2017-04-02 21:59:29 -04:00
|
|
|
|
#+startup: beamer
|
|
|
|
|
#+TITLE: The Surreptitious Assault on Privacy, Security, and Freedom
|
|
|
|
|
#+AUTHOR: Mike Gerwitz
|
|
|
|
|
#+EMAIL: mtg@gnu.org
|
|
|
|
|
#+DATE: 26 March, LibrePlanet 2017
|
|
|
|
|
#+OPTIONS: H:3 num:nil toc:nil p:nil todo:nil stat:nil
|
|
|
|
|
#+LaTeX_CLASS: beamer
|
|
|
|
|
#+LaTeX_CLASS_OPTIONS: [presentation]
|
|
|
|
|
#+BEAMER_THEME: Warsaw
|
|
|
|
|
#+BEAMER_HEADER: \beamertemplatenavigationsymbolsempty
|
2017-03-18 23:14:33 -04:00
|
|
|
|
#+BEAMER_HEADER: \setbeamertemplate{bibliography item}{\insertbiblabel}
|
2017-03-08 02:05:07 -05:00
|
|
|
|
#+BIBLIOGRAPHY: sapsf plain
|
2017-03-19 22:04:30 -04:00
|
|
|
|
#+TODO: RAW(r) DEVOID(v) LACKING(l) DRAFT(d) REVIEWED(R) | AUGMENT(A) READY(+) REHEARSED(D)
|
2017-03-11 23:25:25 -05:00
|
|
|
|
#+COLUMNS: %40ITEM %10DURATION{:} %8TODO %BEAMER_ENV(ENVIRONMENT)
|
2017-03-06 21:48:35 -05:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
*Remember the themes!*:
|
|
|
|
|
- Surreptitious
|
|
|
|
|
- User privacy and security
|
|
|
|
|
- Affects on freedom; chilling effects
|
|
|
|
|
- How free software can help
|
2017-03-07 00:36:28 -05:00
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
The big players seem to be the [[The Web][Web]] and [[Policy and Government][Government]].
|
|
|
|
|
No surprises there.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
It would be a good idea to immediately connect with the audience. So:
|
|
|
|
|
- Most everyone has a mobile device.
|
|
|
|
|
- /This is the most immediate and relatable since it's physically present/
|
|
|
|
|
with them in their travels.
|
|
|
|
|
- Security cameras et. al. during travel.
|
|
|
|
|
|
|
|
|
|
So start _briefly_ with the topic of pervasive surveillance?
|
|
|
|
|
- That is what the abstract refers to, after all.
|
|
|
|
|
|
|
|
|
|
*Surreptitious*---many audience members won't consider that they're being
|
|
|
|
|
tracked.
|
|
|
|
|
- But by _whom_?
|
|
|
|
|
|
|
|
|
|
Maybe a gentle introduction that gets increasingly more alarming and
|
|
|
|
|
invasive topic-wise.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-03-08 02:05:07 -05:00
|
|
|
|
* LaTeX Configuration :export:ignore:
|
2017-03-11 23:13:18 -05:00
|
|
|
|
#+LATEX_HEADER: \usepackage[backend=biber]{biblatex}
|
2017-03-08 02:05:07 -05:00
|
|
|
|
#+LATEX_HEADER: \usepackage{color}
|
2017-03-11 23:13:18 -05:00
|
|
|
|
#+LATEX_HEADER: \bibliography{sapsf}
|
2017-03-08 02:05:07 -05:00
|
|
|
|
#+BEGIN_LATEX
|
|
|
|
|
% citations will be grayed and pushed to the right margin
|
|
|
|
|
\let\origcite\cite
|
2017-03-09 05:19:43 -05:00
|
|
|
|
% incite = "inline" cite
|
|
|
|
|
\def\cite{\hfill\incite}
|
|
|
|
|
\newcommand*{\incite}[1]{{%
|
2017-03-08 02:05:07 -05:00
|
|
|
|
\scriptsize
|
|
|
|
|
\raisebox{1ex}{%
|
|
|
|
|
\color{gray}%
|
|
|
|
|
\origcite{#1}%
|
|
|
|
|
}%
|
|
|
|
|
}}
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
|
|
|
|
\renewcommand*{\bibfont}{\scriptsize}
|
2017-03-08 02:05:07 -05:00
|
|
|
|
#+END_LATEX
|
|
|
|
|
|
|
|
|
|
|
2017-03-07 01:15:10 -05:00
|
|
|
|
* LACKING Slides :export:ignore:
|
2017-04-14 00:42:19 -04:00
|
|
|
|
** Development Notice :B_fullframe:
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
N.B.: These slides appear as they were presented at [[https://libreplanet.org/2017][LibrePlanet\nbsp{}2017]] (with
|
|
|
|
|
the exception of this slide).
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
*For up-to-date slides, see:*
|
|
|
|
|
|
|
|
|
|
*[[https://mikegerwitz.com/talks/sapsf]]*
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
For the source code to this presentation, see:
|
|
|
|
|
|
|
|
|
|
https://mikegerwitz.com/projects/sapsf
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
** REHEARSED Introduction / Opening :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:DURATION: 00:01
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-11 23:25:25 -05:00
|
|
|
|
Hello, everyone.
|
|
|
|
|
Thanks for coming!
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
My name's Mike Gerwitz.
|
|
|
|
|
I am a free software hacker and activist with a focus on user privacy and
|
|
|
|
|
security.
|
|
|
|
|
I'm also a GNU Maintainer, software evaluator, and volunteer for various
|
|
|
|
|
other duties.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
And I'm here to talk to you about an unfortunate,
|
2017-04-02 14:30:45 -04:00
|
|
|
|
increasingly unavoidable fact of modern life.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
|
|
|
|
None of you made it here without being tracked in some capacity.
|
|
|
|
|
Some of us are /still/ being tracked at this very moment!
|
|
|
|
|
|
|
|
|
|
This isn't a tinfoil hat presentation.
|
|
|
|
|
It's a survey of facts.
|
|
|
|
|
Every slide has numeric citations,
|
2017-03-14 01:37:21 -04:00
|
|
|
|
which are associated with references on the final slides.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
I won't be showing them here---you can get them online.
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Since time isn't on my side here,
|
|
|
|
|
I'm going to present a broad overview of the most pressing concerns of
|
|
|
|
|
today, as it hopefully relates to everyone here.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
My goal is to present you with enough information that you know that these
|
|
|
|
|
things /exist/,
|
2017-03-14 01:37:21 -04:00
|
|
|
|
and you know where to find more information about them.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
Those unknown unknowns.
|
|
|
|
|
|
|
|
|
|
So: let's start with the obvious.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
(Note: You're being "tracked", rather than "watched": the latter is too
|
|
|
|
|
often used and dismissed as tinfoil-hat FUD.)
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
2017-03-19 22:06:57 -04:00
|
|
|
|
#+BEAMER: \only<1->{\Huge You're Being Tracked.}
|
|
|
|
|
|
|
|
|
|
#+BEAMER: \only<2>{\large(No, really, I have references.)}
|
2017-04-02 21:59:29 -04:00
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
2017-03-19 22:06:57 -04:00
|
|
|
|
** AUGMENT Mobile [5/5]
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Introduction :B_ignoreheading:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: ignoreheading
|
|
|
|
|
:END:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Introduction :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:DURATION: 00:00:15
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
- <1-> Most people carry mobile phones
|
|
|
|
|
- <1-> Synonymous with individual
|
|
|
|
|
- <2> Excellent tracking devices
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Most of us in this room are probably carrying a mobile phone right now.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
They are computers that are always on.
|
|
|
|
|
|
|
|
|
|
A phone is often synonymous with an individual;
|
2017-03-22 01:14:08 -04:00
|
|
|
|
they are a part of us---
|
|
|
|
|
we feel /incomplete/ when we're missing our phones.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
In other words: they're excellent tracking devices.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Cell Towers [6/6]
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-20 23:35:12 -04:00
|
|
|
|
:DURATION: 0:03
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:END:
|
2017-03-20 23:35:12 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Fundamentally Needed
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:30
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-19 22:06:57 -04:00
|
|
|
|
|
|
|
|
|
***** Summary
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.75
|
|
|
|
|
:END:
|
2017-03-11 23:25:25 -05:00
|
|
|
|
- Phone needs tower to make and receive calls
|
2017-03-12 04:06:15 -04:00
|
|
|
|
- Gives away approximate location\cite{pbs:nova:boston}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- Multiple towers: signal delay; triangulate
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-19 22:06:57 -04:00
|
|
|
|
***** Tower Image
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.25
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
[[./images/tp/cell-tower.jpg]]
|
|
|
|
|
|
|
|
|
|
\incite{w:file:cell-tower}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-11 23:25:25 -05:00
|
|
|
|
The primary reason is inherent in a phone's design:
|
|
|
|
|
cell towers.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
A phone "needs" to be connected to a tower to make and receive calls.
|
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
Unless it is off or otherwise disconnected (like airplane mode),
|
2017-04-02 21:59:29 -04:00
|
|
|
|
its connection to the cell tower exposes your approximate location.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
If the signal reaches a second tower,
|
|
|
|
|
the potential location can be calculated from the signal delay.
|
2017-03-22 01:14:08 -04:00
|
|
|
|
More towers, you can also triangulate.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
Some people don't use phones primarily for this reason.
|
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
rms, for example, said he might use a phone if it could act as a pager,
|
2017-04-02 21:59:29 -04:00
|
|
|
|
where he'd only need to expose his location once he is in a safe place.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Cell-Site Simulators
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:45
|
|
|
|
|
:END:
|
2017-03-19 22:06:57 -04:00
|
|
|
|
|
|
|
|
|
***** Summary
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.65
|
|
|
|
|
:END:
|
2017-03-11 23:25:25 -05:00
|
|
|
|
- <1-> IMSI-Catchers
|
2017-04-02 21:59:29 -04:00
|
|
|
|
- <1-> Masquerade as cell towers
|
2017-03-11 23:25:25 -05:00
|
|
|
|
- <1-> Most popular: Stingray
|
|
|
|
|
- <2-> Free/libre Android program AIMSICD available on F-Droid attempts to
|
|
|
|
|
detect\cite{aimsid}
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-19 22:06:57 -04:00
|
|
|
|
***** Stingray Image
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.35
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
[[./images/tp/stingray.jpg]]
|
|
|
|
|
|
|
|
|
|
\incite{w:file:stingray}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Cell Site Simulators have made a lot of news in the past,
|
2017-03-11 23:25:25 -05:00
|
|
|
|
one of the most popular examples being the Stingray.
|
|
|
|
|
These devices masquerade as cell towers.
|
|
|
|
|
This allows (for example) law enforcement to get a suspect's phone to
|
|
|
|
|
connect to _their_ device rather than a real tower,
|
|
|
|
|
which allows their location to be triangulated,
|
|
|
|
|
calls to be intercepted,
|
|
|
|
|
etc.
|
|
|
|
|
Law enforcement might also use it to record all devices in an area,
|
|
|
|
|
such as during a protest.
|
|
|
|
|
|
|
|
|
|
The problem is: _every_ phone in the area will try to connect to it;
|
|
|
|
|
it amounts to a dragnet search,
|
|
|
|
|
and is therefore extremely controversial.
|
|
|
|
|
|
|
|
|
|
The Android program AIMSICD---Android IMSI-Catcher Detector---is being
|
|
|
|
|
developed in an attempt to detect these devices.
|
|
|
|
|
It is free software and is available on F-Droid.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Verizon Metadata (Order) :B_fullframe:
|
2017-03-20 23:35:12 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:15
|
2017-03-20 23:35:12 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
[[./images/tp/fisa-verizon.png]]\par\incite{archive:fisa-verizon}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Anyone remember this?
|
|
|
|
|
|
|
|
|
|
This is the first Snowden leak---
|
|
|
|
|
the secret FISA court order that renewed the FBI Verizon metadata
|
|
|
|
|
collection program.
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
For those who may not know:
|
|
|
|
|
FISA is the Foreign Intelligence Surveillance Act,
|
|
|
|
|
and it established a secret court that usually also issues gag orders.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
**** REHEARSED Ron Wyden :B_fullframe:
|
2017-03-20 23:35:12 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:DURATION: 00:00:15
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
Senator Ron Wyden, 26 May 2011:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
|
I have served on the Intelligence Committee for over a decade and I wish to
|
|
|
|
|
deliver a warning this afternoon. When the American people find out how
|
|
|
|
|
their government has secretly interpreted [the business records provision of
|
|
|
|
|
FISA], they are going to be stunned and they are going to be
|
|
|
|
|
angry.\cite{eff:jewel:evidence}
|
|
|
|
|
#+END_QUOTE
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Verizon Metadata
|
2017-03-20 23:35:12 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:40
|
2017-03-20 23:35:12 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
- <1-> June 2013---Guardian releases leaked document ordering Verizon to
|
|
|
|
|
collect ``telephony metadata''\cite{guardian:verizon,mtg:uproar}
|
|
|
|
|
|
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
|
[...] (i) between the United States and abroad; or (ii) wholly within the
|
|
|
|
|
United States, including local telephone calls.\cite{archive:fisa-verizon}
|
|
|
|
|
#+END_QUOTE
|
|
|
|
|
|
|
|
|
|
- <2-> Routing information, source and destination telephone numbers, IMSI
|
|
|
|
|
and\nbsp{}IMEI numbers, and time and duration of the
|
|
|
|
|
call\cite{archive:fisa-verizon,eff:metadata}
|
|
|
|
|
|
|
|
|
|
- <3-> ``Business records'' provision partly declassified by Clapper on
|
|
|
|
|
6\nbsp{}June\nbsp{}2013\cite{dni:business-provs}
|
|
|
|
|
|
|
|
|
|
- <3-> The American people were stunned and angry
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
June 2013.
|
|
|
|
|
I remember where I was.
|
|
|
|
|
|
|
|
|
|
The Guardian newspaper releases a leaked court order,
|
|
|
|
|
which orders Verizon to collect ``telephony metadata'' on /all/ calls,
|
|
|
|
|
/including domestic/.
|
|
|
|
|
|
2017-03-22 01:14:08 -04:00
|
|
|
|
These matadata include <read above>.
|
|
|
|
|
|
2017-03-20 23:35:12 -04:00
|
|
|
|
That ``business records'' provision of FISA that Ron Wyden was talking about
|
|
|
|
|
was partly declassified by the then-DNI James Clapper shortly after that
|
|
|
|
|
publication.
|
|
|
|
|
|
|
|
|
|
As Wyden predicted,
|
|
|
|
|
we were pretty stunned.
|
|
|
|
|
And pretty pissed off.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Metadata Matters
|
2017-03-20 23:35:12 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:30
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/tp/nsa-spying.png]]\incite{eff:nsa-spying}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
- EFF on ``Why Metadata Matters'':\cite{eff:metadata}
|
|
|
|
|
- <2-> They know you rang a phone sex service at 2:24 am and spoke for
|
|
|
|
|
18 minutes. But they don't know what you talked about.
|
|
|
|
|
- <3-> They know you spoke with an HIV testing service, then your doctor,
|
|
|
|
|
then your health insurance company in the same hour. But they don't
|
|
|
|
|
know what was discussed.
