Power to the OpenSource

Speaker: Jean-Paul Sablerolle

Abstract

Privacy and anonymity are values ??that everyone values. However, once we go online it is very difficult to guarantee this. Google's business model is to sell its user data, Facebook collects and sells all the data it can get its hands on and there are many more examples.

For you and me, this means that marketing companies can bombard you with advertisements directed to us. Annoying, sure, maybe even scary, but not dangerous.

However, there are also people for whom this lack of anonymity and privacy has bad consequences. Think, for example, of a human rights activist in a country where freedom of expression is not self-evident, or an investigative journalist who exposes abuses that those involved are not so keen on.

An example of this is the death of Maltese journalist Daphne Caruana Galizia, the woman who led the investigation into the Panama Papers. (Garside, 2017).

This observation led to questions: is there a technical solution to guarantee your online anonymity? Are people interested in such a solution at all? Is this something we as Cubics can offer to customers? At the moment Cubics does not have a service that can offer its customers if they want to protect their online identity.

To tackle these questions, Cubics teamed up with colleges to find interns. These interns will be at the beginning of a research and potential realization of a Qubes OS environment that Cubics will be able to offer. With this environment they also want to give something back to society and the Open Source community, because Cubics mainly uses Open Source solutions for its services allowing for an affordable security proposition, allowing the MKB to be secure.

The purpose of this assignment is to inventory whether there is interest in, among others, the National Police for a so-called 'invisible workplace' and what requirements it should meet. This workplace must be able to make a secure connection to the internet. If you work on a cafe's network, you must both be securely connected to the internet and others on the network must not be able to see your network traffic. Secrecy is the keyword.

In addition, it must be possible to work in the workplace without leaving any traces behind.

There are a number of reasons that the police are interested in such a workplace. In this way they are working towards a situation where there are no more offices. By facilitating an invisible workplace, employees can do their work safely from any location. In addition, it is desirable that agents in the field always have access to a secure network, where they can also transmit sensitive information.

On the one hand, the Cubes OS developed and improved by Cubics must ensure that customers are Schrem 2 compliant, but more importantly, Cubics wants to offer a safe working environment for people, such as journalists, lawyers, etc., who are working with highly sensitive information. Information that can even be life-threatening. If you are a journalist reporting from Moskou

And because we can guarantee with some certainty, we have not only looked at the OS but also looked at each individual application and the digital attack surface. Pen-tested the behavior per application and mitigating measures were taken when things turned out to be traceable.

This presentation is intended to take you along how we have tackled this and how we now have an ISO to be able to deploy it widely. We have developed 3 versions and one being a spitting image of a Microsoft OS except without Microsoft and Google, but with the same functionality. Even with the green rolling landscape. You're a nerd aren't you eh? The need for a smaller digital attack surface starts with the techies, where the rest will follow hopefully.

Biography

In his 34 years in ICT, Jean-Paul has worked at Atos Origin, Getronics, KPN and Cap Gemini. He is currentaly working at Cubics where he is responsible for a Cybersecurity proposition that is affordable and achievable for SME’s. He has seen the majority of the top 125 companies in the Netherlands and parts of Europe. Aside from being a Cybersecurity specialist, he is known for his role as a crisismanager.

With 34 years of experience in ICT you can say Jean-Paul is passionate about Cybersecurity. This passion goes side by side a dedication to realize your ambition, in time and within budget. He is always looking for complex and time critical programs and transitions. In his spare time he likes to explore the skies, since he is a private pilot. You could say he is a fan of the Cloud in multiple ways!