Chapter 32 Quiz: Counter-Surveillance
1. Which of the following best describes the difference between symmetric and asymmetric encryption?
a) Symmetric encryption is stronger; asymmetric encryption is faster b) Symmetric encryption uses one key for both encrypting and decrypting; asymmetric uses a public key for encryption and a private key for decryption c) Symmetric encryption is used for messages; asymmetric is used for files d) Asymmetric encryption is used by governments; symmetric is for civilian use
Answer: b — Symmetric encryption uses the same key to encrypt and decrypt (efficient but requires secure key sharing). Asymmetric encryption uses mathematically related key pairs — public for encryption, private for decryption — which solves the key distribution problem.
2. The Signal Protocol uses the Double Ratchet Algorithm. What is the primary security benefit of this design?
a) It encrypts messages faster than standard encryption b) It provides forward secrecy — compromising one message key doesn't compromise past or future messages c) It prevents metadata collection by Signal's servers d) It allows Signal to decrypt messages if requested by law enforcement
Answer: b — The Double Ratchet Algorithm generates new encryption keys for each message, derived from the previous key. Even if an adversary obtains one key, they cannot use it to decrypt other messages in the conversation. This is called "forward secrecy" (past sessions) and "break-in recovery" (future sessions).
3. When Signal was subpoenaed by a U.S. grand jury for user information, what was Signal able to provide?
a) Message content, recipient list, and IP addresses — the full scope of what was subpoenaed b) Only the date an account was created and the date it last connected to Signal's servers c) Encrypted message data that the government decrypted with its own tools d) Nothing — Signal successfully challenged the subpoena on First Amendment grounds
Answer: b — Signal's minimal data collection policy means it does not hold the data that law enforcement typically seeks. It could provide only account creation date and last connection date. This is often cited as a concrete demonstration of why data minimization matters.
4. Which of the following statements most accurately describes what a VPN does?
a) A VPN makes your internet traffic completely anonymous and untraceable b) A VPN encrypts your content and shifts trust from your ISP to the VPN provider, but does not anonymize you c) A VPN prevents all forms of tracking, including cookie tracking and browser fingerprinting d) A VPN provides end-to-end encryption equivalent to Signal for all internet traffic
Answer: b — A VPN creates an encrypted tunnel between you and the VPN server, hiding your traffic from your ISP and local networks. But it shifts, rather than eliminates, trust — the VPN provider can see your traffic. It does not provide anonymity and does not protect against application-layer tracking (cookies, fingerprinting, logged-in accounts).
5. Tor provides anonymity through onion routing. Which of the following correctly describes how Tor works?
a) Tor encrypts traffic and sends it through a single trusted server that strips your IP address b) Tor routes traffic through three relays, each knowing only the previous and next node — no single relay knows both your identity and your destination c) Tor provides a distributed VPN where multiple volunteer servers share the encryption key d) Tor bounces traffic between your device and the destination at random to make tracking impossible
Answer: b — Tor routes traffic through three nodes (entry, middle, exit). The entry node knows your IP but not your destination. The exit node knows the destination but not your original IP. No single node has the complete picture. This layered design (like an onion) provides genuine anonymity against most adversaries.
6. uBlock Origin is recommended as the most important browser privacy extension. Why is it recommended over AdBlock Plus?
a) uBlock Origin has more features and is faster; AdBlock Plus is outdated b) uBlock Origin blocks by default without any commercial relationships; AdBlock Plus receives payments from advertisers for "acceptable ads" c) uBlock Origin works in more browsers than AdBlock Plus d) uBlock Origin is developed by a government cybersecurity agency with higher trust standards
Answer: b — AdBlock Plus operates an "Acceptable Ads" program where advertisers can pay to have their ads whitelisted. uBlock Origin has no such commercial relationships — it blocks based on filterlists without accepting payment from advertisers. This difference in business model reflects a fundamental difference in whose interests the tool serves.
7. Research by Narayanan and Shmatikoff on the Netflix Prize dataset demonstrated which important privacy concept?
a) That encryption can be broken by combining enough data points b) That "anonymized" data can often be re-identified by cross-referencing with other available data c) That movie preferences are not sensitive personal information d) That large datasets are too complex for re-identification attacks to be practical
Answer: b — Narayanan and Shmatikoff showed that the "anonymized" Netflix movie ratings could be de-anonymized by comparing them with public IMDb ratings. A person's unique pattern of movie ratings — even without name attached — is distinctive enough to match against public records. This demonstrated that "anonymization" through removing names is insufficient when the data contains rich behavioral patterns.
8. Yara tells Jordan that "the weakest link is the endpoint." What does this mean in the context of encrypted communications?
a) The encryption algorithm itself is the most likely point of failure b) The devices on either end of a communication — not the encryption in transit — are where surveillance typically finds vulnerabilities c) Signal's servers (the "endpoint" of its network) are the most vulnerable part of the system d) The end of a conversation, when encryption is removed, is where interception is easiest
Answer: b — "Endpoint" in security refers to the devices (phones, computers) on either end of a communication. Even if message content is perfectly encrypted in transit, adversaries can access messages by compromising the device itself — through malware, physical access, or by targeting the person on the other end. The encryption is often the strongest part; the devices are often the weakest.
9. Differential privacy is a technical approach to privacy protection. Which of the following best describes it?
a) Treating different types of data with different levels of protection based on their sensitivity b) Adding mathematical noise to datasets so that individual records cannot be reliably extracted from statistics about the population c) Encrypting data differently for different users based on their privacy preferences d) Applying different privacy standards based on the regulatory jurisdiction of the data subject
Answer: b — Differential privacy, developed by Cynthia Dwork, is a mathematical framework that adds calibrated noise to data or query results so that the contribution of any individual record cannot be detected with high confidence. It allows statistics about populations to be computed and shared while providing rigorous privacy guarantees for individuals.
