mikegerwitz
/
sapsf
1
0
Fork 0
Code Releases Activity

slides.org (Stationary): Initial review state 

sapsf.bib: Crapton of resources.
notes.org: Minor checklist changes.
master
Mike Gerwitz 2017-03-14 01:37:21 -04:00
parent f12db70e69
commit e9cb238e6e
2 changed files with 304 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
sapsf.bib
View File

@ -55,7 +55,7 @@
}
@online{w:crypto-wars,
author = {Wikipedia},
organization = {Wikipedia},
title = {Crypto Wars},
url = {https://en.wikipedia.org/wiki/Crypto_wars},
urldate = {2017-03-10},
@ -128,14 +128,14 @@
}
@online{w:wps,
author = {Wikipedia},
organization = {Wikipedia},
title = {Wi-Fi positioning system},
url = {https://en.wikipedia.org/wiki/Wi-Fi_positioning_system},
urldate = {2017-03-11},
}
@online{w:trilateration,
author = {Wikipedia},
organization = {Wikipedia},
title = {Trilateration},
url = {https://en.wikipedia.org/wiki/Trilateration},
urldate = {2017-03-11},
@ -460,5 +460,127 @@
title = {Public Security Privacy Guidelines},
url = {http://www.nyc.gov/html/nypd/downloads/pdf/crime_prevention/public_security_privacy_guidelines.pdf},
urldate = {2017-03-13},
annotation = {Information about the NYPD's Domain Awareness System.}
annotation = {Information about the NYPD's Domain Awareness System.},
}
@book{rosen:naked,
author = {Rosen, Jeffrey},
title = {The Naked Crowd: Reclaiming Security and Freedom In An Anxious
Age},
publisher = {Random House},
isbn = {978-0375508004},
date = 2004,
indextitle = {Naked Crowd: Reclaiming Security and Freedom In An Anxious
Age, The},
}
@article{solove:nothing-to-hide,
author = {Solove, Daniel J.},
title = {``I've got nothing to hide'' and Other Misunderstandings
of Privacy},
journaltitle = {San Diego Law Review},
volume = 44,
pages = {745--772},
date = {2007},
url = {https://ssrn.com/abstract=998565},
urldate = {2017-03-13},
annotation = {GWU Law School Public Law Research Paper No. 289},
},
@online{metro:goebbels,
author = {Nagesh, Ashitha},
title = {A Tory MP might have quoted Goebbels in defence of the
governments surveillance bill},
organization = {Metro.co.uk},
url = {http://metro.co.uk/2015/11/05/a-tory-mp-might-have-quoted-goebbels-in-defence-of-the-governments-surveillance-bill-5481457/},
urldate = {2017-03-13},
annotation = {It's never good to be accused of quoting the Nazi propaganda
minister},
}
@online{eff:alpr,
title = {Automated License Plate Readers},
organization = {Electronic Frontier Foundation},
url = {https://www.eff.org/sls/tech/automated-license-plate-readers},
urldate = {2017-03-13},
}
@online{aclu:tracked,
title = {You Are Being Tracked},
subtitle = {How License Plate Readers Are Being Used To Record Americans'
Movements},
url = {https://www.aclu.org/sites/default/files/field_document/071613-aclu-alprreport-opt-v05.pdf},
urldate = {2017-03-13},
}
@online{eff:golden-gate-toll,
title = {The Golden Gate Bridge Is Watching You},
author = {Schoen, Seth},
organization = {Electronic Frontier Foundation},
date = {2013-03-28},
url = {https://www.eff.org/deeplinks/2013/03/golden-gate-bridge-watching-you},
urldate = {2017-03-13},
}
@online{goldengate:anon,
title = {I Want To Remain Anonymous},
organization = {Golden Gate Bridge, Highway and Transportation District},
url = {http://goldengate.org/tolls/iwanttoremainanonymous.php},
urldate = {2017-03-13},
}
@online{baynews:fastack-data,
author = {Simerman, John},
title = {Lawyers dig into FasTrak data},
organization = {Bay Area News Group},
date = {2007-06-05},
url = {http://www.eastbaytimes.com/2007/06/05/lawyers-dig-into-fastrak-data/},
