How Math can secretly improve the World…

How Math can secretly improve the World…

Franziskus Kiefer, Senior Security Engineer at Mozilla, explains why he advocates for data security, encryption and authenticity in our global home the internet.

“Without the ability to keep secrets, individuals lose the capacity to distinguish themselves from others, to maintain independent lives, to be complete and autonomous people… This does not mean that a person actually has to keep secrets to be autonomous, just that she must possess the ability to do so.” (Kim L. Scheppele, Legal Secrets 302 [1988])

I have this quote by Kim L. Scheppele, Professor of Sociology and International Affairs at Princeton, in mind when I meet Franziskus Kiefer, Senior Security Engineer at Mozilla. Do I actually still have this freedom of authentic privacy, or do I need to repeat, rethink or even reword my question? In an increasingly digitalized world, what are the implications for my privacy and why is this so important?

 

Franziskus: “Most people behave on the internet like they’d behave when they’re at home alone. But you’re never alone on the internet. Never. I’d like to ask those people, ‘Would you invite someone to install a camera in your bedroom so that anyone could watch you at any time?’ Of course not. The same holds true for the internet. If you don’t lock your door or prevent someone from installing a camera in your bedroom, people will watch you.”

 

Does that mean, metaphorically speaking, that I’ll always have to look over my shoulder when I browse the web? Doesn’t this analogy make us paranoid and lead us to withdraw from the web completely?

“Do you want someone to be able to install a camera in your bedroom and watch you any time? Of course not!”

Well, you aren’t at home all the time, are you? When you leave your apartment, you lock it. You put on some clothes instead of walking around outside naked. You need to be conscious about the things that belong to your privacy as well as the things that don’t. You need to be aware of where you can expect privacy and where you can’t. If I read my emails, write a text to my girlfriend, or handle my bank accounts, I want this to be private. When I post something on Twitter, however, I don’t intend for this to be private.

 

Why is it that so few people are aware of how unprotected they are while surfing the web?

 

I think a lot of people just don’t really get the internet. It’s too abstract. People aren’t very good at being concerned about something that isn’t embodied in something concrete. Things they can’t touch or see. It’s hard to imagine that there’s someone sitting on the other side of the world reading your data – I mean, that sounds a bit insane, doesn’t it? Also, it’s difficult to evaluate the long-term consequences. Usually, you don’t notice when someone stores your data or uses it improperly. Data is collected over years without you noticing before it might be used against you. Most people just aren’t aware of that.

 

A lot of people also say they don’t care because they have nothing to hide…

 

Nevertheless, they wouldn’t like it if someone were to install a camera in their bedroom that can be accessed by anybody, would they? It always depends on the political and societal system we’re living in. If this system is kindly disposed towards you, or not. And these things can change, of course.

“Data could be collected over years without us noticing until it’s used against us.”

It sounds like such a simple thing when Franziskus talks about a secure internet. Maybe this is how we can imagine a modern keeper of secrets: always straightforward, with a good sense of humor and long, wild hair. While talking to him, it’s almost easy to forget how much it takes to make the Firefox browser as secure as it needs to be for its users. After his Ph.D. in cryptography, he moved to San Francisco for an internship at Mozilla. He was then offered a position in Mozilla’s cryptography engineering team. For almost two years now, he has been working on NSS. NSS? Network Security Services. What does that mean? It sounds pretty complicated after all. What is it?

 

Part of it is encryption. The part that makes it possible, that no one can read your messages. But besides that, you also want to make sure that the message you get is from the particular person you expect it to be from. You want authenticity. Key exchange protocols are also very important – that’s like a handshake between your computer and your bank’s server when you do your online banking. I work on stuff like that.

All of that seems very complex. What made you specialize in this area?

 

I guess I have to go back in time a bit to answer that. Originally, the internet was an academic network, created so that universities could exchange research findings in order to advance scientific work. In those days, encryption and privacy were not yet important topics, simply because they didn’t need to be.

 

Since then, however, the world has become more and more complex.

 

Exactly. No matter if it’s your banking, your communication, your insurance, your taxes – we do it online nowadays. The digital sphere surrounds us all the time. Of course, it would be a bad idea if anyone could read all these things all the time. Even if my job may not seem super exciting on an everyday basis, it’s extremely important after all. With the work we do here at Mozilla, we protect millions of people who use our Firefox browser. Additionally, the mathematical side is very exciting. That is maybe a good consolation for all the students who struggle with what is taught in school. Math is so much more than just math, and it can actually help make the world a better place.

 

If security is such a huge part of your working life, does this also affect you in non-digital ways? What does security mean to you in your personal life in terms of trust and reliability?

 

We moved a lot. I was born in Freiburg, then we moved to a place close to Karlsruhe. I went to school in Northern Hesse. I did my civilian service in Munich, studied in Darmstadt, did my post-grad in England. To define something as home is therefore very difficult for me. It’s more a feeling than a place. It’s the same with my music; I always have it with me.

Home means trust and reliability, and sometimes it can be really loud

 

That’s also a constant in Berlin. The folk metal band he plays drums in. Home can be wild and loud. It doesn’t matter if you’re physically in San Francisco, London, suburban Warburg or a cellar in Berlin-Mahlsdorf. Or the internet, which Franziskus refers to as a “global home”.

 

In the end, that’s what digitalization is too: being nowhere at home and everywhere at home. It creates something like a global homeland for everyone. And we need to feel secure at home. That’s why my colleagues and I are doing what we’re doing.

 

Mozilla is strongly engaged in these fields and always looking for ways to move forward. What’s the difference in terms of cryptography, encryption, privacy, and personal data security compared to other browsers?

 

What differentiates us fundamentally is that our work is transparent. We have no interest in collecting user data without permission because that’s not what our business model is based on. A lot of the business models of browser companies are mostly based on data.

 

But where do we draw the line?

Exactly, that’s always hard to define. We can’t develop a product without knowing how people would use it. That said, of course, we need a certain amount of data to keep the browser up to date and to develop new features, to enhance the product or establish a good service for our users. But this data isn’t personalized and Mozilla communicates openly what is done with it, where it’s used, what’s collected and why. Anyone who’s interested can read about this on the Mozilla Wiki. But the most important difference to me is that we don’t sell data or let commercial purposes benefit from it.

 

To be able to choose which data you want to share, or if you want to share any at all, is key. Without the ability to keep secrets from this viewpoint we can say, ‘Encrypt our data and keep it secret for others’ we lose our autonomy, the capacity to perceive ourselves as independent human beings. What a gift, that Franziskus and his team are standing up for us.

 

 

 

Copy: Anja Fordon
Photography: Falko Sievert

More People of Mozilla