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 14:30:45 -04:00
|
|
|
|
There was a debate over how much ``metadata'' matters.
|
2017-03-20 23:35:12 -04:00
|
|
|
|
It matters a lot.
|
|
|
|
|
|
|
|
|
|
Here's some quotes from an EFF article, as cited.
|
|
|
|
|
|
|
|
|
|
<Read quotes>
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Metadata are important.
|
2017-03-20 23:35:12 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-03-19 22:06:57 -04:00
|
|
|
|
*** READY Wifi [1/1]
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:DURATION: 0:01
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED ESSID and MAC Broadcast
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:01
|
|
|
|
|
:END:
|
|
|
|
|
- <1-> Device may broadcast ESSIDs of past hidden networks
|
2017-03-19 22:06:57 -04:00
|
|
|
|
- <1-> Expose unique hardware identifiers (MAC address)
|
|
|
|
|
- <2-> **Defending against this is difficult**
|
|
|
|
|
- <3-> /Turn off Wifi/ in untrusted places
|
|
|
|
|
- <3-> Turn off settings to auto-connect when receiving e.g. MMS
|
|
|
|
|
- <4-> Use cellular data (e.g. {2,3,4}G)
|
|
|
|
|
- <5-> **MAC address randomization works poorly**\cite{arxiv:mac}
|
2017-03-05 03:23:35 -05:00
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
What else is inherent in a modern phone design?
|
|
|
|
|
A common feature is Wifi.
|
|
|
|
|
|
|
|
|
|
If you connected to any hidden networks,
|
|
|
|
|
your phone may broadcast that network name to see if it exists.
|
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
It exposes unique device identifiers (MACs),
|
2017-03-22 01:14:08 -04:00
|
|
|
|
which can be used to identify you.
|
2017-03-05 03:23:35 -05:00
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
Defending against this is difficult,
|
|
|
|
|
unless you take the simple yet effective route:
|
|
|
|
|
disable Wifi completely,
|
|
|
|
|
at least when you're not in a safe area you can trust.
|
|
|
|
|
Some apps will automatically enable networking if they receive,
|
|
|
|
|
for example,
|
|
|
|
|
MMS messages;
|
|
|
|
|
be careful of that.
|
|
|
|
|
If you really do need data,
|
|
|
|
|
use your cellular data.
|
|
|
|
|
You are already hemmoraging information to your phone company,
|
|
|
|
|
so at least you're limiting your exposure.
|
|
|
|
|
|
|
|
|
|
Some phones and apps offer MAC address randomization.
|
|
|
|
|
That's a good thing in priniciple.
|
|
|
|
|
Unfortunately, it seems to be easily defeated.
|
|
|
|
|
One study, cited here,
|
|
|
|
|
claims to be able to defeat randomization 100% of the time,
|
|
|
|
|
regardless of manufacturer.
|
|
|
|
|
|
|
|
|
|
/Segue to next section:/
|
|
|
|
|
All these previous risks are _passive_---
|
|
|
|
|
they require no malicious software on your device.
|
|
|
|
|
But what if we _do_ have such software?
|
|
|
|
|
And of course, we do.
|
2017-03-05 03:23:35 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Geolocation [3/3]
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 0:02
|
|
|
|
|
:END:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Global Positioning System (GPS)
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:45
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-19 22:06:57 -04:00
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/tp/gps.jpg]]\incite{w:file:gps}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
- <1-> Not inherently a surveillance tool
|
2017-03-19 22:06:57 -04:00
|
|
|
|
- <2-> Often enabled, and programs abuse it\cite{jots:mobile}
|
|
|
|
|
- <2-> Legitimate: navigation, social media, photos, nearby friends, finding
|
2017-03-11 23:25:25 -05:00
|
|
|
|
lost phones, location-relative searches, etc.
|
2017-03-19 22:06:57 -04:00
|
|
|
|
- <3-> If phone is compromised, location is known
|
2017-03-05 03:39:19 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-11 23:25:25 -05:00
|
|
|
|
Let's talk about geolocation!
|
2017-04-02 14:30:45 -04:00
|
|
|
|
The most obvious being GPS.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
|
|
|
|
GPS isn't inherently a surveillance tool;
|
2017-03-19 22:06:57 -04:00
|
|
|
|
it can't track you on its own.
|
|
|
|
|
Your GPS device calculates its location based on signals
|
2017-03-11 23:25:25 -05:00
|
|
|
|
broadcast by GPS satellites in line-of-site.
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
It's often enabled on devices,
|
|
|
|
|
and programs often abuse that privilege.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
|
|
|
|
I'm not saying there aren't legitimate uses.
|
|
|
|
|
Navigation systems,
|
2017-04-02 14:30:45 -04:00
|
|
|
|
location-relative searches,
|
2017-03-11 23:25:25 -05:00
|
|
|
|
finding lost phones---
|
2017-04-02 14:30:45 -04:00
|
|
|
|
all of these things are legitimate.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED But I Want GPS!
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:PROPERTIES:
|
2017-03-19 22:06:57 -04:00
|
|
|
|
:DURATION: 00:00:40
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:END:
|
|
|
|
|
- <1-> Is the program transparent in what data it sends? (Is the source code
|
|
|
|
|
available?)\cite{jots:mobile}
|
2017-03-19 22:06:57 -04:00
|
|
|
|
- <1-> 2010: 47 of top 100 Android and iOS apps sent location to devs and
|
|
|
|
|
third parties\cite{wsj:app-loc}
|
|
|
|
|
- <1-> Ex: /Angry Birds/ sent address book, location, and device ID to
|
|
|
|
|
third party\cite{networks-of-control}
|
|
|
|
|
- <1-> Does the program let you disable those [anti-]features?
|
2017-03-11 23:25:25 -05:00
|
|
|
|
- <2-> Pre-download location-sensitive data (e.g. street maps)
|
|
|
|
|
- <2-> OsmAnd (free software, Android and iOS)\cite{osmand}
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
So you may legitimately want GPS enabled.
|
|
|
|
|
It's terrible that you should be concerned about it.
|
|
|
|
|
|
2017-03-19 22:06:57 -04:00
|
|
|
|
Are the programs you're using transparent in what they're sending?
|
2017-04-02 14:30:45 -04:00
|
|
|
|
A precondition to that answer is source code.
|
2017-03-19 22:06:57 -04:00
|
|
|
|
|
|
|
|
|
A study by the Wall Street Journal found that 47 of the 100 Android and iOS
|
|
|
|
|
apps in 2010 shared your location with not only the developers,
|
|
|
|
|
but also with third parties.
|
|
|
|
|
|
2017-03-22 01:14:08 -04:00
|
|
|
|
An example is Angry Birds,
|
|
|
|
|
which for whatever the hell reason was sending users' address books,
|
|
|
|
|
locations, and device IDs to third parties.
|
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
You need to know what data you're leaking so that you can decide whether
|
|
|
|
|
or not you want to do so.
|
|
|
|
|
And you need the option to disable it.
|
2017-03-22 01:14:08 -04:00
|
|
|
|
Or modify the program to disable it.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
|
|
|
|
Sometimes your location is leaked as a side-effect.
|
|
|
|
|
Navigation systems, for example, usually lazy-load map images.
|
|
|
|
|
Some apps let you use pre-downloaded maps,
|
|
|
|
|
like OsmAnd,
|
|
|
|
|
which is free software available on both Android and---if you must---iOS.
|
2017-03-05 03:39:19 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Location Services
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:PROPERTIES:
|
2017-03-19 22:06:57 -04:00
|
|
|
|
:DURATION: 00:00:30
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:END:
|
|
|
|
|
|
2017-03-05 03:39:19 -05:00
|
|
|
|
- <1-> No GPS? No problem!
|
2017-03-11 23:25:25 -05:00
|
|
|
|
- <1-> Mozilla Location Services, OpenMobileNetwork, ...
|
|
|
|
|
\cite{mozilla:loc-services,openmobilenetwork}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <1-> Wifi Positioning System; Bluetooth networks;
|
2017-03-11 23:25:25 -05:00
|
|
|
|
nearby cell towers\cite{w:wps}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <1-> Signal strength and SSIDs and MACs of Access Points
|
2017-03-11 23:25:25 -05:00
|
|
|
|
\cite{w:trilateration,acm:spotfi,acm:lteye}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <2-> Some gathered by Google Street View cars
|
|
|
|
|
- <2-> Your device may report back nearby networks to build a more
|
2017-03-11 23:25:25 -05:00
|
|
|
|
comprehensive database
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <3-> Works even where GPS and Cell signals cannot penetrate
|
|
|
|
|
- <3-> Can be /more/ accurate than GPS (e.g. what store in a shopping mall)
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-05 03:39:19 -05:00
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
But GPS doesn't need to be available.
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Have you ever used a program on a computer that asked for your location?
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
There are numerous services available to geolocate based on signal strength
|
|
|
|
|
of nearby access points; bluetooth networks; and cell towers.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
2017-03-19 22:06:57 -04:00
|
|
|
|
Some of these data are gathered by Google Street View cars.
|
2017-03-22 01:14:08 -04:00
|
|
|
|
Devices that /have/ GPS, like your phone might also be reporting back nearby
|
|
|
|
|
networks in order to improve the quality of these databases.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Sometimes this can be more accurate than GPS.
|
|
|
|
|
And it works where GPS and maybe even cell service don't, such as inside
|
|
|
|
|
shopping malls.
|
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
So just because GPS is off does not mean your location is unknown.
|
2017-03-05 03:39:19 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Operating System [3/3]
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 0:01
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-05 14:39:19 -05:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Untrusted/Proprietary OS
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:30
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:END:
|
2017-03-05 14:39:19 -05:00
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
- <1-> Who does your phone work for?
|
2017-03-05 14:39:19 -05:00
|
|
|
|
- Apple? Google? Microsoft? Blackberry? Your manufacturer too?
|
2017-03-11 23:25:25 -05:00
|
|
|
|
- <1-> Carry everywhere you go, but fundamentally cannot
|
|
|
|
|
trust it\cite{gnu:malware-mobile}
|
|
|
|
|
- <2-> Some come with gratis surveillance
|
|
|
|
|
- <2-> BLU phones sent SMS messages, contacts, call history, IMEIs, and
|
|
|
|
|
more to third-party servers without users' knowledge or censent
|
|
|
|
|
\cite{kryptowire:adups}
|
2017-03-05 14:39:19 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-11 23:25:25 -05:00
|
|
|
|
A lot of this boils down to trust.
|
|
|
|
|
Who does your phone work for?
|
|
|
|
|
|
|
|
|
|
Does your phone work for Apple? Google? Microsoft? Blackberry?
|
|
|
|
|
Or does it work for you?
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-11 23:25:25 -05:00
|
|
|
|
The OS situation on mobile is lousy.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
You carry around this computer everywhere you go.
|
|
|
|
|
And you fundamentally cannot trust it.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
|
2017-03-22 01:14:08 -04:00
|
|
|
|
Take BLU phones for example---cheap little phones that come with advertising.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
In November of last year it was discovered that these popular phones
|
|
|
|
|
contained software that sent SMS messages, contact lists, call history,
|
|
|
|
|
IMEIs, etc to third-party servers without users' knowledge or consent.
|
|
|
|
|
That software could also remotely execute code on the device.
|
2017-03-05 14:39:19 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Free/Libre Mobile OS?
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:20
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:END:
|
|
|
|
|
- <1-> Android is supposedly free software
|
|
|
|
|
- <1-> But every phone requires proprietary drivers, or contains
|
2017-03-05 14:39:19 -05:00
|
|
|
|
proprietary software
|
2017-03-11 23:25:25 -05:00
|
|
|
|
- <2-> Replicant\cite{replicant}
|
2017-03-19 22:06:57 -04:00
|
|
|
|
- <2> Niche. Largely work of one developer now. (Help if you can!)
|
|
|
|
|
|
|
|
|
|
#+BEAMER: \uncover<2>{
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :width: 7in
|
|
|
|
|
[[./images/tp/replicant.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
#+BEAMER: }
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-05 14:39:19 -05:00
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-11 23:25:25 -05:00
|
|
|
|
Android is supposedly a free operating system.
|
|
|
|
|
Unfortunately,
|
|
|
|
|
every phone requires proprietary drivers to work,
|
|
|
|
|
and is loaded with proprietary software.