urldate = {2017-03-13},
annotation = {FasTrack data are used in civil disputes like divorce cases.},
}
@online{blackhat:toll-systems,
author = {Lawson, Nate},
title = {Highway To Hell: Hacking Toll Systems},
date = {2008-08-06},
location = {BlackHat USA},
url = {http://www.root.org/talks/BH2008_HackingTollSystems.pdf},
urldate = {2017-03-13},
}
@online{w:ezpass,
organization = {Wikipedia},
title = {E-ZPass},
url = {https://en.wikipedia.org/wiki/E-ZPass},
urldate = {2017-03-13},
}
@online{register:rfid-clone,
author = {Goodin, Dan},
title = {Passport RFIDs cloned wholesale by \$250 eBay auction spree\$},
subtitle = {Video shows you how},
organization = {The Register},
url = {https://web.archive.org/web/20170127114339/http://www.theregister.co.uk/2009/02/02/low_cost_rfid_cloner/},
urldate = {2017-03-13},
annotation = {Archive.org link used because The~Register blocks
Tor~users unless they execute proprietary JavaScript.},
}
@online{w:us-v-jones,
organization = {Wikipedia},
title = {United States v. Jones},
url = {https://en.wikipedia.org/wiki/United_States_v._Antoine_Jones},
urldate = {2017-03-13},
annotation = {United States Supreme Court ruling that GPS~tracking
constitutes a~search under the Fourth~Amendment.}
}
@online{darius:alpr-telnet,
author = {Freamon, Darius},
title = {{PIPS} Technology {AUTOPLATE} Automatic License Plate Recognition
{(ALPR)} Multiple Vulnerabilities},
url = {https://dariusfreamon.wordpress.com/2014/02/19/pips-technology-autoplate-automatic-license-plate-recognition-alpr-multiple-vulnerabilities/},
urldate = {2017-03-14},
annotation = {Telnet right into certain ALPRs.}
}

294
slides.org
View File

@ -39,8 +39,6 @@ tracked.
Maybe a gentle introduction that gets increasingly more alarming and
invasive topic-wise.
GOAL: Captivate; Startle
#+END_COMMENT
@ -96,11 +94,11 @@ Since time isn't on my side here,
I'm going to present a broad overview of the most pressing concerns of
today.
Every slide has numeric citations,
which are associated with references in the final slides.
which are associated with references on the final slides.
I won't be showing them here---you can get them online.
My goal is to present you with enough information that you know that these
things /exist/,
and you know where to find more information about them.
and you know where to find more information about them.
Those unknown unknowns.
So: let's start with the obvious.
@ -465,7 +463,7 @@ So even with Replicant,
** LACKING Stationary [0/5]
** REVIEWED Stationary [0/6]
*** REVIEWED Introduction [0/1] :B_ignoreheading:
:PROPERTIES:
:BEAMER_env: ignoreheading
@ -476,9 +474,10 @@ So even with Replicant,
:BEAMER_env: fullframe
:END:
#+BEGIN_CENTER
Certain types of tracking are unavoidable.
#+END_CENTER
#+BEGIN_QUOTE
``If you've got nothing to hide, you've got nothing to
fear.''\cite{rosen:naked,solove:nothing-to-hide,metro:goebbels}
#+END_QUOTE
#+BEGIN_COMMENT
So let's say you have evaded that type of tracking.
@ -486,6 +485,8 @@ Maybe you don't carry a phone.
Or maybe you've mitigated those threats in some way.
There's certain things that are nearly impossible to avoid.
This quote. We'll get back to it.
#+END_COMMENT
*** REVIEWED Surveillance Cameras [0/6]
@ -494,6 +495,7 @@ There's certain things that are nearly impossible to avoid.
:DURATION: 00:00:10
:END:
- Certain types of tracking are unavoidable
- Security cameras are everywhere
\cite{intercept:nyc-surveil,cbs:sf-smile,fast:das}
- Businesses
@ -508,7 +510,7 @@ They could be security cameras for private businesses.
Traffic cameras.
Cameras on streets to deter crime.
