From 17dbce4b7f2933f9b755816c2afaacecc3a7fc56 Mon Sep 17 00:00:00 2001 From: Mike Gerwitz Date: Sat, 11 Mar 2017 23:25:25 -0500 Subject: [PATCH] slides.org (Mobile): Review The references were supposed to be committed a little while back, but I'm not going to rewrite history; I have better things to do right now. * sapsf.bib: Add references. --- sapsf.bib | 224 +++++++++++++++++++ slides.org | 644 +++++++++++++++++++++++++++++++++-------------------- 2 files changed, 630 insertions(+), 238 deletions(-) create mode 100644 sapsf.bib diff --git a/sapsf.bib b/sapsf.bib new file mode 100644 index 0000000..512b9e0 --- /dev/null +++ b/sapsf.bib @@ -0,0 +1,224 @@ +@online{panopti:about, + author = {Electric Frontier Foundation}, + title = {Panopticlick | About}, + url = {https://panopticlick.eff.org/about}, + urldate = {2017-03-08}, +} + +@online{whonix:donot, + author = {Whonix}, + title = {DoNot}, + url = {https://www.whonix.org/wiki/DoNot}, + urldate = {2017-03-05} +} + +@online{tor, + author = {Tor Project}, + title = {Tor Project: Anonymity Online}, + url = {http://torproject.org/}, + urldate = {2017-03-09}, +} + + +@online{eff:nsa:timeline, + author = {Electronic Frontier Foundation}, + title = {Timeline of NSA Domestic Spying}, + url = {https://www.eff.org/nsa-spying/timeline}, + urldate = {2017-03-09}, +} + +@online{mtg:uproar, + author = {Mike Gerwitz}, + title = {National Uproar: A Comprehensive Overview of the + NSA Leaks and Revelations}, + url = {https://mikegerwitz.com/2013/06/National-Uproar-A-Comprehensive-Overview-of-the-NSA-Leaks-and-Revelations}, + month = 06, + year = 2013, + urldate = {2017-03-09}, +} + +@online{eff:bernstein:doj, + author = {Electronic Frontier Foundation}, + title = {Bernstein v. US Department of Justice}, + url = {https://www.eff.org/cases/bernstein-v-us-dept-justice}, + urldate = {2017-03-09}, +} + +% TODO: figure out how to render the URL +@techreport{poodle:paper, + author = {Möller, Brodo and Duong, Thai and Kotowicz, Krzysztof}, + title = {This POODLE Bites: Exploiting the SSL 3.0 Fallback}, + institution = {Google}, + year = 2014, + month = Sep, + url = {https://www.openssl.org/~bodo/ssl-poodle.pdf}, +} + +@online{w:crypto-wars, + author = {Wikipedia}, + title = {Crypto Wars}, + url = {https://en.wikipedia.org/wiki/Crypto_wars}, + urldate = {2017-03-10}, +} + + +@online{fedr:export-controls, + author = {Executive Office of the President}, + title = {Administration of Export Controls on Encryption Products}, + url = {https://www.gpo.gov/fdsys/pkg/FR-1996-11-19/pdf/96-29692.pdf}, + urldate = {2017-03-10}, + month = 11, + year = 1996, + note = {Federal Register, Vol. 61, No. 224, Executive Order 58767}, +} + + + +@online{doc:rev-export-reg, + author = {United States Department of Commerce}, + title = {Revised U.S. Encryption Export Regulations}, + url = {https://epic.org/crypto/export_controls/regs_1_00.html}, + month = 01, + year = 2000, + urldate = {2017-03-10}, +} + + +@online{arxiv:mac, + author = {Martin, Jeremy + and Mayberry, Travis + and Donahue, Collin + and Foppe, Lucas, + and Brown, Lamont + and Riggins, Chadwick + and Rye, Erik C. + and Brown, Dane}, + title = {A Study of MAC Address Randomization in Mobile Devices and When it Fails}, + year = 2017, + month = 03, + archivePrefix= {arXiv}, + eprint = {1703.02874}, + primaryClass = {cs.CR}, +} + +@online{aimsid, + author = {CellularPrivacy}, + title = {Android IMSI-Catcher Detector}, + url = {https://cellularprivacy.github.io/Android-IMSI-Catcher-Detector/}, + urldate = {2017-03-11}, +} + +@online{osmand, + title = {OsmAnd - Offline Mobile Maps and Navigation}, + url = {http://osmand.net/}, + urldate = {2017-03-11}, +} + +@online{mozilla:loc-services, + author = {MozillaWiki}, + title = {CloudServices/Location - MozillaWiki}, + url = {https://wiki.mozilla.org/CloudServices/Location}, + urldate = {2017-03-11}, +} + +@online{openmobilenetwork, + title = {OpenMobileNetwork}, + url = {http://www.openmobilenetwork.org/}, + urldate = {2017-03-11}, +} + +@online{w:wps, + author = {Wikipedia}, + title = {Wi-Fi positioning system}, + url = {https://en.wikipedia.org/wiki/Wi-Fi_positioning_system}, + urldate = {2017-03-11}, +} + +@online{w:trilateration, + author = {Wikipedia}, + title = {Trilateration}, + url = {https://en.wikipedia.org/wiki/Trilateration}, + urldate = {2017-03-11}, +} + +@article{acm:spotfi, + author = {Kotaru, Manikanta + and Joshi, Kiran + and Bharadia, Dinesh + and Katti, Sachin}, + title = {{SpotFi}: Decimeter Level Localization Using {WiFi}}, + journal = {{ACM} {SIGCOMM} Computer Communication Review - {SIGCOMM'15}}, + doi = {10.1145/2785956.2787487}, + volume = 45, + pages = {269-282}, + year = 2015, +} + +@article{acm:lteye, + author = {Kumar, Swarun + and Hamed, Ezzeldin + and Katabi, Dina + and Li, Li Erran}, + title = {{LTE} radio analytics made easy and accessible}, + journal = {{S3 '14} Proceedings of the 6th annual workshop on Wireless of + the students, by