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Does anyone here use Replicant?
|
2017-04-02 14:30:45 -04:00
|
|
|
|
It is a fully free Android fork.
|
|
|
|
|
I feel like I can at least trust my phone a little bit.
|
2017-03-05 14:39:19 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Modem Isolation
|
2017-03-11 23:25:25 -05:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:30
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
- But modem still runs non-free software\cite{replicant:sec}
|
|
|
|
|
- Sometimes has access to CPU, disk, and memory\cite{replicant:samsung-bd}
|
2017-03-05 14:39:19 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
But on nearly every phone,
|
|
|
|
|
the modem still runs proprietary software.
|
2017-03-11 23:25:25 -05:00
|
|
|
|
And sometimes it has direct access to CPU, disk, and memory.
|
|
|
|
|
Replicant closed a backdoor in Samsung Galaxy phones that allowed for remote
|
|
|
|
|
access to the disk.
|
|
|
|
|
That backdoor might not have been intentional,
|
|
|
|
|
but it illustrates the possibility,
|
|
|
|
|
and could still be exploited by an attacker.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
So even with Replicant,
|
|
|
|
|
I consider the device compromised;
|
|
|
|
|
I put nothing important on it if I can avoid it.
|
2017-03-05 14:39:19 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Vehicles
|
|
|
|
|
**** REHEARSED Introduction :B_fullframe:
|
2017-03-22 02:42:10 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:DURATION: 00:00:05
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
\Huge What about your car?
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Okay, how about something else that's mobile: your car.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED OnStar :B_fullframe:
|
2017-03-22 02:42:10 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:30
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 0.5in
|
|
|
|
|
[[./images/tp/onstar-logo.png]]
|
|
|
|
|
|
|
|
|
|
\smallskip
|
|
|
|
|
[[./images/onstar-collects.png]]
|
|
|
|
|
|
|
|
|
|
\incite{onstar:privacy-policy}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
- Since 2011, retains all GPS and system data to sell to third
|
|
|
|
|
parties
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
I vowed never to get a modern vehicle.
|
|
|
|
|
Turns out,
|
|
|
|
|
I can't afford the maintenance on older ones,
|
|
|
|
|
and safety of my children is pretty important.
|
|
|
|
|
I got a decent lease deal on a Chevy.
|
|
|
|
|
|
|
|
|
|
What have Chevys come with for the past 20 years?
|
|
|
|
|
OnStar.
|
|
|
|
|
|
|
|
|
|
The first thing I did when I got home with the car was get out the manual,
|
|
|
|
|
find that it had its own dedicated fuse,
|
|
|
|
|
and pulled it.
|
|
|
|
|
|
|
|
|
|
How much could it possibly track?
|
|
|
|
|
Well, here's the relevant portion of the OnStar privacy policy.
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
And since 2011, they retain GPS and system data to sell to third parties,
|
|
|
|
|
presumably like insurers.
|
2017-03-22 02:42:10 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Ford :B_fullframe:
|
2017-03-22 02:42:10 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:DURATION: 00:00:25
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 0.5in
|
|
|
|
|
[[./images/tp/ford-logo.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
|
``We know everyone who breaks the law, we know when you're doing it. We have
|
|
|
|
|
GPS in your car, so we know what you're doing. By the way, we don't supply
|
|
|
|
|
that data to anyone.''\cite{binsider:ford-gps}
|
|
|
|
|
|
|
|
|
|
\hfill---Jim Farley, VP/Marketing and Sales, 2014
|
|
|
|
|
#+END_QUOTE
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
And then you have stupid executives saying crap like this:
|
|
|
|
|
|
|
|
|
|
<Read quote>
|
|
|
|
|
|
|
|
|
|
Oh, excellent!
|
|
|
|
|
I'm assured.
|
|
|
|
|
|
|
|
|
|
It's a problem that VPs don't think this is a problem and will just say it
|
|
|
|
|
off the cuff.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
** REVIEWED Stationary [5/5]
|
|
|
|
|
*** READY Introduction [0/1] :B_ignoreheading:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: ignoreheading
|
|
|
|
|
:END:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REVIEWED Introduction :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:25
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
2017-03-05 15:06:48 -05:00
|
|
|
|
|
2017-03-14 01:37:21 -04:00
|
|
|
|
#+BEGIN_QUOTE
|
2017-03-19 23:58:29 -04:00
|
|
|
|
\large
|
|
|
|
|
``If you've got nothing to hide, you've got nothing
|
|
|
|
|
to\nbsp{}fear.''\cite{rosen:naked,solove:nothing-to-hide,metro:goebbels}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
|
|
|
|
|
\hfill---Joeseph Gobbels, Nazi propaganda minister
|
|
|
|
|
|
|
|
|
|
#+BEAMER: \uncover<2>{
|
|
|
|
|
\hfill---Richard Graham, British MP
|
|
|
|
|
#+BEAMER: }
|
2017-03-14 01:37:21 -04:00
|
|
|
|
#+END_QUOTE
|
2017-03-05 15:06:48 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-22 02:42:10 -04:00
|
|
|
|
Well, speaking of stupid quotes!
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
So let's say you have evaded that type of tracking.
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Maybe you don't carry a phone,
|
|
|
|
|
or drive a car instead of a computer.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
This quote.
|
|
|
|
|
It's by a Nazi minister for Enlightenment and Propaganda.
|
|
|
|
|
It's also by the British member of paralement defending a British
|
|
|
|
|
surveillance program.
|
2017-03-05 15:06:48 -05:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
There's certain things that are nearly impossible to avoid.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+END_COMMENT
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** READY Surveillance Cameras (CCTV) [4/4]
|
|
|
|
|
**** REHEARSED Private Cameras in Plain View; Tinderloin, SF
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:20
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:END:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1.25in
|
2017-03-18 13:40:31 -04:00
|
|
|
|
[[./images/tp/sf-cameras.jpg]]
|
2017-03-12 04:06:15 -04:00
|
|
|
|
\incite{cbs:sf-smile}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
|
``The idea that you can sort of meet in a public place and quietly have a
|
|
|
|
|
conversation that we’re sort of accustomed to from spy movies, that is
|
2017-03-19 23:58:29 -04:00
|
|
|
|
really not realistic anymore,'' ---Nadia Kayyali, EFF\cite{cbs:sf-smile}
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+END_QUOTE
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 14:30:45 -04:00
|
|
|
|
This is a map of private surveillance cameras in plain view around a
|
|
|
|
|
San Francisco neighborhood.
|
2017-03-19 23:58:29 -04:00
|
|
|
|
And these are just the ones that the DA's office found in
|
2017-03-12 04:06:15 -04:00
|
|
|
|
/plain view/!
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
According to them,
|
|
|
|
|
people who live in this neighborhood could be on camera dozens of times in
|
|
|
|
|
a single day.
|
|
|
|
|
|
|
|
|
|
Alright, so a bunch of private entities have you on camera;
|
|
|
|
|
So what?
|
2017-03-05 15:06:48 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Access to Data
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-19 23:58:29 -04:00
|
|
|
|
:DURATION: 00:00:45
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-05 15:06:48 -05:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
- <1-> Data can be obtained with a warrant or subpoena
|
|
|
|
|
- <2-> Data can be compromised
|
|
|
|
|
- <3-> Chilling effect
|
|
|
|
|
- <4-> **If you own a surveillance system, be responsible and considerate**
|
|
|
|
|
- <4-> Best way to restrict data is to /avoid collecting it to begin with/
|
2017-03-05 15:06:48 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-12 04:06:15 -04:00
|
|
|
|
Well one of the most obvious threats,
|
|
|
|
|
should it pertain to you,
|
|
|
|
|
is a warrant or subpoena.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
Most of us aren't going to have to worry about a crime.
|
2017-03-22 01:14:08 -04:00
|
|
|
|
But data can be compromised.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
And it isn't possible for you to audit it;
|
|
|
|
|
you have no idea who has you on camera.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
This creates a chilling effect.
|
|
|
|
|
You're going to act differently in public knowing that someone might be
|
|
|
|
|
watching,
|
|
|
|
|
or could be watching later on if recorded.
|
|
|
|
|
|
|
|
|
|
If you have a surveillance system,
|
|
|
|
|
or any sort of public-facing cameras,
|
|
|
|
|
please be considerate.
|
|
|
|
|
If you only care who is on your property,
|
|
|
|
|
don't record the sidewalk in front of your house.
|
|
|
|
|
Or at least restrict motion detection to your property.
|
2017-03-05 15:06:48 -05:00
|
|
|
|
The best form of privacy is to avoid having the data be collected to begin
|
|
|
|
|
with.
|
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-06 23:22:57 -05:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Domain Awareness System (Intro) :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:40
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEGIN_LATEX
|
|
|
|
|
\only<1>{What if all those cameras---including private---were connected?}
|
2017-03-19 23:58:29 -04:00
|
|
|
|
\only<2>{\Huge NYPD\par Domain Awareness System\incite{nyc:pspg}}
|
2017-03-12 04:06:15 -04:00
|
|
|
|
\only<3>{
|
|
|
|
|
#+END_LATEX
|
|
|
|
|
#+BEGIN_QUOTE
|
2017-03-19 23:58:29 -04:00
|
|
|
|
\large
|
2017-03-12 04:06:15 -04:00
|
|
|
|
Although NYPD documents indicate that the system is specifically designed
|
|
|
|
|
for anti-terrorism operations, any incidental data it collects ``for a
|
|
|
|
|
legitimate law enforcement or public safety purpose'' by DAS can be
|
|
|
|
|
utilized by the police department.\cite{fast:das}
|
|
|
|
|
#+END_QUOTE
|
|
|
|
|
#+LATEX: }
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
...but what if law enforcement didn't have to go door-to-door?
|
|
|
|
|
|
|
|
|
|
Let's talk about the NYPD's Domain Awareness System.
|
2017-04-02 14:30:45 -04:00
|
|
|
|
That quote from the British MP and Nazi guy---
|
|
|
|
|
it was in reference to the system that served as the basis for this one.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
It was designed in part for supposed terrorism threats after 9/11.
|
2017-03-19 23:58:29 -04:00
|
|
|
|
But any data this system collects for ``legtimate'' law enforcement or
|
|
|
|
|
public safety purposes can be used against you.
|
2017-04-02 14:30:45 -04:00
|
|
|
|
|
|
|
|
|
You may not know this, though, because they may not want to bring this
|
|
|
|
|
evidence to court.
|
|
|
|
|
There's a disgraceful practice of ``parallel construction'',
|
|
|
|
|
where law enforcement will instead---after having found whether a person
|
|
|
|
|
is, say, guilty of a crime---go find other unrelated evidence to prove it.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Domain Awareness System
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:50
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-06 23:22:57 -05:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
- <1-> Partnership between the NYPD and Microsoft at a cost of $230M
|
|
|
|
|
in\nbsp{}2013\cite{reuters:nypd-das,nyc:pspg}
|
|
|
|
|
- <1-> Surveillance cameras, license plate readers, radiation detectors,
|
|
|
|
|
911\nbsp{}system, criminal records, \ldots
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <1-> \gt 6,000 surveillance cameras, $2\over 3$ private
|
2017-03-12 04:06:15 -04:00
|
|
|
|
businesses\cite{reuters:nypd-das,pbs:nova:boston}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <2-> Database of over 16\nbsp{}million plates,
|
2017-03-12 04:06:15 -04:00
|
|
|
|
every car going into Lower Manhatten\cite{reuters:nypd-das,pbs:nova:boston}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <3-> Can search in seconds for terms like
|
2017-03-12 04:06:15 -04:00
|
|
|
|
``red baseball cap''\cite{reuters:nypd-das,pbs:nova:boston}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <3-> Detects ``suspicious behaviors'' like unattended bags and
|
2017-03-12 04:06:15 -04:00
|
|
|
|
circling cars\cite{reuters:nypd-das,pbs:nova:boston}
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
The Domain Awareness System is a partnership between Microsoft and the NYPD.
|
|
|
|
|
It's mammoth.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
It contains over six thousand security cameras,
|
|
|
|
|
over two-thirds of which are private closed-circuit cameras.
|
|
|
|
|
It includes license plate readers that record everyone going into Lower
|
|
|
|
|
Manhattan, along with a database of over sixteen million license plates.
|
|
|
|
|
It can search in seconds for very specific terms,
|
|
|
|
|
like ``red baseball cap'',
|
|
|
|
|
and it can monitor for suspicious behaviors,
|
|
|
|
|
like unattended bags,
|
|
|
|
|
or cars circling an area.
|
|
|
|
|
If it finds an unattended bag,
|
|
|
|
|
you can rewind to find who left it.
|
|
|
|
|
|
|
|
|
|
This is the direction we're heading in---
|
|
|
|
|
these things will only spread.
|
|
|
|
|
In fact,
|
2017-03-22 01:14:08 -04:00
|
|
|
|
the NYPD will get a 30% cut when Microsoft sells it to others.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-03-19 23:58:29 -04:00
|
|
|
|
*** READY Driver Surveillance [3/3]
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Automated License Plate Readers (ALPRs)
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-14 01:37:21 -04:00
|
|
|
|
:DURATION: 00:00:30
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
2017-03-19 23:58:29 -04:00
|
|
|
|
***** Images
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.50
|
|
|
|
|
:END:
|
|
|
|
|
|
2017-03-14 01:37:21 -04:00
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEAMER: \only<1>{
|
2017-03-19 23:58:29 -04:00
|
|
|
|
[[./images/tp/alpr-mounted.png]]\par\incite{eff:alpr}
|
2017-03-14 01:37:21 -04:00
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<2>{
|
2017-03-19 23:58:29 -04:00
|
|
|
|
[[./images/tp/alpr-capture.png]]\par\incite{eff:alpr}
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<3>{
|
|
|
|
|
#+ATTR_LATEX: :height 2in
|
|
|
|
|
[[./images/tp/aclu-tracked.jpg]]\par\incite{aclu:tracked}
|
2017-03-14 01:37:21 -04:00
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-03-19 23:58:29 -04:00
|
|
|
|
***** Summary
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.50
|
|
|
|
|
:END:
|
2017-03-14 01:37:21 -04:00
|
|
|
|
- Scan passing cars' license plates\cite{aclu:tracked,eff:alpr}
|
2017-03-19 23:58:29 -04:00
|
|
|
|
- Produce alphanumeric representation with timestamp and photograph
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-19 23:58:29 -04:00
|
|
|
|
I want to talk about a couple issues related to driver surveillance.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
These things are a widespread, nasty threat to privacy,
|
|
|
|
|
and they don't need a sophisticated Domain Awareness System to deploy.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
|
|
|
|
The first are ALPRs.
|
|
|
|
|
ALPRs are mounted on police cars and objects like light poles.
|
|
|
|
|
They scan passing cars' license plates,
|
|
|
|
|
convert them to alphanumeric data,
|
|
|
|
|
record the time and date,
|
|
|
|
|
and possibly an image of the vehcile.
|
|
|
|
|
Here's a screenshot of the interface of one;
|
|
|
|
|
we'll get into how exactly we got that in a bit.
|
|
|
|
|
The ACLU has an excellent report on it,
|
|
|
|
|
and the EFF has a campaign against it;
|
|
|
|
|
see those two resources for more info.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-03-19 23:58:29 -04:00
|
|
|
|
**** READY Automatic Toll Readers
|
2017-03-14 01:37:21 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:30
|
|
|
|
|
:END:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
|
2017-03-14 01:37:21 -04:00
|
|
|
|
- <1-> Electronic toll booth using RFIDs or ALPRs\cite{eff:golden-gate-toll}
|
|
|
|
|
- <1-> In the North-East we have E-ZPass (RFID)\cite{w:ezpass}
|
|
|
|
|
- <1-> Golden Gate Bridge requires FasTrack or plate-based
|
|
|
|
|
- <2-> /But/ they provide an option for an anonymous FasTrack account
|
2017-03-19 23:58:29 -04:00
|
|
|
|
using cash\cite{goldengate:anon}
|
2017-03-14 01:37:21 -04:00
|
|
|
|
- <2-> (Granted, you're still captured by an ALPR)
|
|
|
|
|
- <3-> Routinely used by law enforcement\cite{baynews:fastack-data}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <3-> ...and divorce cases, in case of FasTrack
|
|
|
|
|
- <4-> They're not very secure---easily cloned
|
2017-03-14 01:37:21 -04:00
|
|
|
|
either\cite{blackhat:toll-systems,register:rfid-clone}
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Electronic toll booths are replacing traditional cash-based tolls.
|
|
|
|
|
Some places require it,
|
|
|
|
|
like the Golden Gate Bridge.