#+END_COMMENT
**** REVIEWED Private Cameras in Plain View; Tinerloin, SF
:PROPERTIES:
:DURATION: 00:00:30
@ -533,7 +535,7 @@ Obviously your city or town might be different.
Could be worse, even.
And again, these are just the ones that the DA's office found in
/plain view/!
According to them,
people who live in this neighborhood could be on camera dozens of times in
a single day.
@ -558,12 +560,12 @@ Alright, so a bunch of private entities have you on camera;
Well one of the most obvious threats,
should it pertain to you,
is a warrant or subpoena.
Most of us aren't going to have to worry about a crime.
Data can be compromised.
And it isn't possible for you to audit it;
you have no idea who has you on camera.
This creates a chilling effect.
You're going to act differently in public knowing that someone might be
watching,
@ -590,7 +592,7 @@ The best form of privacy is to avoid having the data be collected to begin
#+BEGIN_CENTER
#+BEGIN_LATEX
\only<1>{What if all those cameras---including private---were connected?}
\only<2>{NYPD---Domain Awareness System}\cite{nyc:pspg}
\only<2>{NYPD---Domain Awareness System\incite{nyc:pspg}}
\only<3>{
#+END_LATEX
#+BEGIN_QUOTE
@ -639,7 +641,7 @@ It's mammoth.
It's pretty amazing---it's like science fiction.
But I care about privacy,
so instead I'm going to use adjectives like ``Orwellian''.
It contains over six thousand security cameras,
over two-thirds of which are private closed-circuit cameras.
It includes license plate readers that record everyone going into Lower
@ -667,27 +669,115 @@ In fact,
#+END_COMMENT
**** DEVOID Automated License Plate Readers (ALPRs)
*** REVIEWED Driver Surveillance
**** REVIEWED Automated License Plate Readers (ALPRs)
:PROPERTIES:
:DURATION: 00:00
:DURATION: 00:00:30
:END:
#+BEGIN_CENTER
#+BEAMER: \only<1>{
#+ATTR_LATEX: :height 1.5in
[[./images/alpr-mounted.png]]\incite{eff:alpr}
#+BEAMER: }
#+BEAMER: \only<2>{
#+ATTR_LATEX: :height 1.5in
[[./images/alpr-capture.png]]\incite{eff:alpr}
#+BEAMER: }
#+END_CENTER
- Scan passing cars' license plates\cite{aclu:tracked,eff:alpr}
- Produce alphanumeric representation with timestamp and photograph
#+BEGIN_COMMENT
So before we leave the topic of government surveillance for a little bit,
I want to talk about automated license plate readers.
I want to talk about a couple issues related to driver surveillance.
These things are a widespread, nasty threat to privacy,
and they don't need a sophisticated Domain Awareness System to deploy.
The first are ALPRs.
ALPRs are mounted on police cars and objects like light poles.
They scan passing cars' license plates,
convert them to alphanumeric data,
record the time and date,
and possibly an image of the vehcile.
Here's a screenshot of the interface of one;
we'll get into how exactly we got that in a bit.
The ACLU has an excellent report on it,
and the EFF has a campaign against it;
see those two resources for more info.
#+END_COMMENT
*** DRAFT Internet of Things [0/4]
**** REVIEWED Automatic Toll Readers
:PROPERTIES:
:DURATION: 00:00:30
:END:
- <1-> Electronic toll booth using RFIDs or ALPRs\cite{eff:golden-gate-toll}
- <1-> In the North-East we have E-ZPass (RFID)\cite{w:ezpass}
- <1-> Golden Gate Bridge requires FasTrack or plate-based
- <2-> /But/ they provide an option for an anonymous FasTrack account
using cash\cite{goldengate:anon}
- <2-> (Granted, you're still captured by an ALPR)
- <3-> Routinely used by law enforcement\cite{baynews:fastack-data}
- <4-> They're not very secure,
either\cite{blackhat:toll-systems,register:rfid-clone}
#+BEGIN_COMMENT
The other is automatic toll readers.
Electronic toll booths are replacing traditional cash-based tolls.
Some places require it,
like the Golden Gate Bridge.
I was unsettled when I heard my county discussing it.
One option is windshield-mounted RFIDs.
In the North-East, we have E-ZPass.
For the Golden Gate Bridge, FasTrack.
We've already seen that law enforcement uses these data,
but in the case of FasTrack,
data are even used in civil suits like divorces.
And they have their security issues;
many can be easily cloned, for example.
#+END_COMMENT
**** REVIEWED Akin To GPS Tracking
:PROPERTIES:
:DURATION: 00:00:30
:END:
- /United States v. Jones/: GPS tracking constitutes search under
Fourth\nbsp{}Amendment\cite{w:us-v-jones}
- How is pervasive surveillance different if it achieves essentially the
same result?
#+BEGIN_COMMENT
In the US Supreme Court case United States v. Jones, the judges unanimously
ruled that GPS tracking of a vehicle constitutes a search under the
Fourth Amendment.
Many wonder how tracking as I just described is any different.
If you have ALPRs and other surveillance systems throughout the same area
within which a warrant for GPS tracking can be executed,
you would get similar results.
With much less risk, too---no secret device that may be discovered.
That's for a court to eventually decide.
But it's a useful comparison against precedent.
#+END_COMMENT
*** REVIEWED Internet of Things [0/7]
**** REVIEWED Internet-Connected Cameras
:PROPERTIES:
:DURATION: 00:00:45
:END:
#+BEGIN_CENTER
#+BEAMER: \only<1>{Cameras used to be ``closed-circuit''}
#+BEAMER: \only<1>{Cameras used to be only physically accessible}
#+BEAMER: \only<2>{Today\ldots not always so much}
#+END_CENTER
@ -732,26 +822,26 @@ Maybe that wouldn't be a problem if NAT configuration weren't subverted by
UPnP.
Or maybe it wouldn't be a problem if these devices even gave a moment of
thought to security.
It also indexes other interesting things.
For example,
it was used to find unsecured MongoDB instances so that the attackers
could hold data for ransom.
Secure your databases.
So people can find your stuff.
If an attacker knows that some device is vulnerable,
Shodan can be used to search for that device.
At the time I was writing this,
the top voted search under "Explore" was "Webcam".
Followed by "Cams", "Netcam", and "default password".
#+END_COMMENT
**** DRAFT Who's Watching?
**** REVIEWED Who's Watching?
:PROPERTIES:
:DURATION: 00:00:30
:DURATION: 00:00:15
:END:
- Insecam is a directory of Internet-connected surveillance
@ -763,16 +853,17 @@ But Shodan isn't the only thing out there.
Anyone heard of Insecam?
It's a site that aggregates live video feeds of unsecured IP cameras.
Your browser connects directly to the cameras---
literally, they are wide open;
nothing fancy is going on here.
I can tell you personally that you feel like a scumbag looking at the site.
There's fascinating things on there.
And sobering ones.
And creepy ones.
#+END_COMMENT
**** DRAFT Insecam Example 1 :B_fullframe:
**** REVIEWED Insecam Example 1 :B_fullframe:
:PROPERTIES:
:BEAMER_env: fullframe
:DURATION: 00:00:30
:END:
#+BEGIN_CENTER
@ -798,47 +889,93 @@ We have surveillance rooms where people watch their surveillance system!
Also doesn't help that they are watching the TV on the wall too.
There's many public swimming pools.
Elevator are awkward enough to begin with.
Elevators are awkward enough to begin with.
How about someone watching you in such a vulnerable space?
A photolithography lab.
We have a photolithography lab in my home city.
I have no idea which one, or where exactly.
These are creepy.
Somewhat cool, even.
Let's get a little more personal.
#+END_COMMENT
**** DRAFT Example 2 :B_fullframe:
**** REVIEWED Example 2 :B_fullframe:
:PROPERTIES:
:BEAMER_env: fullframe
:DURATION: 00:01
:END:
#+BEGIN_CENTER
#+ATTR_LATEX: :height 1in
[[./images/insecam-02.png]]
#+LATEX: \hspace{0.1in}
#+ATTR_LATEX: :height 1in
[[./images/insecam-04.png]]
#+LATEX: \only<2>{
#+ATTR_LATEX: :height 1in
[[./images/insecam-04.png]]
#+LATEX: }
#+END_CENTER
#+BEGIN_COMMENT
If you thought those were personal.
