From a42683e23bf38e9492503472720378ba5cbd86dd Mon Sep 17 00:00:00 2001 From: Mike Gerwitz Date: Sun, 2 Apr 2017 14:30:45 -0400 Subject: [PATCH] As presented at LP2017 This was never completely finished, and it will continue to evolve. --- .gitignore | 2 + COPYING | 425 ++++++++++++++++ images/tp/SHA256SUM | 1 + images/tp/remote-list | 1 + slides.org | 1094 ++++++++++++----------------------------- 5 files changed, 731 insertions(+), 792 deletions(-) create mode 100644 COPYING diff --git a/.gitignore b/.gitignore index c682a48..49c4fbe 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,5 @@ /*.tex /*.blg /texput.log +/*.bbl + diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..34ec65f --- /dev/null +++ b/COPYING @@ -0,0 +1,425 @@ +Attribution-ShareAlike 4.0 International + +======================================================================= + +Creative Commons Corporation ("Creative Commons") is not a law firm and +does not provide legal services or legal advice. Distribution of +Creative Commons public licenses does not create a lawyer-client or +other relationship. Creative Commons makes its licenses and related +information available on an "as-is" basis. Creative Commons gives no +warranties regarding its licenses, any material licensed under their +terms and conditions, or any related information. Creative Commons +disclaims all liability for damages resulting from their use to the +fullest extent possible. + +Using Creative Commons Public Licenses + +Creative Commons public licenses provide a standard set of terms and +conditions that creators and other rights holders may use to share +original works of authorship and other material subject to copyright +and certain other rights specified in the public license below. The +following considerations are for informational purposes only, are not +exhaustive, and do not form part of our licenses. + + Considerations for licensors: Our public licenses are + intended for use by those authorized to give the public + permission to use material in ways otherwise restricted by + copyright and certain other rights. Our licenses are + irrevocable. Licensors should read and understand the terms + and conditions of the license they choose before applying it. + Licensors should also secure all rights necessary before + applying our licenses so that the public can reuse the + material as expected. Licensors should clearly mark any + material not subject to the license. This includes other CC- + licensed material, or material used under an exception or + limitation to copyright. More considerations for licensors: + wiki.creativecommons.org/Considerations_for_licensors + + Considerations for the public: By using one of our public + licenses, a licensor grants the public permission to use the + licensed material under specified terms and conditions. If + the licensor's permission is not necessary for any reason--for + example, because of any applicable exception or limitation to + copyright--then that use is not regulated by the license. Our + licenses grant only permissions under copyright and certain + other rights that a licensor has authority to grant. Use of + the licensed material may still be restricted for other + reasons, including because others have copyright or other + rights in the material. A licensor may make special requests, + such as asking that all changes be marked or described. + Although not required by our licenses, you are encouraged to + respect those requests where reasonable. More_considerations + for the public: + wiki.creativecommons.org/Considerations_for_licensees + +======================================================================= + +Creative Commons Attribution-ShareAlike 4.0 International Public +License + +By exercising the Licensed Rights (defined below), You accept and agree +to be bound by the terms and conditions of this Creative Commons +Attribution-ShareAlike 4.0 International Public License ("Public +License"). To the extent this Public License may be interpreted as a +contract, You are granted the Licensed Rights in consideration of Your +acceptance of these terms and conditions, and the Licensor grants You +such rights in consideration of benefits the Licensor receives from +making the Licensed Material available under these terms and +conditions. + + +Section 1 -- Definitions. + + a. Adapted Material means material subject to Copyright and Similar + Rights that is derived from or based upon the Licensed Material + and in which the Licensed Material is translated, altered, + arranged, transformed, or otherwise modified in a manner requiring + permission under the Copyright and Similar Rights held by the + Licensor. For purposes of this Public License, where the Licensed + Material is a musical work, performance, or sound recording, + Adapted Material is always produced where the Licensed Material is + synched in timed relation with a moving image. + + b. Adapter's License means the license You apply to Your Copyright + and Similar Rights in Your contributions to Adapted Material in + accordance with the terms and conditions of this Public License. + + c. BY-SA Compatible License means a license listed at + creativecommons.org/compatiblelicenses, approved by Creative + Commons as essentially the equivalent of this Public License. + + d. Copyright and Similar Rights means copyright and/or similar rights + closely related to copyright including, without limitation, + performance, broadcast, sound recording, and Sui Generis Database + Rights, without regard to how the rights are labeled or + categorized. For purposes of this Public License, the rights + specified in Section 2(b)(1)-(2) are not Copyright and Similar + Rights. + + e. Effective Technological Measures means those measures that, in the + absence of proper authority, may not be circumvented under laws + fulfilling obligations under Article 11 of the WIPO Copyright + Treaty adopted on December 20, 1996, and/or similar international + agreements. + + f. Exceptions and Limitations means fair use, fair dealing, and/or + any other exception or limitation to Copyright and Similar Rights + that applies to Your use of the Licensed Material. + + g. License Elements means the license attributes listed in the name + of a Creative Commons Public License. The License Elements of this + Public License are Attribution and ShareAlike. + + h. Licensed Material means the artistic or literary work, database, + or other material to which the Licensor applied this Public + License. + + i. Licensed Rights means the rights granted to You subject to the + terms and conditions of this Public License, which are limited to + all Copyright and Similar Rights that apply to Your use of the + Licensed Material and that the Licensor has authority to license. + + j. Licensor means the individual(s) or entity(ies) granting rights + under this Public License. + + k. Share means to provide material to the public by any means or + process that requires permission under the Licensed Rights, such + as reproduction, public display, public performance, distribution, + dissemination, communication, or importation, and to make material + available to the public including in ways that members of the + public may access the material from a place and at a time + individually chosen by them. + + l. Sui Generis Database Rights means rights other than copyright + resulting from Directive 96/9/EC of the European Parliament and of + the Council of 11 March 1996 on the legal protection of databases, + as amended and/or succeeded, as well as other essentially + equivalent rights anywhere in the world. + + m. You means the individual or entity exercising the Licensed Rights + under this Public License. Your has a corresponding meaning. + + +Section 2 -- Scope. + + a. License grant. + + 1. Subject to the terms and conditions of this Public License, + the Licensor hereby grants You a worldwide, royalty-free, + non-sublicensable, non-exclusive, irrevocable license to + exercise the Licensed Rights in the Licensed Material to: + + a. reproduce and Share the Licensed Material, in whole or + in part; and + + b. produce, reproduce, and Share Adapted Material. + + 2. Exceptions and Limitations. For the avoidance of doubt, where + Exceptions and Limitations apply to Your use, this Public + License does not apply, and You do not need to comply with + its terms and conditions. + + 3. Term. The term of this Public License is specified in Section + 6(a). + + 4. Media and formats; technical modifications allowed. The + Licensor authorizes You to exercise the Licensed Rights in + all media and formats whether now known or hereafter created, + and to make technical modifications necessary to do so. The + Licensor waives and/or agrees not to assert any right or + authority to forbid You from making technical modifications + necessary to exercise the Licensed Rights, including + technical modifications necessary to circumvent Effective + Technological Measures. For purposes of this Public License, + simply making modifications authorized by this Section 2(a) + (4) never produces Adapted Material. + + 5. Downstream recipients. + + a. Offer from the Licensor -- Licensed Material. Every + recipient of the Licensed Material automatically + receives an offer from the Licensor to exercise the + Licensed Rights under the terms and conditions of this + Public License. + + b. Additional offer from the Licensor -- Adapted Material. + Every recipient of Adapted Material from You + automatically receives an offer from the Licensor to + exercise the Licensed Rights in the Adapted Material + under the conditions of the Adapter's License You apply. + + c. No downstream restrictions. You may not offer or impose + any additional or different terms or conditions on, or + apply any Effective Technological Measures to, the + Licensed Material if doing so restricts exercise of the + Licensed Rights by any recipient of the Licensed + Material. + + 6. No endorsement. Nothing in this Public License constitutes or + may be construed as permission to assert or imply that You + are, or that Your use of the Licensed Material is, connected + with, or sponsored, endorsed, or granted official status by, + the Licensor or others designated to receive attribution as + provided in Section 3(a)(1)(A)(i). + + b. Other rights. + + 1. Moral rights, such as the right of