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Windshild-mounted RFIDs or ALPRS.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
In the North-East, we have E-ZPass.
|
|
|
|
|
For the Golden Gate Bridge, FasTrack.
|
|
|
|
|
|
|
|
|
|
We've already seen that law enforcement uses these data,
|
|
|
|
|
but in the case of FasTrack,
|
|
|
|
|
data are even used in civil suits like divorces.
|
|
|
|
|
|
|
|
|
|
And they have their security issues;
|
|
|
|
|
many can be easily cloned, for example.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Akin To GPS Tracking
|
2017-03-14 01:37:21 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:30
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
- /United States v. Jones/: GPS tracking constitutes search under
|
|
|
|
|
Fourth\nbsp{}Amendment\cite{w:us-v-jones}
|
|
|
|
|
|
|
|
|
|
- How is pervasive surveillance different if it achieves essentially the
|
|
|
|
|
same result?
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
In the US Supreme Court case United States v. Jones, the judges unanimously
|
|
|
|
|
ruled that GPS tracking of a vehicle constitutes a search under the
|
|
|
|
|
Fourth Amendment.
|
|
|
|
|
|
|
|
|
|
Many wonder how tracking as I just described is any different.
|
|
|
|
|
If you have ALPRs and other surveillance systems throughout the same area
|
|
|
|
|
within which a warrant for GPS tracking can be executed,
|
|
|
|
|
you would get similar results.
|
|
|
|
|
With much less risk, too---no secret device that may be discovered.
|
|
|
|
|
|
|
|
|
|
That's for a court to eventually decide.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-03-22 01:14:08 -04:00
|
|
|
|
*** AUGMENT Internet of Things [13/13]
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Internet-Connected Cameras :B_fullframe:
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-19 23:58:29 -04:00
|
|
|
|
:DURATION: 00:00:35
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
2017-03-19 23:58:29 -04:00
|
|
|
|
\Huge
|
|
|
|
|
#+BEAMER: \only<1>{Cameras used to need physical access}
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+BEAMER: \only<2>{Today\ldots not always so much}
|
|
|
|
|
#+END_CENTER
|
2017-03-06 23:22:57 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-19 23:58:29 -04:00
|
|
|
|
In the past, these cameras were on their own segregated networks.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
You'd _have_ to subpoena the owner or get a warrant,
|
2017-04-02 21:59:29 -04:00
|
|
|
|
or otherwise physically take the tape.
|
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
Today...that might be the intent, but these cameras are often
|
2017-04-02 21:59:29 -04:00
|
|
|
|
connected to the Internet for one reason or another.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
It might be intentional---to view the camera remotely or on a device---or it
|
|
|
|
|
may just be how the camera is set up by default.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
Well...
|
2017-03-19 23:58:29 -04:00
|
|
|
|
It's not just businesses that use Internet-connected cameras.
|
|
|
|
|
They're also popular among individuals for personal/home use so that they
|
|
|
|
|
can view them on their smart phones and elsewhere.
|
|
|
|
|
Like home security systems.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Baby monitors.
|
2017-03-06 23:22:57 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED The ``S'' In IoT Stands For ``Security''
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:35
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-06 23:22:57 -05:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
- <1-> Shodan---IoT search engine\cite{shodan}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <1-> You'll also find other things. Secure your databases.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
\cite{krebs:mongodb}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <1-> Can search for specific devices
|
|
|
|
|
- <1-> If you are vulnerable, someone will find you
|
|
|
|
|
- <1-> Mirai---620Gbps DDoS Krebs; 1Tbps OVH
|
2017-03-06 23:22:57 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Who here has heard of Shodan?
|
|
|
|
|
|
|
|
|
|
Shodan is a search engine for the Internet of Things.
|
2017-04-02 14:30:45 -04:00
|
|
|
|
It scours for Internet-connected devices and indexes them.
|
|
|
|
|
Maybe it wouldn't be a problem if these devices even gave a moment of
|
2017-04-02 21:59:29 -04:00
|
|
|
|
thought to security.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
It also indexes other interesting things.
|
|
|
|
|
For example,
|
|
|
|
|
it was used to find unsecured MongoDB instances so that the attackers
|
|
|
|
|
could hold data for ransom.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Mirai is malware that took advantage of default usernames and passwords
|
|
|
|
|
for over 60 devices to create a massive botnet that carried out the
|
|
|
|
|
largest DDoS attacks in history.
|
2017-03-06 23:22:57 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Who's Watching?
|
2017-03-06 23:22:57 -05:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:15
|
2017-03-19 23:58:29 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
***** Screenshot
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.30
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 2.25in
|
|
|
|
|
[[./images/insecam-ss.png]]\par\incite{insecam}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
***** Summary
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.70
|
2017-03-06 23:22:57 -05:00
|
|
|
|
:END:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
- Insecam is a directory of Internet-connected surveillance
|
|
|
|
|
cameras\cite{insecam}
|
|
|
|
|
- Live video feeds (browser connects directly to cameras)
|
2017-03-06 23:22:57 -05:00
|
|
|
|
|
2017-03-19 23:58:29 -04:00
|
|
|
|
|
2017-03-06 23:22:57 -05:00
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 14:30:45 -04:00
|
|
|
|
What about Insecam?
|
2017-03-12 04:06:15 -04:00
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
It's a site that aggregates live video feeds of unsecured IP cameras.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
Your browser connects directly to the cameras---
|
|
|
|
|
literally, they are wide open;
|
|
|
|
|
nothing fancy is going on here.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
I can tell you personally that you feel like a scumbag looking at the site.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Insecam Example 1 :B_fullframe:
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:30
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/insecam-01.png]]
|
|
|
|
|
#+LATEX: \hspace{0.1in}
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/insecam-06.png]]
|
|
|
|
|
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/insecam-03.png]]
|
|
|
|
|
#+LATEX: \hspace{0.1in}
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/insecam-05.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Here are some examples.
|
|
|
|
|
I blurred any identifying features for privacy.
|
|
|
|
|
|
|
|
|
|
We have surveillance rooms where people watch their surveillance system!
|
|
|
|
|
Inception-kinda thing going on here.
|
|
|
|
|
Also doesn't help that they are watching the TV on the wall too.
|
|
|
|
|
|
|
|
|
|
There's many public swimming pools.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
|
|
|
|
Elevators are awkward enough to begin with.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
How about someone watching you in such a vulnerable space?
|
|
|
|
|
|
2017-03-14 01:37:21 -04:00
|
|
|
|
We have a photolithography lab in my home city.
|
|
|
|
|
I have no idea which one, or where exactly.
|
|
|
|
|
|
|
|
|
|
These are creepy.
|
|
|
|
|
Somewhat cool, even.
|
|
|
|
|
Let's get a little more personal.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Example 2 :B_fullframe:
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:35
|
2017-03-12 04:06:15 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/insecam-02.png]]
|
|
|
|
|
#+LATEX: \hspace{0.1in}
|
2017-03-14 01:37:21 -04:00
|
|
|
|
#+LATEX: \only<2>{
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/insecam-04.png]]
|
|
|
|
|
#+LATEX: }
|
2017-03-12 04:06:15 -04:00
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-14 01:37:21 -04:00
|
|
|
|
How about inside hospital rooms?
|
|
|
|
|
This patient has an ice pack strapped to the side of her face.
|
|
|
|
|
I'm pretty sure this feed was outside of the United States;
|
|
|
|
|
I can't imagine that this type of thing would make it past HIPAA audits.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
|
|
|
|
|
How about inside someone's home?
|
|
|
|
|
This looks to be a bedroom.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
There is a family photo on the wall.
|
|
|
|
|
Oh yeah.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
I saw someone at the dentist getting a teeth cleaning.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
I didn't copy that photo at the time,
|
|
|
|
|
and I can't find it now, fortunately.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
This is an excellent example to demonstrate to others why this is such a big
|
|
|
|
|
deal.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
This should make anyone feel uncomfortable.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
These people are unaware.
|
|
|
|
|
And these manufactuers set them up for this.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Smart TVs (Samsung Privacy Policy) :B_fullframe:
|
2017-03-22 01:14:08 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:DURATION: 00:00:30
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
|
``Please be aware that if your spoken words include personal or other
|
|
|
|
|
sensitive information, that information will be among the data captured and
|
|
|
|
|
transmitted to a third party through your use of Voice Recognition.''
|
|
|
|
|
|
|
|
|
|
\hfill---Samsung SmartTV Privacy Policy, 2015
|
|
|
|
|
|
|
|
|
|
\cite{eff:samsung-tv-policy}
|
|
|
|
|
#+END_QUOTE
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
So while we're on the topic of being in someone's home...
|
|
|
|
|
|
|
|
|
|
Samsung's SmartTV privacy policy caused a big fuss a couple years ago by
|
|
|
|
|
blatantly stating that your personal conversations will be sent to
|
|
|
|
|
third-party servers for voice recognition.
|
|
|
|
|
|
|
|
|
|
It was compared to George Orwell's telescreens.
|
|
|
|
|
|
|
|
|
|
<Read above>
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Smart TVs (Weeping Angel) :B_fullframe:
|
2017-03-22 01:14:08 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:DURATION: 00:00:30
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
***** Wikileaks
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.15
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/tp/wikileaks.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
***** Title
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.60
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEAMER: {\Huge Weeping Angel}
|
|
|
|
|
\par\incite{vault7:weeping,vault7:y0}
|
|
|
|
|
|
|
|
|
|
- Suppress LEDs for ``fake off''
|
|
|
|
|
- Record audio
|
|
|
|
|
- Remote shell and file transfer
|
|
|
|
|
- Extract WiFi credentials
|
|
|
|
|
- ``TODO'': Record video
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
But it might not be Samsung that's listening.
|
|
|
|
|
|
|
|
|
|
Recently,
|
|
|
|
|
Wikileaks released what it refers to as ``Vault 7'',
|
|
|
|
|
an unprecedented doxxing of the CIA.
|
|
|
|
|
|
|
|
|
|
Weeping Angel was one of the projects.
|
|
|
|
|
It targets Samsung Smart TVs and can suppress LEDs to enter what they call a
|
|
|
|
|
``fake off'' mode,
|
|
|
|
|
covertly listening to the environment.
|
|
|
|
|
As of their 2014 notes,
|
|
|
|
|
video surveillance was explicitly on their TODO list.
|
|
|
|
|
I find it unlikely that they didn't succeed given that they appear to have
|
|
|
|
|
root access to the device.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
***** CIA
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.15
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 0.85in
|
|
|
|
|
[[./images/tp/cia-logo.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
If Samsung isn't listening,
|
|
|
|
|
then others might be.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Smart TV Ransomware (LG)
|
2017-03-22 01:14:08 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:15
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 2in
|
|
|
|
|
[[./images/tp/lgtv-pwnd.png]]
|
|
|
|
|
|
|
|
|
|
\incite{bleep:lgtv-ransom}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Remember:
|
|
|
|
|
if the CIA exploited a vulnerability,
|
|
|
|
|
it's very possible that other adversaires have as well;
|
|
|
|
|
it isn't just the CIA you have to worry about.
|
|
|
|
|
|
|
|
|
|
This is an LG Smart TV owned by Android ransomware.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Vulnerabilties Equities Process (VEP)
|
|
|
|
|
|
|
|
|
|
- Whether or not government should disclose vulnerability
|
|
|
|
|
- Hoarding is dangerous (Shadow Brokers / Equation Group; Vault 7 / CIA)
|
|
|
|
|
- Apple v. FBI
|
|
|
|
|
- <2> *Makes us less safe!*
|
|
|
|
|
- <2> ``Cyberweapon'' is an exploit---it cannot be contained
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
**** REHEARSED Amazon Echo---Always Listening
|
2017-03-22 01:14:08 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:45
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
***** Echo echo echo echo...
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.3
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 2in
|
|
|
|
|
[[./images/tp/amazon-echo.jpg]]
|
|
|
|
|
|
|
|
|
|
\incite{w:file:echo}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
***** Summary
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.7
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
- Voice recognition on Amazon's servers; have recordings
|
|
|
|
|
\cite{engadget:murder-echo,guardian:murder-echo}
|
|
|
|
|
- Warrant issued in murder case for recordings
|
|
|
|
|
\cite{engadget:murder-echo,guardian:murder-echo}
|
|
|
|
|
- Always listening; ``wake word'' doesn't matter (they control the software;
|
|
|
|
|
device can be compromised)\cite{gizmodo:echo-wiretap}
|
|
|
|
|
- <2-> Should do voice recognition on the device
|
|
|
|
|
- <2-> Run free software
|
|
|
|
|
- <2-> Connect to /your own server/ for actions
|
|
|
|
|
- <2-> Hardware switch for microphone
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Amazon Echo is one of those ``always-listening'' devices that can do your
|
|
|
|
|
bidding.
