class: title # Threats ## to the # Web ### 2017 --- class: dark background-image: url(img/someone-is-watching-you.jpg) # Privacy & Security .img-attribution[ "[Someone is Watching You](https://www.flickr.com/photos/dayglowill/2296379187/)" by [Will](https://www.flickr.com/photos/dayglowill/) is licensed under [CC BY-NC](https://creativecommons.org/licenses/by-nc/2.0/) ] ??? - Specifically: - Pervasive monitoring - Targeted attack - Hope: - [DNSSec](http://www.dnssec.net/) - [Let's Encrypt](https://letsencrypt.org/) - [HTTPS Everywhere](https://www.eff.org/https-everywhere) - See also - IETF [RFC 7258 - Pervasive Monitoring Is an Attack](https://tools.ietf.org/html/rfc7258) (May 2014) - [Chrome, Firefox start warning users when websites use insecure HTTP logins](http://www.pcworld.com/article/3161778/software/chrome-firefox-start-warning-users-when-websites-use-insecure-http-logins.html) (17.01.26) --- class: dark background-image: url(img/lock.jpg) # DRM .img-attribution[ "[Lock](https://www.flickr.com/photos/ekinarabaci/3476631499/)" by [Ekin Arabacioglu](https://www.flickr.com/photos/ekinarabaci/) is licensed under [CC BY-NC-ND 2.0](https://creativecommons.org/licenses/by-nc-nd/2.0/) ] --- class: dark background-image: url(img/bike-one.jpg) # Centralization .img-attribution[ "[Bike One](https://www.flickr.com/photos/29233640@N07/8701161794/) by [Robert Couse-Baker](https://www.flickr.com/photos/29233640@N07/) is licensed under [CC BY 2.0](https://creativecommons.org/licenses/by/2.0/) ] --- class: dark background-image: url(img/the-javascript-code.jpg) # JavaScript .img-attribution[ "[The JavaScript Code](https://www.flickr.com/photos/dmitry-baranovskiy/2378867408/)" by [Dmitry Baranovskiy](https://www.flickr.com/photos/dmitry-baranovskiy/) is licensed under [CC BY 2.0](https://creativecommons.org/licenses/by/2.0/) ] ??? - Specifically - Software freedom - Accessibility - Hope - [Free Software Foundation's "Free JavaScript" campaign](https://fsf.org/campaigns/freejs) - Trends towards development of [isomorphic web applications](http://isomorphic.net/) --- class: dark background-image: url(img/chicane.jpg) # Net Neutrality .img-attribution[ "[Chicane](https://www.flickr.com/photos/andrewgustar/11776844305/)" by [Andrew Gustar](https://www.flickr.com/photos/andrewgustar/) is licensed under [CC BY-ND 2.0](https://creativecommons.org/licenses/by-nd/2.0/) ] ??? **zero-rating** - the practice of ISPs and mobile providers choosing not to count certain content toward users’ data limits, often in exchange for capping the speeds at which customers can access that content. - T-Mobile BingeOn - Facebook Zero > Today, the Wireless Telecommunications Bureau is closing its investigation > into wireless carriers’ free-data offerings. These free-data plans have proven > to be popular among consumers, particularly low-income Americans, and have > enhanced competition in the wireless marketplace. Going forward, the Federal > Communications Commission will not focus on denying Americans free data. > Instead, we will concentrate on expanding broadband deployment and encouraging > innovative service offerings. - Ajit Pai, chairman US FCC, February 3, 2017 Related: Google AMP, Facebook Instant --- class: dark background-image: url(img/zakim.jpg) # Infrastructure Funding .img-attribution[ "[632p](https://www.flickr.com/photos/soniakiss/2704264006/)" by [Sonia Keys](https://www.flickr.com/photos/soniakiss/) is licensed under [CC BY-NC-ND 2.0](https://creativecommons.org/licenses/by-nc-nd/2.0/) ] ??? OpenSSL > There was enough to pay the salary of one developer, Stephen Henson. That > meant that two-thirds of the Web relied on encryption software maintained by > just one full-time employee. --- class: dark background-image: url(img/in-the-shadows.jpg) # The Shadow DOM .img-attribution[ "[In the Shadows](https://www.flickr.com/photos/idarrenj/10331520606/)" by [Darren Johnson](https://www.flickr.com/photos/idarrenj/) is licensed under [CC BY-NC-ND 2.0](https://creativecommons.org/licenses/by-nc-nd/2.0/) ] --- class: title # Threats ## to the # Web .link[ http://gul.ly/c1097 ] ### 2017 --- # References - Privacy & Security - [DNSSec](http://www.dnssec.net/) - [Let's Encrypt](https://letsencrypt.org/) - [HTTPS Everywhere](https://www.eff.org/https-everywhere) - IETF [RFC 7258 - Pervasive Monitoring Is an Attack](https://tools.ietf.org/html/rfc7258) (May 2014) - Peter Linss, [Securing the Web](https://www.w3.org/blog/TAG/2015/01/23/securing-the-web/), W3C TAG blog, 15.01.23 - Ian Paul, [Chrome, Firefox start warning users when websites use insecure HTTP logins](http://www.pcworld.com/article/3161778/software/chrome-firefox-start-warning-users-when-websites-use-insecure-http-logins.html), pcworld.com, (17.01.26) - Centralization - [InterPlanetary File System](https://ipfs.io/) - JavaScript - [Free Software Foundation's "Free JavaScript" campaign](https://fsf.org/campaigns/freejs) - [isomorphic web applications](http://isomorphic.net/) - Net Neutrality - Elliot Harmon, [FCC Abandons Zero-Rating Investigation and Moves Backward on Net Neutrality](https://www.eff.org/deeplinks/2017/02/fcc-abandons-zero-rating-investigation-and-moves-backward-net-neutrality), eff.org (17.02.09) - Infrastructure Funding - Nadia Eghbal, [Roads and Bridges: The Unseen Labor Behind Our Digital Infrastructure](http://www.fordfoundation.org/library/reports-and-studies/roads-and-bridges-the-unseen-labor-behind-our-digital-infrastructure/), fordfoundation.org (16.07.14)