slides.org (The Web): Draft slides
parent
1c246e8628
commit
00c8900bb3
60
slides.org
60
slides.org
|
@ -868,20 +868,20 @@ It's just what it sounds like:
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
**** DEVOID Alarmingly Effective
|
||||
**** LACKING Alarmingly Effective
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:03
|
||||
:BEAMER_env: fullframe
|
||||
:END:
|
||||
|
||||
- TODO
|
||||
- Panopticlick (EFF)\cite{panopti:about}
|
||||
- JavaScript opens up a world of possibilities
|
||||
- Clearing cookies et al. won't always help
|
||||
- Can even track separate browsers on the same box
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
It's alarmingly effective.
|
||||
|
||||
<<general fingerprinting stuff>>
|
||||
|
||||
<<hardware-fingerprint>>
|
||||
Some methods allow fingerprinting even if the user uses multiple browsers
|
||||
and takes care to clear all session data.
|
||||
They can do this by effectively breaking out of the browser's sandbox by
|
||||
|
@ -889,24 +889,22 @@ They can do this by effectively breaking out of the browser's sandbox by
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
**** DEVOID Browser Addons
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:END:
|
||||
|
||||
- TODO
|
||||
**** DRAFT User Agent
|
||||
- <1-> User agents can leak a lot of information
|
||||
- <1-> ~18 bits in my browser on GNU/Linux, 1/~250,000
|
||||
- <2-> Tor Browser\cite{panopti:about}
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
(Merge into other sections?)
|
||||
|
||||
So how do we avoid this type of tracking?
|
||||
|
||||
<<Talk about browser addons>>.
|
||||
Your browser's user agent is a string that it sends with every request
|
||||
identifying itself and some of its capabilities.
|
||||
It can be surprisingly unique.
|
||||
When I tested a Firefox browser on GNU/Linux,
|
||||
I was unique out of nearly 250,000 users.
|
||||
#+END_COMMENT
|
||||
|
||||
|
||||
*** LACKING Anonymity [0/4]
|
||||
**** LACKING Summary :B_fullframe:
|
||||
*** DRAFT Anonymity [0/4]
|
||||
**** DRAFT Summary :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:BEAMER_env: fullframe
|
||||
|
@ -922,11 +920,13 @@ In the former case,
|
|||
current session.
|
||||
#+END_COMMENT
|
||||
|
||||
***** TODO Anonymity
|
||||
Foo
|
||||
***** Anonymity
|
||||
Origin is unknown to server; no unique identifier known by
|
||||
server\incite{whonix:donot}
|
||||
|
||||
***** TODO Pseudonymity
|
||||
Bar
|
||||
***** Pseudonymity
|
||||
Origin is unknown to server; unique identifier /is available/ to
|
||||
server\incite{whonix:donot}
|
||||
|
||||
|
||||
**** DRAFT IANAAE :B_fullframe:
|
||||
|
@ -948,13 +948,14 @@ I provide a number of resources to get you started.
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
**** DEVOID The Tor Network
|
||||
**** DRAFT The Tor Network
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:END:
|
||||
|
||||
- The Onion Router (Tor)
|
||||
- ...
|
||||
- The Onion Router (Tor)\cite{tor}
|
||||
- Helps defend against traffic analysis
|
||||
- (Routing image)
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Most here have probably heard of Tor.
|
||||
|
@ -980,18 +981,21 @@ There are lots of other details that I don't have time to get to here,
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
**** DEVOID TorBrowser, Tails, and Whonix
|
||||
**** DRAFT TorBrowser, Tails, and Whonix
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:02
|
||||
:END:
|
||||
|
||||
- TODO
|
||||
- <1-> Tor alone isn't enough
|
||||
- <1-> Browser needs to be hardened
|
||||
- <2-> TorBrowser is a hardened Firefox derivative
|
||||
- <1-> Operating System needs to be hardened
|
||||
- <2-> Tails, Whonix
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Tor alone isn't enough to secure your anonymity.
|
||||
|
||||
It's hard to secure a web browser.
|
||||
<links>
|
||||
|
||||
TorBrowser is a hardened version of Firefox.
|
||||
The Tor browser recommends that you don't rely on a vanilla Firefox for
|
||||
|
|
Loading…
Reference in New Issue