|
|
|
|
|
But since it performs voice recognition on Amazon's servers,
|
|
|
|
|
they have access to recordings of your data.
|
|
|
|
|
A court has issued a warrant for those recordings in a murder case in
|
|
|
|
|
December of this past year.
|
|
|
|
|
|
|
|
|
|
Look: a device like this---one that is always listening---
|
|
|
|
|
is a security nightmare.
|
|
|
|
|
It doesn't matter if it has some sort of ``wake word'';
|
|
|
|
|
functionality can be hidden from you or changed with an update.
|
|
|
|
|
You do not have control over that device or the software that it is running.
|
|
|
|
|
If an attacker owns the device,
|
|
|
|
|
they're sitting there in your living room.
|
|
|
|
|
A device like this needs to do voice recognition locally,
|
|
|
|
|
run free software,
|
|
|
|
|
connect to a server of /your choosing/ for actions.
|
|
|
|
|
and have a hardware switch for the microphone.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Consder the Benign
|
2017-03-22 01:14:08 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:20
|
|
|
|
|
:END:
|
|
|
|
|
- Water meter used in murder case as evidence\cite{guardian:murder-echo}
|
|
|
|
|
- 140 gallons between 1AM and 3AM in Winter?
|
|
|
|
|
- Thermostat?
|
|
|
|
|
- Usage patterns could hint at when you're home
|
|
|
|
|
- Window/door sensors?
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Consider what devices in your home might have access to.
|
|
|
|
|
|
|
|
|
|
That murder case I just mentioned with the Echo---
|
|
|
|
|
they also gathered data from the water meter which showed that the
|
|
|
|
|
suspect used 140 gallons between 1AM and 3AM.
|
|
|
|
|
During Winter, nonetheless.
|
|
|
|
|
|
|
|
|
|
Your thermostat could reveal usage patterns to determine remotely when you
|
|
|
|
|
might be home.
|
|
|
|
|
There are door and window sensors.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Creepy-Ass Children's Toys?
|
2017-03-22 01:14:08 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:15
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEAMER: \uncover<2>{
|
|
|
|
|
#+ATTR_LATEX: :height 0.15in
|
|
|
|
|
[[./images/tp/the-onion-logo.png]] ???
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+ATTR_LATEX: :height 2.35in
|
|
|
|
|
[[./images/guardian-doll-spy.png]]\incite{guardian:doll-spy}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
What about creepy-ass children's toys?
|
|
|
|
|
I took a screenshot of this Guardian article because...
|
|
|
|
|
A couple years ago you'd only find a headline like this in something like
|
|
|
|
|
The Onion.
|
|
|
|
|
|
|
|
|
|
``German watchdog classifies My Friend Cayla doll as `illegal espionage
|
|
|
|
|
apparatus'.''
|
|
|
|
|
|
|
|
|
|
/What the hell./
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED ALPRs Wide Open
|
2017-03-14 01:37:21 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-19 23:58:29 -04:00
|
|
|
|
:DURATION: 00:00:20
|
2017-03-14 01:37:21 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1.5in
|
2017-03-18 13:40:31 -04:00
|
|
|
|
[[./images/tp/alpr-pips.png]]\incite{eff:alpr}
|
2017-03-14 01:37:21 -04:00
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- John Matherly (Shodan author) noticed many web-accessible PIPS
|
2017-03-14 01:37:21 -04:00
|
|
|
|
control panels
|
|
|
|
|
- Other researcher found some accessible via telnet\cite{darius:alpr-telnet}
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-22 01:14:08 -04:00
|
|
|
|
Alright, well, stupid things happen outside the home too.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
Those ALPRs we just talked about.
|
|
|
|
|
|
|
|
|
|
Turns out that they have web interfaces.
|
|
|
|
|
John Matherly, the author of Shodon, found a number of control panels for
|
|
|
|
|
PIPS ALPRs.
|
|
|
|
|
Another researcher found telnet access on some.
|
|
|
|
|
In both cases,
|
|
|
|
|
license plate data could be extracted,
|
|
|
|
|
and the system could be reconfigured.
|
2017-03-06 23:22:57 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-06 23:22:57 -05:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Biometrics
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:50
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-06 23:22:57 -05:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
- <1-> Humans no longer need to scour video
|
|
|
|
|
feeds\cite{eff:facial-tech,churchix,facefirst,pbs:nova:boston}
|
|
|
|
|
- <1-> Facial recognition widely used, even for
|
|
|
|
|
mobile\nbsp apps\cite{register:fb-scan,eff:ios-photo-diff,eff:fbi-bio}
|
|
|
|
|
- <2-> NYPD has a gallery of over 4M individuals\cite{pbs:nova:boston}
|
|
|
|
|
- <2-> Quality can be low and pixelated; various machine learning
|
|
|
|
|
algorithms\cite{pbs:nova:boston,wired:pixel-face,arxiv:google-pixel-res}
|
|
|
|
|
- <3-> No face? Check your gait.\cite{ieee:gait,ijca:gait}
|
|
|
|
|
- <4-> No gait? Well\ldots whatever, just ask Facebook.\cite{newsci:fb-noface}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- <5-> Even fingerprints and iris from high-resolutions photos
|
|
|
|
|
(defeat Apple's TouchID)\cite{bio:iris}
|
2017-03-06 23:22:57 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Now let's couple that with facial recognition.
|
|
|
|
|
|
|
|
|
|
Consider the breadth of devices we just covered.
|
|
|
|
|
People don't need to manually look for you anymore;
|
|
|
|
|
it's automated.
|
|
|
|
|
Hell, any of us can download a free (as in freedom) library to do facial
|
|
|
|
|
recognition and train it to recognize people.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
It doesn't even have to be clear---
|
|
|
|
|
there's machine learning algorithms to reconstruct pixelated faces with
|
|
|
|
|
somewhat decent accuracy to be useful.
|
|
|
|
|
The NYPD has over 4 million people's images in a database that they compare
|
|
|
|
|
against during facial recognition.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
Don't have a face?
|
2017-04-02 21:59:29 -04:00
|
|
|
|
You can also be identified by your gait.
|
2017-03-12 04:06:15 -04:00
|
|
|
|
No gait?
|
|
|
|
|
Facebook famously got even creepier by saying it could recognize people by
|
2017-03-19 23:58:29 -04:00
|
|
|
|
their dress, posture, and hair, without even seeing their face.
|
2017-03-14 01:37:21 -04:00
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
Your fingerprints and iris data can even be extracted from high-resolution
|
|
|
|
|
photos;
|
|
|
|
|
a cracker used such a method to defeat Apple's TouchID by making a mould.
|
2017-03-06 23:22:57 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-03-19 23:58:29 -04:00
|
|
|
|
*** READY Social Media [1/1]
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Collateral Damage
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:40
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
2017-03-12 04:06:15 -04:00
|
|
|
|
- <1-> Please don't put pictures of me on Facebook\cite{rms:facebook}
|
|
|
|
|
- <1-> Don't put pictures of my children _anywhere_\cite{techcrunch:fb-baby}
|
|
|
|
|
- <2-> That person in the distance is collateral
|
|
|
|
|
damage\cite{register:fb-scan,guardian:fb-scan,pbs:nova:boston}
|
2017-03-06 23:22:57 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 14:30:45 -04:00
|
|
|
|
You also have unsecured people running wild with their photos and their
|
2017-04-02 21:59:29 -04:00
|
|
|
|
selfies.
|
|
|
|
|
|
|
|
|
|
I'm sure you've heard a frequent request/demand from rms:
|
|
|
|
|
"Don't put pictures of me on Facebook."
|
|
|
|
|
It's excellent surveillance.
|
|
|
|
|
What irks me is when people try to take pictures of my kids,
|
|
|
|
|
or do and ask if they can put them online.
|
|
|
|
|
And people are sometimes surprised by that refusal.
|
|
|
|
|
|
|
|
|
|
Most people are being innocent---
|
|
|
|
|
they're just trying to capture the moment.
|
|
|
|
|
What they're actually doing is inflicting collateral damage.
|
|
|
|
|
If I'm off in the background when you take a picture of your friends in the
|
|
|
|
|
foreground,
|
|
|
|
|
I'm still in the photo.
|
2017-03-06 23:22:57 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
** AUGMENT The Web [7/7]
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** READY Introduction [1/1] :B_ignoreheading:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: ignoreheading
|
|
|
|
|
:END:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Introduction :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:DURATION: 00:00:10
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
\Huge Fleshy You $\Longleftrightarrow$ Virtual You
|
|
|
|
|
#+END_CENTER
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
But you're not just tracked in the flesh.
|
|
|
|
|
Much of what we do today is virtual.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
So, naturally, there are those that want to bridge them.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Bridging the Gap [3/3]
|
|
|
|
|
**** REHEARSED FTC: They're Watching You :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:BEAMER_env: fullframe
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:15
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEGIN_CENTER
|
2017-03-20 01:59:46 -04:00
|
|
|
|
[[./images/tp/ftc-silver.png]]\par\incite{ftc:silver}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+END_CENTER
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-18 13:40:31 -04:00
|
|
|
|
This is a sample letter template from the FTC.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
A challenge for advertisers is correlating users across multiple devices,
|
2017-03-18 13:40:31 -04:00
|
|
|
|
and in the real world.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Sometimes commercials have you enter promo codes,
|
|
|
|
|
or give you a unique URL.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Ultrasound Tracking
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:15
|
|
|
|
|
:END:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEAMER: \only<1>{
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
\cdots $\Longleftrightarrow$ TV $\Longleftrightarrow$
|
|
|
|
|
Retail Store $\Longleftrightarrow$
|
|
|
|
|
Mobile $\Longleftrightarrow$ Web $\Longleftrightarrow$ \cdots
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
- Correlates users across devices; airgap
|
|
|
|
|
bridge\cite{ubeacsec:paper,wired:ultrasonic}
|
|
|
|
|
- Inaudible to humans
|
|
|
|
|
- Could deanonymize (e.g. Tor users)\cite{33c3:talk-behind,bleep:ultrasound-tor}
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
|
|
|
|
|
#+BEAMER: \only<2>{
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
[[./images/tp/silverpush-logo.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
|
``Silverpush could generate a detailed log of the television
|
|
|
|
|
content viewed while a user’s mobile phone was
|
|
|
|
|
turned\nbsp{}on.''\cite{ftc:silver}
|
|
|
|
|
#+END_QUOTE
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Others play inaudible sounds that are picked up by your mobile device or
|
|
|
|
|
computer.
|
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
This has other serious implications.
|
|
|
|
|
There are concerns, for example, about this method being able to be used to
|
|
|
|
|
deanonymize Tor users.
|
|
|
|
|
|
|
|
|
|
In that letter, FTC mentions Silverpush by name.
|
|
|
|
|
There are other companies too;
|
|
|
|
|
see the references.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Ultrasound Cross-Device Tracking (uXDT)
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:20
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
- <1-> Termed ``Ultrasound Cross-Device Tracking''
|
|
|
|
|
(uXDT)\cite{bleep:ultrasound-tor,ftc:xdt}
|
|
|
|
|
- <1-> Mitigations?
|
|
|
|
|
- <2-> SilverDog is a Chromium addon to filter HTML5 audio\cite{ubeacsec:paper}
|
2017-03-20 01:59:46 -04:00
|
|
|
|
- <3-> Don't install software that keep secrets (proprietary)
|
|
|
|
|
- <3-> Don't run untrusted code on websites (use e.g. NoScript)\cite{mtg:rof}
|
|
|
|
|
- <4-> Turn off your device when not in use
|
|
|
|
|
- <4-> Keep device away from other media
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
This is termed ``Ultrasound Cross-Device Tracking'',
|
|
|
|
|
or simply ``Cross-Device Tracking''.
|
|
|
|
|
How do you go about mitigating this type of threat?
|
|
|
|
|
|
|
|
|
|
Well, researchers studying this issue wrote SilverDog,
|
|
|
|
|
a Chromium addon to filter HTML5 audio to remove ultrasonic frequencies.
|
|
|
|
|
That doesn't help with TorBrowser, though, which is FF-based.
|
|
|
|
|
|
|
|
|
|
This type of thing only works when you're keeping some serious secrets.
|
|
|
|
|
That's easy to do with proprietary software.
|
|
|
|
|
Much riskier to do (but not impossible) with free software.
|
|
|
|
|
For websites, don't run untrusted JavaScript code;
|
|
|
|
|
block it with an addon like NoScript.
|
|
|
|
|
|
|
|
|
|
You can also turn off the device when not in use,
|
|
|
|
|
and maybe keep it away from other media.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Analytics [4/4]
|
|
|
|
|
**** REHEARSED Introduction :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:DURATION: 00:00:15
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
2017-03-20 01:59:46 -04:00
|
|
|
|
#+BEGIN_LATEX
|
|
|
|
|
\only<1-3>{
|
|
|
|
|
{\Huge Data Analytics}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
\uncover<2-3>{\LARGE (Building User Profiles)}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
\uncover<3>{\large (Tracking)}
|
|
|
|
|
}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
\only<4->{
|
|
|
|
|
{\Huge Spyware}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
\uncover<5>{\LARGE (With Science)}
|
|
|
|
|
}
|
|
|
|
|
#+END_LATEX
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-18 13:40:31 -04:00
|
|
|
|
This all leads into a larger subject called ``data analytics''.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
Which is really just building, analyzing, and aggregating user profiles.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
Which is generally called tracking.
|
|
|
|
|
|
|
|
|
|
...which we usually just call spyware.
|
|
|
|
|
But this has science!
