#+startup: beamer #+TITLE: The Surreptitious Assault on Privacy, Security, and Freedom #+AUTHOR: Mike Gerwitz #+EMAIL: mtg@gnu.org #+DATE: 26 March, LibrePlanet 2017 #+OPTIONS: H:3 num:nil toc:nil p:nil todo:nil stat:nil #+LaTeX_CLASS: beamer #+LaTeX_CLASS_OPTIONS: [presentation] #+BEAMER_THEME: Warsaw #+BEAMER_HEADER: \beamertemplatenavigationsymbolsempty #+BIBLIOGRAPHY: sapsf plain #+TODO: RAW(r) DEVOID(v) LACKING(l) DRAFT(d) REVIEWED(R) | READY(+) REHEARSED(D) #+COLUMNS: %40ITEM %10DURATION{:} %TODO %BEAMER_ENV(ENVIRONMENT) #+BEGIN: columnview :hlines 3 :id global | ITEM | DURATION | TODO | ENVIRONMENT | |-----------------------------------------------+----------+---------+---------------| | * Slides | 0:44 | LACKING | | |-----------------------------------------------+----------+---------+---------------| | ** Introduction / Opening | 00:00:30 | DRAFT | fullframe | |-----------------------------------------------+----------+---------+---------------| | ** Mobile [0/5] | 0:04 | LACKING | | |-----------------------------------------------+----------+---------+---------------| | *** Introduction | 0:00 | DRAFT | ignoreheading | | **** Introduction | 00:00:30 | DRAFT | fullframe | |-----------------------------------------------+----------+---------+---------------| | *** Cell Towers [0/2] | 00:01 | LACKING | | | **** Fundamentally Needed | | DRAFT | | | **** Cell-Site Simulators | | LACKING | | |-----------------------------------------------+----------+---------+---------------| | *** Wifi [0/3] | 00:01 | LACKING | | | **** Wifi | | DRAFT | | | **** Ubiquitous Access Points | | DEVOID | | | **** Mitigations | | DRAFT | | |-----------------------------------------------+----------+---------+---------------| | *** Location Services [0/2] | 00:01 | DRAFT | | | **** GPS | | DRAFT | | | **** Access Points | | DRAFT | | |-----------------------------------------------+----------+---------+---------------| | *** Operating System [0/3] | 00:01 | DRAFT | | | **** Untrusted/Proprietary OS | | DRAFT | | | **** Free/Libre Mobile OS? | | DRAFT | | | **** Modem | | DRAFT | | |-----------------------------------------------+----------+---------+---------------| | ** Stationary [0/5] | 0:08 | LACKING | | |-----------------------------------------------+----------+---------+---------------| | *** Introduction [0/1] | 0:00 | DRAFT | ignoreheading | | **** Introduction | 00:00:30 | DRAFT | fullframe | |-----------------------------------------------+----------+---------+---------------| | *** Surveillance Cameras [0/2] | 0:00 | DRAFT | | | **** Unavoidable Surveillance | | DRAFT | | | **** Access to Data | 00:00:30 | DRAFT | | |-----------------------------------------------+----------+---------+---------------| | *** Internet of Things [0/4] | 0:04 | LACKING | | | **** Internet-Connected Cameras | 00:00:30 | DRAFT | | | **** The ``S'' In IoT Stands For ``Security'' | 00:01:30 | LACKING | | | **** Who's Watching? | 00:00:30 | DEVOID | | | **** Facial Recognition | 00:01 | DRAFT | | |-----------------------------------------------+----------+---------+---------------| | *** Social Media [0/1] | 0:01 | DRAFT | | | **** Collateral Damage | 00:01 | DRAFT | | |-----------------------------------------------+----------+---------+---------------| | *** Driving [0/3] | 0:02 | RAW | | | **** Introduction | 00:00:30 | DRAFT | fullframe | | **** ALPRs | 00:01 | LACKING | | | **** Car Itself | 00:00:30 | LACKING | | |-----------------------------------------------+----------+---------+---------------| | ** The Web [0/6] | 0:12 | LACKING | | |-----------------------------------------------+----------+---------+---------------| | *** Introduction [0/1] | | DRAFT | ignoreheading | | **** Introduction | | DRAFT | fullframe | |-----------------------------------------------+----------+---------+---------------| | *** Bridging the Gap [0/1] | 0:01 | LACKING | | | **** Ultrasound Tracking | 00:01 | LACKING | | |-----------------------------------------------+----------+---------+---------------| | *** Incentive to Betray [0/1] | 0:00 | DRAFT | | | **** Summary | 00:00:30 | DRAFT | fullframe | |-----------------------------------------------+----------+---------+---------------| | *** Analytics [0/2] | 0:02 | LACKING | | | **** Trackers | 00:01 | LACKING | | | **** Like Buttons | 00:01 | DRAFT | | |-----------------------------------------------+----------+---------+---------------| | *** Fingerprinting [0/3] | 0:04 | LACKING | | | **** Summary | | DRAFT | | | **** Alarmingly Effective | 00:03 | DEVOID | fullframe | | **** Browser Addons | 00:01 | DEVOID | | |-----------------------------------------------+----------+---------+---------------| | *** Anonymity [0/4] | 0:04 | LACKING | | | **** Summary | 00:01 | LACKING | fullframe | | ***** TODO Anonymity | | | | | ***** TODO Pseudonymity | | | | | **** IANAAE | | DRAFT | fullframe | | **** The Tor Network | 00:01 | DEVOID | | | **** TorBrowser, Tails, and Whonix | 00:02 | DEVOID | | |-----------------------------------------------+----------+---------+---------------| | ** Data Analytics [0/2] | 0:04 | LACKING | | |-----------------------------------------------+----------+---------+---------------| | *** Introduction [0/1] | 0:00 | DRAFT | ignoreheading | | **** Introduction | 00:00 | DRAFT | fullframe | |-----------------------------------------------+----------+---------+---------------| | *** Headings [0/3] | 0:04 | LACKING | | | **** Advertisers | 00:02 | LACKING | | | **** Social Media | 00:01 | DEVOID | | | **** Governments | 00:00:30 | DEVOID | | |-----------------------------------------------+----------+---------+---------------| | ** Policy and Government [0/6] | 0:12 | LACKING | | |-----------------------------------------------+----------+---------+---------------| | *** Introduction [0/1] | 0:00 | DRAFT | ignoreheading | | **** Introduction | 00:00:30 | DRAFT | fullframe | |-----------------------------------------------+----------+---------+---------------| | *** Surveillance [0/4] | 0:06 | LACKING | | | **** History of NSA Surveillance | 00:02 | DEVOID | | | **** Verizon Metadata | 00:00:30 | DEVOID | | | **** Snowden | 00:01 | DEVOID | | | **** Tools | 00:02 | DEVOID | | |-----------------------------------------------+----------+---------+---------------| | *** Crypto Wars [0/3] | 0:03 | LACKING | | | **** Introduction | 00:00 | DRAFT | fullframe | | **** Bernstein v. United States | 00:01 | DEVOID | | | **** Makes Us Less Safe | 00:02 | DEVOID | | |-----------------------------------------------+----------+---------+---------------| | *** Espionage [0/1] | 0:01 | LACKING | | | **** US Can't Keep Its Own Secrets | 00:01 | DEVOID | | |-----------------------------------------------+----------+---------+---------------| | *** Subpoenas, Warrants, NSLs [0/1] | 0:01 | LACKING | | | **** National Security Letters | 00:01 | DEVOID | | |-----------------------------------------------+----------+---------+---------------| | *** Law [0/1] | 0:01 | LACKING | | | **** Summary | 00:01 | DEVOID | fullframe | |-----------------------------------------------+----------+---------+---------------| | ** Your Fight [0/1] | 0:05 | LACKING | | |-----------------------------------------------+----------+---------+---------------| | *** Headings [0/6] | 0:05 | LACKING | | | **** Feeding | 00:00 | DRAFT | fullframe | | **** SaaSS and Centralization | 00:01 | DEVOID | | | **** Corporate Negligence | 00:01 | LACKING | | | **** Status Quo | 00:02 | DRAFT | | | **** Status Quo Cannot Hold | | DRAFT | fullframe | | **** Push Back | 00:01 | DRAFT | fullframe | |-----------------------------------------------+----------+---------+---------------| | ** Thank You | | | fullframe | |-----------------------------------------------+----------+---------+---------------| | * Exporting | | | | |-----------------------------------------------+----------+---------+---------------| | * Local Variables | | | | #+END #+BEGIN_COMMENT *Remember the themes!*: - Surreptitious - User privacy and security - Affects on freedom; chilling effects - How free software can help The big players seem to be the [[The Web][Web]] and [[Policy and Government][Government]]. No surprises there. It would be a good idea to immediately connect with the audience. So: - Most everyone has a mobile device. - /This is the most immediate and relatable since it's physically present/ with them in their travels. - Security cameras et. al. during travel. So start _briefly_ with the topic of pervasive surveillance? - That is what the abstract refers to, after all. *Surreptitious*---many audience members won't consider that they're being tracked. - But by _whom_? Maybe a gentle introduction that gets increasingly more alarming and invasive topic-wise. GOAL: Captivate; Startle #+END_COMMENT * LaTeX Configuration :export:ignore: #+LATEX_HEADER: \usepackage{color} #+BEGIN_LATEX % citations will be grayed and pushed to the right margin \let\origcite\cite % incite = "inline" cite \def\cite{\hfill\incite} \newcommand*{\incite}[1]{{% \scriptsize \raisebox{1ex}{% \color{gray}% \origcite{#1}% }% }} #+END_LATEX * LACKING Slides :export:ignore: ** DRAFT Introduction / Opening :B_fullframe: :PROPERTIES: :DURATION: 00:00:30 :BEAMER_env: fullframe :END: #+BEGIN_COMMENT None of you made it here without being tracked in some capacity. Some of us are still being tracked at this very moment. ... Let's start with the obvious. (Note: You're being "tracked", rather than "watched": the latter is too often used and dismissed as tinfoil-hat FUD.) #+END_COMMENT #+BEGIN_CENTER #+BEAMER: \only<1>{You're Being Tracked.} #+BEAMER: \only<2>{(No, really, I have references.)} #+END_CENTER ** LACKING Mobile [0/5] *** DRAFT Introduction :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading :END: **** DRAFT Introduction :B_fullframe: :PROPERTIES: :DURATION: 00:00:30 :BEAMER_env: fullframe :END: - <1-> Most people carry mobile phones - <1-> Synonymous with individual - <2> Excellent tracking devices #+BEGIN_COMMENT How many of you are carrying a mobile phone right now? Probably most of us. They are something we carry with us everywhere; they are computers that are always on. A phone is often synonymous with an individual. In other words: they're excellent tracking devices. #+END_COMMENT *** LACKING Cell Towers [0/2] :PROPERTIES: :DURATION: 00:01 :END: **** DRAFT Fundamentally Needed - <1-> Phone needs tower to make and receive calls - <2-> Gives away approximate location (can triangulate) #+BEGIN_COMMENT The primary reason is inherent in a phone's design: cell towers. A phone "needs" to be connected to a tower to make and receive calls. Unless it is off, its connection to the cell tower exposes your approximate location. These data persist for as long as the phone companies are willing to persist it. If it's mined by the NSA, then it might be persisted indefinitely. Some people don't use phones primarily for this reason. rms said he might use a phone if it could act as a pager, where he'd only need to expose his location once he is in a safe place. You can imagine that such would be a very useful and important feature for reporters and dissidents as well. #+END_COMMENT **** LACKING Cell-Site Simulators - <1-> Masquerade as cell towers - <2-> (List them) e.g. Stingray #+BEGIN_COMMENT I'm sure many of you have heard of Cell Site Simulators; one of the most popular examples being the Stingray. These devices masquerade as cell towers and can perform a dragnet search for an individual. Your location can be triangulated. #+END_COMMENT *** LACKING Wifi [0/3] :PROPERTIES: :DURATION: 00:01 :END: **** DRAFT Wifi - Device may broadcast ESSIDs of past hidden networks - Expose unique hardware identifiers (MAC address) #+BEGIN_COMMENT What else is inherent in a modern phone design? A common feature is Wifi. If you connected to any hidden networks, your phone may broadcast that network name to see if it exists. Your mobile device could be broadcasting information like past network connections and unique device identifiers (MAC), which can be used to uniquely identify you. #+END_COMMENT **** DEVOID Ubiquitous Access Points - #+BEGIN_COMMENT Access points increasingly line the streets or are within range in nearby buildings. Can be incredibly accurate for tracking movements, and it is _passive_---it requires no software on your device. #+END_COMMENT **** DRAFT Mitigations - Disable Wifi [when not in use] - Do not automatically connect to known networks - At the very least, not hidden - Randomize MAC address #+BEGIN_COMMENT Disable Wifi when not in use. You can also randomize your MAC address, and be sure not to broadcast hidden networks. #+END_COMMENT *** DRAFT Location Services [0/2] :PROPERTIES: :DURATION: 00:01 :END: **** DRAFT GPS - Often enabled by default - Might prompt user, but features are attractive - Programs give excuses to track - Location for tweets, photos, nearby friends, etc. #+BEGIN_COMMENT Oh, but what if we _do_ have software on the device? And we do. Let's talk about location services! Many people find them to be very convenient. The most popular being GPS. Because of the cool features it permits, it's often enabled. And programs will track your movements just for the hell of it. Or give an excuse to track you. #+END_COMMENT **** DRAFT Access Points - <1-> No GPS? No problem! - <2-> AP harvesting (e.g. Google Street View cars) - <2-> Works even where GPS and Cell signals cannot penetrate - <3> Can be /more/ accurate than GPS (e.g. what store in a shopping mall) #+BEGIN_COMMENT But GPS doesn't need to be available. Have you ever used a map program on a computer that asked for your location? How does it do that without GPS? Google scours the planet recording APs. It knows based on _what APs are simply near you_ where you are. Sometimes this can be more accurate than GPS. And it works where GPS and maybe even cell service don't, such as inside shopping malls. So having radio and GPS off may not help you. MAC spoofing won't help since software on your device has countless other ways to uniquely identify you---this is active monitoring, unlike previous examples. #+END_COMMENT *** DRAFT Operating System [0/3] :PROPERTIES: :DURATION: 00:01 :END: **** DRAFT Untrusted/Proprietary OS - Who does your phone work for? - Apple? Google? Microsoft? Blackberry? Your manufacturer too? - Carry everywhere you go, but fundamentally cannot trust it #+BEGIN_COMMENT The OS situation on mobile is lousy. Does your phone work for Apple? Google? Microsoft? Blackberry? ...? You carry around this computer everywhere you go. And you fundamentally cannot trust it. #+END_COMMENT **** DRAFT Free/Libre Mobile OS? - <1-3> Android is supposedly free software - <1-3> But every phone requires proprietary drivers, or contains proprietary software - <2-3> Replicant - <3> Niche. Interest is low, largely work of one developer now. #+BEGIN_COMMENT I use Replicant. Does anyone here use Replicant? I feel like I can at least trust my phone a little bit. #+END_COMMENT **** DRAFT Modem - But modem still runs non-free software - Often has access to CPU, disk, and memory #+BEGIN_COMMENT But on nearly every phone, the modem still runs proprietary software. And often times has direct access to CPU, disk, and memory. So even with Replicant, I consider the device compromised; I put nothing important on it if I can avoid it. #+END_COMMENT ** LACKING Stationary [0/5] *** DRAFT Introduction [0/1] :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading :END: **** DRAFT Introduction :B_fullframe: :PROPERTIES: :DURATION: 00:00:30 :BEAMER_env: fullframe :END: #+BEGIN_CENTER Certain types of tracking are unavoidable. #+END_CENTER #+BEGIN_COMMENT So let's say you have evaded that type of tracking. Maybe you don't carry a phone. Or maybe you've mitigated those threats in some way. There's certain things that are nearly impossible to avoid. #+END_COMMENT *** DRAFT Surveillance Cameras [0/2] **** DRAFT Unavoidable Surveillance - Security cameras are everywhere - Homes - Private businesses - Traffic cameras - Streets - ... #+BEGIN_COMMENT On the way here, you likely walked by numerous security cameras. They could be security cameras for private businesses. Traffic cameras. Cameras on streets to deter crime. Let's set aside local, state, and federal-owned cameras for a moment and focus on businesses. So a bunch of separate businesses have you on camera. So what? #+END_COMMENT **** DRAFT Access to Data :PROPERTIES: :DURATION: 00:00:30 :END: - <1> Data can be subpoenaed or obtained with a warrant - <1> If law enforcement wants to track you, they can - <2> If you own a surveillance system, be responsible and considerate - <2> Best way to restrict data is to avoid collecting it to begin with #+BEGIN_COMMENT Well one of the most obvious threats, should it pertain to you, is a subpoena. If law enforcement wanted to track you for whatever reason---crime or not!---they could simply subpoena the surrounding area. The best form of privacy is to avoid having the data be collected to begin with. #+END_COMMENT *** LACKING Internet of Things [0/4] **** DRAFT Internet-Connected Cameras :PROPERTIES: :DURATION: 00:00:30 :END: - Cameras used to be ``closed-circuit'' - Today\ldots not always so much #+BEGIN_COMMENT In the past, these cameras were "closed-circuit"--- they were on their own segregated network. You'd _have_ to subpoena the owner, or otherwise physically take the tape. Today, that might be the intent, but these cameras are often connected to the Internet for one reason or another. It might be intentional---to view the camera remotely---or it may just be how it is set up by default. Well... Let's expand our pool of cameras a bit. Because it's not just businesses that use Internet-connected cameras. They're also popular among individuals for personal/home use. Home security systems. Baby monitors. #+END_COMMENT **** LACKING The ``S'' In IoT Stands For ``Security'' :PROPERTIES: :DURATION: 00:01:30 :END: - Shodan---IoT search engine - Mirai - ... #+BEGIN_COMMENT Who here has heard of Shodan? Shodan is a search engine for the Internet of Things. It spiders for Internet-connected devices and indexes them. Okay, that's to be expected. Maybe that wouldn't be a problem if people knew proper NAT configuration that isn't subverted by UPnP. Maybe it wouldn't be a problem if these devices even gave a moment of thought to security. #+END_COMMENT **** DEVOID Who's Watching? :PROPERTIES: :DURATION: 00:00:30 :END: - Insecam - #+BEGIN_COMMENT Anyone heard of Insecam? It's a site that aggregates live video feeds of unsecured IP cameras. I can tell you personally that you feel like a scumbag looking at the site. There's fascinating things on there. And sobering ones. And creepy ones. Restaurants---families eating dinner; chefs preparing food in the back. Public areas---beaches, pools, walkways, city streets. Private areas---inside homes; private businesses. Hotel clerks sitting behind desks on their cell phones. Warehouses. Behind security desks. Behind cash registers. Hospital rooms. Inside surveillance rooms where people watch their surveillance system! With armed guards! Scientific research: people in full dress performing experiments. I saw someone at the dentist getting a teeth cleaning. Anything you can think of. You can literally explore the world. There are some beautiful sights! Absolutely gorgeous. They remove things that are too deeply personal. Assuming someone reports it. This is an excellent example to demonstrate to others why this is such a big deal. So that's what your average person can do. That's what some of you are going to be doing as soon as you leave this talk, if you haven't started looking already! That's what law enforcement is going to do. That's what the NSA, GHCQ, et. al. are going to do. #+END_COMMENT **** DRAFT Facial Recognition :PROPERTIES: :DURATION: 00:01 :END: - <1-> Humans no longer need to scour video feeds - <2-> Facial recognition widely used even for entertainment - <3-> No face? Check your gait. #+BEGIN_COMMENT Now let's couple that with facial recognition. Consider the breadth of devices we just covered. Literally everywhere. People don't need to manually look for you anymore; it's automated. Hell, any of us can download a free (as in freedom) library to do facial recognition and train it to recognize people. Facebook famously got creepy by saying it could recognize people by their dress and posture, from behind. You don't need facial recognition, though. You can also be identified by your gait. There's a lot to say about IoT. We'll come back to it. #+END_COMMENT *** DRAFT Social Media [0/1] **** DRAFT Collateral Damage :PROPERTIES: :DURATION: 00:01 :END: - <1-> Don't put pictures of me on Facebook - <1-> Don't put pictures of my children _anywhere_ - <2-> That person in the distance that happens to be in your photo has been inflicted with collateral damage #+BEGIN_COMMENT So you don't have any unsecured IoT cameras in your home. Or in this conference. But you do have unsecured people running wild with their photos and their selfies. I'm sure you've heard a frequent request/demand from rms: "Don't put pictures of me on Facebook." This applies to all social media, really. I just mentioned facial recognition--- this is precisely what Facebook (for example) made it for! To identify people you might know to tag them. It's excellent surveillance. What irks me is when people try to take pictures of my kids, or do and ask if they can put them online. Uh, no. You cannot. And people are sometimes surprised by that refusal. Most people are being innocent--- they're just trying to capture the moment. What they're actually doing is inflicting collateral damage. If I'm off in the background when you take a picture of your friends in the foreground, I'm still in the photo. #+END_COMMENT *** RAW Driving [0/3] **** DRAFT Introduction :B_fullframe: :PROPERTIES: :DURATION: 00:00:30 :BEAMER_env: fullframe :END: - Do you drive a vehicle? #+BEGIN_COMMENT Okay. So you have no phone. You sneak around public areas like a ninja. Like a vampire, you don't show up in photos. And you have no friends. So how else can I physically track you in your travels here? Well if you flew here, then your location is obviously known. That's not even worth discussing. But what about if you drove? #+END_COMMENT **** LACKING ALPRs :PROPERTIES: :DURATION: 00:01 :END: - Automated License Plate Readers (ALPRs) #+BEGIN_COMMENT ALPRs possibly tracked your movements. Automated License Plate Readers. <...> Maybe you try to evade them with special license plate covers. If need be, one could just track you by other unique features of your vehicle. And those might not just be law enforcement. Security issues extend to this too! You could rent a car. But the rental place probably took your name, license, and other information. You could take a cab and pay with cash. But that can get expensive. And they might have cameras and such anyway. #+END_COMMENT **** LACKING Car Itself :PROPERTIES: :DURATION: 00:00:30 :END: - Your vehicle itself might be a spy #+BEGIN_COMMENT Maybe your car itself is a tracking device (e.g. OnStar). (Move into Mobile?) <...> #+END_COMMENT ** LACKING The Web [0/6] *** DRAFT Introduction [0/1] :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading :END: **** DRAFT Introduction :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :END: - Much of our lives are no longer in the flesh - Or have some non-fleshy (virtual) analog #+BEGIN_COMMENT But you're not just tracked in the flesh. Much of what we do today is virtual. What better way to segue than to bridge the two? #+END_COMMENT *** LACKING Bridging the Gap [0/1] **** LACKING Ultrasound Tracking :PROPERTIES: :DURATION: 00:01 :END: - <1-> How do you bridge that analog? - <2-> Particularly insidious example: ultrasound tracking - <2-> Correlates users across devices #+BEGIN_COMMENT A challenge for advertisers is correlating users across multiple devices, and in the real world. Let's say you saw a commercial for some product Foo on TV. And then you went online to research Foo. And then you bought Foo. Sometimes commercials have you enter promo codes online to know that you arrived at the site from a TV commercial. Or give you a unique URL. Others play inaudible sounds that are picked up by your mobile device or computer. <...> #+END_COMMENT *** DRAFT Incentive to Betray [0/1] **** DRAFT Summary :B_fullframe: :PROPERTIES: :DURATION: 00:00:30 :BEAMER_env: fullframe :END: #+BEGIN_CENTER There is strong incentive to betray #+END_CENTER #+BEGIN_COMMENT So how does tracking happen? How does this tracking code _get_ on so much of the web? Incentives to betray users. Many websites make money through advertising. It can be lucrative. And it's _easy_ to do. #+END_COMMENT *** LACKING Analytics [0/2] **** LACKING Trackers :PROPERTIES: :DURATION: 00:01 :END: - <1-> Website owners want to know what their visitors are doing - <1-> That in itself isn't an unreasonable concept - <2-> Methods and data define the issue #+BEGIN_COMMENT Site analytics is another issue. Website owners want to know what their visitors are doing. That in itself isn't an unreasonable thing broadly speaking, but how you go about it and what types of data you collect defines the issue. Take Google Analytics for example. A very popular proprietary analytics service. It is one of the most widely distributed malware programs in the world. <> And all of this is known to Google. All of this can be used to identify users across the entire web. <> If you must track your users, consider using Piwik, which you can host yourself. #+END_COMMENT **** DRAFT Like Buttons :PROPERTIES: :DURATION: 00:01 :END: - <1-> Services encourage use of "like" buttons and such - <1-> Infecting the web with trackers under the guise of community - <2-> **Use Privacy Badger** #+BEGIN_COMMENT Another popular example are "like buttons" and similar little widgets that websites like Facebook offer. If a user is logged into Facebook, then Facebook now knows that they visited that website, _even if they don't click on the button_. But even if you don't have a Facebook account, information is being leaked to them you are still being tracked. Addons like Privacy Badger will block these. #+END_COMMENT *** LACKING Fingerprinting [0/3] **** DRAFT Summary :B_fullframe: #+BEGIN_CENTER Browser Fingerprinting #+END_CENTER #+BEGIN_COMMENT These methods are part of a broader topic called "browser fingerprinting". It's just what it sounds like: uniquely identify users online. #+END_COMMENT **** LACKING Alarmingly Effective :PROPERTIES: :DURATION: 00:03 :BEAMER_env: fullframe :END: - Panopticlick (EFF)\cite{panopti:about} - JavaScript opens up a world of possibilities - Clearing cookies et al. won't always help - Can even track separate browsers on the same box #+BEGIN_COMMENT It's alarmingly effective. Some methods allow fingerprinting even if the user uses multiple browsers and takes care to clear all session data. They can do this by effectively breaking out of the browser's sandbox by doing operations that depend heavily on specifics of users' hardware. #+END_COMMENT **** DRAFT User Agent - <1-> User agents can leak a lot of information - <1-> ~18 bits in my browser on GNU/Linux, 1/~250,000 - <2-> Tor Browser\cite{panopti:about} #+BEGIN_COMMENT Your browser's user agent is a string that it sends with every request identifying itself and some of its capabilities. It can be surprisingly unique. When I tested a Firefox browser on GNU/Linux, I was unique out of nearly 250,000 users. #+END_COMMENT *** DRAFT Anonymity [0/4] **** DRAFT Summary :B_fullframe: :PROPERTIES: :DURATION: 00:01 :BEAMER_env: fullframe :END: #+BEGIN_COMMENT Another way is to be anonymous or pseudononymous. In the latter case, you assume a pseudoynm online and perform only activities that should be associated with that pseudonym. In the former case, there should be no way to ever correlate past or future actions with your current session. #+END_COMMENT ***** Anonymity Origin is unknown to server; no unique identifier known by server\incite{whonix:donot} ***** Pseudonymity Origin is unknown to server; unique identifier /is available/ to server\incite{whonix:donot} **** DRAFT IANAAE :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :END: #+BEGIN_CENTER IANAAE (I Am Not An Anonymity Expert) #+END_CENTER #+BEGIN_COMMENT This is a difficult topic that's pretty dangerous to give advice on if you have strong need for anonymity---for example, if you are a dissident or whistleblower. If your life depends on anonymity, please do your own research. I provide a number of resources to get you started. #+END_COMMENT **** DRAFT The Tor Network :PROPERTIES: :DURATION: 00:01 :END: - The Onion Router (Tor)\cite{tor} - Helps defend against traffic analysis - (Routing image) #+BEGIN_COMMENT Most here have probably heard of Tor. "Tor" stands for "The Onion Router", which describes how it relays data through the Tor network. The packet is routed through a number of servers, encrypted with the public key of each server such that the first hop strips off the first layer and so on. The exit node reveals the packet and delivers it to the destination, then begins relaying the reply back to through the network to the user. As long as a sufficient portion of the network can be trusted and has not been compromised by an adversary, it isn't possible to trace data back through the network. The most common use of Tor is to route web traffic. Many nodes block most other ports. It's also possible to resolve DNS requests through Tor. There are lots of other details that I don't have time to get to here, but I provide a number of resources for you. #+END_COMMENT **** DRAFT TorBrowser, Tails, and Whonix :PROPERTIES: :DURATION: 00:02 :END: - <1-> Tor alone isn't enough - <1-> Browser needs to be hardened - <2-> TorBrowser is a hardened Firefox derivative - <1-> Operating System needs to be hardened - <2-> Tails, Whonix #+BEGIN_COMMENT Tor alone isn't enough to secure your anonymity. It's hard to secure a web browser. TorBrowser is a hardened version of Firefox. The Tor browser recommends that you don't rely on a vanilla Firefox for anonymity with Tor. Tails... Whonix... #+END_COMMENT ** LACKING Data Analytics [0/2] *** DRAFT Introduction [0/1] :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading :END: **** DRAFT Introduction :B_fullframe: :PROPERTIES: :DURATION: 00:00 :BEAMER_env: fullframe :END: #+BEGIN_CENTER ``Big Data'' (/Your/ Big Data) #+END_CENTER #+BEGIN_COMMENT We've seen adversaries with different motives. Let's explore what some of them do with all those data. #+END_COMMENT *** LACKING Headings [0/3] **** LACKING Advertisers :PROPERTIES: :DURATION: 00:02 :END: - Most users' threat models don't include the NSA - Biggest threat to privacy are companies that aggregate data to understand you (often /better than you/) #+BEGIN_COMMENT The biggest threat to privacy to the average user is by companies that aggregate data for the purpose of understanding _you_. Probably better than you understand you. I'm sure many of you heard of the story of Target knowing a girl was pregnant before she did. <> #+END_COMMENT **** DEVOID Social Media :PROPERTIES: :DURATION: 00:01 :END: TODO #+BEGIN_COMMENT (Where you are, what you do.) #+END_COMMENT **** DEVOID Governments :PROPERTIES: :DURATION: 00:00:30 :END: TODO #+BEGIN_COMMENT (Segue into government surveillance.) #+END_COMMENT ** LACKING Policy and Government [0/6] *** DRAFT Introduction [0/1] :B_ignoreheading: :PROPERTIES: :BEAMER_env: ignoreheading :END: **** DRAFT Introduction :B_fullframe: :PROPERTIES: :DURATION: 00:00:30 :BEAMER_env: fullframe :END: - <1-> Governments have a duty to protect their people - <2-> Governments have a duty to protect citizens' rights #+BEGIN_LATEX \vspace{2ex} \only<3>{ \begin{center} These duties are often at odds \end{center} } #+END_LATEX #+BEGIN_COMMENT Where to begin. Governments have a duty to protect their people. But they also have a duty to know their bounds; to protect citizens' rights and privacy. We know how that story goes. #+END_COMMENT *** LACKING Surveillance [0/4] **** DEVOID History of NSA Surveillance :PROPERTIES: :DURATION: 00:02 :END: TODO #+BEGIN_COMMENT (EFF, <>) #+END_COMMENT **** DEVOID Verizon Metadata :PROPERTIES: :DURATION: 00:00:30 :END: TODO #+BEGIN_COMMENT (Add date) ... #+END_COMMENT **** DEVOID Snowden :PROPERTIES: :DURATION: 00:01 :END: TODO **** DEVOID Tools :PROPERTIES: :DURATION: 00:02 :END: TODO #+BEGIN_COMMENT - XKeyscore and others - Exploits - Hardware - Intercepting shipments - Etc. #+END_COMMENT *** LACKING Crypto Wars [0/3] **** DRAFT Introduction :B_fullframe: :PROPERTIES: :DURATION: 00:00 :BEAMER_env: fullframe :END: #+BEGIN_CENTER History repeats itself #+END_CENTER #+BEGIN_COMMENT All of that happened behind our backs. But there is also a war being waged in public. As if we haven't learned from the past. The Crypto wars. #+END_COMMENT **** DEVOID Bernstein v. United States :PROPERTIES: :DURATION: 00:01 :END: TODO #+BEGIN_COMMENT ... (Include export-grade crypto) (Code is speech) #+END_COMMENT **** DEVOID Makes Us Less Safe :PROPERTIES: :DURATION: 00:02 :END: TODO #+BEGIN_COMMENT Apple v. FBI - Backdoors - Clipper chip - LOGJAM, etc from export-grade crypto - VEP #+END_COMMENT *** LACKING Espionage [0/1] **** DEVOID US Can't Keep Its Own Secrets :PROPERTIES: :DURATION: 00:01 :END: TODO #+BEGIN_COMMENT - Office of Personnel Management - DNC #+END_COMMENT *** LACKING Subpoenas, Warrants, NSLs [0/1] **** DEVOID National Security Letters :PROPERTIES: :DURATION: 00:01 :END: TODO #+BEGIN_COMMENT - Gag orders - Prior restraint - Canaries #+END_COMMENT *** LACKING Law [0/1] **** DEVOID Summary :B_fullframe: :PROPERTIES: :DURATION: 00:01 :BEAMER_env: fullframe :END: TODO #+BEGIN_COMMENT - DMCA - Risks to security researchers - Draconian - CFAA #+END_COMMENT ** LACKING Your Fight [0/1] *** LACKING Headings [0/6] **** DRAFT Feeding :B_fullframe: :PROPERTIES: :DURATION: 00:00 :BEAMER_env: fullframe :END: #+BEGIN_CENTER We're feeding into all of this! #+END_CENTER **** DEVOID SaaSS and Centralization :PROPERTIES: :DURATION: 00:01 :END: TODO #+BEGIN_COMMENT - Be sure to mention Cloudbleed and S3 - Who has access to your data? - The "Cloud" #+END_COMMENT **** LACKING Corporate Negligence :PROPERTIES: :DURATION: 00:01 :END: - Companies balance security and privacy on their balance sheets #+BEGIN_COMMENT Companies don't care. They'll balance _costs_ of failure to comply with regulation. Is it cheaper just to pay up in the event of a data breach? Governments try, sort of. They need to catch up with the times. <> <> (Tie into SaaSS) #+END_COMMENT **** DRAFT Status Quo :PROPERTIES: :DURATION: 00:02 :END: - Do people care more about privacy and security since the Snowden leaks? - (Cite) - ``I have nothing to hide'' - ``Report anything suspicious'' - Chilling effects #+BEGIN_COMMENT You would think after the Snowden revelations that people would be more privacy-centric. Some are. Many aren't. There is complacency with the status quo. Everything is so _convenient_. "I have nothing to hide." A common argument. One that can be notoriously hard to address. "Report anything suspicious." (Example of mathematician on plane.) These all have chilling effects, conscious or not. <> #+END_COMMENT **** DRAFT Status Quo Cannot Hold :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :END: #+BEGIN_CENTER **The status quo cannot hold.** #+END_CENTER #+BEGIN_COMMENT I hope I've convinced you that the status quo cannot hold. That even people who aren't that privacy- or security-conscious recognize that there are risks not only at a personal level, but also national and global. #+END_COMMENT **** DRAFT Push Back :B_fullframe: :PROPERTIES: :DURATION: 00:01 :BEAMER_env: fullframe :END: #+BEGIn_CENTER #+BEAMER: \only<1>{We need to push back} #+BEAMER: \only<2>{\emph{You} need to push back} #+END_CENTER #+BEGIN_COMMENT - Good crypto; no trust - Lawmakers: this is not something we can win while we fight with our governments. #+END_COMMENT ** Thank You :B_fullframe: :PROPERTIES: :BEAMER_env: fullframe :END: #+BEGIN_CENTER Mike Gerwitz [[mailto:mtg@gnu.org][=mtg@gnu.org=]] \bigskip **References Available Online** [[https://mikegerwitz.com/talks/sapsf]] \vfill Licensed under the Creative Commons Attribution ShareAlike 4.0 International License #+END_CENTER ** References :B_appendix: :PROPERTIES: :BEAMER_env: appendix :END: \bibliographystyle{plain} \bibliography{sapsf} * Exporting You should be able to simply export this buffer as a Beamer presentation (=C-c C-e l P=) and get a slideshow. Note that this requires =ox-extras=, which is part of Org Mode's =contrib/=. Without it, the =:ignore:= tag will not be recognized and the rendered slides will have incorrect depth. * Local Variables # Local Variables: # org-todo-keyword-faces: (("DRAFT" . org-upcoming-deadline) \ # ("DEVOID" . (:inherit org-warning \ # :inverse-video t)) \ # ("LACKING" . org-warning) \ # ("REVIEWED" . "yellow") \ # ("READY" . (:inherit org-scheduled :bold t :underline t))) # eval: (ox-extras-activate '(ignore-headlines)) # End: