diff --git a/images/Makefile b/images/Makefile
deleted file mode 100644
index bc1b28c..0000000
--- a/images/Makefile
+++ /dev/null
@@ -1,25 +0,0 @@
-# Third-party image retrieval
-#
-# Licensed under the CC0 1.0 Universal license (public domain).
-##
-
-images := sf-cameras.jpg alpr-mounted.png alpr-capture.png \
- alpr-pips.png
-
-define imgfetch
- torify wget -O
-endef
-
-all: $(images)
-
-sf-cameras.jpg:
- $(imgfetch) "$@" 'https://cbssanfran.files.wordpress.com/2015/09/san_francisco_surveillance_cameras_092315.jpg'
-
-alpr-mounted.png:
- $(imgfetch) "$@" 'https://www.eff.org/files/2015/10/20/paxton_and_spencer_.png'
-
-alpr-capture.png:
- $(imgfetch) "$@" 'https://www.eff.org/files/2015/10/20/paxton_captures.png'
-
-alpr-pips.png:
- $(imgfetch) "$@" 'https://www.eff.org/files/2015/10/15/pipscam9_redacted.png'
diff --git a/images/analytics-usage.png b/images/analytics-usage.png
new file mode 100644
index 0000000..550a601
Binary files /dev/null and b/images/analytics-usage.png differ
diff --git a/images/ftc-silver.png b/images/ftc-silver.png
new file mode 100644
index 0000000..ac41899
Binary files /dev/null and b/images/ftc-silver.png differ
diff --git a/images/insecam-01.png b/images/insecam-01.png
new file mode 100644
index 0000000..f138f61
Binary files /dev/null and b/images/insecam-01.png differ
diff --git a/images/insecam-02.png b/images/insecam-02.png
new file mode 100644
index 0000000..05cde71
Binary files /dev/null and b/images/insecam-02.png differ
diff --git a/images/insecam-03.png b/images/insecam-03.png
new file mode 100644
index 0000000..6c024b1
Binary files /dev/null and b/images/insecam-03.png differ
diff --git a/images/insecam-04.png b/images/insecam-04.png
new file mode 100644
index 0000000..8479aa1
Binary files /dev/null and b/images/insecam-04.png differ
diff --git a/images/insecam-05.png b/images/insecam-05.png
new file mode 100644
index 0000000..290160b
Binary files /dev/null and b/images/insecam-05.png differ
diff --git a/images/insecam-06.png b/images/insecam-06.png
new file mode 100644
index 0000000..c9a0826
Binary files /dev/null and b/images/insecam-06.png differ
diff --git a/images/lightbeam-ex-good.png b/images/lightbeam-ex-good.png
new file mode 100644
index 0000000..a452a14
Binary files /dev/null and b/images/lightbeam-ex-good.png differ
diff --git a/images/lightbeam-ex-noscript.png b/images/lightbeam-ex-noscript.png
new file mode 100644
index 0000000..257653c
Binary files /dev/null and b/images/lightbeam-ex-noscript.png differ
diff --git a/images/lightbeam-ex.png b/images/lightbeam-ex.png
new file mode 100644
index 0000000..f5e88d4
Binary files /dev/null and b/images/lightbeam-ex.png differ
diff --git a/images/tp/.gitignore b/images/tp/.gitignore
new file mode 100644
index 0000000..f3a75c5
--- /dev/null
+++ b/images/tp/.gitignore
@@ -0,0 +1,6 @@
+*
+!gen-makefile
+!remote-list
+!SHA256SUM
+!.gitignore
+
diff --git a/images/tp/SHA256SUM b/images/tp/SHA256SUM
new file mode 100644
index 0000000..be428f8
--- /dev/null
+++ b/images/tp/SHA256SUM
@@ -0,0 +1,17 @@
+8df6f6442bfb895e2d4d5d599d2d9a477405f590587f2a473c3e59a46d06b325 alpr-mounted.png
+4b0050a377af1fcd72f14863408eef44d40e7ba6fe31e2121ec7c3a51781a752 alpr-capture.png
+31597ba3731e6eccf2e68ae8b91ad25b2e6e4685814e723333d9ea1d2579b635 alpr-pips.png
+e7029f70524f420ef32044aeae8280434d5b03ddbab4e90188409a93597c0726 sf-cameras.jpg
+9edddcac31bbb09e4ba9f6fea5d36e5298ec65ce88d4c015121fc27edd466947 silverpush-logo.png
+cfda12117815c35bfc51266d9e8227b1645dcd5ffe054c4ae9922e75595f09b9 ga-dashboard.png
+d905d3b378daea4c002c873a4ad8192246959cb6df6fb470e29ade9f2b2354c9 piwik-dashboard.png
+95709a88b709740dfbc4a2c6d68941ec8ac8bfb2f289ddfcfeadd0677c47bf58 fb-like.png
+72b450aaaa6975645bb79b2345e4ec7178931a8c898ab0b183c2ef2f106a67a0 noscript.png
+2e4d5628d4f3f1baa20a8534631547c26f85492270d16eb836218e2f29c0535b privacy-badger.png
+9f38237f96b1cd9c945c55b084cd22aa51e9d210d2533f563be202433beaf3f6 ublock0.png
+1c4aafb7be008a99683d93acb92174cddb6d6e3fa5d882defed8a7173a114d5d sdcookies.png
+43c3548d0659cc769bd82c0ce681d21aa9120f7b15c49b77af0d19764621fb18 tor.png
+ee2c1e8325221cc5ae01b078930d7e74d447cec25cebeb18c0aaa1989994b918 tor-diagram.png
+f9600308d10debbc56e116087aa83a1ada126f3979f8b528228e1e89a87efd12 torbrowser.png
+4f231d937e622d9012706d57d5b0faa233f83d1e864db3b1b50d40d714aa8244 tails.png
+dce3dbf6572077dd495a9413ff11d7017d785142af85286a5ab51b7c7e4da728 whonix.png
diff --git a/images/tp/gen-makefile b/images/tp/gen-makefile
new file mode 100755
index 0000000..0fbd313
--- /dev/null
+++ b/images/tp/gen-makefile
@@ -0,0 +1,51 @@
+#!/bin/bash
+# Generate Makefile for third-party image download
+#
+# Copyright (C) 2017 Mike Gerwitz
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+##
+
+declare -r remote_file=remote-list
+
+cat < \$@
+
+check:
+ sha256sum -c SHA256SUM
+
+clean:
+ \$(RM) \$(images)
+
+EOF
+
+while read out url convert; do
+ dest="$out"
+
+ echo "$dest":
+ printf "\ttorify wget -O %q %q\n" "$dest" "$url"
+
+ test -n "$convert" || continue
+
+ printf "\tmogrify %s %q\n" "$convert" "$dest"
+done < "$remote_file"
+
diff --git a/images/tp/remote-list b/images/tp/remote-list
new file mode 100644
index 0000000..a6a28ea
--- /dev/null
+++ b/images/tp/remote-list
@@ -0,0 +1,17 @@
+alpr-mounted.png https://web.archive.org/web/20170318173251/https://www.eff.org/files/2015/10/20/paxton_and_spencer_.png
+alpr-capture.png https://web.archive.org/web/20170318173346/https://www.eff.org/files/2015/10/20/paxton_captures.png