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Trackers
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:DURATION: 00:00:15
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- Website owners want to know what their visitors are doing
|
|
|
|
|
- That in itself isn't an unreasonable concept
|
|
|
|
|
- Methods and data define the issue
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Website owners want to know what their visitors are doing.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
That in itself isn't an unreasonable thing, broadly speaking,
|
2017-04-02 21:59:29 -04:00
|
|
|
|
but how you go about it and what types of data you collect
|
|
|
|
|
defines the issue.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Google Analytics
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:15
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
***** GA Dashboard
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.45
|
|
|
|
|
:END:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEAMER: \only<1>{
|
|
|
|
|
#+ATTR_LATEX: :height 1.5in
|
|
|
|
|
[[./images/tp/ga-dashboard.png]]
|
|
|
|
|
|
|
|
|
|
\incite{google:ga:features}
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<2>{
|
|
|
|
|
[[./images/analytics-usage.png]]
|
|
|
|
|
\incite{w3techs:analytics}
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
***** Description
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.45
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
- <1-> User location, screen resolution, time on page, heatmap,
|
|
|
|
|
etc\cite{w:behavioral-targeting}
|
|
|
|
|
- <1-> Unique identifier assigned
|
|
|
|
|
- <1-> Fine-grained reporting for site owner
|
|
|
|
|
- <2-> Knows many sites user visited across Web\cite{w3techs:google}
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Take Google Analytics for example.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
It is one of the most widely distributed spyware programs in the world.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
It collects a variety of user data.
|
|
|
|
|
A lot of it really is what website owners want to know:
|
|
|
|
|
geography, screen resolution, time on the page, heatmaps, etc.
|
|
|
|
|
Except...
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
All of this is known to Google.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
And because services like GA, AdWords, etc are so widely used,
|
|
|
|
|
all of this can be used to identify users across the entire web.
|
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Piwik
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:15
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
***** Dashboard
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.65
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
[[./images/tp/piwik-dashboard.png]]
|
|
|
|
|
|
|
|
|
|
\incite{piwik}
|
|
|
|
|
#+END_CENTER
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
|
|
|
|
***** Description
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:BEAMER_col: 0.35
|
|
|
|
|
:END:
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- Data on **your own servers**\cite{mtg:gitlab-piwik}
|
|
|
|
|
- Visitor privacy settings\cite{piwik:privacy}
|
|
|
|
|
- Privacy as a site owner
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
If you must track your users, consider using Piwik, which you can host
|
|
|
|
|
yourself.
|
|
|
|
|
This means that your visitor data aren't stored and accessible by Google or
|
|
|
|
|
other companies.
|
|
|
|
|
Pwik has some user privacy settings to anonymize, remove logs, respect DNT,
|
|
|
|
|
provide opt-out, etc.
|
|
|
|
|
It also gives website owners some privacy by not leaking paths and other
|
|
|
|
|
information about the website:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
|
|
|
|
|
I shout out to GitLab---I suggested that they replace GA with Piwik on their
|
|
|
|
|
instance,
|
|
|
|
|
and they did with no resistence.
|
2017-03-20 01:59:46 -04:00
|
|
|
|
#+END_COMMENT
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Social Networking
|
|
|
|
|
**** REHEARSED Like Buttons
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:20
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1.5in
|
|
|
|
|
[[./images/tp/fb-like.png]]\incite{w:fb-like-img}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- Infecting the Web with trackers under guise of
|
|
|
|
|
community\cite{pnas:predict,w:behavioral-targeting,uld:fb}
|
|
|
|
|
- Tracks regardless of whether you are logged in to Facebook
|
|
|
|
|
\cite{bloomberg:belgum-fb,roosendaal:fb-like,networks-of-control}
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Another popular example are "like buttons" and similar little widgets that
|
|
|
|
|
websites like Facebook offer.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
It might help get the word out about your stuff,
|
|
|
|
|
but please don't fall into the trap of betraying your visitors.
|
|
|
|
|
Please don't fall into the trap of clicking it, either---
|
|
|
|
|
it's easy to infer a great deal of information about you from what you
|
|
|
|
|
"like".
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
If a user is logged into Facebook,
|
|
|
|
|
then Facebook now knows that they visited that website,
|
|
|
|
|
_even if they don't click on the button_.
|
|
|
|
|
|
|
|
|
|
But even if you don't have a Facebook account,
|
|
|
|
|
you are still being tracked.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Fingerprinting [3/3]
|
|
|
|
|
**** REHEARSED Summary :B_fullframe:
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-20 01:59:46 -04:00
|
|
|
|
:DURATION: 00:00:10
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:END:
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+BEGIN_CENTER
|
2017-03-18 13:40:31 -04:00
|
|
|
|
\Huge Fingerprinting
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-18 13:40:31 -04:00
|
|
|
|
These methods are part of a broader topic called ``fingerprinting''.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
It's just what it sounds like:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
uniquely identify users online and across devices and such.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED EFF Research :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:DURATION: 00:00:20
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEAMER: \only<1>{
|
|
|
|
|
EFF Research, 2010:\cite{eff:browser-uniqueness-blog,eff:browser-uniqueness}
|
|
|
|
|
|
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
|
``In our analysis of anonymized data from around half a million distinct
|
|
|
|
|
browsers, 84% had unique configurations. Among browsers that had Flash or
|
|
|
|
|
Java installed, 94% were unique, and only 1% had fingerprints that were seen
|
|
|
|
|
more than twice.''
|
|
|
|
|
#+END_QUOTE
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<2>{
|
|
|
|
|
That was seven years ago.
|
|
|
|
|
|
|
|
|
|
You're really screwed today.*
|
|
|
|
|
|
|
|
|
|
#+BEGIN_LATEX
|
|
|
|
|
\incite{eff:panopti2,eff:browser-uniqueness,mozilla:fingerprinting,%
|
|
|
|
|
chromium:identification,tor:browser-design,stanford:private-browsing,%
|
|
|
|
|
norte:tor-fingerprint,browserleaks,ars:fingerprint,hardware-fingerprint}
|
|
|
|
|
#+END_LATEX
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Back in 2010,
|
|
|
|
|
the EFF released a paper with results from their fingerprinting research
|
|
|
|
|
project Panopticlick.
|
|
|
|
|
Back then,
|
|
|
|
|
they had an 84% success rate;
|
|
|
|
|
even higher with Flash and Java.
|
|
|
|
|
|
|
|
|
|
But we ain't in 2010 anymore.
|
|
|
|
|
We have options.
|
|
|
|
|
Very creative ones.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Alarmingly Effective
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-20 01:59:46 -04:00
|
|
|
|
:DURATION: 00:00:45
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
2017-03-09 05:20:33 -05:00
|
|
|
|
- Panopticlick (EFF)\cite{panopti:about}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
- User Agent, cookies, screen resolution, fonts, language, session storage,
|
2017-03-19 03:35:45 -04:00
|
|
|
|
canvas, WebGL, ad blocker, audio, keystrokes,
|
|
|
|
|
mouse movement,\nbsp{}\ldots\cite{ijcseit:biometric}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
- Can even track separate browsers on the same
|
|
|
|
|
hardware\cite{hardware-fingerprint,ars:fingerprint}
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-18 13:40:31 -04:00
|
|
|
|
Fingerprinting is alarmingly effective.
|
|
|
|
|
We don't have time to get into much detail on how it works;
|
|
|
|
|
I provided plenty of resources for that.
|
|
|
|
|
But there are some interesting ones.
|
|
|
|
|
|
|
|
|
|
How about tracking how the user moves her mouse and scrolls?
|
|
|
|
|
What about keystroke analysis?
|
|
|
|
|
Random noise from audio?
|
|
|
|
|
Time of CPU-intensive tasks like rendering 3D elements?
|
|
|
|
|
|
|
|
|
|
Some of these methods are hardware-based.
|
|
|
|
|
They can fingerprint even if the user opens a different browser,
|
|
|
|
|
or maybe even a different operating system,
|
|
|
|
|
on the same box.
|
|
|
|
|
|
|
|
|
|
Some are behavioral.
|
|
|
|
|
Keystroke patterns will persist wherever the user goes.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Incentive to Betray [2/2]
|
|
|
|
|
**** REHEARSED How Does This Happen?
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:30
|
|
|
|
|
:END:
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- There is strong incentive to betray
|
|
|
|
|
- Money (advertising)
|
|
|
|
|
- Attention & praise
|
|
|
|
|
- ``Business intelligence''
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
So how does tracking happen?
|
|
|
|
|
How does this tracking code _get_ on so much of the web?
|
|
|
|
|
|
|
|
|
|
Incentives to betray users.
|
|
|
|
|
|
|
|
|
|
Many websites make money through advertising.
|
|
|
|
|
It can be lucrative.
|
|
|
|
|
And it's _easy_ to do.
|
|
|
|
|
|
|
|
|
|
Others get addicted to attention and praise.
|
|
|
|
|
|
|
|
|
|
Others simply want to know what their visitors are doing on their website.
|
|
|
|
|
|
|
|
|
|
Most website owners don't think or know about these issues.
|
|
|
|
|
They're unknowing pawns in the Web of surveillance.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-03-07 00:36:28 -05:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Web of Surveillance :B_fullframe:
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-03-20 01:59:46 -04:00
|
|
|
|
:DURATION: 00:00:45
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEAMER: \only<1>{
|
|
|
|
|
#+ATTR_LATEX: :height 2.5in
|
|
|
|
|
[[./images/lightbeam-ex.png]]
|
|
|
|
|
|
|
|
|
|
\incite{moz:lightbeam}
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<2>{
|
|
|
|
|
#+ATTR_LATEX: :height 2.5in
|
|
|
|
|
[[./images/lightbeam-ex-good.png]]
|
|
|
|
|
|
|
|
|
|
(After mitigations)
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-18 13:40:31 -04:00
|
|
|
|
And I do mean a Web of surveillance.
|
|
|
|
|
|
|
|
|
|
This is LightBeam.
|
|
|
|
|
It's an addon for Firefox that graphs first- and third-party sites that you
|
2017-04-02 14:30:45 -04:00
|
|
|
|
visit.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
I created a new FF profile and installed the addon;
|
|
|
|
|
none of my privacy settings or other addons I'm used to.
|
|
|
|
|
You can see at the top that I visited five websites:
|
2017-03-20 01:59:46 -04:00
|
|
|
|
Washington Post, NY Times from Google, Guardian, and---which you can't see
|
2017-03-18 13:40:31 -04:00
|
|
|
|
here because they're actually disjoint from this graph---The Intercept.
|
|
|
|
|
Good for them!
|
|
|
|
|
And yet,
|
|
|
|
|
it hit /86/ third party sites!
|
|
|
|
|
NYT alone connected to 47 different third parties!
|
|
|
|
|
|
|
|
|
|
I was blown away.
|
|
|
|
|
|
|
|
|
|
So let me show you what I'm used to seeing.
|
|
|
|
|
This is what happens when I try to mitigate some of these threats.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Mitigations & Anonymity [8/8]
|
|
|
|
|
**** REHEARSED Summary :B_fullframe:
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:05
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
\Huge How Do We Mitigate?
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
So how do we do that?
|
|
|
|
|
|
|
|
|
|
Well, it depends on your threat model,
|
|
|
|
|
but let's start with the easy stuff.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Disable the Damn JavaScript!
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-20 01:59:46 -04:00
|
|
|
|
:DURATION: 00:00:50
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1.5in
|
|
|
|
|
[[./images/tp/noscript.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
#+BEAMER: \only<2>{
|
|
|
|
|
- Preempt most sophisticated and damning fingerprinting methods
|
|
|
|
|
- Stop hardware profiling
|
|
|
|
|
- Stop keystroke/mouse analysis\cite{ijcseit:biometric}
|
|
|
|
|
- Remember those audio beacons?\cite{bleep:ultrasound-tor}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEAMER: }
|
2017-04-02 14:30:45 -04:00
|
|
|
|
#+BEAMER: \only<3>{
|
|
|
|
|
- Running arbitrary untrusted, unsigned, ephemeral code
|
|
|
|
|
(/also\nbsp{}from many third parties/)\cite{mtg:rof}
|
|
|
|
|
- /Restore Online Freedom!/ (My LibrePlanet 2016 talk)
|
|
|
|
|
- LibreJS blocks non-free, but free doesn't mean free of malice
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEAMER: }
|
2017-04-02 14:30:45 -04:00
|
|
|
|
#+BEAMER: \only<4>{
|
2017-03-18 13:40:31 -04:00
|
|
|
|
- NoScript blocks JavaScript based on URL patterns\cite{noscript}
|
|
|
|
|
- /Warning:/ Allows some sites by default!
|
|
|
|
|
- Also blocks media and fonts; provides XSS and clickjacking prevention
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Okay, I can't say this enough.
|
|
|
|
|
Disable the damn JavaScript!
|
|
|
|
|
The Web isn't broken without it,
|
|
|
|
|
they're breaking the web /with/ it!
|
|
|
|
|
I write a lot of JavaScript for a living.
|
|
|
|
|
My GNU project is ease.js, which is a JavaScript library.
|
|
|
|
|
And yet,
|
2017-03-20 01:59:46 -04:00
|
|
|
|
/I only allow JavaScript to execute on a few websites!/.
|
2017-04-02 14:30:45 -04:00
|
|
|
|
You're runnning untrusted, unsigned, ephemeral code,
|
|
|
|
|
often from many third parties!
|
|
|
|
|
But I've already given that talk---
|
|
|
|
|
see Restore Online Freedom! from last year!
|
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
Some people run LibreJS,
|
|
|
|
|
and I support that project.