10. AdNauseam is a browser extension that clicks every blocked ad. What is the privacy strategy behind this tool?
a) By clicking ads, it generates revenue for websites without exposing the user to tracking b) It confuses advertisers by generating contradictory behavioral data, making the user's actual profile harder to determine c) It blocks advertising cookies by flooding them with false data d) It provides cover for political ads you actually want to see without being profiled for them
Answer: b — AdNauseam is an obfuscation tool. By clicking every ad automatically, it floods the advertising profile with contradictory data — appearing interested in everything. This makes the resulting profile useless for behavioral targeting, as there is no coherent pattern to exploit. This is obfuscation as counter-surveillance strategy.
11. The "going dark" debate refers to:
a) The claim that dark web services are making the internet dangerous for ordinary users b) Law enforcement's argument that end-to-end encryption prevents lawful interception even with court authorization c) The gradual reduction of internet access in authoritarian countries through censorship d) Technical problems with nighttime operation of surveillance cameras
Answer: b — "Going dark" is the FBI's and other law enforcement agencies' framing for the problem they say is created by strong encryption: even with lawful court authorization to intercept communications, the encryption makes interception technically impossible. Critics dispute the framing, arguing that other available surveillance data has expanded dramatically and that the "going dark" claim overstates the problem.
12. GrapheneOS is described in the chapter. What is it?
a) A browser extension for enhanced privacy on Android devices b) A hardened, privacy-focused Android operating system that runs on Pixel phones with no Google services by default c) Google's internal security software for Pixel phones d) A replacement for iOS that can be installed on iPhones
Answer: b — GrapheneOS is a privacy and security-focused Android distribution. It removes Google services by default, provides stronger application sandboxing, and can run Android apps in an isolated container. It requires a Google Pixel hardware and technical comfort, but represents the most privacy-protective smartphone operating system currently available for mainstream hardware.
13. What is "forward secrecy" in the context of encryption?
a) The ability to encrypt data before it is collected, preventing collection from being possible b) The design property that compromising current encryption keys does not compromise past or future session keys c) The use of future-dated cryptographic certificates that cannot be decrypted until a specified time d) Encrypting communications in advance before sending them, so they cannot be intercepted
Answer: b — Forward secrecy (also called "perfect forward secrecy") means that session keys are temporary and not derivable from long-term keys. If an adversary captures encrypted traffic now and later obtains the long-term key, they still cannot decrypt past sessions because those sessions used different, ephemeral keys.
14. When the chapter says that individual counter-surveillance "addresses symptoms rather than causes," what is meant?
a) Technical tools treat individual users but don't treat the root cause of poor decisions that lead to surveillance b) Counter-surveillance tools respond to existing surveillance practices rather than changing the structural incentives and systems that generate surveillance c) Privacy tools focus on symptoms (data breaches) rather than the cause (weak passwords) d) Individuals cannot address surveillance because only corporations and governments have the technical capacity to do so
Answer: b — The "symptoms vs. causes" point is about structural analysis: individual use of privacy tools reduces your personal exposure to surveillance, but it doesn't change the incentive structures, business models, regulatory frameworks, or power dynamics that produce mass surveillance in the first place. Individual action is limited because surveillance is structural.
15. Tails OS is described as an "amnesic" operating system. What does this mean?
a) Tails erases your memory of what you were doing so you can truthfully deny it under questioning b) Tails leaves no trace on the computer it runs on — when shut down, it writes nothing to the host machine's storage c) Tails has a built-in memory protection that prevents malware from accessing RAM while running d) The OS erases its own files when a suspicious pattern of use is detected
Answer: b — Tails runs entirely in RAM from a USB drive. When you shut it down, the computer's hard drive has no record of what you did. This "amnesia" — the OS forgets — makes forensic investigation of a computer's history impossible for sessions run under Tails.
16. According to the chapter, the appropriate counter-surveillance tools depend on your threat model. What is a threat model?
a) A risk assessment of the potential consequences of various types of cyberattacks b) An analysis of who specifically you are protecting yourself from, what they are likely to do, and what information they are likely to seek c) A legal document identifying which government agencies are permitted to surveil you d) A technical specification of which encryption algorithms are strong enough for your use case
Answer: b — Threat modeling involves identifying your adversary (who), their capabilities (what can they do), their motivation (what do they want from you), and your vulnerabilities (where are you exposed). Different adversaries — advertising companies, domestic abusers, nation-state intelligence agencies — require different responses.
17. The chapter argues that the "nothing to hide" argument fails on multiple grounds. Which of the following is not one of the arguments given against "nothing to hide"?
a) Privacy is not about hiding wrongdoing but about controlling access to personal information b) What is legal can change; private communications about legal activities today may be used against people in the future c) People are the best judges of what information about themselves deserves protection, and that judgment should be respected d) Surveillance creates a chilling effect that narrows thought and expression regardless of whether specific information is "private"
Answer: c — While individual self-determination is a value, the chapter's arguments against "nothing to hide" focus on: the changing nature of legality, the distinction between privacy and secrecy, the chilling effect, and who actually needs privacy (journalists, activists, abuse survivors, LGBTQ+ people). The option about individual judgment is not explicitly one of the arguments made.
Score interpretation: 15-17 correct — Excellent technical and conceptual mastery | 12-14 — Good understanding with some gaps | 9-11 — Review sections 32.2–32.10 | Below 9 — Revisit the full chapter before proceeding