+alpr-pips.png https://web.archive.org/web/20170318173427/https://www.eff.org/files/2015/10/15/pipscam9_redacted.png
+sf-cameras.jpg https://web.archive.org/web/20170318173846/https://cbssanfran.files.wordpress.com/2015/09/san_francisco_surveillance_cameras_092315.jpg
+silverpush-logo.png https://web.archive.org/web/20160623032522/http://1.bp.blogspot.com/-r9WGkxWE3RI/Vk9wK_RisSI/AAAAAAAAAy0/ZydFsogCrnc/s640/silverpush.png
+ga-dashboard.png https://web.archive.org/web/20170315055350/https://www.google.com/analytics/images/analytics/features/hero_1x.png -crop 580x370+115+35
+piwik-dashboard.png https://web.archive.org/web/20170310025254/https://piwik.org/wp-content/themes/piwik/assets/img/piwiklaptop.png -crop 730x520+225+85
+fb-like.png https://web.archive.org/web/20170318173942/https://upload.wikimedia.org/wikipedia/commons/thumb/5/54/Bot%C3%B3n_Me_gusta.svg/280px-Bot%C3%B3n_Me_gusta.svg.png-rotate 180
+noscript.png https://web.archive.org/web/20170317063210/https://noscript.net/noscript/logo.png
+privacy-badger.png https://web.archive.org/web/20170318014732/https://www.eff.org/sites/all/themes/badger/badger-stroke.png
+ublock0.png https://web.archive.org/web/20170318015725/https://raw.githubusercontent.com/gorhill/uBlock/master/doc/img/icon38@2x.png
+sdcookies.png https://web.archive.org/web/20170318020257/https://addons.cdn.mozilla.net/user-media/addon_icons/415/415846-64.png?modified=1477354818
+tor.png https://web.archive.org/web/20170318054354/https://www.torproject.org/images/tor-logo.jpg
+tor-diagram.png https://web.archive.org/web/20170318055957/https://www.torproject.org/images/htw2.png
+torbrowser.png https://web.archive.org/web/20170318161549/https://www.torproject.org/images/tb-lg.png -crop 185x135+0+0
+tails.png https://web.archive.org/web/20170318162345/https://tails.boum.org/lib/banner.png -crop 495x114+30+0
+whonix.png https://web.archive.org/web/20170318164321/https://upload.wikimedia.org/wikipedia/en/7/75/Whonix_Logo.png
diff --git a/sapsf.bib b/sapsf.bib
index 46baf24..5437f6f 100644
--- a/sapsf.bib
+++ b/sapsf.bib
@@ -5,6 +5,20 @@
urldate = {2017-03-08},
}
+@online{tor:tails,
+ title = {Tails - Privacy for anyone anywhere},
+ organization = {Tor Project},
+ url = {https://tails.boum.org/},
+ urldate = {2017-03-18},
+}
+
+@online{whonix,
+ title = {Whonix},
+ organization = {Whonix},
+ url = {https://www.whonix.org/},
+ urldate = {2017-03-18},
+}
+
@online{whonix:donot,
author = {Whonix},
title = {DoNot},
@@ -486,7 +500,7 @@
url = {https://ssrn.com/abstract=998565},
urldate = {2017-03-13},
annotation = {GWU Law School Public Law Research Paper No. 289},
-},
+}
@online{metro:goebbels,
author = {Nagesh, Ashitha},
@@ -584,3 +598,345 @@
urldate = {2017-03-14},
annotation = {Telnet right into certain ALPRs.}
}
+
+@online{ftc:silver,
+ author = {Mithal, Maneesha},
+ title = {Sample Silverpush Letter},
+ organization = {United States Federal Trade Commission,
+ Bureau of Consumer Protection,
+ Divison of Privacy and Identity Protection},
+ url = {https://www.ftc.gov/system/files/attachments/press-releases/ftc-issues-warning-letters-app-developers-using-silverpush-code/160317samplesilverpushltr.pdf},
+ urldate = {2017-03-14},
+ annotate = {Sample letter template for Android developers using software
+ created by the company Silvepush.}
+}
+
+@online{wired:ultrasonic,
+ author = {Newman, Lily Hay},
+ title = {How to Block the Ultrasonic Signals You Didn’t Know Were Tracking
+ You},
+ organization = {Wired},
+ date = {2016-11-03},
+ url = {https://www.wired.com/2016/11/block-ultrasonic-signals-didnt-know-tracking/},
+ urldate = {2017-03-14},
+}
+
+@online{ubeacsec:paper,
+ author = {Mavroudis, V.
+ and Hao, S.
+ and Fratantonio, Y.
+ and Maggi, F.
+ and Kruegel, C.
+ and Vigna, G.},
+ title = {The Ultrasound Tracking Ecosystem},
+ indextitle = {Ultrasound Tracking Ecosystem, The},
+ url = {http://ubeacsec.org/downloads/report.pdf},
+ urldate = {2017-03-14},
+ annotation = {Claims to be ``the first comprehensive security analysis''
+ of this type of tracking.},
+}
+
+@online{bleep:ultrasound-tor,
+ author = {Cimpanu, Catalin},
+ title = {Ultrasound Tracking Could Be Used To Deanonymize Tor Users},
+ organization = {Bleeping Computer},
+ date = {2017-01-03},
+ url = {https://www.bleepingcomputer.com/news/security/ultrasound-tracking-could-be-used-to-deanonymize-tor-users/},
+ urldate = {2017-03-14},
+}
+
+@online{33c3:talk-behind,
+ author = {Mavroudis, Vasillios
+ and Maggi, Federico},
+ title = {Talking Behind Your Back},
+ subtitle = {On the Privacy \& Security of the Ultrasound Tracking
+ Ecosystem},
+ location = {33^{rd} Chaos Communication Congress},
+ date = {2016-12-29},
+ url = {https://media.ccc.de/v/33c3-8336-talking_behind_your_back},
+ urldate = {2017-03-14},
+}
+
+@online{ftc:xdt,
+ title = {Cross-Device Tracking},
+ organization = {Federal Trade Commission},
+ location = {Constitution Center, 400 7^{th}~St~SW, Washington~DC 20024},
+ date = {2015-11-16},
+ url = {https://www.ftc.gov/news-events/events-calendar/2015/11/cross-device-tracking},
+ urldate = {2017-03-15},
+}
+
+@online{google:ga:features,
+ title = {Marketing Data Analysis \& Reporting Features},
+ organization = {Google},
+ url = {https://www.google.com/analytics/analytics/features/},
+ urldate = {2017-03-15},
+}
+
+@online{w3techs:analytics,
+ title = {Usage Stastics and Market Share of Traffic Analysis Tools for
+ Websites},
+ organization = {W3Techs},
+ url = {https://w3techs.com/technologies/overview/traffic_analysis/all},
+ urldate = {2017-03-15},
+}
+