the students, for the students}, + doi = {10.1145/2645884.2645891}, + pages = {29-30}, + year = 2014, +} + +@online{replicant, + author = {Replicant}, + title = {Replicant}, + url = {http://www.replicant.us}, + urldate = {2017-03-11}, + annotation = {A fully free Android distribution} +} + +@online{replicant:sec, + author = {Replicant}, + title = {Freedom and privacy/security issues}, + url = {http://www.replicant.us/freedom-privacy-security-issues.php}, + urldate = {2017-03-11}, +} + +@online{replicant:samsung-bd, + author = {Replicant}, + title = {Samsung Galaxy back-door}, + url = {http://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor}, + urldate = {2017-03-11}, + annotation = {Backdoor in Samsung Galaxy phones closed by Replicant}, +} + +@online{gnu:malware-mobile, + author = {GNU Project}, + title = {Malware in Mobile Devices}, + url = {https://www.gnu.org/philosophy/malware-mobiles.html}, + urldate = {2017-03-11}, + annotation = {Numerous resources on privacy/security issues with mobile + devices} +} + +@online{jots:mobile, + author = {Jinyan Zang + and Krysta Dummit + and James Graves + and Paul Lisker + and Latanya Sweeney}, + title = {Who Knows What About Me? A Survey of Behind the Scenes Personal + Data Sharing to Third Parties by Mobile Apps}, + url = {http://jots.pub/a/2015103001/index.php}, + urldate = {2017-03-11}, +} + +@online{kryptowire:adups, + author = {Kryptowire}, + title = {KRYPTOWIRE DISCOVERS MOBILE PHONE FIRMWARE THAT TRANSMITTED + PERSONALLY IDENTIFIABLE INFORMATION (PII) WITHOUT USER + CONSENT OR DISCLOSURE}, + url = {http://www.kryptowire.com/adups_security_analysis.html}, + urldate = {2017-03-11}, + annotation = {BLU mobile phones transmitting SMS content, contacts, call + history, telephone numbers, IMEIs, etc to third-party + servers without users' knolwedge or censent} +} diff --git a/slides.org b/slides.org index aa935c8..f5488be 100644 --- a/slides.org +++ b/slides.org @@ -10,151 +10,150 @@ #+BEAMER_HEADER: \beamertemplatenavigationsymbolsempty #+BIBLIOGRAPHY: sapsf plain #+TODO: RAW(r) DEVOID(v) LACKING(l) DRAFT(d) REVIEWED(R) | READY(+) REHEARSED(D) -#+COLUMNS: %40ITEM %10DURATION{:} %TODO %BEAMER_ENV(ENVIRONMENT) +#+COLUMNS: %40ITEM %10DURATION{:} %8TODO %BEAMER_ENV(ENVIRONMENT) #+BEGIN: columnview :hlines 3 :id global -| ITEM | DURATION | TODO | ENVIRONMENT | -|-----------------------------------------------+----------+---------+---------------| -| * LaTeX Configuration | | | | -|-----------------------------------------------+----------+---------+---------------| -| * Slides | 0:44 | LACKING | | -|-----------------------------------------------+----------+---------+---------------| -| ** Introduction / Opening | 00:00:30 | DRAFT | fullframe | -|-----------------------------------------------+----------+---------+---------------| -| ** Mobile [0/5] | 0:04 | LACKING | | -|-----------------------------------------------+----------+---------+---------------| -| *** Introduction | 0:00 | DRAFT | ignoreheading | -| **** Introduction | 00:00:30 | DRAFT | fullframe | -|-----------------------------------------------+----------+---------+---------------| -| *** Cell Towers [0/2] | 00:01 | LACKING | | -| **** Fundamentally Needed | | DRAFT | | -| **** Cell-Site Simulators | | LACKING | | -|-----------------------------------------------+----------+---------+---------------| -| *** Wifi [0/3] | 00:01 | LACKING | | -| **** Wifi | | DRAFT | | -| **** Ubiquitous Access Points | | DEVOID | | -| **** Mitigations | | DRAFT | | -|-----------------------------------------------+----------+---------+---------------| -| *** Location Services [0/2] | 00:01 | DRAFT | | -| **** GPS | | DRAFT | | -| **** Access Points | | DRAFT | | -|-----------------------------------------------+----------+---------+---------------| -| *** Operating System [0/3] | 00:01 | DRAFT | | -| **** Untrusted/Proprietary OS | | DRAFT | | -| **** Free/Libre Mobile OS? | | DRAFT | | -| **** Modem | | DRAFT | | -|-----------------------------------------------+----------+---------+---------------| -| ** Stationary [0/5] | 0:08 | LACKING | | -|-----------------------------------------------+----------+---------+---------------| -| *** Introduction [0/1] | 0:00 | DRAFT | ignoreheading | -| **** Introduction | 00:00:30 | DRAFT | fullframe | -|-----------------------------------------------+----------+---------+---------------| -| *** Surveillance Cameras [0/2] | 0:00 | DRAFT | | -| **** Unavoidable Surveillance | | DRAFT | | -| **** Access to Data | 00:00:30 | DRAFT | | -|-----------------------------------------------+----------+---------+---------------| -| *** Internet of Things [0/4] | 0:04 | LACKING | | -| **** Internet-Connected Cameras | 00:00:30 | DRAFT | | -| **** The ``S'' In IoT Stands For ``Security'' | 00:01:30 | LACKING | | -| **** Who's Watching? | 00:00:30 | DEVOID | | -| **** Facial Recognition | 00:01 | DRAFT | | -|-----------------------------------------------+----------+---------+---------------| -| *** Social Media [0/1] | 0:01 | DRAFT | | -| **** Collateral Damage | 00:01 | DRAFT | | -|-----------------------------------------------+----------+---------+---------------| -| *** Driving [0/3] | 0:02 | RAW | | -| **** Introduction | 00:00:30 | DRAFT | fullframe | -| **** ALPRs | 00:01 | LACKING | | -| **** Car Itself | 00:00:30 | LACKING | | -|-----------------------------------------------+----------+---------+---------------| -| ** The Web [0/6] | 0:10 | LACKING | | -|-----------------------------------------------+----------+---------+---------------| -| *** Introduction [0/1] | | DRAFT | ignoreheading | -| **** Introduction | | DRAFT | fullframe | -|-----------------------------------------------+----------+---------+---------------| -| *** Bridging the Gap [0/1] | 0:01 | LACKING | | -| **** Ultrasound Tracking | 00:01 | LACKING | | -|-----------------------------------------------+----------+---------+---------------| -| *** Incentive to Betray [0/1] | 0:00 | DRAFT | | -| **** Summary | 00:00:30 | DRAFT | fullframe | -|-----------------------------------------------+----------+---------+---------------| -| *** Analytics [0/2] | 0:02 | LACKING | | -| **** Trackers | 00:01 | LACKING | | -| **** Like Buttons | 00:01 | DRAFT | | -|-----------------------------------------------+----------+---------+---------------| -| *** Fingerprinting [0/3] | 0:03 | LACKING | | -| **** Summary | | DRAFT | | -| **** Alarmingly Effective | 00:03 | LACKING | fullframe | -| **** User Agent | | DRAFT | | -|-----------------------------------------------+----------+---------+---------------| -| *** Anonymity [0/4] | 0:04 | DRAFT | | -| **** Summary | 00:01 | DRAFT | fullframe | -| ***** Anonymity | | | | -| ***** Pseudonymity | | | | -| **** IANAAE | | DRAFT | fullframe | -| **** The Tor Network | 00:01 | DRAFT | | -| **** TorBrowser, Tails, and Whonix | 00:02 | DRAFT | | -|-----------------------------------------------+----------+---------+---------------| -| ** Data Analytics [0/2] | 0:04 | LACKING | | -|-----------------------------------------------+----------+---------+---------------| -| *** Introduction [0/1] | 0:00 | DRAFT | ignoreheading | -| **** Introduction | 00:00 | DRAFT | fullframe | -|-----------------------------------------------+----------+---------+---------------| -| *** Headings [0/3] | 0:04 | LACKING | | -| **** Advertisers | 00:02 | LACKING | | -| **** Social Media | 00:01 | DEVOID | | -| **** Governments | 00:00:30 | DEVOID | | -|-----------------------------------------------+----------+---------+---------------| -| ** Policy and Government [0/6] | 0:12 | LACKING | | -|-----------------------------------------------+----------+---------+---------------| -| *** Introduction [0/1] | 0:00 | DRAFT | ignoreheading | -| **** Introduction | 00:00:30 | DRAFT | fullframe | -|-----------------------------------------------+----------+---------+---------------| -| *** Surveillance [0/7] | 0:06 | LACKING | | -| **** History of NSA Surveillance | 00:02 | DRAFT | | -| **** Ron Wyden | | DRAFT | fullframe | -| **** The Leak | | DRAFT | fullframe | -| **** Verizon Metadata | 00:00:30 | DRAFT | | -| **** PRISM | | DRAFT | | -| **** Snowden | 00:01 | DRAFT | | -| **** Tools | 00:02 | DEVOID | | -|-----------------------------------------------+----------+---------+---------------| -| *** Crypto Wars [0/6] | 0:04 | LACKING | | -| **** Introduction | 00:00 | DRAFT | fullframe | -| **** Export-Grade Crypto | 00:01:30 | DRAFT | | -| **** Bernstein v. United States | 00:01 | DRAFT | | -| **** The First Crypto Wars | 00:01 | DRAFT | | -| **** Re-repeats Itself | 00:00 | DRAFT | fullframe | -| **** Modern Crypto Wars | | DRAFT | fullframe | -| **** ``Going Dark'' | | DEVOID | | -|-----------------------------------------------+----------+---------+---------------| -| *** Espionage [0/1] | 0:01 | LACKING | | -| **** US Can't Keep Its Own Secrets | 00:01 | DEVOID | | -|-----------------------------------------------+----------+---------+---------------| -| *** Subpoenas, Warrants, NSLs [0/1] | 0:01 | LACKING | | -| **** National Security Letters | 00:01 | DEVOID | | -|-----------------------------------------------+----------+---------+---------------| -| *** Law [0/1] | 0:01 | LACKING | | -| **** Summary | 00:01 | DEVOID | fullframe | -|-----------------------------------------------+----------+---------+---------------| -| ** Your Fight [0/1] | 0:05 | LACKING | | -|-----------------------------------------------+----------+---------+---------------| -| *** Headings [0/6] | 0:05 | LACKING | | -| **** Feeding | 00:00 | DRAFT | fullframe | -| **** SaaSS and Centralization | 00:01 | DEVOID | | -| **** Corporate Negligence | 00:01 | LACKING | | -| **** Status Quo | 00:02 | DRAFT | | -| **** Status Quo Cannot Hold | | DRAFT | fullframe | -| **** Push Back | 00:01 | DRAFT | fullframe | -|-----------------------------------------------+----------+---------+---------------| -| ** Thank