only natural that younited has gained a lot of attention.

Larry Seltzer of ZDNet joined the party with a slightly critical article. He is asking why anyone should trust Finland and why we should care about the privacy of our cloud storage in the first place. The first question is excellent. Users should definitively care about where their data is stored. That’s why we created younited here in Finland as an alternative to the American services. Let’s clear out Larry’s doubts and see why Finland is an excellent home for your data:

  • Finland’s constitution has a significantly stronger protection of individuals’ privacy than what US has.
  • Finland does not have a clear distinction between own citizens and foreigners in privacy issues like the US has. Your data on younited is protected as well as mine.
  • Finland is consistently rated at the top of international surveys on transparency, lack of corruption, education and innovation, just to name a few.
  • Finland is not panicking about terrorism. This means that we have no need to reduce peoples’ fundamental rights to ensure our security.
  • Finland’s signal intelligence capabilities are minimal compared to US.
  • Finland is not perfect when it comes to transparency and control of the authorities, but the problems we have are really minimal compared to US.
  • Finland does not have a massive system for silencing persons who are forced to assist authorities. There are no National Security Letters over here.

Yes, the unknown is scary. And Finland is unknown to most people. But I can assure you that Finland really is among the best places on earth if you are looking for a safe haven for your personal data.

So a non-US service should be the primary choice if you are outside US and even a little bit privacy aware. And that’s after all most of the world’s population, about 96% are living elsewhere. But what if you are American, like Larry? Is it still a good idea to go off-shore?

Most of the cloud storage service are located in US and you may prefer domestic services. That’s the easy choice. But services overseas can really provide a significant benefit privacy-wise. First remember the four-hop principle. You think you have decent privacy protection as an US citizen, but are you sure that no friend-of-friend-of-friend-of-a-friend is suspected for some obscure reason? That would put you in the same boat as all us aliens. And the US authorities are not exactly open about what they are doing. This is what they have been forced to admit, it’s certainly not the full picture. Also keep in mind that your data is most vulnerable when stored. NSA can still attempt to snoop at your encrypted data connection to younited before it exits US, but that’s quite futile (see note below). And it’s finally game over once your data is on our disks here in Finland under a layer of AES-encryption. So an overseas service eliminates the by far easiest attack point.

You have nothing to hide? Yes, we hear that argument frequently. And it is of course good to be a decent citizen with no secrets. But are you really sure? First, no one can remember all documents and mails they have received and sent. I bet most people have items they rather not share with strangers, even if they can’t remember them right away. Second, we are changing and the world is changing around us. How can you tell that everything you do today is still in line with your profession, role and personality after 20 years? Is what you do today OK by our society’s standards at that time? No, nobody can of course be sure about that. So why take risks when there are easy ways to reduce our digital footprint?

Larry is also pointing out that we have the right to protect our data, but not necessary the need to do it. True. But if you don’t use that right, you are signaling that it isn’t important and can be taken away. And there are plenty of powers that would love to take it. In other words, it’s a lot easier to ban crypto and other privacy measures if they are used by criminals only. Let’s not contribute to a world without the right to use privacy protection.

So why not follow Larry Seltzer’s example and sign up for younited right away. Do you fall in love with the service of its level of safety and privacy, or for the engaging and fun user experience? Or both?

Safe surfing,
Micke

Note about encryption of data in transfer. There’s constant speculation about if NSA can break the SSL/TLS encryption that is used for this kind of connections. There are indications that they have succeeded in some cases, but this typically involve outdated implementations, software modules that have been weakened on purpose or keys that have been shared with NSA by the service owner. NSA’s ability to break full-strength SSL/TLS is speculative, and any such attack would, if possible, require so much resources that only a small number of targets could be followed. Summary: Ordinary people can consider the encrypted link to younited as perfectly safe.

More posts from this topic

Mikko Hypponen What Twitter knows

5 things Twitter knows about you

At Re:publica 2015, our Chief Research Officer Mikko Hypponen told the main stage crowd that the world's top scientists are now focused on the delivery of ads. "I think this is sad," he said. [youtube https://www.youtube.com/watch?v=pbF0sVdOjRw?rel=0&start=762&end=&autoplay=0] To give the audience a sense of how much Twitter knows about its users, he showed them the remarkable targeting the microblogging service offers its advertisers. If you use the site, you may be served promoted tweets based on the following: 1. What breakfast cereal you eat. 2. The alcohol you drink. 3. Your income. 4. If you suffer from allergies. 5. If you're expecting a child. And that's just the beginning. You can be targeted based not only on your recent device purchases but things you may be in the market for like, say, a new house or a new car. You can see all the targeting offered by logging into your Twitter, going to the top right corner of the interface, clicking on your icon and selecting "Twitter Ads". Can Twitter learn all this just based on your tweets and which accounts follow? No, Mikko said. "They buy this information from real world shops, from credit card companies, and from frequent buyer clubs." Twitter then connects this information to you based on... your phone number. And you've agreed to have this happen to you because you read and memorized the nearly 7,000 words in its Terms and Conditions. Because everyone reads the terms and conditions. Full disclosure: We do occasionally promote tweets on Twitter to promote or digital freedom message and tools like Freedome that block ad trackers. It's an effective tool and we find the irony rich. Part of our mission is to make it clear that there's no such thing as "free" on the internet. If you aren't paying a price, you are the product. Aral Balkan compares social networks to a creepy uncle" that pays the bills by listening to as many of your conversations as they can then selling what they've heard to its actual customers. And with the world's top minds dedicated to monetizing your attention, we just think you should be as aware of advertisers as they are as of you. Most of the top URLs in the world are actually trackers that you never access directly. To get a sense of what advertisers learn every time you click check out our new Privacy Checker. Cheers, Jason

May 15, 2015
BY 
Internet Communication

What Clicking Tells Online Trackers

The Internet is first and foremost a communication medium. Every link that people click, every character they enter, and every video they watch involves an exchange of information. And it’s not just a two-way conversation between a person and their computer, or a person and someone they’re chatting with. There’s more people than listening in, and because computers use languages that people don’t necessarily understand, it’s logical to infer that many people may not be fully aware of what they’re actually saying. F-Secure launched a new Privacy Checker to help pull back the magic curtain that hides online tracking. A lot of online tracking is about employing passive data collection techniques – techniques that allow observers to monitor behavior without having any direct interaction with the people they're observing. Such passive data collection techniques are pervasive online, and websites are often designed to facilitate this kind of tracking. The prevalence of these technologies lends credence to the idea that control is becoming ubiquitous online, and represents a substantial threat to digital freedom. Do you ever read “top 10” articles or other types of lists on websites that require you to “turn pages” by clicking a button? Clicking those buttons lets online trackers know how far you go in the article before you stop reading (not something that can be done reliably when content is on a single page). That’s how passive data collection works. The Privacy Checker works by checking the information stored in web browsers, and then generates a report about what it’s learned. It can usually deduce where you’re located, what language you speak, whether or not you were directed to the checker from Google or another website, what device and operating system you’re using, and whether or not you allow your browser to use tracking cookies. If you think about this as a communicative event – an interaction in which information is exchanged – simply clicking a button has told the Privacy Checker all of this information. So if you were to breakdown the result from a check I ran as an interaction, you could say I told the Privacy Checker the following: “I am in Helsinki, Finland”. “I speak English”. “I use Google.fi to find things online”. “I use a mobile device with Android 4.4.2”. “I allow my browser to accept cookies”. The Privacy Checker responded by explaining what I told it when I pushed the “Check Now” button. The Privacy Checker also provided me with some information on how companies use the things I tell them to make money. The Privacy Checker is probably the only online conversation partner that you’ll ever have that provides you with this transparency. Many people don’t know or aren’t interested in constantly sharing this information, and many websites are designed to help their administrators make money from this data. And this is a key threat to online privacy: more and more technologies are being developed to capture, store, and analyze your data without your knowledge. This blog post emphasizes the significance of the threat by pointing out that huge investments are being made in companies and technologies that monetize your data. The author even refers to it as information about "pseudo-private" behavior – a label that really underscores how much value some of these companies place on privacy. The Privacy Checker sheds some light on this to help people understand what they’re really saying when they click around the web. It’s free to use and available on F-Secure’s new Digital Privacy website, which contains more information about online privacy and the fight for digital freedom. [ Image by geralt | Pixabay ]

May 15, 2015
BY 
Freedome for Mac

Freedome Comes to Mac

F-Secure launched Freedome for Mac this week (click here to get a free trial) to help Mac users enjoy the private, premium web experience that’s already being enjoyed by over 2 million Android, iOS, and Windows PC users. Freedome is a user-friendly VPN that’s filled with features to help people enjoy themselves online, and it’s a great way for Mac users to start taking back control of their online privacy and digital freedom. Macs have a reputation for being more secure than Windows PCs, but as Micke recently posted out in a blog post, this is somewhat misleading. And this has important implications for online privacy – Macs are just as susceptible to online snooping as their PC counterparts. People have the same privacy needs, regardless of what devices or operating systems they use to help them access the Internet. So Freedome makes sense for Mac users. Its attractive one-button interface lets Mac users turn the app on and off with just a quick click, and offers them an easy way to do things like encrypt their communications, protect themselves from malicious websites, and select different virtual locations so they can bypass regional locks on web content. But Freedome is also a great way to get involved in the fight for digital freedom. People have become more aware of the ways their privacy is being violated when they do things like browse the web or go online shopping, but they don’t really know what to do about it. Using Freedome sends a message to criminals and companies that someone’s choice to use the Internet does not automatically mean they consent to having their private lives invaded or controlled by others. Freedome for Mac is now available for a free trial, and subscriptions can be purchased for a small fee. You can also get multi-device subscriptions that can be used to cover different combinations of your Mac, Windows PC, Android, iOS, and Amazon Fire devices.

May 7, 2015
BY