|
|
|
|
|
But note that free software doesn't mean free of malice;
|
|
|
|
|
LibreJS solves a different problem than the one I'm describing---
|
2017-04-02 14:30:45 -04:00
|
|
|
|
when you /do/ allow JS to run, ought to be free.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
|
|
|
|
It's probably obvious from the logo that I'm talking about the NoScript
|
2017-03-20 01:59:46 -04:00
|
|
|
|
addon.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
It does more than just block JS---
|
2017-04-02 14:30:45 -04:00
|
|
|
|
it also blocks certain types of attacks.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED LightBeam NoScript :B_fullframe:
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:DURATION: 00:00:15
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEAMER: \only<1>{
|
|
|
|
|
#+ATTR_LATEX: :height 2.5in
|
|
|
|
|
[[./images/lightbeam-ex.png]]
|
|
|
|
|
|
|
|
|
|
(Before NoScript)
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<2>{
|
|
|
|
|
#+ATTR_LATEX: :height 2.5in
|
|
|
|
|
[[./images/lightbeam-ex-noscript.png]]
|
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
(After NoScript with /no whitelist/)
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-20 01:59:46 -04:00
|
|
|
|
So this is our graph again before NoScript.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
And here it is after running NoScript with no whitelist.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
Without any other mitigations.
|
|
|
|
|
|
|
|
|
|
Obviously results will vary depending on the website.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Ads/Trackers; Security
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:40
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:END:
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 0.75in
|
|
|
|
|
[[./images/tp/privacy-badger.png]]
|
|
|
|
|
#+ATTR_LATEX: :height 0.75in
|
|
|
|
|
[[./images/tp/ublock0.png]]
|
|
|
|
|
#+ATTR_LATEX: :height 0.75in
|
|
|
|
|
[[./images/tp/sdcookies.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
- /Privacy Badger/ blocks trackers\cite{eff:privacy-badger,lp:2016:privacy-badger}
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- /uBlock_0/ ``wide-spectrum blocker''\cite{gh:ublock-origin}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
- /Self-Destructing Cookies/ clears cookies and
|
|
|
|
|
LocalStorage\cite{moz:sd-cookies}
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
The issue surrounding Ad Blockers is framed such that we're waging war
|
|
|
|
|
against advertisers.
|
|
|
|
|
No---they're waging war against /us/.
|
|
|
|
|
|
2017-03-20 01:59:46 -04:00
|
|
|
|
You'll find that the bulk of what these addons handle is related to ad
|
|
|
|
|
networks.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
Privacy Badger works to block sites that appear to be tracking you.
|
|
|
|
|
Cooper Quintin---developer of Privacy Badger---gave a great talk last year
|
|
|
|
|
here at LP; go check it out.
|
|
|
|
|
uBlock Origin describes itself as a ``wide-spectrum blocker'',
|
|
|
|
|
but it serves primarily as an ad blocker.
|
|
|
|
|
Self-Destructing cookies clears out a site's cookies and LocalStorage once a
|
|
|
|
|
tab is closed.
|
|
|
|
|
There may be better options out there;
|
|
|
|
|
this seems to be useful for me.
|
|
|
|
|
|
|
|
|
|
I don't have time to go into technical details, unfortunately.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED HTTPS Everywhere :B_fullframe:
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
[[./images/tp/https-everywhere.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
**** REHEARSED Anonymity :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-03-18 13:40:31 -04:00
|
|
|
|
:DURATION: 00:00:15
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEAMER: \only<1>{
|
2017-04-02 14:30:45 -04:00
|
|
|
|
#+BEAMER: {\Huge Pseudonymity}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
|
|
|
|
\bigskip
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Origin is unknown to server; unique identifier /is\nbsp{}available/
|
|
|
|
|
to\nbsp{}server\incite{whonix:donot}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<2>{
|
2017-04-02 14:30:45 -04:00
|
|
|
|
#+BEAMER: {\Huge Anonymity}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
|
|
|
|
|
\bigskip
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Origin is unknown to server; no unique identifier known
|
|
|
|
|
by\nbsp{}server\incite{whonix:donot}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Another way is to be anonymous or pseudononymous.
|
|
|
|
|
In the latter case,
|
|
|
|
|
you assume a pseudoynm online and perform only activities that should be
|
|
|
|
|
associated with that pseudonym.
|
|
|
|
|
In the former case,
|
|
|
|
|
there should be no way to ever correlate past or future actions with your
|
|
|
|
|
current session.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED IANAAE :B_fullframe:
|
2017-03-06 23:57:38 -05:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-03-20 01:59:46 -04:00
|
|
|
|
:DURATION: 00:00:15
|
2017-03-06 23:57:38 -05:00
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEAMER: {\Huge IANAAE}
|
|
|
|
|
|
|
|
|
|
(I Am Not An Anonymity Expert)
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
This is a difficult topic that's pretty dangerous to give advice on if you
|
|
|
|
|
have strong need for anonymity---for example, if you are a dissident or
|
|
|
|
|
whistleblower.
|
|
|
|
|
If your life depends on anonymity,
|
|
|
|
|
please do your own research.
|
|
|
|
|
I provide a number of resources to get you started.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED The Tor Network
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-20 01:59:46 -04:00
|
|
|
|
:DURATION: 00:00:45
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEAMER: \only<1>{
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/tp/tor.png]]
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<2>{
|
2017-03-20 01:59:46 -04:00
|
|
|
|
[[./images/tp/tor-diagram.png]]\incite{tor:overview}
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
- <1> The Onion Router (Tor)\cite{tor}
|
|
|
|
|
- <1> Helps defend against traffic analysis
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
Most here have probably heard of Tor.
|
2017-03-18 13:40:31 -04:00
|
|
|
|
Its purpose is to protect against certain kinds of traffic analysis.
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
"Tor" stands for "The Onion Router",
|
|
|
|
|
which describes how it relays data through the Tor network.
|
|
|
|
|
|
|
|
|
|
The packet is routed through a number of servers,
|
|
|
|
|
encrypted with the public key of each server such that the first hop
|
2017-03-18 13:40:31 -04:00
|
|
|
|
strips off the first layer and so on,
|
|
|
|
|
like an onion.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
Barring certain very important technical details,
|
2017-03-20 01:59:46 -04:00
|
|
|
|
it should not be possible to figure out that path.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
There are caveats.
|
|
|
|
|
Please do your research.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED TorBrowser, Tails, and Whonix
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-20 01:59:46 -04:00
|
|
|
|
:DURATION: 00:01:30
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+BEAMER: \only<2>{
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/tp/torbrowser.png]]
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<3>{
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/tp/tails.png]]
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<4>{
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/tp/whonix.png]]
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEAMER: \only<1>{
|
|
|
|
|
- Also need to change browsing habits\cite{whonix:donot}
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<2>{
|
|
|
|
|
- Browser needs to be hardened
|
|
|
|
|
- Remember: browser leaks a lot of
|
|
|
|
|
data\cite{panopti:about,eff:browser-uniqueness}
|
|
|
|
|
- TorBrowser is a hardened Firefox derivative\cite{tor:browser,tor:browser-design}
|
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<3->{
|
|
|
|
|
- <3-> Operating System needs to be hardened
|
|
|
|
|
- <3-> Tails---The Amnesic Incognito Live System\cite{tor:tails}
|
|
|
|
|
- <4> Whonix---Multi-layer isolation in VMs\cite{whonix}
|
|
|
|
|
#+BEAMER: }
|
2017-03-06 23:57:38 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-18 13:40:31 -04:00
|
|
|
|
But Tor alone isn't enough to secure your anonymity.
|
|
|
|
|
You also have to change your browsing habits.
|
|
|
|
|
That is difficult and nuanced advice to give,
|
|
|
|
|
let alone in a mention in a talk,
|
|
|
|
|
so I defer to my citations.
|
|
|
|
|
|
|
|
|
|
For some people, that's enough.
|
|
|
|
|
If your threat model involves only advertisers and other snoopers,
|
|
|
|
|
you might be okay with Tor and privacy extensions.
|
|
|
|
|
|
|
|
|
|
But if you're a dissident,
|
|
|
|
|
and your life is in danger,
|
|
|
|
|
you have more work to do.
|
|
|
|
|
If you are worried about government surveillance or cracking,
|
|
|
|
|
you have more work to do.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
It's hard to secure a web browser.
|
|
|
|
|
|
|
|
|
|
TorBrowser is a hardened version of Firefox.
|
2017-04-02 14:30:45 -04:00
|
|
|
|
The Tor Project recommends that you don't rely on a vanilla Firefox for
|
2017-04-02 21:59:29 -04:00
|
|
|
|
anonymity with Tor.
|
|
|
|
|
|
2017-03-18 13:40:31 -04:00
|
|
|
|
The operating system needs hardening.
|
|
|
|
|
There are two major options.
|
|
|
|
|
The first one is Tails: The Amnesic Incognito Live System.
|
|
|
|
|
It is an ephemeral OS that you can simply boot from USB on any PC.
|
|
|
|
|
It routes all traffic through the Tor network.
|
|
|
|
|
|
|
|
|
|
The second is Whonix.
|
|
|
|
|
It is not ephemeral: it requires a host OS (or hypervisor) and runs two VMs:
|
|
|
|
|
one is the guest that the user uses as a desktop,
|
|
|
|
|
and the other is the VM it routes all traffic through,
|
|
|
|
|
which goes through Tor.
|
|
|
|
|
If the guest the user is using is compromised,
|
|
|
|
|
an attacker cannot subvert the Tor network.
|
|
|
|
|
|
|
|
|
|
There's obvious tradeoffs there for both;
|
|
|
|
|
I encourage you to look into both before deciding which is best for your
|
|
|
|
|
threat model.
|
2017-03-06 23:57:38 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-03-20 02:20:55 -04:00
|
|
|
|
** AUGMENT Data and Profiling [4/4]
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Introduction :B_ignoreheading:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: ignoreheading
|
|
|
|
|
:END:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Introduction :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:DURATION: 00:00:05
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
2017-03-07 00:24:40 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
2017-03-19 03:35:45 -04:00
|
|
|
|
#+BEAMER: \only<1>{
|
|
|
|
|
\Huge ``Big Data''
|
2017-03-07 00:24:40 -05:00
|
|
|
|
|
|
|
|
|
(/Your/ Big Data)
|
2017-03-19 03:35:45 -04:00
|
|
|
|
#+BEAMER: }
|
|
|
|
|
#+BEAMER: \only<2>{
|
|
|
|
|
\Huge ``Business Intelligence''
|
|
|
|
|
#+BEAMER: }
|
2017-03-07 00:24:40 -05:00
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
We've seen adversaries with different motives.
|
|
|
|
|
Let's explore what some of them do with all those data.
|
2017-03-20 02:20:55 -04:00
|
|
|
|
|
|
|
|
|
This is a ``big data'' problem.
|
|
|
|
|
You might also hear this called ``business intelligence''.
|
2017-03-07 00:24:40 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED Those Who Spy
|
|
|
|
|
**** REHEARSED Data Brokers
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:10
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:END:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-19 03:35:45 -04:00
|
|
|
|
***** Lightbeam Reminder
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:BEAMER_col: 0.50
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
[[./images/lightbeam-ex.png]]
|
|
|
|
|
|
|
|
|
|
***** Summary
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.50
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
- Ghostery lists *over 3,000 companies receiving web/app
|
|
|
|
|
data*\cite{ghostery:companies}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Back to that Lightbeam graph of third parties.
|
|
|
|
|
Ghostery has a list of third parties receiving web and app data.
|
|
|
|
|
There's over 3,000 of them.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Oracle Identity Graph
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:30
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-07 00:24:40 -05:00
|
|
|
|
|
2017-03-19 03:35:45 -04:00
|
|
|
|
#+BEGIN_CENTER
|
2017-03-20 02:20:55 -04:00
|
|
|
|
#+ATTR_LATEX: :height 1.90in
|
2017-03-19 03:35:45 -04:00
|
|
|
|
[[./images/tp/oracle-id-fuu.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
|
\footnotesize ``Aggregates and provides insights on over $2\nbsp{}trillion in
|
|
|
|
|
consumer spending from 1,500 data partners across 110 million US
|
|
|
|
|
households''\cite{oracle:datalogix-acq}
|
|
|
|
|
#+END_QUOTE
|
2017-03-07 00:24:40 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-19 03:35:45 -04:00
|
|
|
|
Look how happy she is to be tracked!
|
|
|
|
|
I'm kidding of course.
|
|
|
|
|
If we put some random person's picture in her place,
|
|
|
|
|
they might feel a bit uncomfortable.
|
|
|
|
|
|
2017-03-20 02:20:55 -04:00
|
|
|
|
Alright, Oracle Identity Graph.
|
2017-03-19 03:35:45 -04:00
|
|
|
|
<Read quote>
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-19 03:35:45 -04:00
|
|
|
|
Look at that last bullet point there.
|
2017-03-20 02:20:55 -04:00
|
|
|
|
``Deliver a more relevant customer experience''.
|
2017-03-07 00:24:40 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED All About the Experience :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:DURATION: 00:00:05
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-07 00:24:40 -05:00
|
|
|
|
|
2017-03-19 03:35:45 -04:00
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
\Huge ``More Relevant Customer Experience''
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-03-20 02:20:55 -04:00
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
More relevant customer experience.
|
|
|
|
|
You hear that a lot from advertisers,
|
2017-04-02 14:30:45 -04:00
|
|
|
|
especially for justification.
|
2017-03-20 02:20:55 -04:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-03-19 03:35:45 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Target Pregnancy Prediction
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:25
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/tp/target-logo.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- Records purchases, credit cards, coupons, surveys, refunds, customer
|
|
|
|
|
helpline calls, email, website visits, \ldots\cite{networks-of-control}
|
|
|
|
|
- Purchase more information from third parties\cite{networks-of-control}
|
|
|
|
|
- Identified 25 products to create a ``pregnancy prediction'' score and
|
|
|
|
|
estimate due date\cite{nyt:learn-secrets}
|
|
|
|
|
- Quantities of types of lotions, soaps, cotton balls,
|
|
|
|
|
supplements,\nbsp{}etc
|
2017-03-07 00:24:40 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-19 03:35:45 -04:00
|
|
|
|
One of the most popular examples of these types of analytics is a case where
|
|
|
|
|
a father received coupons for baby clothes in the mail for his daughter.