integrity, are not + licensed under this Public License, nor are publicity, + privacy, and/or other similar personality rights; however, to + the extent possible, the Licensor waives and/or agrees not to + assert any such rights held by the Licensor to the limited + extent necessary to allow You to exercise the Licensed + Rights, but not otherwise. + + 2. Patent and trademark rights are not licensed under this + Public License. + + 3. To the extent possible, the Licensor waives any right to + collect royalties from You for the exercise of the Licensed + Rights, whether directly or through a collecting society + under any voluntary or waivable statutory or compulsory + licensing scheme. In all other cases the Licensor expressly + reserves any right to collect such royalties. + + +Section 3 -- License Conditions. + +Your exercise of the Licensed Rights is expressly made subject to the +following conditions. + + a. Attribution. + + 1. If You Share the Licensed Material (including in modified + form), You must: + + a. retain the following if it is supplied by the Licensor + with the Licensed Material: + + i. identification of the creator(s) of the Licensed + Material and any others designated to receive + attribution, in any reasonable manner requested by + the Licensor (including by pseudonym if + designated); + + ii. a copyright notice; + + iii. a notice that refers to this Public License; + + iv. a notice that refers to the disclaimer of + warranties; + + v. a URI or hyperlink to the Licensed Material to the + extent reasonably practicable; + + b. indicate if You modified the Licensed Material and + retain an indication of any previous modifications; and + + c. indicate the Licensed Material is licensed under this + Public License, and include the text of, or the URI or + hyperlink to, this Public License. + + 2. You may satisfy the conditions in Section 3(a)(1) in any + reasonable manner based on the medium, means, and context in + which You Share the Licensed Material. For example, it may be + reasonable to satisfy the conditions by providing a URI or + hyperlink to a resource that includes the required + information. + + 3. If requested by the Licensor, You must remove any of the + information required by Section 3(a)(1)(A) to the extent + reasonably practicable. + + b. ShareAlike. + + In addition to the conditions in Section 3(a), if You Share + Adapted Material You produce, the following conditions also apply. + + 1. The Adapter's License You apply must be a Creative Commons + license with the same License Elements, this version or + later, or a BY-SA Compatible License. + + 2. You must include the text of, or the URI or hyperlink to, the + Adapter's License You apply. You may satisfy this condition + in any reasonable manner based on the medium, means, and + context in which You Share Adapted Material. + + 3. You may not offer or impose any additional or different terms + or conditions on, or apply any Effective Technological + Measures to, Adapted Material that restrict exercise of the + rights granted under the Adapter's License You apply. + + +Section 4 -- Sui Generis Database Rights. + +Where the Licensed Rights include Sui Generis Database Rights that +apply to Your use of the Licensed Material: + + a. for the avoidance of doubt, Section 2(a)(1) grants You the right + to extract, reuse, reproduce, and Share all or a substantial + portion of the contents of the database; + + b. if You include all or a substantial portion of the database + contents in a database in which You have Sui Generis Database + Rights, then the database in which You have Sui Generis Database + Rights (but not its individual contents) is Adapted Material, + + including for purposes of Section 3(b); and + c. You must comply with the conditions in Section 3(a) if You Share + all or a substantial portion of the contents of the database. + +For the avoidance of doubt, this Section 4 supplements and does not +replace Your obligations under this Public License where the Licensed +Rights include other Copyright and Similar Rights. + + +Section 5 -- Disclaimer of Warranties and Limitation of Liability. + + a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE + EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS + AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF + ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, + IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, + WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR + PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS, + ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT + KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT + ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU. + + b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE + TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, + NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, + INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES, + COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR + USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN + ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR + DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR + IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. + + c. The disclaimer of warranties and limitation of liability provided + above shall be interpreted in a manner that, to the extent + possible, most closely approximates an absolute disclaimer and + waiver of all liability. + + +Section 6 -- Term and Termination. + + a. This Public License applies for the term of the Copyright and + Similar Rights licensed here. However, if You fail to comply with + this Public License, then Your rights under this Public License + terminate automatically. + + b. Where Your right to use the Licensed Material has terminated under + Section 6(a), it reinstates: + + 1. automatically as of the date the violation is cured, provided + it is cured within 30 days of Your discovery of the + violation; or + + 2. upon express reinstatement by the Licensor. + + For the avoidance of doubt, this Section 6(b) does not affect any + right the Licensor may have to seek remedies for Your violations + of this Public License. + + c. For the avoidance of doubt, the Licensor may also offer the + Licensed Material under separate terms or conditions or stop + distributing the Licensed Material at any time; however, doing so + will not terminate this Public License. + + d. Sections 1, 5, 6, 7, and 8 survive termination of this Public + License. + + +Section 7 -- Other Terms and Conditions. + + a. The Licensor shall not be bound by any additional or different + terms or conditions communicated by You unless expressly agreed. + + b. Any arrangements, understandings, or agreements regarding the + Licensed Material not stated herein are separate from and + independent of the terms and conditions of this Public License. + + +Section 8 -- Interpretation. + + a. For the avoidance of doubt, this Public License does not, and + shall not be interpreted to, reduce, limit, restrict, or impose + conditions on any use of the Licensed Material that could lawfully + be made without permission under this Public License. + + b. To the extent possible, if any provision of this Public License is + deemed unenforceable, it shall be automatically reformed to the + minimum extent necessary to make it enforceable. If the provision + cannot be reformed, it shall be severed from this Public License + without affecting the enforceability of the remaining terms and + conditions. + + c. No term or condition of this Public License will be waived and no + failure to comply consented to unless expressly agreed to by the + Licensor. + + d. Nothing in this Public License constitutes or may be interpreted + as a limitation upon, or waiver of, any privileges and immunities + that apply to the Licensor or You, including from the legal + processes of any jurisdiction or authority. + + +======================================================================= + +Creative Commons is not a party to its public licenses. +Notwithstanding, Creative Commons may elect to apply one of its public +licenses to material it publishes and in those instances will be +considered the "Licensor." Except for the limited purpose of indicating +that material is shared under a Creative Commons public license or as +otherwise permitted by the Creative Commons policies published at +creativecommons.org/policies, Creative Commons does not authorize the +use of the trademark "Creative Commons" or any other trademark or logo +of Creative Commons without its prior written consent including, +without limitation, in connection with any unauthorized modifications +to any of its public licenses or any other arrangements, +understandings, or agreements concerning use of licensed material. For +the avoidance of doubt, this paragraph does not form part of the public +licenses. + +Creative Commons may be contacted at creativecommons.org. diff --git a/images/tp/SHA256SUM b/images/tp/SHA256SUM index 12c6cc5..3433774 100644 --- a/images/tp/SHA256SUM +++ b/images/tp/SHA256SUM @@ -36,3 +36,4 @@ f9e8e3dcf3d383399bad9d1ebc52e156a74d32555166be50c8a027ebe17be69f amazon-echo.jp e8e2401984351071453d07d23b75bcd67e430b9cce89c210797772f1e85bca29 the-onion-logo.png b4e8ad3e8bf8ba9cf2efe165ee02495a7a7f60bdda985d088fe545e04029554a onstar-logo.png acd0ee4a3392a71d5190e22feda3c9898d8ff4a9c8b038475b8c0d7185d0d3e9 ford-logo.png +0e550df8b5af10f3617adb64a0fd3f25c50e10e992b1d1e70e1b527f58c2dd3d https-everywhere.png diff --git a/images/tp/remote-list b/images/tp/remote-list index 9eca002..da26785 100644 --- a/images/tp/remote-list +++ b/images/tp/remote-list @@ -36,3 +36,4 @@ amazon-echo.jpg https://web.archive.org/web/20170322034016/https://upload.wikime the-onion-logo.png https://web.archive.org/web/20170322042646/http://assets2.onionstatic.com/onion/static/images/onion_logo.png onstar-logo.png https://web.archive.org/web/20170322052352/https://upload.wikimedia.org/wikipedia/commons/thumb/b/bc/OnStar_2D_logo_2016.svg/320px-OnStar_2D_logo_2016.svg.png ford-logo.png https://web.archive.org/web/20170322062219/https://upload.wikimedia.org/wikipedia/commons/thumb/a/a0/Ford_Motor_Company_Logo.svg/320px-Ford_Motor_Company_Logo.svg.png +https-everywhere.png https://web.archive.org/web/20170326110055/https://www.eff.org/files/https-everywhere-banner.png