+@online{w3techs:google,
+ author = {Gelbmann, Matthias},
+ title = {Google can't track every click of your web surfing. Only most of
+ them.},
+ organization = {W3Techs},
+ date = {2012-02-27},
+ url = {https://w3techs.com/blog/entry/google_cant_track_every_single_click_of_your_web_surfing_only_most_of_them},
+ urldate = {2017-03-15},
+}
+
+@online{piwik,
+ title = {Free Web Analytics Software},
+ organization = {Piwik},
+ url = {https://piwik.org/},
+ urldate = {2017-03-15},
+}
+
+@online{piwik:privacy,
+ title = {Web Analytics Privacy in Piwik},
+ organization = {Piwik},
+ url = {https://piwik.org/privacy/},
+ urldate = {2017-03-15},
+}
+
+@online{mtg:gitlab-piwik,
+ author = {Gerwitz, Mike},
+ title = {Google Analytics Removed From GitLab.com Instance},
+ date = {2016-01-24},
+ url = {https://mikegerwitz.com/2016/01/Google-Analytics-Removed-from-GitLab.com-Instance},
+ urldate = {2017-03-16},
+}
+
+@online{w:fb-like-img,
+ author = {Vt, Enoc},
+ title = {File:Botón Me gusta.svg},
+ date = {2011-10-09},
+ url = {https://en.wikipedia.org/wiki/File:Bot\%C3\%B3n_Me_gusta.svg},
+ urldate = {2017-03-16},
+}
+
+@article{pnas:predict,
+ author = {Kosinski, Michal
+ and Stillwell, David
+ and Graepel, Thore},
+ title = {Private traits and attributes are predictable from digital
+ records of human behavior},
+ journal = {PNAS},
+ volume = {110},
+ pages = {5802-5805},
+ doi = {10.1073/pnas.1218772110},
+ date = {2013-02-12},
+ url = {http://www.pnas.org/content/110/15/5802.full.pdf},
+ urldate = {2017-03-16},
+}
+
+@online{bloomberg:belgum-fb,
+ author = {Bodoni, Stephanie
+ and Martens, John},
+ title = {Belgium Tells Facebook to Stop Storing Personal Data From
+ Non-Users},
+ organization = {Bloomberg},
+ date = {2015-11-09},
+ url = {https://www.bloomberg.com/news/articles/2015-11-09/facebook-told-to-stop-storing-personal-data-from-belgian-surfers},
+ urldate = {2017-03-16},
+ annotation = {Surely Facebook isn't doing such a thing. Wait: ``Facebook
+ says it will appeal Belgian ruling to higher court''. Imagine that.}
+}
+
+@online{w:behavioral-targeting,
+ title = {Behavorial Tracking},
+ organization = {Wikipedia},
+ url = {https://en.wikipedia.org/wiki/Behavioral_targeting},
+ urldate = {2017-03-16},
+}
+
+@article{roosendaal:fb-like,
+ author = {Roosendaal, Arnold},
+ title = {Facebook Tracks and Traces Everyone: Like This!},
+ journaltitle = {Tilburg Law School Legal Studies Research Paper Series},
+ date = {2010},
+ doi = {10.2139/ssrn.1717563},
+ url = {https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1717563},
+ urldate = {2017-03-17},
+}
+
+@online{uld:fb,
+ title = {ULD to website owners: ``Deactivate Facebook web analytics''},
+ organization = {Unabh{\:a}ngiges Landeszentrum f{\:u}r Datenschutz
+ Schleswig-Holstein},
+ date = {2011-08-19},
+ url = {https://www.datenschutzzentrum.de/presse/20110819-facebook-en.htm},
+ urldate = {2017-03-17},
+}
+
+@online{eff:browser-uniqueness-blog,
+ authors = {Eckersley, Peter},
+ title = {Is Every Browser Unique? Results Fom The Panopticlick Experiment},
+ organization = {Electronic Frontier Foundation},
+ date = {2010-05-17},
+ url = {https://www.eff.org/deeplinks/2010/05/every-browser-unique-results-fom-panopticlick},
+ urldate = {2017-03-17},
+}
+
+@online{eff:browser-uniqueness,
+ authors = {Eckersley, Peter},
+ title = {How Unique Is Your Web Browser?},
+ organization = {Electronic Frontier Foundation},
+ date = {2010-05-17},
+ url = {https://panopticlick.eff.org/static/browser-uniqueness.pdf},
+ urldate = {2017-03-17},
+}
+
+@online{eff:panopti2,
+ author = {Budington, Bill},
+ title = {Panopticlick 2.0 Launches, Featuring New Tracker Protection and
+ Fingerprinting Tests},
+ organization = {Electronic Frontier Foundation},
+ date = {2015-12-17},
+ url = {https://www.eff.org/deeplinks/2015/12/panopticlick-20-launches-featuring-new-tracker-protection-and-fingerprinting-tests},
+ urldate = {2017-03-17},
+}
+
+@online{mozilla:fingerprinting,
+ title = {Fingerprinting - {MozillaWiki}},
+ organization = {Mozilla},
+ url = {https://wiki.mozilla.org/Fingerprinting},
+ urldate = {2017-03-17},
+}
+
+@online{chromium:identification,
+ author = {Janc, Artur
+ and Zalewski, Michal},
+ title = {Technical analysis of client identification mechanisms},
+ organization = {Google},
+ url = {https://sites.google.com/a/chromium.org/dev/Home/chromium-security/client-identification-mechanisms},
+ urldate = {2017-03-17},
+}
+
+@online{tor:browser-design,
+ author = {Perry, Mike
+ and Clark, Erin
+ and Murdoch, Steven
+ and Koppen, Georg},
+ title = {The Design and Implementation of the {Tor Browser}},
+ organization = {Tor Project},
+ date = {2017-03-10},
+ url = {https://www.torproject.org/projects/torbrowser/design/},
+ urldate = {2017-03-17},
+}
+
+@online{stanford:private-browsing,
+ author = {Aggarwal, Gaurav,
+ and Bursztein, Elie
+ and Jackson, Collin
+ and Boneh, Dan},
+ title = {An Analysis of Private Browsing Modes in Modern Browsers},
+ organization = {Stanford University},
+ url = {https://crypto.stanford.edu/~dabo/pubs/papers/privatebrowsing.pdf},
+ urldate = {2017-03-17},
+}
+
+@online{norte:tor-fingerprint,
+ author = {Norte, Jose Carlos},
+ title = {Advanced Tor Browser Fingerprinting},
+ date = {2016-03-06},
+ url = {http://jcarlosnorte.com/security/2016/03/06/advanced-tor-browser-fingerprinting.html},
+ urldate = {2017-03-17},
+}
+
+@online{browserleaks,
+ title = {{BrowserLeaks.com} - Web Browser Security Checklist for Identity
+ Theft Protection},