You | | | fullframe | -|-----------------------------------------------+----------+---------+---------------| -| ** References | | | appendix | -|-----------------------------------------------+----------+---------+---------------| -| * Exporting | | | | -|-----------------------------------------------+----------+---------+---------------| -| * Local Variables | | | | +| ITEM | DURATION | TODO | ENVIRONMENT | +|-----------------------------------------------+----------+----------+---------------| +| * LaTeX Configuration | | | | +|-----------------------------------------------+----------+----------+---------------| +| * Slides | 0:47 | LACKING | | +|-----------------------------------------------+----------+----------+---------------| +| ** Introduction / Opening | 00:01 | REVIEWED | fullframe | +|-----------------------------------------------+----------+----------+---------------| +| ** Mobile [0/5] | 0:07 | REVIEWED | | +|-----------------------------------------------+----------+----------+---------------| +| *** Introduction | 0:00 | REVIEWED | ignoreheading | +| **** Introduction | 00:00:15 | REVIEWED | fullframe | +|-----------------------------------------------+----------+----------+---------------| +| *** Cell Towers [0/2] | 0:02 | REVIEWED | | +| **** Fundamentally Needed | 00:00:45 | REVIEWED | | +| **** Cell-Site Simulators | 00:00:45 | REVIEWED | | +|-----------------------------------------------+----------+----------+---------------| +| *** Wifi [0/3] | 0:01 | REVIEWED | | +| **** ESSID and MAC Broadcast | 00:01 | REVIEWED | | +|-----------------------------------------------+----------+----------+---------------| +| *** Geolocation [0/3] | 0:02 | REVIEWED | | +| **** GPS | 00:01 | REVIEWED | | +| **** But I Want GPS! | 00:00:30 | REVIEWED | | +| **** Location Services | 00:00:45 | REVIEWED | | +|-----------------------------------------------+----------+----------+---------------| +| *** Operating System [0/3] | 0:02 | REVIEWED | | +| **** Untrusted/Proprietary OS | 00:00:45 | REVIEWED | | +| **** Free/Libre Mobile OS? | 00:00:30 | REVIEWED | | +| **** Modem Isolation | 00:00:30 | REVIEWED | | +|-----------------------------------------------+----------+----------+---------------| +| ** Stationary [0/5] | 0:08 | LACKING | | +|-----------------------------------------------+----------+----------+---------------| +| *** Introduction [0/1] | 0:00 | DRAFT | ignoreheading | +| **** Introduction | 00:00:30 | DRAFT | fullframe | +|-----------------------------------------------+----------+----------+---------------| +| *** Surveillance Cameras [0/2] | 0:00 | DRAFT | | +| **** Unavoidable Surveillance | | DRAFT | | +| **** Access to Data | 00:00:30 | DRAFT | | +|-----------------------------------------------+----------+----------+---------------| +| *** Internet of Things [0/4] | 0:04 | LACKING | | +| **** Internet-Connected Cameras | 00:00:30 | DRAFT | | +| **** The ``S'' In IoT Stands For ``Security'' | 00:01:30 | LACKING | | +| **** Who's Watching? | 00:00:30 | DEVOID | | +| **** Facial Recognition | 00:01 | DRAFT | | +|-----------------------------------------------+----------+----------+---------------| +| *** Social Media [0/1] | 0:01 | DRAFT | | +| **** Collateral Damage | 00:01 | DRAFT | | +|-----------------------------------------------+----------+----------+---------------| +| *** Driving [0/3] | 0:02 | RAW | | +| **** Introduction | 00:00:30 | DRAFT | fullframe | +| **** ALPRs | 00:01 | LACKING | | +| **** Car Itself | 00:00:30 | LACKING | | +|-----------------------------------------------+----------+----------+---------------| +| ** The Web [0/6] | 0:10 | LACKING | | +|-----------------------------------------------+----------+----------+---------------| +| *** Introduction [0/1] | | DRAFT | ignoreheading | +| **** Introduction | | DRAFT | fullframe | +|-----------------------------------------------+----------+----------+---------------| +| *** Bridging the Gap [0/1] | 0:01 | LACKING | | +| **** Ultrasound Tracking | 00:01 | LACKING | | +|-----------------------------------------------+----------+----------+---------------| +| *** Incentive to Betray [0/1] | 0:00 | DRAFT | | +| **** Summary | 00:00:30 | DRAFT | fullframe | +|-----------------------------------------------+----------+----------+---------------| +| *** Analytics [0/2] | 0:02 | LACKING | | +| **** Trackers | 00:01 | LACKING | | +| **** Like Buttons | 00:01 | DRAFT | | +|-----------------------------------------------+----------+----------+---------------| +| *** Fingerprinting [0/3] | 0:03 | LACKING | | +| **** Summary | | DRAFT | | +| **** Alarmingly Effective | 00:03 | LACKING | fullframe | +| **** User Agent | | DRAFT | | +|-----------------------------------------------+----------+----------+---------------| +| *** Anonymity [0/4] | 0:04 | DRAFT | | +| **** Summary | 00:01 | DRAFT | fullframe | +| ***** Anonymity | | | | +| ***** Pseudonymity | | | | +| **** IANAAE | | DRAFT | fullframe | +| **** The Tor Network | 00:01 | DRAFT | | +| **** TorBrowser, Tails, and Whonix | 00:02 | DRAFT | | +|-----------------------------------------------+----------+----------+---------------| +| ** Data Analytics [0/2] | 0:04 | LACKING | | +|-----------------------------------------------+----------+----------+---------------| +| *** Introduction [0/1] | 0:00 | DRAFT | ignoreheading | +| **** Introduction | 00:00 | DRAFT | fullframe | +|-----------------------------------------------+----------+----------+---------------| +| *** Headings [0/3] | 0:04 | LACKING | | +| **** Advertisers | 00:02 | LACKING | | +| **** Social Media | 00:01 | DEVOID | | +| **** Governments | 00:00:30 | DEVOID | | +|-----------------------------------------------+----------+----------+---------------| +| ** Policy and Government [0/6] | 0:12 | LACKING | | +|-----------------------------------------------+----------+----------+---------------| +| *** Introduction [0/1] | 0:00 | DRAFT | ignoreheading | +| **** Introduction | 00:00:30 | DRAFT | fullframe | +|-----------------------------------------------+----------+----------+---------------| +| *** Surveillance [0/7] | 0:06 | LACKING | | +| **** History of NSA Surveillance | 00:02 | DRAFT | | +| **** Ron Wyden | | DRAFT | fullframe | +| **** The Leak | | DRAFT | fullframe | +| **** Verizon Metadata | 00:00:30 | DRAFT | | +| **** PRISM | | DRAFT | | +| **** Snowden | 00:01 | DRAFT | | +| **** Tools | 00:02 | DEVOID | | +|-----------------------------------------------+----------+----------+---------------| +| *** Crypto Wars [0/6] | 0:04 | LACKING | | +| **** Introduction | 00:00 | DRAFT | fullframe | +| **** Export-Grade Crypto | 00:01:30 | DRAFT | | +| **** Bernstein v. United States | 00:01 | DRAFT | | +| **** The First Crypto Wars | 00:01 | DRAFT | | +| **** Re-repeats Itself | 00:00 | DRAFT | fullframe | +| **** Modern Crypto Wars | | DRAFT | fullframe | +| **** ``Going Dark'' | | DEVOID | | +|-----------------------------------------------+----------+----------+---------------| +| *** Espionage [0/1] | 0:01 | LACKING | | +| **** US Can't Keep Its Own Secrets | 00:01 | DEVOID | | +|-----------------------------------------------+----------+----------+---------------| +| *** Subpoenas, Warrants, NSLs [0/1] | 0:01 | LACKING | | +| **** National Security Letters | 00:01 | DEVOID | | +|-----------------------------------------------+----------+----------+---------------| +| *** Law [0/1] | 0:01 | LACKING | | +| **** Summary | 00:01 | DEVOID | fullframe | +|-----------------------------------------------+----------+----------+---------------| +| ** Your Fight [0/1] | 0:05 | LACKING | | +|-----------------------------------------------+----------+----------+---------------| +| *** Headings [0/6] | 0:05 | LACKING | | +| **** Feeding | 00:00 | DRAFT | fullframe | +| **** SaaSS and Centralization | 00:01 | DEVOID | | +| **** Corporate Negligence | 00:01 | LACKING | | +| **** Status Quo | 00:02 | DRAFT | | +| **** Status Quo Cannot Hold | | DRAFT | fullframe | +| **** Push Back | 00:01 | DRAFT | fullframe | +|-----------------------------------------------+----------+----------+---------------| +| ** Thank You | | | fullframe | +|-----------------------------------------------+----------+----------+---------------| +| ** References | | | appendix | +|-----------------------------------------------+----------+----------+---------------| +| * Exporting | | | | +|-----------------------------------------------+----------+----------+---------------| +| * Local Variables | | | | #+END @@ -205,23 +204,50 @@ GOAL: Captivate; Startle \origcite{#1}% }% }} + +\renewcommand*{\bibfont}{\scriptsize} #+END_LATEX * LACKING Slides :export:ignore: -** DRAFT Introduction / Opening :B_fullframe: +** REVIEWED Introduction / Opening :B_fullframe: :PROPERTIES: -:DURATION: 00:00:30 +:DURATION: 00:01 :BEAMER_env: fullframe :END: #+BEGIN_COMMENT +Hello, everyone. +Thanks for coming! + +My name's Mike Gerwitz. +I am a free software hacker and activist with a focus on user privacy and + security. +I'm also a GNU Maintainer, software evaluator, and volunteer for various + other duties. + +And I'm here to talk to you about an unfortunate, + increasingly unavoidable fact of life. + None of you made it here without being tracked in some capacity. -Some of us are still being tracked at this very moment. +Some of us are /still/ being tracked at this very moment! -... +This isn't a tinfoil hat presentation. +It's a survey of facts. +/Actual/ facts, not alternative ones! (Dig at Kellyanne Conway, for those + reading this in the future.) +Since time isn't on my side here, + I'm going to present a broad overview of the most pressing concerns of + today. +Every slide has numeric citations, + which are associated with references in the final slides. +I won't be showing them here---you can get them online. +My goal is to present you with enough information that you know that these + things /exist/, + and you know where to find more information about them. +Those unknown unknowns. -Let's start with the obvious. +So: let's start with the obvious. (Note: You're being "tracked", rather than "watched": the latter is too often used and dismissed as tinfoil-hat FUD.) @@ -232,14 +258,15 @@ often used and dismissed as tinfoil-hat FUD.) #+BEAMER: \only<2>{(No, really, I have references.)