|
|
|
|
|
Target successfully predicted that she was pregnant based on certain items
|
|
|
|
|
that she purchased,
|
|
|
|
|
like quantities of certain lotions,
|
|
|
|
|
and even things like cotton balls.
|
|
|
|
|
They call this a ``pregnancy prediction''.
|
|
|
|
|
It's creepy.
|
|
|
|
|
It's lucrative.
|
2017-03-07 00:24:40 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Transparency Needed
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:DURATION: 00:00:40
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
***** Trustev Graph
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.50
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
[[./images/tp/trustev-graph.png]]
|
|
|
|
|
|
|
|
|
|
\incite{trustev:tech}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
***** Summary
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_col: 0.50
|
|
|
|
|
:END:
|
|
|
|
|
- *Let users see their data in this graph!*
|
|
|
|
|
- Erase nonpublic information that they don't want to be known
|
|
|
|
|
- Let them correct what is wrong
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- Also a problem with law enforcement / government
|
|
|
|
|
- Let them *opt out!*
|
2017-03-19 03:35:45 -04:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
Look, at the end of the day,
|
|
|
|
|
some people do legitimately want this.
|
|
|
|
|
They want to have this ``relevant customer experience''.
|
|
|
|
|
|
|
|
|
|
What we need is transparency.
|
|
|
|
|
|
|
|
|
|
Companies like Oracle should let you see your data in this graph.
|
|
|
|
|
Let you correct it if it's wrong.
|
|
|
|
|
Erase it if it's nonpublic information that you don't want to be known.
|
|
|
|
|
And allow you to /opt out/!
|
|
|
|
|
|
|
|
|
|
We talked about government surveillance a while ago.
|
|
|
|
|
This is a problem there as well.
|
|
|
|
|
What if you're flagged as suspicious?
|
|
|
|
|
Put on some no-fly list or terrorism watch list?
|
|
|
|
|
What if it were based on completely wrong information inferred by some
|
|
|
|
|
algorithm?
|
|
|
|
|
|
|
|
|
|
Let's look at that graph on the left a little more closely.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED These Data Affect Your Life!
|
|
|
|
|
**** REHEARSED Trustev Fraud Detection
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:25
|
|
|
|
|
:END:
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
[[./images/tp/trustev-graph.png]]
|
|
|
|
|
|
|
|
|
|
\incite{trustev:tech}
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
This is a graph of sources for TransUnion's fraud prevention system.
|
|
|
|
|
There are a lot of data sources here.
|
|
|
|
|
And look at the node at the bottom---
|
|
|
|
|
``machine learning''.
|
|
|
|
|
|
|
|
|
|
What if this were wrong?
|
|
|
|
|
You'd be flagged as a fraud.
|
|
|
|
|
This could be inconvenient---
|
|
|
|
|
like not being able to make an online purchase.
|
|
|
|
|
But what if you are denied a loan because of things like this?
|
|
|
|
|
Or...denied employment?
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED LexisNexis
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:45
|
|
|
|
|
:END:
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 0.25in
|
|
|
|
|
[[./images/tp/lexisnexis.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
- Risk management for insurance, finance, retail, travel,
|
|
|
|
|
government, gaming, and healthcare\cite{networks-of-control}
|
|
|
|
|
- Data on over 500 million customers
|
|
|
|
|
- TrueID---34 billion records from over 10,000 sources\cite{lexisnexis:trueid}
|
|
|
|
|
|
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
|
``We help insurers assess their risk and streamline the underwriting process
|
|
|
|
|
in 99% of all U.S. auto insurance claims and more than 90% of all homeowner
|
|
|
|
|
claims.''
|
|
|
|
|
#+END_QUOTE
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
There's a ton of these companies;
|
|
|
|
|
we only have time for a few.
|
|
|
|
|
LexisNexis is another popular one.
|
|
|
|
|
And it's fun to say.
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
They handle risk management for various industries,
|
|
|
|
|
including government.
|
2017-03-19 03:35:45 -04:00
|
|
|
|
And they pull from a pool of data of over 500 million customers.
|
|
|
|
|
|
|
|
|
|
<read quote>
|
|
|
|
|
|
|
|
|
|
To give you an idea of their scale:
|
|
|
|
|
they also have a system called TrueID,
|
|
|
|
|
which does identity verification for fraud detection.
|
|
|
|
|
They aggregate tens of billions of records from over ten thousand sources.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Palantir
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:PROPERTIES:
|
2017-04-02 14:30:45 -04:00
|
|
|
|
:DURATION: 00:00:20
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-07 00:24:40 -05:00
|
|
|
|
|
2017-03-19 03:35:45 -04:00
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 1in
|
|
|
|
|
[[./images/tp/palantir.png]]
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- Started by Peter Thiel of PayPal
|
2017-03-19 03:35:45 -04:00
|
|
|
|
- CIA, DHS, NSA, FBI, the CDC, the Marine Corps, the Air Force, Special
|
|
|
|
|
Operations Command, West Point, the Joint IED-defeat organization and
|
|
|
|
|
Allies, the Recovery Accountability and Transparency Board and the
|
|
|
|
|
National Center for Missing and Exploited Children.\cite{techcrunch:palantir}
|
2017-03-07 00:24:40 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-03-19 03:35:45 -04:00
|
|
|
|
Another highly controversial one is Palantir.
|
|
|
|
|
It was started by one of the co-founders of PayPal, Peter Thiel,
|
|
|
|
|
for terrorism intelligence.
|
|
|
|
|
It's now used for its powerful analytic capabilities
|
|
|
|
|
by not only private corporations,
|
2017-04-02 14:30:45 -04:00
|
|
|
|
but numerous three-letter government agencies.
|
2017-03-19 03:35:45 -04:00
|
|
|
|
|
|
|
|
|
Yeah.
|
|
|
|
|
What if these data are wrong?
|
2017-03-07 00:24:40 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** REHEARSED More Information
|
2017-03-19 03:35:45 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** REHEARSED Networks of Control :B_fullframe:
|
2017-03-19 03:35:45 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:15
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
#+ATTR_LATEX: :height 2in
|
|
|
|
|
[[./images/tp/networks-of-control.png]]
|
|
|
|
|
|
|
|
|
|
\incite{networks-of-control,33c3:surveil}
|
|
|
|
|
|
|
|
|
|
Shock and Awe
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
|
|
|
|
If this topic interests you,
|
|
|
|
|
you need to read the paper Networks of Control.
|
|
|
|
|
One of the authors gave a talk at the recent Chaos Communication Congress,
|
|
|
|
|
and I was in both shock and awe.
|
|
|
|
|
I've only had the chance to skim the paper.
|
|
|
|
|
Both are referenced here.
|
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
** LACKING Policy and Action [0/6]
|
2017-03-07 00:36:28 -05:00
|
|
|
|
*** DRAFT Introduction [0/1] :B_ignoreheading:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: ignoreheading
|
|
|
|
|
:END:
|
2017-03-07 00:36:28 -05:00
|
|
|
|
**** DRAFT Introduction :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:00:30
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
2017-03-07 00:36:28 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
2017-04-02 14:30:45 -04:00
|
|
|
|
\Huge We're feeding into all of this!
|
2017-03-07 00:36:28 -05:00
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** DRAFT SaaSS
|
|
|
|
|
**** Software as a Service Substitute (SaaSS)
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- Disturbing trend to replace traditional software with services
|
|
|
|
|
- Do not own your own data /or/ computations
|
|
|
|
|
- Companies balance privacy on their balance sheets
|
|
|
|
|
- Countless data breaches
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-10 02:07:56 -05:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** DRAFT Centralization
|
|
|
|
|
**** Decentralize!
|
2017-03-10 02:07:56 -05:00
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
- Host what you can (GNU Social, NextCloud, \ldots)
|
|
|
|
|
- Damnit, Moxie (Signal)---use XMPP, OMEMO
|
2017-03-10 02:07:56 -05:00
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** DRAFT People Don't Care
|
|
|
|
|
**** ``I Have Nothing To Hide'' :B_fullframe:
|
2017-03-10 02:07:56 -05:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
2017-03-07 00:36:28 -05:00
|
|
|
|
|
2017-03-10 02:07:56 -05:00
|
|
|
|
#+BEGIN_CENTER
|
2017-04-02 14:30:45 -04:00
|
|
|
|
\Huge ``I Have Nothing To Hide''
|
2017-03-10 02:07:56 -05:00
|
|
|
|
#+END_CENTER
|
2017-03-07 00:36:28 -05:00
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 14:30:45 -04:00
|
|
|
|
People don't care about privacy!
|
2017-03-10 02:07:56 -05:00
|
|
|
|
#+END_COMMENT
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
**** Complacency
|
2017-03-10 02:07:56 -05:00
|
|
|
|
#+BEGIN_CENTER
|
2017-04-02 14:30:45 -04:00
|
|
|
|
\Huge Complacency in the Status Quo
|
2017-03-10 02:07:56 -05:00
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
|
2017-04-02 14:30:45 -04:00
|
|
|
|
*** DRAFT Your Fight
|
2017-03-07 00:45:58 -05:00
|
|
|
|
**** DRAFT Status Quo Cannot Hold :B_fullframe:
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
2017-04-02 14:30:45 -04:00
|
|
|
|
\Huge *The status quo cannot hold.*
|
2017-03-07 00:45:58 -05:00
|
|
|
|
#+END_CENTER
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-07 00:45:58 -05:00
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
I hope I've convinced you that the status quo cannot hold.
|
|
|
|
|
That even people who aren't that privacy- or security-conscious recognize
|
|
|
|
|
that there are risks not only at a personal level,
|
|
|
|
|
but also national and global.
|
2017-03-07 00:45:58 -05:00
|
|
|
|
#+END_COMMENT
|
2017-03-07 00:36:28 -05:00
|
|
|
|
|
2017-03-07 00:45:58 -05:00
|
|
|
|
|
|
|
|
|
**** DRAFT Push Back :B_fullframe:
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:DURATION: 00:01
|
2017-03-07 00:45:58 -05:00
|
|
|
|
:BEAMER_env: fullframe
|
2017-04-02 21:59:29 -04:00
|
|
|
|
:END:
|
|
|
|
|
|
2017-03-07 00:45:58 -05:00
|
|
|
|
#+BEGIn_CENTER
|
2017-04-02 14:30:45 -04:00
|
|
|
|
#+BEAMER: \only<1>{\Huge We need to push back}
|
|
|
|
|
#+BEAMER: \only<2>{\Huge \emph{You} need to push back}
|
2017-03-07 00:45:58 -05:00
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
#+BEGIN_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
- Good crypto; no trust
|
|
|
|
|
- Lawmakers: this is not something we can win while we fight with our
|
|
|
|
|
governments.
|
2017-03-07 00:45:58 -05:00
|
|
|
|
#+END_COMMENT
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
|
|
|
|
|
2017-03-07 00:58:21 -05:00
|
|
|
|
** Thank You :B_fullframe:
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: fullframe
|
|
|
|
|
:END:
|
|
|
|
|
|
|
|
|
|
#+BEGIN_CENTER
|
|
|
|
|
Mike Gerwitz
|
|
|
|
|
|
|
|
|
|
[[mailto:mtg@gnu.org][=mtg@gnu.org=]]
|
|
|
|
|
|
|
|
|
|
\bigskip
|
|
|
|
|
|
|
|
|
|
**References Available Online**
|
|
|
|
|
|
|
|
|
|
[[https://mikegerwitz.com/talks/sapsf]]
|
|
|
|
|
|
|
|
|
|
\vfill
|
|
|
|
|
|
|
|
|
|
Licensed under the Creative Commons Attribution ShareAlike 4.0
|
|
|
|
|
International License
|
|
|
|
|
#+END_CENTER
|
|
|
|
|
|
|
|
|
|
|
2017-03-08 02:05:07 -05:00
|
|
|
|
** References :B_appendix:
|
|
|
|
|
:PROPERTIES:
|
|
|
|
|
:BEAMER_env: appendix
|
|
|
|
|
:END:
|
|
|
|
|
|
2017-03-11 23:13:18 -05:00
|
|
|
|
\printbibliography
|
2017-03-08 02:05:07 -05:00
|
|
|
|
|
|
|
|
|
|
2017-03-06 21:48:35 -05:00
|
|
|
|
* Exporting
|
|
|
|
|
You should be able to simply export this buffer as a Beamer presentation
|
|
|
|
|
(=C-c C-e l P=) and get a slideshow.
|
|
|
|
|
|
|
|
|
|
Note that this requires =ox-extras=, which is part of Org Mode's
|
|
|
|
|
=contrib/=. Without it, the =:ignore:= tag will not be recognized and the
|
|
|
|
|
rendered slides will have incorrect depth.
|
2017-04-02 21:59:29 -04:00
|
|
|
|
|
2017-03-06 21:48:35 -05:00
|
|
|
|
* Local Variables
|
2017-04-02 21:59:29 -04:00
|
|
|
|
# Local Variables:
|
|
|
|
|
# org-todo-keyword-faces: (("DRAFT" . org-upcoming-deadline) \
|
2017-03-07 23:35:16 -05:00
|
|
|
|
# ("DEVOID" . (:inherit org-warning \
|
|
|
|
|
# :inverse-video t)) \
|
2017-04-02 21:59:29 -04:00
|
|
|
|
# ("LACKING" . org-warning) \
|
|
|
|
|
# ("REVIEWED" . "yellow") \
|
2017-03-19 22:04:30 -04:00
|
|
|
|
# ("AUGMENT" . (:foreground "yellow" :bold t :underline t))
|
2017-03-07 23:35:16 -05:00
|
|
|
|
# ("READY" . (:inherit org-scheduled :bold t :underline t)))
|
2017-03-06 21:48:35 -05:00
|
|
|
|
# eval: (ox-extras-activate '(ignore-headlines))
|
2017-04-02 21:59:29 -04:00
|
|
|
|
# End:
|