Free Online Privacy Training 101
  • Online Privacy Training
  • About this online privacy training course
  • Contents
  • Introduction
    • Disclaimer
  • Modules
    • 1. Online Privacy: an introduction
      • Lesson 1: Understanding the Digital Landscape
      • Lesson 2: Privacy Policies & User Agreements
    • 2. Privacy Basics and Background
      • Lesson 1: The Public You vs. The Private You
      • Lesson 2: Dissecting Your Digital Footprint: Data and Metadata
      • Lesson 3: Tracking (Cookies, Link Tracking and Data Aggregation)
        • Part 1: Cookies
        • Part 2: Link Tracking
        • Part 3: Data Aggregation
      • Lesson 4: Proprietary vs. Open Source
    • 3. Privacy Architecture
      • Lesson 1: Privacy Architecture
      • Lesson 2: Operating System Layer
      • Lesson 3: Networking Layer
      • Lesson 4: Application Layer and Above
      • Privacy Architecture Summary
    • 4. Private Messaging with Signal Messenger
    • 5. Private Browsing
    • 6. Data Encryption, User Name and Password Management
      • Lesson 1: User Name and Password Best Practices
      • Lesson 2: USB Disk Encryption
      • Lesson 3: Password Management with KeePassX
    • 7. Virtual Private Networks (VPNs)
    • 8. Private Email
    • Summary
Powered by GitBook
On this page

Was this helpful?

  1. Modules
  2. 3. Privacy Architecture

Privacy Architecture Summary

Summary of privacy architecture information, personal data threats, limitations to online privacy.

PreviousLesson 4: Application Layer and AboveNext4. Private Messaging with Signal Messenger

Last updated 6 years ago

Was this helpful?

A cautionary note: Even when running open source applications at the upper layers (software), the underlying technology (hardware) may have various vulnerable elements.

An example of this is if you are running all open-source software and an open-source operating system on a machine built on top of an Intel processor, a a hacker or government agency could exploit a vulnerability at the Underlying Technology Layer to take control of or monitor all of your activities at the Application Layer through what is known as a zero day exploit.

A “zero day” vulnerability is a security flaw or back door to a piece of software or hardware that may be exploited by a bad actor. The name points to urgency: developers have “zero days” to fix the problem once it is discovered. An example of two such vulnerabilities, the Meltdown and Spectre exploits that affected all Intel and AMD microprocessor chipsets, was announced publicly in January 2018. “Project Zero”, a team of security analysts employed by Google to find zero-day vulnerabilities, published a blog post on these exploits which you can read in the links below.

In 2017, was responsible for releasing a huge vault of information on the capabilities of the US government to exploit vulnerabilities within virtually every software application and smart device on the planet.

See also .

Wikileaks
Reading Privileged Memory with a Side Channel