} #+END_CENTER -** LACKING Mobile [0/5] -*** DRAFT Introduction :B_ignoreheading: + +** REVIEWED Mobile [0/5] +*** REVIEWED Introduction :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading :END: -**** DRAFT Introduction :B_fullframe: +**** REVIEWED Introduction :B_fullframe: :PROPERTIES: -:DURATION: 00:00:30 +:DURATION: 00:00:15 :BEAMER_env: fullframe :END: @@ -250,59 +277,94 @@ often used and dismissed as tinfoil-hat FUD.) #+BEGIN_COMMENT How many of you are carrying a mobile phone right now? Probably most of us. -They are something we carry with us everywhere; - they are computers that are always on. -A phone is often synonymous with an individual. +They are something we carry with us everywhere. +They are computers that are always on. + +A phone is often synonymous with an individual; + they are a part of us. In other words: they're excellent tracking devices. #+END_COMMENT -*** LACKING Cell Towers [0/2] +*** REVIEWED Cell Towers [0/2] :PROPERTIES: -:DURATION: 00:01 +:DURATION: 0:02 :END: -**** DRAFT Fundamentally Needed -- <1-> Phone needs tower to make and receive calls -- <2-> Gives away approximate location (can triangulate) +**** REVIEWED Fundamentally Needed +:PROPERTIES: +:DURATION: 00:00:45 +:END: +- Phone needs tower to make and receive calls +- Gives away approximate location (can triangulate) #+BEGIN_COMMENT -The primary reason is inherent in a phone's design: cell towers. +The primary reason is inherent in a phone's design: + cell towers. A phone "needs" to be connected to a tower to make and receive calls. -Unless it is off, +Unless it is off or otherwise disconnected (like airplane mode), its connection to the cell tower exposes your approximate location. These data persist for as long as the phone companies are willing to persist -it. If it's mined by the NSA, then it might be persisted indefinitely. + it. Some people don't use phones primarily for this reason. -rms said he might use a phone if it could act as a pager, +rms, for example, said he might use a phone if it could act as a pager, where he'd only need to expose his location once he is in a safe place. You can imagine that such would be a very useful and important feature for reporters and dissidents as well. #+END_COMMENT -**** LACKING Cell-Site Simulators +**** REVIEWED Cell-Site Simulators +:PROPERTIES: +:DURATION: 00:00:45 +:END: +- <1-> IMSI-Catchers - <1-> Masquerade as cell towers -- <2-> (List them) e.g. Stingray +- <1-> Most popular: Stingray +- <2-> Free/libre Android program AIMSICD available on F-Droid attempts to + detect\cite{aimsid} #+BEGIN_COMMENT -I'm sure many of you have heard of Cell Site Simulators; - one of the most popular examples being the Stingray. -These devices masquerade as cell towers and can perform a dragnet search for - an individual. -Your location can be triangulated. +Cell Site Simulators have made a lot of news in the past (including my local + news), + one of the most popular examples being the Stingray. +These devices masquerade as cell towers. +This allows (for example) law enforcement to get a suspect's phone to + connect to _their_ device rather than a real tower, + which allows their location to be triangulated, + calls to be intercepted, + texts to be mined, + etc. +Law enforcement might also use it to record all devices in an area, + such as during a protest. + +The problem is: _every_ phone in the area will try to connect to it; + it amounts to a dragnet search, + and is therefore extremely controversial. + +The Android program AIMSICD---Android IMSI-Catcher Detector---is being + developed in an attempt to detect these devices. +It is free software and is available on F-Droid. #+END_COMMENT -*** LACKING Wifi [0/3] +*** REVIEWED Wifi [0/3] +:PROPERTIES: +:DURATION: 0:01 +:END: + +**** REVIEWED ESSID and MAC Broadcast :PROPERTIES: :DURATION: 00:01 :END: - -**** DRAFT Wifi -- Device may broadcast ESSIDs of past hidden networks -- Expose unique hardware identifiers (MAC address) +- <1-> Device may broadcast ESSIDs of past hidden networks +- <2-> Expose unique hardware identifiers (MAC address) +- <3-> **Defending against this is difficult** + - <4-> /Turn off Wifi/ in untrusted places + - <4-> Turn off settings to auto-connect when receiving e.g. MMS + - <5-> Use cellular data (e.g. {2,3,4}G) + - <6-> **MAC address randomization works poorly**\cite{arxiv:mac} #+BEGIN_COMMENT What else is inherent in a modern phone design? @@ -311,125 +373,231 @@ A common feature is Wifi. If you connected to any hidden networks, your phone may broadcast that network name to see if it exists. -Your mobile device could be broadcasting information like past network - connections and unique device identifiers (MAC), +It exposes unique device identifiers (MACs), which can be used to uniquely identify you. -#+END_COMMENT -**** DEVOID Ubiquitous Access Points -- +Defending against this is difficult, + unless you take the simple yet effective route: + disable Wifi completely, + at least when you're not in a safe area you can trust. +Some apps will automatically enable networking if they receive, + for example, + MMS messages; + be careful of that. +If you really do need data, + use your cellular data. +You are already hemmoraging information to your phone company, + so at least you're limiting your exposure. -#+BEGIN_COMMENT -Access points increasingly line the streets or are within range in nearby - buildings. +Some phones and apps offer MAC address randomization. +That's a good thing in priniciple. +Unfortunately, it seems to be easily defeated. +One study, cited here, + claims to be able to defeat randomization 100% of the time, + regardless of manufacturer. -Can be incredibly accurate for tracking movements, - and it is _passive_---it requires no software on your device. +/Segue to next section:/ +All these previous risks are _passive_--- + they require no malicious software on your device. +But what if we _do_ have such software? +And of course, we do. #+END_COMMENT -**** DRAFT Mitigations -- Disable Wifi [when not in use] -- Do not automatically connect to known networks - - At the very least, not hidden -- Randomize MAC address +*** REVIEWED Geolocation [0/3] +:PROPERTIES: +:DURATION: 0:02 +:END: -#+BEGIN_COMMENT -Disable Wifi when not in use. -You can also randomize your MAC address, - and be sure not to broadcast hidden networks. -#+END_COMMENT - - -*** DRAFT Location Services [0/2] +**** REVIEWED GPS :PROPERTIES: :DURATION: 00:01 :END: - -**** DRAFT GPS -- Often enabled by default - - Might prompt user, but features are attractive - -- Programs give excuses to track - - Location for tweets, photos, nearby friends, etc. +- <1-> Not inherently a surveillance tool +- <2-> Often enabled by default + - <2-> Might prompt user, but features are attractive +- <3-> Programs give excuses to track\cite{jots:mobile} + - <3-> Navigation systems + - <3-> Location information for social media, photos, nearby friends, finding + lost phones, location-relative searches, etc. +- <4-> Not-so-good: targeted advertising and building users profiles +- <4-> If phone is compromised, location is known #+BEGIN_COMMENT -Oh, but what if we _do_ have software on the device? -And we do. - -Let's talk about location services! +Let's talk about geolocation! Many people find them to be very convenient. - The most popular being GPS. + +GPS isn't inherently a surveillance tool; +it can't track you on its own. +Your GPS device triangulates its location based on signals + broadcast by GPS satellites in line-of-site. + Because of the cool features it permits, - it's often enabled. + it's often enabled on devices. And programs will track your movements just for the hell of it. Or give an excuse to track you. + +I'm not saying there aren't legitimate uses. +Navigation systems, + social media, + photo metadata, + finding nearby friends, + finding lost phones--- + all of these things are legitimate. +You just need to be able to trust the software that you are running, +Often times, you can't. +Without source code, + it's sometimes hard to say if a program is doing other things. +Like using it for targeted advertising, + and/or building a user profile (which we'll talk about later). #+END_COMMENT -**** DRAFT Access Points +**** REVIEWED But I Want GPS! +:PROPERTIES: +:DURATION: 00:00:30 +:END: +- <1-> Is the program transparent in what data it sends? (Is the source code + available?)\cite{jots:mobile} +- <1-> Does the program let you disable those features? +- <2-> Pre-download location-sensitive data (e.g. street maps) + - <2-> OsmAnd (free software, Android and iOS)\cite{osmand} + +#+BEGIN_COMMENT +So you may legitimately want GPS enabled. +It's terrible that you should be concerned about it. + +You need to know what data you're leaking so that you can decide whether + or not you want to do so. +And you need the option to disable it. + +Sometimes your location is leaked as a side-effect. +Navigation systems, for example, usually lazy-load map images. +Some apps let you use pre-downloaded maps, + like OsmAnd, + which is free software available on both Android and---if you must---iOS. +#+END_COMMENT + + +**** REVIEWED Location Services +:PROPERTIES: +:DURATION: 00:00:45 +:END: + - <1-> No GPS? No problem! -- <2-> AP harvesting (e.g. Google Street View cars) -- <2-> Works even where GPS and Cell signals cannot penetrate - - <3> Can be /more/ accurate than GPS (e.g. what store in a shopping mall) +- <1-> Mozilla Location Services, OpenMobileNetwork, ... + \cite{mozilla:loc-services,openmobilenetwork} +- <2-> Wifi Positioning System; Bluetooth networks; + nearby cell towers\cite{w:wps} + - <2-> Signal strength and SSIDs and MACs of Access Points + \cite{w:trilateration,acm:spotfi,acm:lteye} +- <3-> Gathered by Google Street View cars +- <3-> Your device may report back nearby networks to build a more + comprehensive database +- <4-> Works even where GPS and Cell signals cannot penetrate + - <4-> Can be /more/ accurate than GPS (e.g. what store in a shopping mall) #+BEGIN_COMMENT But GPS doesn't need to be available. Have you ever used a map program on a computer that asked for your location? How does it do that without GPS? -Google scours the planet recording APs. -It knows based on _what APs are simply near you_ where you are. + +There are numerous services available to geolocate based on nearby access + points, bluetooth networks, and cell towers. +Based on the signal strength of nearby WiFi networks, + your position can be more accurately trangulated. + +These data are gathered by Google Street View cars. +Your phone might also be reporting back nearby networks in order to improve + the quality of these databases. + Sometimes this can be more accurate than GPS. And it works where GPS and maybe even cell service don't, such as inside shopping malls. -So having radio and GPS off may not help you. -MAC spoofing won't help since software on your device has countless other - ways to uniquely identify you---this is active monitoring, unlike previous - examples. +So just because GPS is off does not mean your location is unknown. #+END_COMMENT -*** DRAFT Operating System [0/3] +*** REVIEWED Operating System [0/3] :PROPERTIES: -:DURATION: 00:01 +:DURATION: 0:02 :END: -**** DRAFT Untrusted/Proprietary OS +**** REVIEWED Untrusted/Proprietary OS +:PROPERTIES: +:DURATION: 00:00:45 +:END: -- Who does your phone work for? +- <1-> Who does your phone work for? - Apple? Google? Microsoft? Blackberry? Your manufacturer too? -- Carry everywhere you go, but fundamentally cannot trust it +- <1-> Carry everywhere you go, but fundamentally cannot + trust it\cite{gnu:malware-mobile} +- <2-> Some come with gratis surveillance + - <2-> BLU phones sent SMS messages, contacts, call history, IMEIs, and + more to third-party servers without users' knowledge or censent + \cite{kryptowire:adups} #+BEGIN_COMMENT -The OS situation on mobile is lousy. -Does your phone work for Apple? Google? Microsoft? Blackberry? ...? +A lot of this boils down to trust. +Who does your phone work for? +Does your phone work for Apple? Google? Microsoft? Blackberry? +Or does it work for you? + +The OS situation on mobile is lousy. You carry around this computer everywhere you go. And you fundamentally cannot trust it. + +Take BLU phones for example. +In November of last year it was discovered that these popular phones + contained software that sent SMS messages, contact lists, call history, + IMEIs, etc to third-party servers without users' knowledge or consent. +That software could also remotely execute code on the device. #+END_COMMENT -**** DRAFT Free/Libre Mobile OS? -- <1-3> Android is supposedly free software - - <1-3> But every phone requires proprietary drivers, or contains +**** REVIEWED Free/Libre Mobile OS? +:PROPERTIES: +:DURATION: 00:00:30 +:END: +- <1-> Android is supposedly free software + - <1-> But every phone requires proprietary drivers, or contains proprietary software -- <2-3> Replicant +- <2-> Replicant\cite{replicant} - <3> Niche. Interest is low, largely work of one developer now. #+BEGIN_COMMENT -I use Replicant. +Android is supposedly a free operating system. +Unfortunately, + every phone requires proprietary drivers to work, + and is loaded with proprietary software. + Does anyone here use Replicant? -I feel like I can at least trust my phone a little bit. +I do. +Replicant is a fully free Android fork. +I feel like I can at least trust my phone a little bit, + but I still consider any data on it to be essentially compromised in the + sense that I can't be confident in my ability to audit it and properly + secure the device. #+END_COMMENT -**** DRAFT Modem -- But modem still runs non-free software -- Often has access to CPU, disk, and memory +**** REVIEWED Modem Isolation +:PROPERTIES: +:DURATION: 00:00:30 +:END: + +- But modem still runs non-free software\cite{replicant:sec} +- Sometimes has access to CPU, disk, and memory\cite{replicant:samsung-bd} #+BEGIN_COMMENT But on nearly every phone, the modem still runs proprietary software. -And often times has direct access to CPU, disk, and memory. +And sometimes it has direct access to CPU, disk, and memory. +Replicant closed a backdoor in Samsung Galaxy phones that allowed for remote + access to the disk. +That backdoor might not have been intentional, + but it illustrates the possibility, + and could still be exploited by an attacker. So even with Replicant, I consider the device compromised;