diff --git a/slides.org b/slides.org index f9c29c0..65b2564 100644 --- a/slides.org +++ b/slides.org @@ -1,6 +1,5 @@ #+startup: beamer #+TITLE: The Surreptitious Assault on Privacy, Security, and Freedom -#+SUBTITLE: /**INCOMPLETE DRAFT PRESENTATION**/ #+AUTHOR: Mike Gerwitz #+EMAIL: mtg@gnu.org #+DATE: 26 March, LibrePlanet 2017 @@ -66,7 +65,7 @@ invasive topic-wise. * LACKING Slides :export:ignore: -** READY Introduction / Opening :B_fullframe: +** REHEARSED Introduction / Opening :B_fullframe: :PROPERTIES: :DURATION: 00:01 :BEAMER_env: fullframe @@ -83,19 +82,19 @@ I'm also a GNU Maintainer, software evaluator, and volunteer for various other duties. And I'm here to talk to you about an unfortunate, - increasingly unavoidable fact of life. + increasingly unavoidable fact of modern life. None of you made it here without being tracked in some capacity. Some of us are /still/ being tracked at this very moment! This isn't a tinfoil hat presentation. It's a survey of facts. -Since time isn't on my side here, - I'm going to present a broad overview of the most pressing concerns of - today, as it relates to everyone here. Every slide has numeric citations, which are associated with references on the final slides. I won't be showing them here---you can get them online. +Since time isn't on my side here, + I'm going to present a broad overview of the most pressing concerns of + today, as it hopefully relates to everyone here. My goal is to present you with enough information that you know that these things /exist/, and you know where to find more information about them. @@ -115,11 +114,11 @@ often used and dismissed as tinfoil-hat FUD.) ** AUGMENT Mobile [5/5] -*** READY Introduction :B_ignoreheading: +*** REHEARSED Introduction :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading :END: -**** READY Introduction :B_fullframe: +**** REHEARSED Introduction :B_fullframe: :PROPERTIES: :DURATION: 00:00:15 :BEAMER_env: fullframe @@ -130,9 +129,7 @@ often used and dismissed as tinfoil-hat FUD.) - <2> Excellent tracking devices #+BEGIN_COMMENT -How many of you are carrying a mobile phone right now? -Probably most of us. -They are something we carry with us everywhere. +Most of us in this room are probably carrying a mobile phone right now. They are computers that are always on. A phone is often synonymous with an individual; @@ -141,14 +138,14 @@ A phone is often synonymous with an individual; In other words: they're excellent tracking devices. #+END_COMMENT -*** READY Cell Towers [6/6] +*** REHEARSED Cell Towers [6/6] :PROPERTIES: :DURATION: 0:03 :END: -**** READY Fundamentally Needed +**** REHEARSED Fundamentally Needed :PROPERTIES: -:DURATION: 00:00:45 +:DURATION: 00:00:30 :END: ***** Summary @@ -157,6 +154,7 @@ In other words: they're excellent tracking devices. :END: - Phone needs tower to make and receive calls - Gives away approximate location\cite{pbs:nova:boston} +- Multiple towers: signal delay; triangulate ***** Tower Image :PROPERTIES: @@ -184,12 +182,10 @@ Some people don't use phones primarily for this reason. rms, for example, said he might use a phone if it could act as a pager, where he'd only need to expose his location once he is in a safe place. -You can imagine that such would be a very useful and important feature for - reporters and dissidents as well. #+END_COMMENT -**** READY Cell-Site Simulators +**** REHEARSED Cell-Site Simulators :PROPERTIES: :DURATION: 00:00:45 :END: @@ -217,15 +213,13 @@ You can imagine that such would be a very useful and important feature for #+BEGIN_COMMENT -Cell Site Simulators have made a lot of news in the past (including my local - news), +Cell Site Simulators have made a lot of news in the past, one of the most popular examples being the Stingray. These devices masquerade as cell towers. This allows (for example) law enforcement to get a suspect's phone to connect to _their_ device rather than a real tower, which allows their location to be triangulated, calls to be intercepted, - texts to be mined, etc. Law enforcement might also use it to record all devices in an area, such as during a protest. @@ -240,10 +234,10 @@ It is free software and is available on F-Droid. #+END_COMMENT -**** READY Verizon Metadata (Order) :B_fullframe: +**** REHEARSED Verizon Metadata (Order) :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe -:DURATION: 00:00:10 +:DURATION: 00:00:15 :END: #+BEGIN_CENTER @@ -256,9 +250,13 @@ Anyone remember this? This is the first Snowden leak--- the secret FISA court order that renewed the FBI Verizon metadata collection program. -``#+END_COMMENT -**** READY Ron Wyden :B_fullframe: +For those who may not know: + FISA is the Foreign Intelligence Surveillance Act, + and it established a secret court that usually also issues gag orders. +#+END_COMMENT + +**** REHEARSED Ron Wyden :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:15 @@ -275,9 +273,9 @@ angry.\cite{eff:jewel:evidence} #+END_QUOTE -**** READY Verizon Metadata +**** REHEARSED Verizon Metadata :PROPERTIES: -:DURATION: 00:00:30 +:DURATION: 00:00:40 :END: - <1-> June 2013---Guardian releases leaked document ordering Verizon to @@ -317,7 +315,7 @@ And pretty pissed off. #+END_COMMENT -**** READY Metadata Matters +**** REHEARSED Metadata Matters :PROPERTIES: :DURATION: 00:00:30 :END: @@ -335,14 +333,14 @@ And pretty pissed off. know what was discussed. #+BEGIN_COMMENT -There was quite the debate over how much ``metadata'' matters. +There was a debate over how much ``metadata'' matters. It matters a lot. Here's some quotes from an EFF article, as cited. -Hm. Metadata. +Metadata are important. #+END_COMMENT @@ -351,7 +349,7 @@ Hm. Metadata. :DURATION: 0:01 :END: -**** READY ESSID and MAC Broadcast +**** REHEARSED ESSID and MAC Broadcast :PROPERTIES: :DURATION: 00:01 :END: @@ -401,14 +399,14 @@ And of course, we do. #+END_COMMENT -*** READY Geolocation [3/3] +*** REHEARSED Geolocation [3/3] :PROPERTIES: :DURATION: 0:02 :END: -**** READY Global Positioning System (GPS) +**** REHEARSED Global Positioning System (GPS) :PROPERTIES: -:DURATION: 00:00:30 +:DURATION: 00:00:45 :END: #+BEGIN_CENTER @@ -424,35 +422,24 @@ And of course, we do. #+BEGIN_COMMENT Let's talk about geolocation! -Many people find them to be very convenient. -The most popular being GPS. +The most obvious being GPS. GPS isn't inherently a surveillance tool; it can't track you on its own. Your GPS device calculates its location based on signals broadcast by GPS satellites in line-of-site. -Because of the cool features it permits, - it's often enabled on devices. -And programs will track your movements just for the hell of it. -Or give an excuse to track you. +It's often enabled on devices, + and programs often abuse that privilege. I'm not saying there aren't legitimate uses. Navigation systems, - social media, - photo metadata, - finding nearby friends, + location-relative searches, finding lost phones--- - all of these things are legitimate. -You just need to be able to trust the software that you are running, -Often times, you can't. - -Even if you can, - if your device is owned, - they can just enable GPS and your location is known. + all of these things are legitimate. #+END_COMMENT -**** READY But I Want GPS! +**** REHEARSED But I Want GPS! :PROPERTIES: :DURATION: 00:00:40 :END: @@ -471,8 +458,7 @@ So you may legitimately want GPS enabled. It's terrible that you should be concerned about it. Are the programs you're using transparent in what they're sending? -A precondition to that answer is source code; - it's otherwise hard to say if a program is doing other things. +A precondition to that answer is source code. A study by the Wall Street Journal found that 47 of the 100 Android and iOS apps in 2010 shared your location with not only the developers, @@ -495,7 +481,7 @@ Some apps let you use pre-downloaded maps, #+END_COMMENT -**** READY Location Services +**** REHEARSED Location Services :PROPERTIES: :DURATION: 00:00:30 :END: @@ -503,25 +489,22 @@ Some apps let you use pre-downloaded maps, - <1-> No GPS? No problem! - <1-> Mozilla Location Services, OpenMobileNetwork, ... \cite{mozilla:loc-services,openmobilenetwork} -- <2-> Wifi Positioning System; Bluetooth networks; +- <1-> Wifi Positioning System; Bluetooth networks; nearby cell towers\cite{w:wps} - - <2-> Signal strength and SSIDs and MACs of Access Points + - <1-> Signal strength and SSIDs and MACs of Access Points \cite{w:trilateration,acm:spotfi,acm:lteye} -- <3-> Some gathered by Google Street View cars -- <3-> Your device may report back nearby networks to build a more +- <2-> Some gathered by Google Street View cars +- <2-> Your device may report back nearby networks to build a more comprehensive database -- <4-> Works even where GPS and Cell signals cannot penetrate - - <4-> Can be /more/ accurate than GPS (e.g. what store in a shopping mall) +- <3-> Works even where GPS and Cell signals cannot penetrate + - <3-> Can be /more/ accurate than GPS (e.g. what store in a shopping mall) #+BEGIN_COMMENT But GPS doesn't need to be available. -Have you ever used a map program on a computer that asked for your location? -How does it do that without GPS? +Have you ever used a program on a computer that asked for your location? -There are numerous services available to geolocate based on nearby access - points, bluetooth networks, and cell towers. -Based on the signal strength of nearby WiFi networks, - your position can be more accurately trangulated. +There are numerous services available to geolocate based on signal strength + of nearby access points; bluetooth networks; and cell towers. Some of these data are gathered by Google Street View cars. Devices that /have/ GPS, like your phone might also be reporting back nearby @@ -534,14 +517,14 @@ And it works where GPS and maybe even cell service don't, such as inside So just because GPS is off does not mean your location is unknown. #+END_COMMENT -*** READY Operating System [3/3] +*** REHEARSED Operating System [3/3] :PROPERTIES: -:DURATION: 0:02 +:DURATION: 0:01 :END: -**** READY Untrusted/Proprietary OS +**** REHEARSED Untrusted/Proprietary OS :PROPERTIES: -:DURATION: 00:00:40 +:DURATION: 00:00:30 :END: - <1-> Who does your phone work for? @@ -571,9 +554,9 @@ In November of last year it was discovered that these popular phones That software could also remotely execute code on the device. #+END_COMMENT -**** READY Free/Libre Mobile OS? +**** REHEARSED Free/Libre Mobile OS? :PROPERTIES: -:DURATION: 00:00:30 +:DURATION: 00:00:20 :END: - <1-> Android is supposedly free software - <1-> But every phone requires proprietary drivers, or contains @@ -595,16 +578,12 @@ Unfortunately, and is loaded with proprietary software. Does anyone here use Replicant? -I do. -Replicant is a fully free Android fork. -I feel like I can at least trust my phone a little bit, - but I still consider any data on it to be essentially compromised in the - sense that I can't be confident in my ability to audit it and properly - secure the device. +It is a fully free Android fork. +I feel like I can at least trust my phone a little bit. #+END_COMMENT -**** READY Modem Isolation +**** REHEARSED Modem Isolation :PROPERTIES: :DURATION: 00:00:30 :END: @@ -628,8 +607,8 @@ So even with Replicant, #+END_COMMENT -*** Vehicles -**** READY Introduction :B_fullframe: +*** REHEARSED Vehicles +**** REHEARSED Introduction :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:05 @@ -644,7 +623,7 @@ Okay, how about something else that's mobile: your car. #+END_COMMENT -**** READY OnStar :B_fullframe: +**** REHEARSED OnStar :B_fullframe: :PROPERTIES: :DURATION: 00:00:30 :BEAMER_env: fullframe @@ -681,11 +660,12 @@ The first thing I did when I got home with the car was get out the manual, How much could it possibly track? Well, here's the relevant portion of the OnStar privacy policy. -Let alone security...we'll cover that in a little bit. +And since 2011, they retain GPS and system data to sell to third parties, + presumably like insurers. #+END_COMMENT -**** READY Ford :B_fullframe: +**** REHEARSED Ford :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:25 @@ -718,14 +698,14 @@ It's a problem that VPs don't think this is a problem and will just say it -** AUGMENT Stationary [5/5] -*** READY Introduction [1/1] :B_ignoreheading: +** REVIEWED Stationary [5/5] +*** READY Introduction [0/1] :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading :END: -**** READY Introduction :B_fullframe: +**** REVIEWED Introduction :B_fullframe: :PROPERTIES: -:DURATION: 00:00:15 +:DURATION: 00:00:25 :BEAMER_env: fullframe :END: @@ -733,46 +713,33 @@ It's a problem that VPs don't think this is a problem and will just say it \large ``If you've got nothing to hide, you've got nothing to\nbsp{}fear.''\cite{rosen:naked,solove:nothing-to-hide,metro:goebbels} + +\hfill---Joeseph Gobbels, Nazi propaganda minister + +#+BEAMER: \uncover<2>{ +\hfill---Richard Graham, British MP +#+BEAMER: } #+END_QUOTE #+BEGIN_COMMENT Well, speaking of stupid quotes! So let's say you have evaded that type of tracking. -Maybe you don't carry a phone. -You don't drive or you drive a car instead of a computer. -Or maybe you've mitigated those threats in some way. +Maybe you don't carry a phone, + or drive a car instead of a computer. + +This quote. +It's by a Nazi minister for Enlightenment and Propaganda. +It's also by the British member of paralement defending a British + surveillance program. There's certain things that are nearly impossible to avoid. - -This quote. We'll get back to it. #+END_COMMENT -*** READY Surveillance Cameras (CCTV) [5/5] -**** READY Unavoidable Surveillance +*** READY Surveillance Cameras (CCTV) [4/4] +**** REHEARSED Private Cameras in Plain View; Tinderloin, SF :PROPERTIES: -:DURATION: 00:00:10 -:END: - -- Certain types of tracking are unavoidable -- Security cameras are everywhere - \cite{intercept:nyc-surveil,cbs:sf-smile,fast:das} - - Businesses - - Traffic - - Streets/sidewalks - - Public transportation - -#+BEGIN_COMMENT -On the way here, - you likely walked by numerous security cameras. -They could be security cameras for private businesses. -Traffic cameras. -Cameras on streets to deter crime. -#+END_COMMENT - -**** READY Private Cameras in Plain View; Tinerloin, SF -:PROPERTIES: -:DURATION: 00:00:30 +:DURATION: 00:00:20 :END: #+BEGIN_CENTER @@ -788,10 +755,8 @@ really not realistic anymore,'' ---Nadia Kayyali, EFF\cite{cbs:sf-smile} #+END_QUOTE #+BEGIN_COMMENT -This is a map of private surveillance cameras in plain view around SF's - Tenderloin neighborhood. -Obviously your city or town might be different. -Could be worse, even. +This is a map of private surveillance cameras in plain view around a + San Francisco neighborhood. And these are just the ones that the DA's office found in /plain view/! @@ -804,7 +769,7 @@ Alright, so a bunch of private entities have you on camera; #+END_COMMENT -**** READY Access to Data +**** REHEARSED Access to Data :PROPERTIES: :DURATION: 00:00:45 :END: @@ -841,9 +806,9 @@ The best form of privacy is to avoid having the data be collected to begin #+END_COMMENT -**** READY Domain Awareness System (Intro) :B_fullframe: +**** REHEARSED Domain Awareness System (Intro) :B_fullframe: :PROPERTIES: -:DURATION: 00:00:30 +:DURATION: 00:00:40 :BEAMER_env: fullframe :END: @@ -868,38 +833,42 @@ The best form of privacy is to avoid having the data be collected to begin ...but what if law enforcement didn't have to go door-to-door? Let's talk about the NYPD's Domain Awareness System. +That quote from the British MP and Nazi guy--- + it was in reference to the system that served as the basis for this one. -It was designed in part from the usual unjustifiable and irrational response - to terrorism threats after 9/11. +It was designed in part for supposed terrorism threats after 9/11. But any data this system collects for ``legtimate'' law enforcement or public safety purposes can be used against you. + +You may not know this, though, because they may not want to bring this + evidence to court. +There's a disgraceful practice of ``parallel construction'', + where law enforcement will instead---after having found whether a person + is, say, guilty of a crime---go find other unrelated evidence to prove it. #+END_COMMENT -**** READY Domain Awareness System +**** REHEARSED Domain Awareness System :PROPERTIES: -:DURATION: 00:01:15 +:DURATION: 00:00:50 :END: - <1-> Partnership between the NYPD and Microsoft at a cost of $230M in\nbsp{}2013\cite{reuters:nypd-das,nyc:pspg} - <1-> Surveillance cameras, license plate readers, radiation detectors, 911\nbsp{}system, criminal records, \ldots -- <2-> \gt 6,000 surveillance cameras, $2\over 3$ private +- <1-> \gt 6,000 surveillance cameras, $2\over 3$ private businesses\cite{reuters:nypd-das,pbs:nova:boston} -- <3-> Database of over 16\nbsp{}million plates, +- <2-> Database of over 16\nbsp{}million plates, every car going into Lower Manhatten\cite{reuters:nypd-das,pbs:nova:boston} -- <4-> Can search in seconds for terms like +- <3-> Can search in seconds for terms like ``red baseball cap''\cite{reuters:nypd-das,pbs:nova:boston} -- <4-> Detects ``suspicious behaviors'' like unattended bags and +- <3-> Detects ``suspicious behaviors'' like unattended bags and circling cars\cite{reuters:nypd-das,pbs:nova:boston} #+BEGIN_COMMENT The Domain Awareness System is a partnership between Microsoft and the NYPD. It's mammoth. -It's pretty amazing---it's like science fiction. -But I care about privacy, - so instead I'm going to use adjectives like ``Orwellian'' and ``Kafkaesque''. It contains over six thousand security cameras, over two-thirds of which are private closed-circuit cameras. @@ -913,14 +882,6 @@ It can search in seconds for very specific terms, If it finds an unattended bag, you can rewind to find who left it. -A lot of us are programmers--- - think about the realtime analysis of all of these frames. -It really is a fascinating field to work in. -But there's serious ethical concerns with how it's applied. - -This thing also integrates the 911 system, radiation detectors, criminal - records, etc. - This is the direction we're heading in--- these things will only spread. In fact, @@ -929,7 +890,7 @@ In fact, *** READY Driver Surveillance [3/3] -**** READY Automated License Plate Readers (ALPRs) +**** REHEARSED Automated License Plate Readers (ALPRs) :PROPERTIES: :DURATION: 00:00:30 :END: @@ -982,6 +943,7 @@ The ACLU has an excellent report on it, :PROPERTIES: :DURATION: 00:00:30 :END: + - <1-> Electronic toll booth using RFIDs or ALPRs\cite{eff:golden-gate-toll} - <1-> In the North-East we have E-ZPass (RFID)\cite{w:ezpass} - <1-> Golden Gate Bridge requires FasTrack or plate-based @@ -989,17 +951,15 @@ The ACLU has an excellent report on it, using cash\cite{goldengate:anon} - <2-> (Granted, you're still captured by an ALPR) - <3-> Routinely used by law enforcement\cite{baynews:fastack-data} -- <4-> They're not very secure, +- <3-> ...and divorce cases, in case of FasTrack +- <4-> They're not very secure---easily cloned either\cite{blackhat:toll-systems,register:rfid-clone} #+BEGIN_COMMENT -The other is automatic toll readers. - Electronic toll booths are replacing traditional cash-based tolls. Some places require it, like the Golden Gate Bridge. -I was unsettled when I heard my county discussing it. -One option is windshield-mounted RFIDs. +Windshild-mounted RFIDs or ALPRS. In the North-East, we have E-ZPass. For the Golden Gate Bridge, FasTrack. @@ -1012,7 +972,7 @@ And they have their security issues; #+END_COMMENT -**** READY Akin To GPS Tracking +**** REHEARSED Akin To GPS Tracking :PROPERTIES: :DURATION: 00:00:30 :END: @@ -1035,12 +995,11 @@ If you have ALPRs and other surveillance systems throughout the same area With much less risk, too---no secret device that may be discovered. That's for a court to eventually decide. -But it's a useful comparison against precedent. #+END_COMMENT *** AUGMENT Internet of Things [13/13] -**** READY Internet-Connected Cameras :B_fullframe: +**** REHEARSED Internet-Connected Cameras :B_fullframe: :PROPERTIES: :DURATION: 00:00:35 :BEAMER_env: fullframe @@ -1070,27 +1029,24 @@ Like home security systems. Baby monitors. #+END_COMMENT -**** READY The ``S'' In IoT Stands For ``Security'' +**** REHEARSED The ``S'' In IoT Stands For ``Security'' :PROPERTIES: -:DURATION: 00:00:50 +:DURATION: 00:00:35 :END: - <1-> Shodan---IoT search engine\cite{shodan} - - <2-> You'll also find other things. Secure your databases. + - <1-> You'll also find other things. Secure your databases. \cite{krebs:mongodb} -- <2-> Can search for specific devices -- <2-> If you are vulnerable, someone will find you -- <3-> Top voted search was ``Webcam'' when I was writing this slide + - <1-> Can search for specific devices +- <1-> If you are vulnerable, someone will find you + - <1-> Mirai---620Gbps DDoS Krebs; 1Tbps OVH #+BEGIN_COMMENT Who here has heard of Shodan? Shodan is a search engine for the Internet of Things. -It spiders for Internet-connected devices and indexes them. -Okay, that's to be expected. -Maybe that wouldn't be a problem if NAT configuration weren't subverted by - UPnP. -Or maybe it wouldn't be a problem if these devices even gave a moment of +It scours for Internet-connected devices and indexes them. +Maybe it wouldn't be a problem if these devices even gave a moment of thought to security. It also indexes other interesting things. @@ -1098,19 +1054,15 @@ For example, it was used to find unsecured MongoDB instances so that the attackers could hold data for ransom. -So people can find your stuff. -If an attacker knows that some device is vulnerable, - Shodan can be used to search for that device. - -At the time I was writing this, - the top voted search under "Explore" was "Webcam". -Followed by "Cams", "Netcam", and "default password". +Mirai is malware that took advantage of default usernames and passwords + for over 60 devices to create a massive botnet that carried out the + largest DDoS attacks in history. #+END_COMMENT -**** READY Who's Watching? +**** REHEARSED Who's Watching? :PROPERTIES: -:DURATION: 00:00:20 +:DURATION: 00:00:15 :END: ***** Screenshot @@ -1135,8 +1087,7 @@ Followed by "Cams", "Netcam", and "default password". #+BEGIN_COMMENT -But Shodan isn't the only thing out there. -Anyone heard of Insecam? +What about Insecam? It's a site that aggregates live video feeds of unsecured IP cameras. Your browser connects directly to the cameras--- @@ -1146,10 +1097,10 @@ I can tell you personally that you feel like a scumbag looking at the site. #+END_COMMENT -**** READY Insecam Example 1 :B_fullframe: +**** REHEARSED Insecam Example 1 :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe -:DURATION: 00:00:40 +:DURATION: 00:00:30 :END: #+BEGIN_CENTER @@ -1187,10 +1138,10 @@ Somewhat cool, even. Let's get a little more personal. #+END_COMMENT -**** READY Example 2 :B_fullframe: +**** REHEARSED Example 2 :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe -:DURATION: 00:01:00 +:DURATION: 00:00:35 :END: #+BEGIN_CENTER @@ -1222,19 +1173,12 @@ This is an excellent example to demonstrate to others why this is such a big deal. This should make anyone feel uncomfortable. -Especially those home cameras. -I wish I knew whose camera that was, - so that they could be notified. These people are unaware. And these manufactuers set them up for this. - -Even if you can't find a camera on this site, - Shodan might have indexed it; - just connect. #+END_COMMENT -**** READY Smart TVs (Samsung Privacy Policy) :B_fullframe: +**** REHEARSED Smart TVs (Samsung Privacy Policy) :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:30 @@ -1263,7 +1207,7 @@ It was compared to George Orwell's telescreens. #+END_COMMENT -**** READY Smart TVs (Weeping Angel) :B_fullframe: +**** REHEARSED Smart TVs (Weeping Angel) :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:30 @@ -1329,7 +1273,7 @@ If Samsung isn't listening, #+END_COMMENT -**** READY Smart TV Ransomware (LG) +**** REHEARSED Smart TV Ransomware (LG) :PROPERTIES: :DURATION: 00:00:15 :END: @@ -1351,7 +1295,16 @@ This is an LG Smart TV owned by Android ransomware. #+END_COMMENT -**** READY Amazon Echo---Always Listening +**** REHEARSED Vulnerabilties Equities Process (VEP) + +- Whether or not government should disclose vulnerability +- Hoarding is dangerous (Shadow Brokers / Equation Group; Vault 7 / CIA) +- Apple v. FBI +- <2> *Makes us less safe!* + - <2> ``Cyberweapon'' is an exploit---it cannot be contained + + +**** REHEARSED Amazon Echo---Always Listening :PROPERTIES: :DURATION: 00:00:45 :END: @@ -1386,7 +1339,6 @@ This is an LG Smart TV owned by Android ransomware. - <2-> Hardware switch for microphone #+BEGIN_COMMENT -Personal assistants have become pretty popular. Amazon Echo is one of those ``always-listening'' devices that can do your bidding. But since it performs voice recognition on Amazon's servers, @@ -1408,7 +1360,7 @@ A device like this needs to do voice recognition locally, #+END_COMMENT -**** READY Consder the Benign +**** REHEARSED Consder the Benign :PROPERTIES: :DURATION: 00:00:20 :END: @@ -1432,7 +1384,7 @@ There are door and window sensors. #+END_COMMENT -**** READY Creepy-Ass Children's Toys? +**** REHEARSED Creepy-Ass Children's Toys? :PROPERTIES: :DURATION: 00:00:15 :END: @@ -1460,7 +1412,7 @@ A couple years ago you'd only find a headline like this in something like -**** READY ALPRs Wide Open +**** REHEARSED ALPRs Wide Open :PROPERTIES: :DURATION: 00:00:20 :END: @@ -1470,7 +1422,7 @@ A couple years ago you'd only find a headline like this in something like [[./images/tp/alpr-pips.png]]\incite{eff:alpr} #+END_CENTER -- John Matherly (Shodon author) noticed many web-accessible PIPS +- John Matherly (Shodan author) noticed many web-accessible PIPS control panels - Other researcher found some accessible via telnet\cite{darius:alpr-telnet} @@ -1488,9 +1440,9 @@ In both cases, #+END_COMMENT -**** READY Biometrics +**** REHEARSED Biometrics :PROPERTIES: -:DURATION: 00:01:00 +:DURATION: 00:00:50 :END: - <1-> Humans no longer need to scour video @@ -1502,13 +1454,13 @@ In both cases, algorithms\cite{pbs:nova:boston,wired:pixel-face,arxiv:google-pixel-res} - <3-> No face? Check your gait.\cite{ieee:gait,ijca:gait} - <4-> No gait? Well\ldots whatever, just ask Facebook.\cite{newsci:fb-noface} -- <5-> Even fingerprints and iris from high-resolutions photos\cite{bio:iris} +- <5-> Even fingerprints and iris from high-resolutions photos + (defeat Apple's TouchID)\cite{bio:iris} #+BEGIN_COMMENT Now let's couple that with facial recognition. Consider the breadth of devices we just covered. -Literally everywhere. People don't need to manually look for you anymore; it's automated. Hell, any of us can download a free (as in freedom) library to do facial @@ -1528,16 +1480,13 @@ Facebook famously got even creepier by saying it could recognize people by Your fingerprints and iris data can even be extracted from high-resolution photos; a cracker used such a method to defeat Apple's TouchID by making a mould. - -There's a lot more to say about IoT. -We'll come back to it. #+END_COMMENT *** READY Social Media [1/1] -**** READY Collateral Damage +**** REHEARSED Collateral Damage :PROPERTIES: -:DURATION: 00:00:45 +:DURATION: 00:00:40 :END: - <1-> Please don't put pictures of me on Facebook\cite{rms:facebook} @@ -1546,9 +1495,7 @@ We'll come back to it. damage\cite{register:fb-scan,guardian:fb-scan,pbs:nova:boston} #+BEGIN_COMMENT -So you don't have any unsecured IoT cameras in your home. -Or in this conference. -But you do have unsecured people running wild with their photos and their +You also have unsecured people running wild with their photos and their selfies. I'm sure you've heard a frequent request/demand from rms: @@ -1556,7 +1503,6 @@ I'm sure you've heard a frequent request/demand from rms: It's excellent surveillance. What irks me is when people try to take pictures of my kids, or do and ask if they can put them online. -Uh, no. You cannot. And people are sometimes surprised by that refusal. Most people are being innocent--- @@ -1565,16 +1511,15 @@ What they're actually doing is inflicting collateral damage. If I'm off in the background when you take a picture of your friends in the foreground, I'm still in the photo. -Just something to consider when taking photos of others.. #+END_COMMENT ** AUGMENT The Web [7/7] -*** READY Introduction [1/1] :B_ignoreheading: +*** READY Introduction [1/1] :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading :END: -**** READY Introduction :B_fullframe: +**** REHEARSED Introduction :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:10 @@ -1588,17 +1533,14 @@ Just something to consider when taking photos of others.. But you're not just tracked in the flesh. Much of what we do today is virtual. So, naturally, there are those that want to bridge them. - -There's a lot of research and methods to achieve this; - we're only going to explore one of the most startling ones. #+END_COMMENT -*** READY Bridging the Gap [3/3] -**** READY FTC: They're Watching You :B_fullframe: +*** REHEARSED Bridging the Gap [3/3] +**** REHEARSED FTC: They're Watching You :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe -:DURATION: 00:00:40 +:DURATION: 00:00:15 :END: #+BEGIN_CENTER @@ -1607,21 +1549,15 @@ There's a lot of research and methods to achieve this; #+BEGIN_COMMENT This is a sample letter template from the FTC. -It states: . A challenge for advertisers is correlating users across multiple devices, and in the real world. -Let's say you saw a commercial for some product Foo on TV. -And then you went online to research Foo. -And then you bought Foo. - -Sometimes commercials have you enter promo codes online to know that you - arrived at the site from a TV commercial. -Or give you a unique URL. +Sometimes commercials have you enter promo codes, + or give you a unique URL. #+END_COMMENT -**** READY Ultrasound Tracking +**** REHEARSED Ultrasound Tracking :PROPERTIES: :DURATION: 00:00:15 :END: @@ -1665,9 +1601,9 @@ There are other companies too; #+END_COMMENT -**** READY Ultrasound Cross-Device Tracking (uXDT) +**** REHEARSED Ultrasound Cross-Device Tracking (uXDT) :PROPERTIES: -:DURATION: 00:00:45 +:DURATION: 00:00:20 :END: - <1-> Termed ``Ultrasound Cross-Device Tracking'' @@ -1687,25 +1623,20 @@ How do you go about mitigating this type of threat? Well, researchers studying this issue wrote SilverDog, a Chromium addon to filter HTML5 audio to remove ultrasonic frequencies. That doesn't help with TorBrowser, though, which is FF-based. -The reserachers also propose a change to the Android permission system for - audio. This type of thing only works when you're keeping some serious secrets. That's easy to do with proprietary software. Much riskier to do (but not impossible) with free software. For websites, don't run untrusted JavaScript code; block it with an addon like NoScript. -We'll get into that in a little bit. You can also turn off the device when not in use, and maybe keep it away from other media. -This is far from the only mobile threat; - you may want to take precautions for other things anyway. #+END_COMMENT -*** READY Analytics [4/4] -**** READY Introduction :B_fullframe: +*** REHEARSED Analytics [4/4] +**** REHEARSED Introduction :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:15 @@ -1741,14 +1672,14 @@ But this has science! #+END_COMMENT -**** READY Trackers +**** REHEARSED Trackers :PROPERTIES: :DURATION: 00:00:15 :END: -- <1-> Website owners want to know what their visitors are doing - - <1-> That in itself isn't an unreasonable concept -- <2-> Methods and data define the issue +- Website owners want to know what their visitors are doing + - That in itself isn't an unreasonable concept +- Methods and data define the issue #+BEGIN_COMMENT Website owners want to know what their visitors are doing. @@ -1758,9 +1689,9 @@ That in itself isn't an unreasonable thing, broadly speaking, #+END_COMMENT -**** READY Google Analytics +**** REHEARSED Google Analytics :PROPERTIES: -:DURATION: 00:00:30 +:DURATION: 00:00:15 :END: ***** GA Dashboard @@ -1807,9 +1738,9 @@ And because services like GA, AdWords, etc are so widely used, #+END_COMMENT -**** READY Piwik +**** REHEARSED Piwik :PROPERTIES: -:DURATION: 00:00:20 +:DURATION: 00:00:15 :END: ***** Dashboard @@ -1829,9 +1760,9 @@ And because services like GA, AdWords, etc are so widely used, :BEAMER_col: 0.35 :END: -- <2-> Data on **your own servers**\cite{mtg:gitlab-piwik} -- <2-> Visitor privacy settings\cite{piwik:privacy} -- <2-> Privacy as a site owner +- Data on **your own servers**\cite{mtg:gitlab-piwik} +- Visitor privacy settings\cite{piwik:privacy} +- Privacy as a site owner #+BEGIN_COMMENT If you must track your users, consider using Piwik, which you can host @@ -1842,12 +1773,16 @@ Pwik has some user privacy settings to anonymize, remove logs, respect DNT, provide opt-out, etc. It also gives website owners some privacy by not leaking paths and other information about the website: + +I shout out to GitLab---I suggested that they replace GA with Piwik on their + instance, + and they did with no resistence. #+END_COMMENT -*** READY Social Networking -**** READY Like Buttons +*** REHEARSED Social Networking +**** REHEARSED Like Buttons :PROPERTIES: -:DURATION: 00:00:30 +:DURATION: 00:00:20 :END: #+BEGIN_CENTER @@ -1855,10 +1790,10 @@ It also gives website owners some privacy by not leaking paths and other [[./images/tp/fb-like.png]]\incite{w:fb-like-img} #+END_CENTER -- <2-> Infecting the Web with trackers under guise of - community\cite{pnas:predict,w:behavioral-targeting,uld:fb} -- <2-> Tracks regardless of whether you are logged in to Facebook - \cite{bloomberg:belgum-fb,roosendaal:fb-like,networks-of-control} +- Infecting the Web with trackers under guise of + community\cite{pnas:predict,w:behavioral-targeting,uld:fb} +- Tracks regardless of whether you are logged in to Facebook + \cite{bloomberg:belgum-fb,roosendaal:fb-like,networks-of-control} #+BEGIN_COMMENT Another popular example are "like buttons" and similar little widgets that @@ -1878,8 +1813,8 @@ But even if you don't have a Facebook account, #+END_COMMENT -*** READY Fingerprinting [3/3] -**** READY Summary :B_fullframe: +*** REHEARSED Fingerprinting [3/3] +**** REHEARSED Summary :B_fullframe: :PROPERTIES: :DURATION: 00:00:10 :BEAMER_env: fullframe @@ -1891,11 +1826,11 @@ But even if you don't have a Facebook account, #+BEGIN_COMMENT These methods are part of a broader topic called ``fingerprinting''. It's just what it sounds like: - uniquely identify users online. + uniquely identify users online and across devices and such. #+END_COMMENT -**** READY EFF Research :B_fullframe: +**** REHEARSED EFF Research :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:20 @@ -1939,7 +1874,7 @@ Very creative ones. #+END_COMMENT -**** READY Alarmingly Effective +**** REHEARSED Alarmingly Effective :PROPERTIES: :DURATION: 00:00:45 :END: @@ -1957,8 +1892,6 @@ We don't have time to get into much detail on how it works; I provided plenty of resources for that. But there are some interesting ones. -We don't just have to rely on basic browser-provied information like user - agent, fonts, and cookies anymore. How about tracking how the user moves her mouse and scrolls? What about keystroke analysis? Random noise from audio? @@ -1971,23 +1904,20 @@ They can fingerprint even if the user opens a different browser, Some are behavioral. Keystroke patterns will persist wherever the user goes. - -We'll get into some defenses in a bit. #+END_COMMENT -*** READY Incentive to Betray [2/2] -**** READY Summary :B_fullframe: +*** REHEARSED Incentive to Betray [2/2] +**** REHEARSED How Does This Happen? :PROPERTIES: :DURATION: 00:00:30 -:BEAMER_env: fullframe :END: -- <1-> There is strong incentive to betray - - <2> Money (advertising) - - <2> Attention & praise - - <2> ``Business intelligence'' +- There is strong incentive to betray + - Money (advertising) + - Attention & praise + - ``Business intelligence'' #+BEGIN_COMMENT So how does tracking happen? @@ -2008,7 +1938,7 @@ They're unknowing pawns in the Web of surveillance. #+END_COMMENT -**** READY Web of Surveillance :B_fullframe: +**** REHEARSED Web of Surveillance :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:45 @@ -2035,9 +1965,7 @@ And I do mean a Web of surveillance. This is LightBeam. It's an addon for Firefox that graphs first- and third-party sites that you - visit, - providing you with a visualization of the Web that's hidden from most - users. + visit. I created a new FF profile and installed the addon; none of my privacy settings or other addons I'm used to. You can see at the top that I visited five websites: @@ -2050,17 +1978,13 @@ NYT alone connected to 47 different third parties! I was blown away. - -Some of these are trackers. -Some of them are remotely hosted scripts and fonts and media. - So let me show you what I'm used to seeing. This is what happens when I try to mitigate some of these threats. #+END_COMMENT -*** READY Mitigations & Anonymity [8/8] -**** READY Summary :B_fullframe: +*** REHEARSED Mitigations & Anonymity [8/8] +**** REHEARSED Summary :B_fullframe: :PROPERTIES: :DURATION: 00:00:05 :BEAMER_env: fullframe @@ -2078,7 +2002,7 @@ Well, it depends on your threat model, #+END_COMMENT -**** READY Disable the Damn JavaScript! +**** REHEARSED Disable the Damn JavaScript! :PROPERTIES: :DURATION: 00:00:50 :END: @@ -2088,19 +2012,19 @@ Well, it depends on your threat model, [[./images/tp/noscript.png]] #+END_CENTER -#+BEAMER: \only<2-3>{ -- <2-3> Preempt most sophisticated and damning fingerprinting methods - - <2-3> Stop hardware profiling - - <2-3> Stop keystroke/mouse analysis\cite{ijcseit:biometric} - - <3> Remember those audio beacons?\cite{bleep:ultrasound-tor} +#+BEAMER: \only<2>{ +- Preempt most sophisticated and damning fingerprinting methods + - Stop hardware profiling + - Stop keystroke/mouse analysis\cite{ijcseit:biometric} + - Remember those audio beacons?\cite{bleep:ultrasound-tor} #+BEAMER: } -#+BEAMER: \only<4-5>{ -- <4-> Running arbitrary untrusted, unsigned, ephemeral code - (/also\nbsp{}from many third parties/)\cite{mtg:rof} - - <4-> /Restore Online Freedom!/ (My LibrePlanet 2016 talk) - - <5-> LibreJS blocks non-free, but free doesn't mean free of malice +#+BEAMER: \only<3>{ +- Running arbitrary untrusted, unsigned, ephemeral code + (/also\nbsp{}from many third parties/)\cite{mtg:rof} + - /Restore Online Freedom!/ (My LibrePlanet 2016 talk) + - LibreJS blocks non-free, but free doesn't mean free of malice #+BEAMER: } -#+BEAMER: \only<6>{ +#+BEAMER: \only<4>{ - NoScript blocks JavaScript based on URL patterns\cite{noscript} - /Warning:/ Allows some sites by default! - Also blocks media and fonts; provides XSS and clickjacking prevention @@ -2115,23 +2039,25 @@ I write a lot of JavaScript for a living. My GNU project is ease.js, which is a JavaScript library. And yet, /I only allow JavaScript to execute on a few websites!/. -Even on most websites I trust, I don't. +You're runnning untrusted, unsigned, ephemeral code, + often from many third parties! +But I've already given that talk--- + see Restore Online Freedom! from last year! + Some people run LibreJS, and I support that project. But note that free software doesn't mean free of malice; LibreJS solves a different problem than the one I'm describing--- - when you /do/ allow JS to run, it should be free. + when you /do/ allow JS to run, ought to be free. It's probably obvious from the logo that I'm talking about the NoScript addon. It does more than just block JS--- - it also blocks media, custom fonts, protects against certain types of XSS - and clickjacking attacks, and more. -If you don't know those are, that's okay. + it also blocks certain types of attacks. #+END_COMMENT -**** READY LightBeam NoScript :B_fullframe: +**** REHEARSED LightBeam NoScript :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:15 @@ -2159,14 +2085,12 @@ And here it is after running NoScript with no whitelist. Without any other mitigations. Obviously results will vary depending on the website. - -We're going to get back to JS soon. #+END_COMMENT -**** READY Block Ads and Trackers +**** REHEARSED Ads/Trackers; Security :PROPERTIES: -:DURATION: 00:00:45 +:DURATION: 00:00:40 :END: #+BEGIN_CENTER #+ATTR_LATEX: :height 0.75in @@ -2178,7 +2102,7 @@ We're going to get back to JS soon. #+END_CENTER - /Privacy Badger/ blocks trackers\cite{eff:privacy-badger,lp:2016:privacy-badger} -- /uBlock_0/ filters (primarily) ads\cite{gh:ublock-origin} +- /uBlock_0/ ``wide-spectrum blocker''\cite{gh:ublock-origin} - /Self-Destructing Cookies/ clears cookies and LocalStorage\cite{moz:sd-cookies} @@ -2203,7 +2127,17 @@ I don't have time to go into technical details, unfortunately. #+END_COMMENT -**** READY Anonymity :B_fullframe: +**** REHEARSED HTTPS Everywhere :B_fullframe: +:PROPERTIES: +:BEAMER_env: fullframe +:END: + +#+BEGIN_CENTER +[[./images/tp/https-everywhere.png]] +#+END_CENTER + + +**** REHEARSED Anonymity :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:15 @@ -2211,19 +2145,19 @@ I don't have time to go into technical details, unfortunately. #+BEGIN_CENTER #+BEAMER: \only<1>{ -#+BEAMER: {\Huge Anonymity} - -\bigskip -Origin is unknown to server; no unique identifier known -by\nbsp{}server\incite{whonix:donot} -#+BEAMER: } -#+BEAMER: \only<2>{ #+BEAMER: {\Huge Pseudonymity} \bigskip Origin is unknown to server; unique identifier /is\nbsp{}available/ to\nbsp{}server\incite{whonix:donot} #+BEAMER: } +#+BEAMER: \only<2>{ +#+BEAMER: {\Huge Anonymity} + +\bigskip +Origin is unknown to server; no unique identifier known +by\nbsp{}server\incite{whonix:donot} +#+BEAMER: } #+END_CENTER #+BEGIN_COMMENT @@ -2237,7 +2171,7 @@ In the former case, #+END_COMMENT -**** READY IANAAE :B_fullframe: +**** REHEARSED IANAAE :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:15 @@ -2259,7 +2193,7 @@ I provide a number of resources to get you started. #+END_COMMENT -**** READY The Tor Network +**** REHEARSED The Tor Network :PROPERTIES: :DURATION: 00:00:45 :END: @@ -2288,22 +2222,16 @@ The packet is routed through a number of servers, encrypted with the public key of each server such that the first hop strips off the first layer and so on, like an onion. -The exit node reveals the packet and delivers it to the destination, - then begins relaying the reply back to through the network to the - requesting user. -As long as a sufficient portion of the network can be trusted and has not - been compromised by an adversary, +Barring certain very important technical details, it should not be possible to figure out that path. -The most common use of Tor is to route web traffic. - -There are lots of other details that I don't have time to get to here, - but I provide a number of resources for you. +There are caveats. +Please do your research. #+END_COMMENT -**** READY TorBrowser, Tails, and Whonix +**** REHEARSED TorBrowser, Tails, and Whonix :PROPERTIES: :DURATION: 00:01:30 :END: @@ -2348,8 +2276,6 @@ That is difficult and nuanced advice to give, For some people, that's enough. If your threat model involves only advertisers and other snoopers, you might be okay with Tor and privacy extensions. -For nearly all of my Web traffic, - that's what I care about. But if you're a dissident, and your life is in danger, @@ -2360,7 +2286,7 @@ If you are worried about government surveillance or cracking, It's hard to secure a web browser. TorBrowser is a hardened version of Firefox. -The Tor browser recommends that you don't rely on a vanilla Firefox for +The Tor Project recommends that you don't rely on a vanilla Firefox for anonymity with Tor. The operating system needs hardening. @@ -2384,11 +2310,11 @@ There's obvious tradeoffs there for both; ** AUGMENT Data and Profiling [4/4] -*** READY Introduction :B_ignoreheading: +*** REHEARSED Introduction :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading :END: -**** READY Introduction :B_fullframe: +**** REHEARSED Introduction :B_fullframe: :PROPERTIES: :DURATION: 00:00:05 :BEAMER_env: fullframe @@ -2413,10 +2339,10 @@ This is a ``big data'' problem. You might also hear this called ``business intelligence''. #+END_COMMENT -*** READY Those Who Spy -**** READY Data Brokers +*** REHEARSED Those Who Spy +**** REHEARSED Data Brokers :PROPERTIES: -:DURATION: 00:00:15 +:DURATION: 00:00:10 :END: ***** Lightbeam Reminder @@ -2439,12 +2365,9 @@ You might also hear this called ``business intelligence''. Back to that Lightbeam graph of third parties. Ghostery has a list of third parties receiving web and app data. There's over 3,000 of them. - -Looking at this graph from a few sites, - that might not be too surprising. #+END_COMMENT -**** READY Oracle Identity Graph +**** REHEARSED Oracle Identity Graph :PROPERTIES: :DURATION: 00:00:30 :END: @@ -2474,7 +2397,7 @@ Look at that last bullet point there. #+END_COMMENT -**** READY All About the Experience :B_fullframe: +**** REHEARSED All About the Experience :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :DURATION: 00:00:05 @@ -2487,11 +2410,11 @@ Look at that last bullet point there. #+BEGIN_COMMENT More relevant customer experience. You hear that a lot from advertisers, - especially to justify. + especially for justification. #+END_COMMENT -**** READY Target Pregnancy Prediction +**** REHEARSED Target Pregnancy Prediction :PROPERTIES: :DURATION: 00:00:25 :END: @@ -2501,13 +2424,13 @@ You hear that a lot from advertisers, [[./images/tp/target-logo.png]] #+END_CENTER -- <1-> Records purchases, credit cards, coupons, surveys, refunds, customer - helpline calls, email, website visits, \ldots\cite{networks-of-control} -- <1-> Purchase more information from third parties\cite{networks-of-control} -- <2-> Identified 25 products to create a ``pregnancy prediction'' score and - estimate due date\cite{nyt:learn-secrets} - - <2-> Quantities of types of lotions, soaps, cotton balls, - supplements,\nbsp{}etc +- Records purchases, credit cards, coupons, surveys, refunds, customer + helpline calls, email, website visits, \ldots\cite{networks-of-control} +- Purchase more information from third parties\cite{networks-of-control} +- Identified 25 products to create a ``pregnancy prediction'' score and + estimate due date\cite{nyt:learn-secrets} + - Quantities of types of lotions, soaps, cotton balls, + supplements,\nbsp{}etc #+BEGIN_COMMENT One of the most popular examples of these types of analytics is a case where @@ -2522,7 +2445,7 @@ It's lucrative. #+END_COMMENT -**** READY Transparency Needed +**** REHEARSED Transparency Needed :PROPERTIES: :DURATION: 00:00:40 :END: @@ -2545,8 +2468,8 @@ It's lucrative. - *Let users see their data in this graph!* - Erase nonpublic information that they don't want to be known - Let them correct what is wrong - - <3> Also a problem with law enforcement / government -- <2-> Let them *opt out!* + - Also a problem with law enforcement / government +- Let them *opt out!* #+BEGIN_COMMENT Look, at the end of the day, @@ -2571,8 +2494,8 @@ Let's look at that graph on the left a little more closely. #+END_COMMENT -*** READY These Data Affect Your Life! -**** READY Trustev Fraud Detection +*** REHEARSED These Data Affect Your Life! +**** REHEARSED Trustev Fraud Detection :PROPERTIES: :DURATION: 00:00:25 :END: @@ -2597,7 +2520,7 @@ Or...denied employment? #+END_COMMENT -**** READY LexisNexis +**** REHEARSED LexisNexis :PROPERTIES: :DURATION: 00:00:45 :END: @@ -2623,7 +2546,8 @@ There's a ton of these companies; LexisNexis is another popular one. And it's fun to say. -They handle risk management for various industries. +They handle risk management for various industries, + including government. And they pull from a pool of data of over 500 million customers. @@ -2634,9 +2558,9 @@ To give you an idea of their scale: They aggregate tens of billions of records from over ten thousand sources. #+END_COMMENT -**** READY Palantir +**** REHEARSED Palantir :PROPERTIES: -:DURATION: 00:00:25 +:DURATION: 00:00:20 :END: #+BEGIN_CENTER @@ -2644,7 +2568,7 @@ To give you an idea of their scale: [[./images/tp/palantir.png]] #+END_CENTER -- Co-founded by Peter Thiel of PayPal +- Started by Peter Thiel of PayPal - CIA, DHS, NSA, FBI, the CDC, the Marine Corps, the Air Force, Special Operations Command, West Point, the Joint IED-defeat organization and Allies, the Recovery Accountability and Transparency Board and the @@ -2656,17 +2580,16 @@ It was started by one of the co-founders of PayPal, Peter Thiel, for terrorism intelligence. It's now used for its powerful analytic capabilities by not only private corporations, - but numerous government agencies, - a few of them being the CIA, DHS, FBI, and the NSA itself. + but numerous three-letter government agencies. Yeah. What if these data are wrong? #+END_COMMENT -*** READY More Information +*** REHEARSED More Information -**** READY Networks of Control :B_fullframe: +**** REHEARSED Networks of Control :B_fullframe: :PROPERTIES: :DURATION: 00:00:15 :BEAMER_env: fullframe @@ -2690,7 +2613,7 @@ I've only had the chance to skim the paper. Both are referenced here. #+END_COMMENT -** LACKING Policy and Government [0/6] +** LACKING Policy and Action [0/6] *** DRAFT Introduction [0/1] :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading @@ -2701,469 +2624,56 @@ Both are referenced here. :BEAMER_env: fullframe :END: -- <1-> Governments have a duty to protect their people -- <2-> Governments have a duty to protect citizens' rights - -#+BEGIN_LATEX -\vspace{2ex} -\only<3>{ - \begin{center} - These duties are often at odds - \end{center} -} -#+END_LATEX - -#+BEGIN_COMMENT -Where to begin. - -Governments have a duty to protect their people. -But they also have a duty to know their bounds; - to protect citizens' rights and privacy. - -We know how that story goes. -#+END_COMMENT - - -*** LACKING Surveillance [0/7] -**** DRAFT History of NSA Surveillance -:PROPERTIES: -:DURATION: 00:02 -:END: - -- <1-> EFF has been fighting NSA domestic spying - since 2005\cite{eff:nsa:timeline,mtg:uproar} -- <1-> AT&T technician Mark Klein -- <1-> Dragnet surveillance; NSA-controlled ``SG3 Secure Room'' -- <2-> Hepting v. AT&T (2006) - - <2-> Government and AT&T retroactive immunity through FAA (2008) -- <2-> Jewel v. NSA (2008) - - <2-> Summary of Voluminous Evidence - -#+BEGIN_COMMENT -When we think of the term ``surveillance'', - the NSA usually comes to mind. - -The Electronic Frontier Foundation has been fighting the NSA - in court since 2006. -In 2005, a former AT&T technician Mark Klein provided ``undisputed - evidence'' about an NSA-controlled room at AT&T named ``SG-3'', through - which all traffic passed. - -The EFF filed Hepting v. AT&T in 2006. -But in 2008, both the government and AT&T were awarded retroactive immunity - through the FISA Amendments Act. -The case was dismissed in 2009, along with dozens of other lawsuits. - -In response, - the EFF filed Jewel v. NSA. -The case also benefitted from three additional whistleblowers. -#+END_COMMENT - - -**** DRAFT PRISM -- 6 June 2013---Guardian leaks slideshow describing PRISM - -- All companies denied involvement - -#+BEGIN_COMMENT -But it didn't end there! -Well, obviously, we know that now. - -One day later, - the Guardian releases a leaked slideshow that describes PRISM. - -All companies eventually denied involvement in this program. -#+END_COMMENT - - -**** DRAFT Snowden -:PROPERTIES: -:DURATION: 00:01 -:END: - -- 9 June 2013---The Guardian reveals Edward Snowden as the whistleblower - -- Smear campaign - - -#+BEGIN_COMMENT -These were serious leaks. -They still are. -And three days later---to our surprise---the source of the leaks was - revealed. - -And the world came to know Edward Snowden through a huge smear campaign. -They pointed out that his girlfriend was a pole dancer. -They tried to discredit his role at the agency. -They tried to paint him as this social loner, and downplay his skills. - -Fortunately, that conversation didn't last long, and did not succeed. -I'm not sure how many of you were here last year, - but Snowden gave the opening keynote to LP2016. -He received a minute-long standing ovation. -The energy in that room was incredible. -#+END_COMMENT - - -**** DEVOID Tools -:PROPERTIES: -:DURATION: 00:02 -:END: - -TODO - -#+BEGIN_COMMENT -- XKeyscore and others -- Exploits -- Hardware -- Intercepting shipments -- Etc. -#+END_COMMENT - - -*** LACKING Crypto Wars [0/6] -**** DRAFT Introduction :B_fullframe: -:PROPERTIES: -:DURATION: 00:00 -:BEAMER_env: fullframe -:END: - #+BEGIN_CENTER -\Huge History repeats itself +\Huge We're feeding into all of this! #+END_CENTER -#+BEGIN_COMMENT -All of that happened behind our backs. -But there is also a war being waged in public. -As if we haven't learned from the past. -The Crypto wars. -#+END_COMMENT +*** DRAFT SaaSS +**** Software as a Service Substitute (SaaSS) + +- Disturbing trend to replace traditional software with services +- Do not own your own data /or/ computations +- Companies balance privacy on their balance sheets + - Countless data breaches -**** DRAFT Export-Grade Crypto -:PROPERTIES: -:DURATION: 00:01:30 -:END: +*** DRAFT Centralization +**** Decentralize! -- <1-> Cryptography classified as munitions (Arms Export Control Act; ITAR) -- <1-> ``Export-grade'' cryptography -- <2-> Lotus Notes - - <2-> 40-bit export-grade symmetric key - - <3-> Agreement with NSA: 64-bit export, but 24 of those bits a "workload - reduction factor" for the NSA -- <4-> Phil Zimmerman: PGP (\geq 128 bits) - - <4-> Formal investigation by US government in 1993 - - <4-> Published source code in a book, which could be OCR'd -- <5-> Still suffer long-term effects today - (downgrade attacks, e.g. POODLE)\cite{poodle:paper} - -#+BEGIN_COMMENT -Back in the 1990s, - cryptography was classified as munitions. - -If you wanted to export it to other countries, - you essentially had to make it crackable by the NSA. - -Lotus Notes is often used as an example of the negative effects of such - regulation. -Interestingly, it was actually the first widely used software to use - public-key cryptography. -Due to export restrictions, - the maximum symmetric key size they could support was 40 bits. -This was easily crackable by the NSA, - but also feasible for other adversaries. -They compromised with the NSA: - 64-bit keys, but 24 of those bits would be encrypted specially for the NSA - as a "workload reduction factor". -So you had protection against most adversaries, - but not the US government. - -Then we have Phil Zimmerman, author of PGP. -He didn't consult the NSA. -Instead, he published the source code for PGP in a book with MIT Press, - and widely distributed it. -If someone wanted to use PGP, - they could unbind the book, OCR the pages, and compile it with GCC. -The US government opened a formal investigation into the case in 1993; - the charges were dropped years later. - -We are still observing the fallout from export-grade crypto today. -They are called "downgrade attacks", - where a program such as a browser is tricked into using a weaker - cipher or keysize, - allowing an attacker to MitM the connection. -POODLE is an example of this. -#+END_COMMENT +- Host what you can (GNU Social, NextCloud, \ldots) +- Damnit, Moxie (Signal)---use XMPP, OMEMO -**** DRAFT Bernstein v. United States -:PROPERTIES: -:DURATION: 00:01 -:END: -- <1-> 1995: Bernstein v. US Department of Justice\cite{eff:bernstein:doj} - - <1-> Argued that restrictions violated First Amendment - - <2-> **Code Is Speech** -- <1-> 1996: Bill Clinton Executive Order 13026 transferred to Commerce - Control List\cite{fedr:export-controls} -- <1-> Department of Commerce relaxed rules in 2000\cite{doc:rev-export-reg} - -#+BEGIN_COMMENT -In order to publish information on encryption algorithms and the like, - you had to get permission from the government. - -In 1995, Daniel Bernstein---then a graduate student---wanted to publish the - source code and mathematical papers for his encryption algorithm - /Snuffle/. -Like Zimmerman, - Bernstein thought export restrictions to be a violation of his First - Amendment rights. -But instead of blatant defiance, - he decided to sue the US government. -He was represented by the EFF. -The Ninth Circuit Court of Appeals ruled in his favor. - -The following year, President Bill Clinton signed an executive order that - removed encryption from the munitions list, - and in 2000 the Department of Commerce relaxed export restrictions. - -You might have heard the term "code is speech". -Bernstein v. United States case had wide-reaching consequences, - not just for cryptography. -Source code is protected under the First Amendment. - -(See also Junger v. Daley.) -#+END_COMMENT - - -**** DRAFT The First Crypto Wars -:PROPERTIES: -:DURATION: 00:01 -:END: - -- <1-> These incidents part of the first Crypto Wars\cite{w:crypto-wars} -- <2-> DES Originally 64-bit key; NSA wanted 48 bits; compromised at 56. -- <2-> Two version of the browser: 128-bit "U.S. edition" and effective - 40-bit "international". -- <3-> **Clipper Chip** was a hardware backdoor that employed a key escrow - system - - <3-> Complete failure - - <3-> Terribly insecure (property of key escrow in general) - - <3-> Opposite effect: spurred development of Nautilus and PGPfone - -#+BEGIN_COMMENT -These incidents are classified into a period of time informally described as - the "Crypo Wars". - -There's a couple other good examples that I don't have time to get into: - The DES encryption algorithm, for example, was originally 64-bit; - the NSA wanted 48-bit, but compromised with 56. - Netscape had /two versions of their browser/: one with 128-bit SSL and the - other with 88 of those bits exposed to meet export regulations. -This sounds insane today---because it is. - -But there's even more insanity. - -The Clipper Chip! -It was the US government's attempt to backdoor communications with hardware. -It used a key escrow system, - and the algorithm they devised---called Skipjack---was classified, - and so could not be reviewed by crypto experts at the time. -Backlash was large. -It failed miserably. -Later cryptanalysis yielded scathing flaws, - as is generally the case with key escrow cryptosystems. -It even had the opposite effect: - it spurred the development of encrypted communication programs like - Nautilus and PGPfone (the latter being proprietary). - -So, - why did I go into so much history in a talk meant to deal with today's - privacy and security threats? -#+END_COMMENT - - -**** DRAFT Re-repeats Itself :B_fullframe: -:PROPERTIES: -:DURATION: 00:00 -:BEAMER_env: fullframe -:END: - -#+BEGIN_CENTER -\Huge History repeats itself -#+END_CENTER - -#+BEGIN_COMMENT -Because history repeats itself. - -Today's attempted legal/policy assault on privacy and security are enormous. -We've already covered some. -I don't have time to cover more than a small fraction of them. -#+END_COMMENT - - -**** DRAFT Modern Crypto Wars :B_fullframe: +*** DRAFT People Don't Care +**** ``I Have Nothing To Hide'' :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :END: #+BEGIN_CENTER -\Huge ``Going Dark'' +\Huge ``I Have Nothing To Hide'' #+END_CENTER - #+BEGIN_COMMENT -But the big phrase you hear today is "going dark". -Government agencies are fearful of broadening use of encryption - because they can't read many of those communications. +People don't care about privacy! #+END_COMMENT -**** DEVOID ``Going Dark'' - -#+BEGIN_COMMENT -Apple v. FBI -VEP -#+END_COMMENT - - -*** LACKING Espionage [0/1] -**** DEVOID US Can't Keep Its Own Secrets -:PROPERTIES: -:DURATION: 00:01 -:END: - -TODO - -#+BEGIN_COMMENT -- Office of Personnel Management -- DNC -- VEP -#+END_COMMENT - - -*** LACKING Subpoenas, Warrants, NSLs [0/1] -**** DEVOID National Security Letters -:PROPERTIES: -:DURATION: 00:01 -:END: - -TODO - -#+BEGIN_COMMENT -- Gag orders -- Prior restraint -- Canaries -#+END_COMMENT - - -*** LACKING Law [0/1] -**** DEVOID Summary :B_fullframe: -:PROPERTIES: -:DURATION: 00:01 -:BEAMER_env: fullframe -:END: - -TODO - -#+BEGIN_COMMENT -- DMCA - - Risks to security researchers - - Draconian -- CFAA -#+END_COMMENT - - -** LACKING Your Fight [0/1] -*** LACKING Headings [0/6] -**** DRAFT Feeding :B_fullframe: -:PROPERTIES: -:DURATION: 00:00 -:BEAMER_env: fullframe -:END: - +**** Complacency #+BEGIN_CENTER -We're feeding into all of this! +\Huge Complacency in the Status Quo #+END_CENTER -**** DEVOID SaaSS and Centralization -:PROPERTIES: -:DURATION: 00:01 -:END: - -TODO - -#+BEGIN_COMMENT -- Be sure to mention Cloudbleed and S3 -- Who has access to your data? -- The "Cloud" -#+END_COMMENT - - -**** LACKING Corporate Negligence -:PROPERTIES: -:DURATION: 00:01 -:END: - -- Companies balance security and privacy on their balance sheets - - -#+BEGIN_COMMENT -Companies don't care. -They'll balance _costs_ of failure to comply with regulation. -Is it cheaper just to pay up in the event of a data breach? - -Governments try, sort of. -They need to catch up with the times. -<> - -<> - -(Tie into SaaSS) -#+END_COMMENT - - -**** DRAFT Status Quo -:PROPERTIES: -:DURATION: 00:02 -:END: - -- Do people care more about privacy and security since the Snowden leaks? - - (Cite) -- ``I have nothing to hide'' -- ``Report anything suspicious'' -- Chilling effects - - -#+BEGIN_COMMENT -You would think after the Snowden revelations that people would be more - privacy-centric. - -Some are. -Many aren't. -There is complacency with the status quo. -Everything is so _convenient_. - -"I have nothing to hide." -A common argument. -One that can be notoriously hard to address. - -"Report anything suspicious." -(Example of mathematician on plane.) - -These all have chilling effects, conscious or not. -<> -#+END_COMMENT - - +*** DRAFT Your Fight **** DRAFT Status Quo Cannot Hold :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :END: #+BEGIN_CENTER -**The status quo cannot hold.** +\Huge *The status quo cannot hold.* #+END_CENTER #+BEGIN_COMMENT @@ -3181,8 +2691,8 @@ That even people who aren't that privacy- or security-conscious recognize :END: #+BEGIn_CENTER -#+BEAMER: \only<1>{We need to push back} -#+BEAMER: \only<2>{\emph{You} need to push back} +#+BEAMER: \only<1>{\Huge We need to push back} +#+BEAMER: \only<2>{\Huge \emph{You} need to push back} #+END_CENTER #+BEGIN_COMMENT