+ url = {https://browserleaks.com/},
+ urldate = {2017-03-17},
+}
+
+@article{hardware-fingerprint,
+ author = {Cao, Yinshi
+ and Li, Song
+ and Wijmans, Erik},
+ title = {(Cross-)Browser Fingerprinting via OS and Hardware Level Features},
+ date = {2017},
+ doi = {10.14722/ndss.2017.23152},
+ url = {http://yinzhicao.org/TrackingFree/crossbrowsertracking_NDSS17.pdf},
+ urldate = {2017-03-17},
+}
+
+@article{ars:fingerprint,
+ author = {Goodwin, Dan},
+ title = {Now sites can fingerprint you online even when you use multiple
+ browsers},
+ subtitle = {Online tracking gets more accurate and harder to evade},
+ organization = {Ars Technica},
+ url = {https://arstechnica.co.uk/security/2017/02/now-sites-can-fingerprint-you-online-even-when-you-use-multiple-browsers/},
+ urldate = {2017-03-17},
+}
+
+@online{mtg:rof,
+ author = {Gerwitz, Mike},
+ title = {Restore Online Freedom!},
+ date = {2016-03-20},
+ url = {https://media.libreplanet.org/u/libreplanet/collection/restore-online-freedom/},
+ urldate = {2017-03-17},
+ annotate = {My LibrePlanet 2017 talk about issues with an increasing
+ non-free Web, as well as privacy and security implications
+ of running untrusted, unsigned, ephemeral JavaScript
+ code.}
+}
+
+@online{noscript,
+ title = {NoScript - {JavaScript}/{Java}/{Flash} blocker for a safer
+ Firefox experience!},
+ url = {https://noscript.net/},
+ urldate = {2017-03-17},
+}
+
+@online{eff:privacy-badger,
+ title = {Privacy Badger},
+ organization = {Electronic Frontier Foundation},
+ url = {https://www.eff.org/privacybadger},
+ urldate = {2017-03-17},
+}
+
+@online{gh:ublock-origin,
+ title = {uBlock Origin},
+ subtitle = {An efficient blocker for {Chromium} and {Firefox}. Fast and
+ lean.},
+ url = {https://github.com/gorhill/uBlock},
+ urldate = {2017-03-17},
+}
+
+@online{moz:sd-cookies,
+ title = {Self-Destructing Cookies},
+ url = {https://addons.mozilla.org/en-US/android/addon/self-destructing-cookies/},
+ urldate = {2017-03-17},
+}
+
+@online{lp:2016:privacy-badger,
+ author = {Quintin, Cooper},
+ title = {Ending Online Tracking! Privacy Badger and Beyond!},
+ organization = {Electronic Frontier Foundation},
+ url = {https://media.libreplanet.org/u/libreplanet/m/ending-online-tracking-privacy-badger-and-beyond/},
+ urldate = {2017-03-17},
+}
+
+@online{moz:lightbeam,
+ title = {Lightbeam for Firefox},
+ subtitle = {Shine a Light on Who's Watching You},
+ organization = {Mozilla},
+ url = {https://www.mozilla.org/en-US/lightbeam/},
+ urldate = {2017-03-17},
+}
+
+@cite{tor:browser,
+ title = {Tor Browser},
+ organization = {Tor Project},
+ url = {https://www.torproject.org/projects/torbrowser.html.en},
+ urldate = {2017-03-17},
+}
diff --git a/slides.org b/slides.org
index 8bc6097..2da8169 100644
--- a/slides.org
+++ b/slides.org
@@ -518,7 +518,7 @@ Cameras on streets to deter crime.
#+BEGIN_CENTER
#+ATTR_LATEX: :height 1.25in
-[[./images/sf-cameras.jpg]]
+[[./images/tp/sf-cameras.jpg]]
\incite{cbs:sf-smile}
#+END_CENTER
@@ -678,11 +678,11 @@ In fact,
#+BEGIN_CENTER
#+BEAMER: \only<1>{
#+ATTR_LATEX: :height 1.5in
- [[./images/alpr-mounted.png]]\incite{eff:alpr}
+ [[./images/tp/alpr-mounted.png]]\incite{eff:alpr}
#+BEAMER: }
#+BEAMER: \only<2>{
#+ATTR_LATEX: :height 1.5in
- [[./images/alpr-capture.png]]\incite{eff:alpr}
+ [[./images/tp/alpr-capture.png]]\incite{eff:alpr}
#+BEAMER: }
#+END_CENTER
@@ -958,7 +958,7 @@ Even if you can't find a camera on this site,
#+BEGIN_CENTER
#+ATTR_LATEX: :height 1.5in
-[[./images/alpr-pips.png]]\incite{eff:alpr}
+[[./images/tp/alpr-pips.png]]\incite{eff:alpr}
#+END_CENTER
- John Matherly (Shodon author) noticed many web-accessible PIPS
@@ -1059,39 +1059,44 @@ If I'm off in the background when you take a picture of your friends in the
#+END_COMMENT
-** LACKING The Web [0/6]
-*** DRAFT Introduction [0/1] :B_ignoreheading:
+** REVIEWED The Web [0/7]
+*** REVIEWED Introduction [0/1] :B_ignoreheading:
:PROPERTIES:
:BEAMER_env: ignoreheading
:END:
-**** DRAFT Introduction :B_fullframe:
+**** REVIEWED Introduction :B_fullframe:
:PROPERTIES:
:BEAMER_env: fullframe
+:DURATION: 00:00:10
:END:
-- Much of our lives are no longer in the flesh
-- Or have some non-fleshy (virtual) analog
+#+BEGIN_CENTER
+\Huge Fleshy You $\Longleftrightarrow$ Virtual You
+#+END_CENTER
#+BEGIN_COMMENT
But you're not just tracked in the flesh.
Much of what we do today is virtual.
-What better way to segue than to bridge the two?
+So, naturally, there are those that want to bridge them.
#+END_COMMENT
-*** LACKING Bridging the Gap [0/1]
-**** LACKING Ultrasound Tracking
+*** REVIEWED Bridging the Gap [0/3]
+**** REVIEWED FTC: They're Watching You :B_fullframe:
:PROPERTIES:
-:DURATION: 00:01
+:BEAMER_env: fullframe
+:DURATION: 00:00:30
:END:
-- <1-> How do you bridge that analog?
-- <2-> Particularly insidious example: ultrasound tracking
- - <2-> Correlates users across devices
+#+BEGIN_CENTER
+ [[./images/ftc-silver.png]]\incite{ftc:silver}
+#+END_CENTER
#+BEGIN_COMMENT
+This is a sample letter template from the FTC.
+It states: .
A challenge for advertisers is correlating users across multiple devices,
-and in the real world.
+ and in the real world.
Let's say you saw a commercial for some product Foo on TV.
And then you went online to research Foo.
@@ -1100,16 +1105,361 @@ And then you bought Foo.
Sometimes commercials have you enter promo codes online to know that you
arrived at the site from a TV commercial.
Or give you a unique URL.
-
-Others play inaudible sounds that are picked up by your mobile device or
- computer.
-
-<...>
#+END_COMMENT
-*** DRAFT Incentive to Betray [0/1]
-**** DRAFT Summary :B_fullframe:
+**** REVIEWED Ultrasound Tracking
+:PROPERTIES:
+:DURATION: 00:00:15
+:END:
+
+#+BEAMER: \only<1>{
+#+BEGIN_CENTER
+\cdots $\Longleftrightarrow$ TV $\Longleftrightarrow$
+Retail Store $\Longleftrightarrow$
+Mobile $\Longleftrightarrow$ Web $\Longleftrightarrow$ \cdots
+#+END_CENTER
+
+- Correlates users across devices; airgap
+ bridge\cite{ubeacsec:paper,wired:ultrasonic}
+ - Inaudible to humans
+- Could deanonymize (e.g. Tor users)\cite{33c3:talk-behind,bleep:ultrasound-tor}
+#+BEAMER: }
+
+#+BEAMER: \only<2>{
+#+BEGIN_CENTER
+[[./images/tp/silverpush-logo.png]]
+#+END_CENTER
+
+#+BEGIN_QUOTE
+``Silverpush could generate a detailed log of the television
+ content viewed while a user’s mobile phone was
+ turned\nbsp{}on.''\cite{ftc:silver}
+#+END_QUOTE
+#+BEAMER: }
+
+#+BEGIN_COMMENT
+Others play inaudible sounds that are picked up by your mobile device or
+ computer.
+
+This has other serious implications.
+There are concerns, for example, about this method being able to be used to
+ deanonymize Tor users.
+
+In that letter, FTC mentions Silverpush by name.
+There are other companies too;
+ see the references.
+#+END_COMMENT
+
+
+**** REVIEWED Ultrasound Cross-Device Tracking (uXDT)
+:PROPERTIES:
+:DURATION: 00:00:45
+:END:
+
+- <1-> Termed ``Ultrasound Cross-Device Tracking''
+ (uXDT)\cite{bleep:ultrasound-tor,ftc:xdt}
+- <1-> Mitigations?
+ - <2-> SilverDog is a Chromium addon to filter HTML5 audio\cite{ubeacsec:paper}
+ - <3-> Researchers propose Android permission system change
+ - <4-> Don't install software that keep secrets (proprietary)
+ - <5-> Don't run untrusted code on websites (use e.g. NoScript)
+ - <6-> Turn off your device when not in use
+ - <6-> Keep device away from other media
+
+#+BEGIN_COMMENT
+This is termed ``Ultrasound Cross-Device Tracking'',
+ or simply ``Cross-Device Tracking''.
+How do you go about mitigating this type of threat?
+
+Well, researchers studying this issue wrote SilverDog,
+ a Chromium addon to filter HTML5 audio to remove ultrasonic frequencies.
+That doesn't help with TorBrowser, though, which is FF-based.
+The reserachers also propose a change to the Android permission system for
+ audio.
+
+This type of thing only works when you're keeping some serious secrets.
+That's easy to do with proprietary software.
+Much riskier to do (but not impossible) with free software.
+For websites, don't run untrusted JavaScript code;
+ block it with an addon like NoScript.
+We'll get into that in a little bit.
+
+You can also turn off the device when not in use,
+ and maybe keep it away from other media.
+This is far from the only mobile threat;
+ you may want to take precautions for other things anyway.
+#+END_COMMENT
+
+
+*** REVIEWED Analytics [0/4]
+**** REVIEWED Introduction :B_fullframe:
+:PROPERTIES:
+:BEAMER_env: fullframe
+:DURATION: 00:00:15
+:END:
+
+#+BEGIN_CENTER
+#+BEAMER: \only<1-3>{\Huge Data Analytics}
+
+#+BEAMER: \only<2-3>{\LARGE (Building User Profiles)}
+
+#+BEAMER: \only<3>{\large (Tracking)}
+
+#+BEAMER: \only<4->{\Huge Spyware}
+
+#+BEAMER: \only<5>{\LARGE (With Science)}
+#+END_CENTER
+
+#+BEGIN_COMMENT
+This all leads into a larger subject called ``data analytics''.
+
+Which is really just building, analyzing, and aggregating user profiles.
+
+Which is generally called tracking.
+
+...which we usually just call spyware.
+But this has science!
+#+END_COMMENT
+
+
+**** REVIEWED Trackers
+:PROPERTIES:
+:DURATION: 00:00:15
+:END:
+
+- <1-> Website owners want to know what their visitors are doing
+ - <1-> That in itself isn't an unreasonable concept
+- <2-> Methods and data define the issue
+
+#+BEGIN_COMMENT
+Website owners want to know what their visitors are doing.
+That in itself isn't an unreasonable thing, broadly speaking,
+ but how you go about it and what types of data you collect
+ defines the issue.
+#+END_COMMENT
+
+
+**** REVIEWED Google Analytics
+:PROPERTIES:
+:DURATION: 00:00:30
+:END:
+
+***** GA Dashboard
+:PROPERTIES:
+:BEAMER_col: 0.45
+:END:
+
+#+BEGIN_CENTER
+#+BEAMER: \only<1>{
+#+ATTR_LATEX: :height 1.5in
+[[./images/tp/ga-dashboard.png]]
+
+\incite{google:ga:features}
+#+BEAMER: }
+#+BEAMER: \only<2>{
+[[./images/analytics-usage.png]]
+\incite{w3techs:analytics}
+#+BEAMER: }
+#+END_CENTER
+
+***** Description
+:PROPERTIES:
+:BEAMER_col: 0.45
+:END:
+
+- <1-> User location, screen resolution, time on page, heatmap,
+ etc\cite{w:behavioral-targeting}
+- <1-> Unique identifier assigned
+- <1-> Fine-grained reporting for site owner
+- <2-> Knows many sites user visited across Web\cite{w3techs:google}
+
+#+BEGIN_COMMENT
+Take Google Analytics for example.
+It is one of the most widely distributed spyware programs in the world.
+
+It collects a variety of user data.
+A lot of it really is what website owners want to know:
+ geography, screen resolution, time on the page, heatmaps, etc.
+Except...
+
+And all of this is known to Google.
+And because services like GA, AdWords, etc are so widely used,
+ all of this can be used to identify users across the entire web.
+#+END_COMMENT
+
+
+**** REVIEWED Piwik
+:PROPERTIES:
+:DURATION: 00:00:30
+:END:
+
+#+BEGIN_COMMENT
+If you must track your users, consider using Piwik, which you can host
+ yourself.
+This means that your visitor data aren't stored and accessible by Google or
+ other companies.
+Pwik has some user privacy settings to anonymize, remove logs, respect DNT,
+ provide opt-out, etc.
+It also gives website owners some privacy by not leaking paths and other
+ information about the website:
+#+END_COMMENT
+
+***** Dashboard
+:PROPERTIES:
+:BEAMER_col: 0.65
+:END:
+
+#+BEGIN_CENTER
+[[./images/tp/piwik-dashboard.png]]
+
+\incite{piwik}
+#+END_CENTER
+
+
+***** Description
+:PROPERTIES:
+:BEAMER_col: 0.35
+:END:
+
+- <2-> Data on **your own servers**\cite{mtg:gitlab-piwik}
+- <2-> Visitor privacy settings\cite{piwik:privacy}
+- <2-> Privacy as a site owner
+
+
+*** REVIEWED Social Networking
+**** REVIEWED Like Buttons
+:PROPERTIES:
+:DURATION: 00:00:30
+:END:
+
+#+BEGIN_CENTER
+#+ATTR_LATEX: :height 1.5in
+[[./images/tp/fb-like.png]]\incite{w:fb-like-img}
+#+END_CENTER
+
+- <2-> Infecting the Web with trackers under guise of
+ community\cite{pnas:predict,w:behavioral-targeting,uld:fb}
+- <2-> Tracks regardless of whether you are logged in to Facebook
+ \cite{bloomberg:belgum-fb,roosendaal:fb-like}
+
+#+BEGIN_COMMENT
+Another popular example are "like buttons" and similar little widgets that
+ websites like Facebook offer.
+It might help get the word out about your stuff,
+ but please don't fall into the trap of betraying your visitors.
+Please don't fall into the trap of clicking it, either---
+ it's easy to infer a great deal of information about you from what you
+ "like".
+
+If a user is logged into Facebook,
+ then Facebook now knows that they visited that website,
+ _even if they don't click on the button_.
+
+But even if you don't have a Facebook account,
+ you are still being tracked.
+#+END_COMMENT
+
+
+*** REVIEWED Fingerprinting [0/3]
+**** REVIEWED Summary :B_fullframe:
+:PROPERTIES:
+:DURATION: 00:00:15
+:END:
+#+BEGIN_CENTER
+\Huge Fingerprinting
+#+END_CENTER
+
+#+BEGIN_COMMENT
+These methods are part of a broader topic called ``fingerprinting''.
+It's just what it sounds like:
+ uniquely identify users online.
+#+END_COMMENT
+
+
+**** REVIEWED EFF Research :B_fullframe:
+:PROPERTIES:
+:BEAMER_env: fullframe
+:DURATION: 00:00:20
+:END:
+
+#+BEGIN_CENTER
+#+BEAMER: \only<1>{
+EFF Research, 2010:\cite{eff:browser-uniqueness-blog,eff:browser-uniqueness}
+
+#+BEGIN_QUOTE
+``In our analysis of anonymized data from around half a million distinct
+browsers, 84% had unique configurations. Among browsers that had Flash or
+Java installed, 94% were unique, and only 1% had fingerprints that were seen
+more than twice.''
+#+END_QUOTE
+#+BEAMER: }
+#+BEAMER: \only<2>{
+That was seven years ago.
+
+You're really screwed today.*
+
+#+BEGIN_LATEX
+\incite{eff:panopti2,eff:browser-uniqueness,mozilla:fingerprinting,%
+ chromium:identification,tor:browser-design,stanford:private-browsing,%
+ norte:tor-fingerprint,browserleaks,ars:fingerprint,hardware-fingerprint}
+#+END_LATEX
+#+BEAMER: }
+#+END_CENTER
+
+#+BEGIN_COMMENT
+Back in 2010,
+ the EFF released a paper with results from their fingerprinting research
+ project Panopticlick.
+Back then,
+ they had an 84% success rate;
+ even higher with Flash and Java.
+
+But we ain't in 2010 anymore.
+We have options.
+Very creative ones.
+#+END_COMMENT
+
+
+**** REVIEWED Alarmingly Effective
+:PROPERTIES:
+:DURATION: 00:00:40
+:END:
+
+- Panopticlick (EFF)\cite{panopti:about}
+- User Agent, cookies, screen resolution, fonts, language, session storage,
+ canvas, WebGL, ad blocker, audio, keystrokes, mouse movement, \ldots
+- Can even track separate browsers on the same
+ hardware\cite{hardware-fingerprint,ars:fingerprint}
+
+#+BEGIN_COMMENT
+Fingerprinting is alarmingly effective.
+We don't have time to get into much detail on how it works;
+ I provided plenty of resources for that.
+But there are some interesting ones.
+
+We don't just have to rely on basic browser-provied information like user
+ agent, fonts, and cookies anymore.
+How about tracking how the user moves her mouse and scrolls?
+What about keystroke analysis?
+Random noise from audio?
+Time of CPU-intensive tasks like rendering 3D elements?
+
+Some of these methods are hardware-based.
+They can fingerprint even if the user opens a different browser,
+ or maybe even a different operating system,
+ on the same box.
+
+Some are behavioral.
+Keystroke patterns will persist wherever the user goes.
+
+We'll get into some defenses in a bit.
+#+END_COMMENT
+
+
+
+*** REVIEWED Incentive to Betray [0/2]
+**** REVIEWED Summary :B_fullframe:
:PROPERTIES:
:DURATION: 00:00:30
:BEAMER_env: fullframe
@@ -1128,121 +1478,230 @@ Incentives to betray users.
Many websites make money through advertising.
It can be lucrative.
And it's _easy_ to do.
+
+Others get addicted to attention and praise.
+
+Others simply want to know what their visitors are doing on their website.
+
+Most website owners don't think or know about these issues.
+They're unknowing pawns in the Web of surveillance.
#+END_COMMENT
-*** LACKING Analytics [0/2]
-**** LACKING Trackers
+**** DRAFT Web of Surveillance :B_fullframe:
:PROPERTIES:
-:DURATION: 00:01
+:BEAMER_env: fullframe
:END:
-- <1-> Website owners want to know what their visitors are doing
- - <1-> That in itself isn't an unreasonable concept
-- <2-> Methods and data define the issue
-
-#+BEGIN_COMMENT
-Site analytics is another issue.
-Website owners want to know what their visitors are doing.
-That in itself isn't an unreasonable thing broadly speaking,
- but how you go about it and what types of data you collect
- defines the issue.
-
-Take Google Analytics for example.
-A very popular proprietary analytics service.
-It is one of the most widely distributed malware programs in the world.
-
-<>
-
-And all of this is known to Google.
-All of this can be used to identify users across the entire web.
-
-<>
-
-If you must track your users, consider using Piwik, which you can host
- yourself.
-#+END_COMMENT
-
-
-**** DRAFT Like Buttons
-:PROPERTIES:
-:DURATION: 00:01
-:END:
-
-- <1-> Services encourage use of "like" buttons and such
-- <1-> Infecting the web with trackers under the guise of community
-- <2-> **Use Privacy Badger**
-
-#+BEGIN_COMMENT
-Another popular example are "like buttons" and similar little widgets that
- websites like Facebook offer.
-If a user is logged into Facebook,
- then Facebook now knows that they visited that website,
- _even if they don't click on the button_.
-
-But even if you don't have a Facebook account,
- information is being leaked to them
- you are still being tracked.
-
-Addons like Privacy Badger will block these.
-#+END_COMMENT
-
-
-*** LACKING Fingerprinting [0/3]
-**** DRAFT Summary :B_fullframe:
#+BEGIN_CENTER
- Browser Fingerprinting
+#+BEAMER: \only<1>{
+#+ATTR_LATEX: :height 2.5in
+[[./images/lightbeam-ex.png]]
+
+\incite{moz:lightbeam}
+#+BEAMER: }
+#+BEAMER: \only<2>{
+#+ATTR_LATEX: :height 2.5in
+[[./images/lightbeam-ex-good.png]]
+
+(After mitigations)
+#+BEAMER: }
+#+END_CENTER
+
+
+#+BEGIN_COMMENT
+And I do mean a Web of surveillance.
+
+This is LightBeam.
+It's an addon for Firefox that graphs first- and third-party sites that you
+ visit,
+ providing you with a visualization of the Web that's hidden from most
+ users.
+I created a new FF profile and installed the addon;
+ none of my privacy settings or other addons I'm used to.
+You can see at the top that I visited five websites:
+ Washington Post, NY Times from Google, Guargian, and---which you can't see
+ here because they're actually disjoint from this graph---The Intercept.
+ Good for them!
+And yet,
+ it hit /86/ third party sites!
+NYT alone connected to 47 different third parties!
+
+I was blown away.
+
+
+Some of these are trackers.
+Some of them are remotely hosted scripts and fonts and media.
+
+So let me show you what I'm used to seeing.
+This is what happens when I try to mitigate some of these threats.
+#+END_COMMENT
+
+
+*** REVIEWED Mitigations & Anonymity [0/8]
+**** REVIEWED Summary :B_fullframe:
+:PROPERTIES:
+:DURATION: 00:00:05
+:BEAMER_env: fullframe
+:END:
+
+#+BEGIN_CENTER
+\Huge How Do We Mitigate?
#+END_CENTER
#+BEGIN_COMMENT
-These methods are part of a broader topic called "browser fingerprinting".
-It's just what it sounds like:
- uniquely identify users online.
+So how do we do that?
+
+Well, it depends on your threat model,
+ but let's start with the easy stuff.
#+END_COMMENT
-**** LACKING Alarmingly Effective
+**** REVIEWED Disable the Damn JavaScript!
:PROPERTIES:
-:DURATION: 00:03
-:BEAMER_env: fullframe
+:DURATION: 00:00:45
:END:
-- Panopticlick (EFF)\cite{panopti:about}
-- JavaScript opens up a world of possibilities
-- Clearing cookies et al. won't always help
-- Can even track separate browsers on the same box
+#+BEGIN_CENTER
+#+ATTR_LATEX: :height 1.5in
+[[./images/tp/noscript.png]]
+#+END_CENTER
+
+#+BEAMER: \only<2-3>{
+- <2-3> Preempt most sophisticated and damning fingerprinting methods
+ - <2-3> Stop hardware profiling
+ - <2-3> Stop keystroke/mouse analysis
+ - <3> Remember those audio beacons?\cite{bleep:ultrasound-tor}
+#+BEAMER: }
+#+BEAMER: \only<4-5>{
+- <4-> Running arbitrary untrusted, unsigned, ephemeral code
+ (/also\nbsp{}from many third parties/)\cite{mtg:rof}
+ - <4-> /Restore Online Freedom!/ (My LibrePlanet 2016 talk)
+ - <5-> LibreJS blocks non-free, but free doesn't mean free of malice
+#+BEAMER: }
+#+BEAMER: \only<6>{
+- NoScript blocks JavaScript based on URL patterns\cite{noscript}
+ - /Warning:/ Allows some sites by default!
+ - Also blocks media and fonts; provides XSS and clickjacking prevention
+#+BEAMER: }
#+BEGIN_COMMENT
-It's alarmingly effective.
+Okay, I can't say this enough.
+Disable the damn JavaScript!
+The Web isn't broken without it,
+ they're breaking the web /with/ it!
+I write a lot of JavaScript for a living.
+My GNU project is ease.js, which is a JavaScript library.
+And yet,
+ /I do not allow JavaScript to run 99% of the time!/.
+Even on most websites I trust.
+Some people run LibreJS.
+But note that free software doesn't mean free of malice.
-Some methods allow fingerprinting even if the user uses multiple browsers
- and takes care to clear all session data.
-They can do this by effectively breaking out of the browser's sandbox by
- doing operations that depend heavily on specifics of users' hardware.
+It's probably obvious from the logo that I'm talking about the NoScript
+ extension.
+It does more than just block JS---
+ it also blocks media, custom fonts, prevents against certain types of XSS
+ and clickjacking attacks, and more.
+If you don't know what XSS and clickjacking is, that's okay.
#+END_COMMENT
-**** DRAFT User Agent
-- <1-> User agents can leak a lot of information
- - <1-> ~18 bits in my browser on GNU/Linux, 1/~250,000
-- <2-> Tor Browser\cite{panopti:about}
-
-#+BEGIN_COMMENT
-Your browser's user agent is a string that it sends with every request
- identifying itself and some of its capabilities.
-It can be surprisingly unique.
-When I tested a Firefox browser on GNU/Linux,
- I was unique out of nearly 250,000 users.
-#+END_COMMENT
-
-
-*** DRAFT Anonymity [0/4]
-**** DRAFT Summary :B_fullframe:
+**** REVIEWED LightBeam NoScript :B_fullframe:
:PROPERTIES:
-:DURATION: 00:01
:BEAMER_env: fullframe
+:DURATION: 00:00:15
:END:
+#+BEGIN_CENTER
+#+BEAMER: \only<1>{
+#+ATTR_LATEX: :height 2.5in
+[[./images/lightbeam-ex.png]]
+
+(Before NoScript)
+#+BEAMER: }
+#+BEAMER: \only<2>{
+#+ATTR_LATEX: :height 2.5in
+[[./images/lightbeam-ex-noscript.png]]
+
+(After NoScript)
+#+BEAMER: }
+#+END_CENTER
+
+#+BEGIN_COMMENT
+So this was our graph before NoScript.
+
+And here it is after disabling scripts.
+Without any other mitigations.
+
+Obviously results will vary depending on the website.
+
+We're going to get back to JS soon.
+#+END_COMMENT
+
+
+**** REVIEWED Block Ads and Trackers
+:PROPERTIES:
+:DURATION: 00:00:40
+:END:
+#+BEGIN_CENTER
+#+ATTR_LATEX: :height 0.75in
+[[./images/tp/privacy-badger.png]]
+#+ATTR_LATEX: :height 0.75in
+[[./images/tp/ublock0.png]]
+#+ATTR_LATEX: :height 0.75in
+[[./images/tp/sdcookies.png]]
+#+END_CENTER
+
+- /Privacy Badger/ blocks trackers\cite{eff:privacy-badger,lp:2016:privacy-badger}
+- /uBlock_0/ filters (primarily) ads\cite{gh:ublock-origin}
+- /Self-Destructing Cookies/ clears cookies and
+ LocalStorage\cite{moz:sd-cookies}
+
+#+BEGIN_COMMENT
+The issue surrounding Ad Blockers is framed such that we're waging war
+ against advertisers.
+No---they're waging war against /us/.
+
+You'll find that the bulk of what these addons for Firefox browsers handle
+ is related to ad networks.
+Privacy Badger works to block sites that appear to be tracking you.
+Cooper Quintin---developer of Privacy Badger---gave a great talk last year
+ here at LP; go check it out.
+uBlock Origin describes itself as a ``wide-spectrum blocker'',
+ but it serves primarily as an ad blocker.
+Self-Destructing cookies clears out a site's cookies and LocalStorage once a
+ tab is closed.
+There may be better options out there;
+ this seems to be useful for me.
+
+I don't have time to go into technical details, unfortunately.
+#+END_COMMENT
+
+
+**** REVIEWED Anonymity :B_fullframe:
+:PROPERTIES:
+:BEAMER_env: fullframe
+:DURATION: 00:00:15
+:END:
+
+#+BEGIN_CENTER
+#+BEAMER: \only<1>{
+#+BEAMER: {\Huge Anonymity}
+
+\bigskip
+Origin is unknown to server; no unique identifier known
+by\nbsp{}server\incite{whonix:donot}
+#+BEAMER: }
+#+BEAMER: \only<2>{
+#+BEAMER: {\Huge Pseudonymity}
+
+\bigskip
+Origin is unknown to server; unique identifier /is\nbsp{}available/
+to\nbsp{}server\incite{whonix:donot}
+#+BEAMER: }
+#+END_CENTER
+
#+BEGIN_COMMENT
Another way is to be anonymous or pseudononymous.
In the latter case,
@@ -1253,22 +1712,17 @@ In the former case,
current session.
#+END_COMMENT
-***** Anonymity
-Origin is unknown to server; no unique identifier known by
-server\incite{whonix:donot}
-***** Pseudonymity
-Origin is unknown to server; unique identifier /is available/ to
-server\incite{whonix:donot}
-
-
-**** DRAFT IANAAE :B_fullframe:
+**** REVIEWED IANAAE :B_fullframe:
:PROPERTIES:
:BEAMER_env: fullframe
+:DURATION: 00:00:10
:END:
#+BEGIN_CENTER
- IANAAE (I Am Not An Anonymity Expert)
+#+BEAMER: {\Huge IANAAE}
+
+(I Am Not An Anonymity Expert)
#+END_CENTER
#+BEGIN_COMMENT
@@ -1281,52 +1735,103 @@ I provide a number of resources to get you started.
#+END_COMMENT
-**** DRAFT The Tor Network
+**** REVIEWED The Tor Network
:PROPERTIES:
-:DURATION: 00:01
+:DURATION: 00:00:30
:END:
-- The Onion Router (Tor)\cite{tor}
-- Helps defend against traffic analysis
-- (Routing image)
+#+BEGIN_CENTER
+#+BEAMER: \only<1>{
+ #+ATTR_LATEX: :height 1in
+ [[./images/tp/tor.png]]
+#+BEAMER: }
+#+BEAMER: \only<2>{
+ [[./images/tp/tor-diagram.png]]
+#+BEAMER: }
+#+END_CENTER
+
+- <1> The Onion Router (Tor)\cite{tor}
+- <1> Helps defend against traffic analysis
#+BEGIN_COMMENT
Most here have probably heard of Tor.
+Its purpose is to protect against certain kinds of traffic analysis.
+
"Tor" stands for "The Onion Router",
which describes how it relays data through the Tor network.
The packet is routed through a number of servers,
encrypted with the public key of each server such that the first hop
- strips off the first layer and so on.
+ strips off the first layer and so on,
+ like an onion.
The exit node reveals the packet and delivers it to the destination,
- then begins relaying the reply back to through the network to the user.
+ then begins relaying the reply back to through the network to the
+ requesting user.
As long as a sufficient portion of the network can be trusted and has not
been compromised by an adversary,
it isn't possible to trace data back through the network.
The most common use of Tor is to route web traffic.
-Many nodes block most other ports.
-It's also possible to resolve DNS requests through Tor.
There are lots of other details that I don't have time to get to here,
but I provide a number of resources for you.
#+END_COMMENT
-**** DRAFT TorBrowser, Tails, and Whonix
+**** REVIEWED TorBrowser, Tails, and Whonix
:PROPERTIES:
-:DURATION: 00:02
+:DURATION: 00:01
:END:
-- <1-> Tor alone isn't enough
-- <1-> Browser needs to be hardened
- - <2-> TorBrowser is a hardened Firefox derivative
-- <1-> Operating System needs to be hardened
- - <2-> Tails, Whonix
+#+BEGIN_CENTER
+#+BEAMER: \only<2>{
+ #+ATTR_LATEX: :height 1in
+ [[./images/tp/torbrowser.png]]
+#+BEAMER: }
+#+BEAMER: \only<3>{
+ #+ATTR_LATEX: :height 1in
+ [[./images/tp/tails.png]]
+#+BEAMER: }
+#+BEAMER: \only<4>{
+ #+ATTR_LATEX: :height 1in
+ [[./images/tp/whonix.png]]
+#+BEAMER: }
+#+END_CENTER
+
+#+BEAMER: \only<1>{
+- Also need to change browsing habits\cite{whonix:donot}
+#+BEAMER: }
+#+BEAMER: \only<2>{
+- Browser needs to be hardened
+ - Remember: browser leaks a lot of
+ data\cite{panopti:about,eff:browser-uniqueness}
+ - TorBrowser is a hardened Firefox derivative\cite{tor:browser,tor:browser-design}
+#+BEAMER: }
+#+BEAMER: \only<3->{
+- <3-> Operating System needs to be hardened
+ - <3-> Tails---The Amnesic Incognito Live System\cite{tor:tails}
+ - <4> Whonix---Multi-layer isolation in VMs\cite{whonix}
+#+BEAMER: }
#+BEGIN_COMMENT
-Tor alone isn't enough to secure your anonymity.
+But Tor alone isn't enough to secure your anonymity.
+You also have to change your browsing habits.
+That is difficult and nuanced advice to give,
+ let alone in a mention in a talk,
+ so I defer to my citations.
+
+For some people, that's enough.
+If your threat model involves only advertisers and other snoopers,
+ you might be okay with Tor and privacy extensions.
+For nearly all of my Web traffic,
+ that's what I care about.
+
+But if you're a dissident,
+ and your life is in danger,
+ you have more work to do.
+If you are worried about government surveillance or cracking,
+ you have more work to do.
It's hard to secure a web browser.
@@ -1334,9 +1839,23 @@ TorBrowser is a hardened version of Firefox.
The Tor browser recommends that you don't rely on a vanilla Firefox for
anonymity with Tor.
-Tails...
+The operating system needs hardening.
+There are two major options.
+The first one is Tails: The Amnesic Incognito Live System.
+It is an ephemeral OS that you can simply boot from USB on any PC.
+It routes all traffic through the Tor network.
-Whonix...
+The second is Whonix.
+It is not ephemeral: it requires a host OS (or hypervisor) and runs two VMs:
+ one is the guest that the user uses as a desktop,
+ and the other is the VM it routes all traffic through,
+ which goes through Tor.
+If the guest the user is using is compromised,
+ an attacker cannot subvert the Tor network.
+
+There's obvious tradeoffs there for both;
+ I encourage you to look into both before deciding which is best for your
+ threat model.
#+END_COMMENT