Inside hospital rooms.
This patient has an ice pack strapped to the side of her face.
How about inside hospital rooms?
This patient has an ice pack strapped to the side of her face.
I'm pretty sure this feed was outside of the United States;
I can't imagine that this type of thing would make it past HIPAA audits.
I hope.
I couldn't find the feed again to try to figure out what hospital it might
be to notify them.
How about inside someone's home?
This looks to be a bedroom.
There is a family photo on the wall that's in view.
There is a family photo on the wall.
Oh yeah.
I saw someone at the dentist getting a teeth cleaning.
I didn't copy that photo at the time.
I didn't copy that photo at the time,
and I can't find it now, fortunately.
This is an excellent example to demonstrate to others why this is such a big
deal.
This should make anyone feel uncomfortable.
Especially those home cameras.
I wish I knew whose camera that was,
so that they could be notified.
These people are unaware.
And these manufactuers set them up for this.
Even if you can't find a camera on this site,
Shodan might have indexed it
just connect.
#+END_COMMENT
**** REVIEWED ALPRs Wide Open
:PROPERTIES:
:DURATION: 00:00:15
:END:
#+BEGIN_CENTER
#+ATTR_LATEX: :height 1.5in
[[./images/alpr-pips.png]]\incite{eff:alpr}
#+END_CENTER
- John Matherly (Shodon author) noticed many web-accessible PIPS
control panels
- Other researcher found some accessible via telnet\cite{darius:alpr-telnet}
#+BEGIN_COMMENT
Speaking of just connecting.
Those ALPRs we just talked about.
Turns out that they have web interfaces.
John Matherly, the author of Shodon, found a number of control panels for
PIPS ALPRs.
Another researcher found telnet access on some.
In both cases,
license plate data could be extracted,
and the system could be reconfigured.
#+END_COMMENT
@ -878,7 +1015,7 @@ You can also be identified by your gait.
No gait?
Facebook famously got even creepier by saying it could recognize people by
their dress, posture, and hair, without seeing their face.
Your fingerprints and iris data can even be extracted from high-resolution
photos;
a cracker used such a method to defeat Apple's TouchID by making a mould.
@ -922,81 +1059,6 @@ If I'm off in the background when you take a picture of your friends in the
#+END_COMMENT
*** RAW Driving [0/3]
**** DRAFT Introduction :B_fullframe:
:PROPERTIES:
:DURATION: 00:00:30
:BEAMER_env: fullframe
:END:
#+BEGIN_CENTER
Do you drive a vehicle?
#+END_CENTER
#+BEGIN_COMMENT
Okay.
So you have no phone.
You sneak around public areas like a ninja.
You don't show up in photos like a vampire.
And you have no friends.
So how else can I physically track you in your travels here?
Well if you flew here,
then your location is obviously known.
That's not even worth discussing.
But what about if you drove?
#+END_COMMENT
**** LACKING ALPRs
:PROPERTIES:
:DURATION: 00:01
:END:
- Automated License Plate Readers (ALPRs)
#+BEGIN_COMMENT
ALPRs possibly tracked your movements.
Automated License Plate Readers.
<...>
Maybe you try to evade them with special license plate covers.
If need be, one could just track you by other unique features of your
vehicle.
And those might not just be law enforcement.
Security issues extend to this too!
<Mention EFF's project>
You could rent a car.
But the rental place probably took your name, license, and other
information.
You could take a cab and pay with cash.
But that can get expensive.
And they might have cameras and such anyway.
#+END_COMMENT
**** LACKING Car Itself
:PROPERTIES:
:DURATION: 00:00:30
:END:
- Your vehicle itself might be a spy
#+BEGIN_COMMENT
Maybe your car itself is a tracking device (e.g. OnStar).
(Move into Mobile?)
<...>
#+END_COMMENT
** LACKING The Web [0/6]
*** DRAFT Introduction [0/1] :B_ignoreheading:
:PROPERTIES: