Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.
privacy is an illusion and you’re all losers or how 1984 was a manual for our panopticon society ! By Cain Ransbottyn - @...
End of privacy • 9/11 attacks invigorated the concept of terrorist threats • Post 9/11 there was a strong and understan...
End of civil liberties • New word: “asymmetrical threats” • Actually means: “please give up your civil liberties”, in 2...
So, terrorism huh ? • systematic use of violent terror as a means of coercion • violent acts which are intended to crea...
Global terrorist threat map Data of 2010. Seems legit.
Year on year doubling in surveillance budget since the Patriot Act Except for 2013, then there was a dark budget of US$ 52...
Fear. Uncertainty. Doubt. • Instilling fear is a premise for coercion. But to whom ? • Mass media works as a catalyst t...
Are we really capable of understanding the real threat level ? Please demonstrate you can spot a rhetorical question when ...
The convenience of circular logic • Gov’t: We’re using surveillance so we can prevent terrorist attacks
 You: I don’t see...
quis custodiet ipsos custodes ?
Total Information Awareness The 2002 - 2003 program that began a data mining project, following warantless surveillance de...
PRISM, XKeyScore, Tempora ! Thank you Microsoft, Facebook, Yahoo!, Google, Paltalk, YouTube, AOL, Apple, Skype Snowden le...
The rise of private intelligence agencies • The welcome gift of “social networks” • The thankful adoption rate of smart...
The In-Q-Tel investment firm • Founded 1999 as not-for-profit venture capital firm • So… if you are not looking to make a ...
Social networks as a private intelligence agency • Perfect front offices • Facebook as the first global private intellige...
Smart-phones as the ultimate tracking device • Device you carry 24/7 with you. With a GPS on board. • Android has remot...
Smart-phones as the ultimate tracking device Wi-Fi based positioning has become very accurate and quickly deployed mainst...
Cloud providers as the perfect honeypot • There is no company that is so invasive as Google • Records voice calls (Voic...
Cloud providers as the perfect honeypot • Not only Google. The latest OSX Mavericks actually asked me to… store my Keycha...
The loyal friend, the phone operator • Needs to be CALEA and ETSI compliant. Yeah right :-) • Operators are both target...
Privacy is for losers If you think you have privacy, you really are a loser
#dta If a government needs to understand its enemy, and we’re being surveilled. Then, who exactly is the enemy ?
Conspiracy theory ? ! Whistleblowers showed that reality is far worse
So now what ?
Change your attitude. Wake the f*ck up…
Reclaim ownership of your data. Demand transparency of every service you use.
Encryption is your friend
Encryption today is built for security professionals and engineers. Not for your mom or dad.
Security and crypto engineers don’t understand UI and UX
Android and IOS planned. Microsoft Mobile perhaps.
Requirements • Must provide strong crypto • Must be open source (GitHub) • Must be beautiful and easy to use, we actu...
How it’s built • Using tor as transport layer for P2P routing and provide anonymity (no exit nodes used). • Obfuscated ...
How it’s used
Who’s using it • Journalists • Freedom Fighters • Whistleblowers • Lawyers and security professionals • …
Why use it ? • To protect your human right on privacy • To protect your human right on freedom of speech • Because yo...
Privacy might be for losers, but that doesn’t mean you are OK to give up your human rights…
Próxima SlideShare
Cargando en…5
×

Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013

995.834 visualizaciones

Publicado el

Privacy is an illusion and you’re all losers!
or how 1984 was a manual for our panopticon society
By Cain Ransbottyn - @ransbottyn

Publicado en: Tecnología, Noticias y política
no profile picture user

  • Inicia sesión para ver los comentarios

Mostrar más

Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013

  1. privacy is an illusion and you’re all losers or how 1984 was a manual for our panopticon society ! By Cain Ransbottyn - @ransbottyn
  2. End of privacy • 9/11 attacks invigorated the concept of terrorist threats • Post 9/11 there was a strong and understandable argument to prioritise security
  3. End of civil liberties • New word: “asymmetrical threats” • Actually means: “please give up your civil liberties”, in 2001 55% US citizens were pro; in 2011 only 40% (and declining). • Patriot Act changed the world for good
  4. So, terrorism huh ? • systematic use of violent terror as a means of coercion • violent acts which are intended to create fear (terror) • perpetrated for a religious, political, or ideological goal • deliberately target or disregard the safety of noncombatants (civilians)
  5. Global terrorist threat map Data of 2010. Seems legit.
  6. Year on year doubling in surveillance budget since the Patriot Act Except for 2013, then there was a dark budget of US$ 52,6B
  7. Fear. Uncertainty. Doubt. • Instilling fear is a premise for coercion. But to whom ? • Mass media works as a catalyst to bring fear in the homes of citizens. • We all are very shitty at threat and risk assessments. Pigs or sharks ? • 23,589 40 Or terrorist attacks ? 13,200 * 2010 facts and figures worldwide
  8. Are we really capable of understanding the real threat level ? Please demonstrate you can spot a rhetorical question when you see one
  9. The convenience of circular logic • Gov’t: We’re using surveillance so we can prevent terrorist attacks
 You: I don’t see any terrorist threat or attack
 Gov’t: Awesome stuff, hey ?
 • Him: I’m using this repellent to scare away elephants.
 You: But I don’t see any elephants.
 Him: Awesome stuff, hey ?
  10. quis custodiet ipsos custodes ?
  11. Total Information Awareness The 2002 - 2003 program that began a data mining project, following warantless surveillance decision in 2002
  12. PRISM, XKeyScore, Tempora ! Thank you Microsoft, Facebook, Yahoo!, Google, Paltalk, YouTube, AOL, Apple, Skype Snowden leaks the post 2007 surveillance industry is much worse than anyone could have imagined
  13. The rise of private intelligence agencies • The welcome gift of “social networks” • The thankful adoption rate of smart phones • The cloud as the ultimate data gathering extension to governments • The phone operators remain a loyal friend • The overt investment strategy of In-Q-Tel
  14. The In-Q-Tel investment firm • Founded 1999 as not-for-profit venture capital firm • So… if you are not looking to make a profit, what are you looking for then ? • Investments in data mining, call recording, surveillance, crypto, biotech, … • E.g. 2007 AT&T - Narus STA 6400 backdoor = product of In-Q-Tel funded company • Many (many) participations worldwide (also Belgium)
  15. Social networks as a private intelligence agency • Perfect front offices • Facebook as the first global private intelligence agency • Otherwise hard to obtain intel is being shared voluntarily by everyone (e.g. hobbies, etc.) • US$ 12,7M investment by James Breyer (Accel), former colleague of Gilman Louie (CEO In-Q-Tel)
  16. Smart-phones as the ultimate tracking device • Device you carry 24/7 with you. With a GPS on board. • Android has remote install/deinstall hooks in its OS (so has IOS) • OTA vulnerabilities allow remote installs of byte patches (e.g. Blackberry incident in UAE) • Apple incident (“the bug that stored your whereabouts”) • Any idea how many address books are stored on iCloud ? :p
  17. Smart-phones as the ultimate tracking device Wi-Fi based positioning has become very accurate and quickly deployed mainstream
  18. Cloud providers as the perfect honeypot • There is no company that is so invasive as Google • Records voice calls (Voice), analyses e-mail (GMail), knows who you talk to and where you are (Android), has all your documents (Drive) and soon will see through your eyes (Glass) • Robert David Steele (CIA) disclosed Google takes money from US Intel. community. • In-Q-Tel and Google invest in mutual companies (mutual interest)
  19. Cloud providers as the perfect honeypot • Not only Google. The latest OSX Mavericks actually asked me to… store my Keychain in the cloud *sigh* • While Apple claims iMessage cannot be intercepted, we know it is possible because Apple is the MITM and no end-to-end crypto is used nor certificate pinning.
  20. The loyal friend, the phone operator • Needs to be CALEA and ETSI compliant. Yeah right :-) • Operators are both targets of surveillance stakeholders (e.g. Belgacom/BICS hack by GCHQ) and providers of surveillance tactics (taps, OTA installs, silent SMS, etc.) • Does KPN really trust NICE (Israel) and does Belgacom really trust Huawei (China) ? • Truth of the matter is: you cannot trust your operator…
  21. Privacy is for losers If you think you have privacy, you really are a loser
  22. #dta If a government needs to understand its enemy, and we’re being surveilled. Then, who exactly is the enemy ?
  23. Conspiracy theory ? ! Whistleblowers showed that reality is far worse
  24. So now what ?
  25. Change your attitude. Wake the f*ck up…
  26. Reclaim ownership of your data. Demand transparency of every service you use.
  27. Encryption is your friend
  28. Encryption today is built for security professionals and engineers. Not for your mom or dad.
  29. Security and crypto engineers don’t understand UI and UX
  30. Android and IOS planned. Microsoft Mobile perhaps.
  31. Requirements • Must provide strong crypto • Must be open source (GitHub) • Must be beautiful and easy to use, we actually don’t want the user to be confronted with complex crypto issues • Provide deniability • Provide alerting mechanisms that alert the user when something is wrong • Even when your device is confiscated, it should be able to withstand forensic investigation
  32. How it’s built • Using tor as transport layer for P2P routing and provide anonymity (no exit nodes used). • Obfuscated as HTTPS traffic to prevent gov’t filtering. • Using OTR v3.1 to ensure perfect forward secrecy and end-to-end crypto. • Capable of detecting A5/GSM tactical surveillance attacks. • Extremely effective anti forensic mechanisms and triggers
  33. How it’s used
  34. Who’s using it • Journalists • Freedom Fighters • Whistleblowers • Lawyers and security professionals • …
  35. Why use it ? • To protect your human right on privacy • To protect your human right on freedom of speech • Because your communication needs to remain confidential • Because excessive surveillance is a threat to modern democracy
  36. Privacy might be for losers, but that doesn’t mean you are OK to give up your human rights…

×