SlideShare una empresa de Scribd logo
1 de 36
Descargar para leer sin conexión
privacy is an illusion
and you’re all losers
or how 1984 was a manual for our panopticon society

!
By Cain Ransbottyn - @ransbottyn
End of privacy
•

9/11 attacks invigorated the
concept of terrorist threats

•

Post 9/11 there was a strong
and understandable argument
to prioritise security
End of civil liberties
•

New word: “asymmetrical
threats”

•

Actually means: “please give
up your civil liberties”, in 2001
55% US citizens were pro; in
2011 only 40% (and
declining).

•

Patriot Act changed the world
for good
So, terrorism huh ?
•

systematic use of violent
terror as a means of
coercion

•

violent acts which are
intended to create fear
(terror)

•

perpetrated for a religious,
political, or ideological goal

•

deliberately target or
disregard the safety of noncombatants (civilians)
Global terrorist threat map
Data of 2010. Seems legit.
Year on year doubling in surveillance
budget since the Patriot Act
Except for 2013, then there was a dark budget of US$ 52,6B
Fear. Uncertainty. Doubt.
•

Instilling fear is a premise for
coercion. But to whom ?

•

Mass media works as a
catalyst to bring fear in the
homes of citizens.

•

We all are very shitty at threat
and risk assessments. Pigs or
sharks ?

•

23,589

40

Or terrorist attacks ?
13,200

* 2010 facts and figures worldwide
Are we really capable of
understanding the real
threat level ?
Please demonstrate you can spot a rhetorical question when you see one
The convenience of circular
logic
•

Gov’t: We’re using
surveillance so we can
prevent terrorist attacks

You: I don’t see any terrorist
threat or attack

Gov’t: Awesome stuff, hey ?


•

Him: I’m using this repellent to
scare away elephants.

You: But I don’t see any
elephants.

Him: Awesome stuff, hey ?
quis custodiet ipsos
custodes ?
Total Information
Awareness
The 2002 - 2003 program that began a data mining project, following warantless surveillance decision in 2002
PRISM, XKeyScore, Tempora
!
Thank you Microsoft, Facebook, Yahoo!, Google, Paltalk, YouTube, AOL,
Apple, Skype

Snowden leaks the post 2007 surveillance industry is much worse than anyone could have imagined
The rise of private
intelligence agencies
•

The welcome gift of “social
networks”

•

The thankful adoption rate of
smart phones

•

The cloud as the ultimate data
gathering extension to
governments

•

The phone operators remain a
loyal friend

•

The overt investment strategy of
In-Q-Tel
The In-Q-Tel investment firm
•

Founded 1999 as not-for-profit
venture capital firm

•

So… if you are not looking to make a
profit, what are you looking for then ?

•

Investments in data mining, call
recording, surveillance, crypto,
biotech, …

•

E.g. 2007 AT&T - Narus STA 6400
backdoor = product of In-Q-Tel
funded company

•

Many (many) participations
worldwide (also Belgium)
Social networks as a private
intelligence agency
•

Perfect front offices

•

Facebook as the first global
private intelligence agency

•

Otherwise hard to obtain intel
is being shared voluntarily by
everyone (e.g. hobbies, etc.)

•

US$ 12,7M investment by
James Breyer (Accel), former
colleague of Gilman Louie
(CEO In-Q-Tel)
Smart-phones as the
ultimate tracking device
•

Device you carry 24/7 with you.
With a GPS on board.

•

Android has remote install/deinstall
hooks in its OS (so has IOS)

•

OTA vulnerabilities allow remote
installs of byte patches (e.g.
Blackberry incident in UAE)

•

Apple incident (“the bug that
stored your whereabouts”)

•

Any idea how many address
books are stored on iCloud ? :p
Smart-phones as the
ultimate tracking device

Wi-Fi based positioning has become very accurate and quickly deployed mainstream
Cloud providers as the
perfect honeypot
•

There is no company that is so
invasive as Google

•

Records voice calls (Voice),
analyses e-mail (GMail), knows who
you talk to and where you are
(Android), has all your documents
(Drive) and soon will see through
your eyes (Glass)

•

Robert David Steele (CIA) disclosed
Google takes money from US Intel.
community.

•

In-Q-Tel and Google invest in
mutual companies (mutual interest)
Cloud providers as the
perfect honeypot
•

Not only Google. The latest
OSX Mavericks actually asked
me to… store my Keychain in
the cloud *sigh*

•

While Apple claims iMessage
cannot be intercepted, we
know it is possible because
Apple is the MITM and no
end-to-end crypto is used nor
certificate pinning.
The loyal friend, the phone
operator
•

Needs to be CALEA and ETSI
compliant. Yeah right :-)

•

Operators are both targets of
surveillance stakeholders (e.g.
Belgacom/BICS hack by GCHQ)
and providers of surveillance tactics
(taps, OTA installs, silent SMS, etc.)

•

Does KPN really trust NICE (Israel)
and does Belgacom really trust
Huawei (China) ?

•

Truth of the matter is: you cannot
trust your operator…
Privacy is for losers

If you think you have privacy,
you really are a loser
#dta

If a government needs to understand
its enemy, and we’re being surveilled.
Then, who exactly is the enemy ?
Conspiracy theory ?
!

Whistleblowers showed that reality
is far worse
So now what ?
Change your attitude.
Wake the f*ck up…
Reclaim ownership of your data.
Demand transparency of every
service you use.
Encryption is your
friend
Encryption today is built for security
professionals and engineers.
Not for your mom or dad.
Security and crypto engineers don’t
understand UI and UX
Android and IOS planned. Microsoft Mobile perhaps.
Requirements
•

Must provide strong crypto

•

Must be open source (GitHub)

•

Must be beautiful and easy to use, we
actually don’t want the user to be
confronted with complex crypto issues

•

Provide deniability

•

Provide alerting mechanisms that alert
the user when something is wrong

•

Even when your device is confiscated,
it should be able to withstand forensic
investigation
How it’s built
•

Using tor as transport layer for P2P
routing and provide anonymity (no
exit nodes used).

•

Obfuscated as HTTPS traffic to
prevent gov’t filtering.

•

Using OTR v3.1 to ensure perfect
forward secrecy and end-to-end
crypto.

•

Capable of detecting A5/GSM
tactical surveillance attacks.

•

Extremely effective anti forensic
mechanisms and triggers
How it’s used
Who’s using it
•

Journalists

•

Freedom Fighters

•

Whistleblowers

•

Lawyers and security
professionals

•

…
Why use it ?
•

To protect your human right
on privacy

•

To protect your human right
on freedom of speech

•

Because your communication
needs to remain confidential

•

Because excessive
surveillance is a threat to
modern democracy
Privacy might be for losers, but
that doesn’t mean you are OK
to give up your human rights…

Más contenido relacionado

La actualidad más candente

My interview with ChatGPT
My interview with ChatGPTMy interview with ChatGPT
My interview with ChatGPTIsac Costa
 
intro chatGPT workshop.pdf
intro chatGPT workshop.pdfintro chatGPT workshop.pdf
intro chatGPT workshop.pdfpeterpur
 
100 growth hacks 100 days | 1 to 10
100 growth hacks 100 days | 1 to 10100 growth hacks 100 days | 1 to 10
100 growth hacks 100 days | 1 to 10Robin Yjord
 
The Workforce Engages
The Workforce EngagesThe Workforce Engages
The Workforce EngagesWebtrends
 
The presentation secrets of steve jobs
The presentation secrets of steve jobsThe presentation secrets of steve jobs
The presentation secrets of steve jobsDavid Setiawan
 
Google BARD v/s ChatGPT _ A review
Google BARD v/s ChatGPT _ A reviewGoogle BARD v/s ChatGPT _ A review
Google BARD v/s ChatGPT _ A reviewDR. Ram Kumar Pathak
 
The Science of Story: How Brands Can Use Storytelling To Get More Customers
The Science of Story: How Brands Can Use Storytelling To Get More CustomersThe Science of Story: How Brands Can Use Storytelling To Get More Customers
The Science of Story: How Brands Can Use Storytelling To Get More CustomersDigital Surgeons
 
3 Ingredients to Spice Up Your Content Marketing
3 Ingredients to Spice Up Your Content Marketing3 Ingredients to Spice Up Your Content Marketing
3 Ingredients to Spice Up Your Content MarketingSemrush
 
Dispatches From The New Economy: The On-Demand Economy And The Future Of Work
Dispatches From The New Economy: The On-Demand Economy And The Future Of WorkDispatches From The New Economy: The On-Demand Economy And The Future Of Work
Dispatches From The New Economy: The On-Demand Economy And The Future Of WorkIntuit Inc.
 
Solve for X with AI: a VC view of the Machine Learning & AI landscape
Solve for X with AI: a VC view of the Machine Learning & AI landscapeSolve for X with AI: a VC view of the Machine Learning & AI landscape
Solve for X with AI: a VC view of the Machine Learning & AI landscapeEd Fernandez
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the CloudGGV Capital
 
YouTube Growth Results
YouTube Growth ResultsYouTube Growth Results
YouTube Growth ResultsOffrBox
 
Episode 2: The LLM / GPT / AI Prompt / Data Engineer Roadmap
Episode 2: The LLM / GPT / AI Prompt / Data Engineer RoadmapEpisode 2: The LLM / GPT / AI Prompt / Data Engineer Roadmap
Episode 2: The LLM / GPT / AI Prompt / Data Engineer RoadmapAnant Corporation
 
How ChatGPT and AI-assisted coding changes software engineering profoundly
How ChatGPT and AI-assisted coding changes software engineering profoundlyHow ChatGPT and AI-assisted coding changes software engineering profoundly
How ChatGPT and AI-assisted coding changes software engineering profoundlyPekka Abrahamsson / Tampere University
 
Creative Traction Methodology - For Early Stage Startups
Creative Traction Methodology - For Early Stage StartupsCreative Traction Methodology - For Early Stage Startups
Creative Traction Methodology - For Early Stage StartupsTommaso Di Bartolo
 
Top 10 Social Media Tips For Financial Advisors
Top 10 Social Media Tips For Financial AdvisorsTop 10 Social Media Tips For Financial Advisors
Top 10 Social Media Tips For Financial AdvisorsFinworx
 
Working With Big Data
Working With Big DataWorking With Big Data
Working With Big DataSeth Familian
 

La actualidad más candente (20)

The Hierarchy of Engagement
The Hierarchy of EngagementThe Hierarchy of Engagement
The Hierarchy of Engagement
 
Is AI generation the next platform shift?
Is AI generation the next platform shift?Is AI generation the next platform shift?
Is AI generation the next platform shift?
 
My interview with ChatGPT
My interview with ChatGPTMy interview with ChatGPT
My interview with ChatGPT
 
intro chatGPT workshop.pdf
intro chatGPT workshop.pdfintro chatGPT workshop.pdf
intro chatGPT workshop.pdf
 
100 growth hacks 100 days | 1 to 10
100 growth hacks 100 days | 1 to 10100 growth hacks 100 days | 1 to 10
100 growth hacks 100 days | 1 to 10
 
The Workforce Engages
The Workforce EngagesThe Workforce Engages
The Workforce Engages
 
The presentation secrets of steve jobs
The presentation secrets of steve jobsThe presentation secrets of steve jobs
The presentation secrets of steve jobs
 
Google BARD v/s ChatGPT _ A review
Google BARD v/s ChatGPT _ A reviewGoogle BARD v/s ChatGPT _ A review
Google BARD v/s ChatGPT _ A review
 
The Science of Story: How Brands Can Use Storytelling To Get More Customers
The Science of Story: How Brands Can Use Storytelling To Get More CustomersThe Science of Story: How Brands Can Use Storytelling To Get More Customers
The Science of Story: How Brands Can Use Storytelling To Get More Customers
 
3 Ingredients to Spice Up Your Content Marketing
3 Ingredients to Spice Up Your Content Marketing3 Ingredients to Spice Up Your Content Marketing
3 Ingredients to Spice Up Your Content Marketing
 
Dispatches From The New Economy: The On-Demand Economy And The Future Of Work
Dispatches From The New Economy: The On-Demand Economy And The Future Of WorkDispatches From The New Economy: The On-Demand Economy And The Future Of Work
Dispatches From The New Economy: The On-Demand Economy And The Future Of Work
 
Solve for X with AI: a VC view of the Machine Learning & AI landscape
Solve for X with AI: a VC view of the Machine Learning & AI landscapeSolve for X with AI: a VC view of the Machine Learning & AI landscape
Solve for X with AI: a VC view of the Machine Learning & AI landscape
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
 
YouTube Growth Results
YouTube Growth ResultsYouTube Growth Results
YouTube Growth Results
 
Episode 2: The LLM / GPT / AI Prompt / Data Engineer Roadmap
Episode 2: The LLM / GPT / AI Prompt / Data Engineer RoadmapEpisode 2: The LLM / GPT / AI Prompt / Data Engineer Roadmap
Episode 2: The LLM / GPT / AI Prompt / Data Engineer Roadmap
 
Moonshot Thinking
Moonshot ThinkingMoonshot Thinking
Moonshot Thinking
 
How ChatGPT and AI-assisted coding changes software engineering profoundly
How ChatGPT and AI-assisted coding changes software engineering profoundlyHow ChatGPT and AI-assisted coding changes software engineering profoundly
How ChatGPT and AI-assisted coding changes software engineering profoundly
 
Creative Traction Methodology - For Early Stage Startups
Creative Traction Methodology - For Early Stage StartupsCreative Traction Methodology - For Early Stage Startups
Creative Traction Methodology - For Early Stage Startups
 
Top 10 Social Media Tips For Financial Advisors
Top 10 Social Media Tips For Financial AdvisorsTop 10 Social Media Tips For Financial Advisors
Top 10 Social Media Tips For Financial Advisors
 
Working With Big Data
Working With Big DataWorking With Big Data
Working With Big Data
 

Destacado

What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...Edureka!
 
Inside Google's Numbers in 2017
Inside Google's Numbers in 2017Inside Google's Numbers in 2017
Inside Google's Numbers in 2017Rand Fishkin
 
Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017NVIDIA
 
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017Carol Smith
 
2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping season2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping seasonDeloitte United States
 
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...Yevgeniy Brikman
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...Shirshanka Das
 
Natural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring systemNatural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring systemAkshay Mistri
 
An Introduction to LGBTQ Oppression
An Introduction to LGBTQ OppressionAn Introduction to LGBTQ Oppression
An Introduction to LGBTQ OppressionOlivia Domingo
 
How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)Dasun Eranthika
 
Lgbt community center
Lgbt community centerLgbt community center
Lgbt community centerJason McLeod
 
Apresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJApresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJsibi_ufrj
 
Python as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats PackagesPython as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats PackagesHarold Henson
 
Electronic Communication Etiquette
Electronic Communication EtiquetteElectronic Communication Etiquette
Electronic Communication Etiquetteladytj1754
 
Electronic Communication
Electronic CommunicationElectronic Communication
Electronic Communicationwmassie
 

Destacado (20)

What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
 
Inside Google's Numbers in 2017
Inside Google's Numbers in 2017Inside Google's Numbers in 2017
Inside Google's Numbers in 2017
 
Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017
 
The AI Rush
The AI RushThe AI Rush
The AI Rush
 
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
 
2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping season2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping season
 
10 facts about jobs in the future
10 facts about jobs in the future10 facts about jobs in the future
10 facts about jobs in the future
 
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
 
Online Harassment 2017
Online Harassment 2017Online Harassment 2017
Online Harassment 2017
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
 
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
 
Natural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring systemNatural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring system
 
An Introduction to LGBTQ Oppression
An Introduction to LGBTQ OppressionAn Introduction to LGBTQ Oppression
An Introduction to LGBTQ Oppression
 
How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)
 
Presentacion actividad 7
Presentacion actividad 7Presentacion actividad 7
Presentacion actividad 7
 
Lgbt community center
Lgbt community centerLgbt community center
Lgbt community center
 
Apresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJApresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJ
 
Python as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats PackagesPython as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats Packages
 
Electronic Communication Etiquette
Electronic Communication EtiquetteElectronic Communication Etiquette
Electronic Communication Etiquette
 
Electronic Communication
Electronic CommunicationElectronic Communication
Electronic Communication
 

Similar a Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013

Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Kenneth Carnesi, JD
 
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...Andrew Schwabe
 
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...Hackito Ergo Sum
 
Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data   ITAG tech360 Penn State Great Valley 2015 Reining in the Data   ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015 Andrew Schwabe
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyCRS4 Research Center in Sardinia
 
Cybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationCybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationHinne Hettema
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
 
Simon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 finalSimon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 finalSimon Harrison
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...Cyber Security Alliance
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentJustin Grammens
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationCharles Mok
 
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)SERVICE DESIGN DAYS
 
Risk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Crew
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictionscentralohioissa
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and PrivacyBrian Pichman
 
article cybersecurity must B2B metaverse
article cybersecurity must B2B metaversearticle cybersecurity must B2B metaverse
article cybersecurity must B2B metaverseMext Metaverse
 
nullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksnullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksn|u - The Open Security Community
 

Similar a Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013 (20)

Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01
 
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
 
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
 
Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data   ITAG tech360 Penn State Great Valley 2015 Reining in the Data   ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
 
Cybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationCybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generation
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
 
nullcon 2010 - Underground Economy
nullcon 2010 - Underground Economynullcon 2010 - Underground Economy
nullcon 2010 - Underground Economy
 
Simon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 finalSimon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 final
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is Different
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentation
 
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
 
Risk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Factory: Let's Get Physical
Risk Factory: Let's Get Physical
 
Iot ppt
Iot pptIot ppt
Iot ppt
 
Dark Net
Dark NetDark Net
Dark Net
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictions
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and Privacy
 
article cybersecurity must B2B metaverse
article cybersecurity must B2B metaversearticle cybersecurity must B2B metaverse
article cybersecurity must B2B metaverse
 
nullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksnullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark links
 

Más de Cain Ransbottyn

Privacy is for losers 2016
Privacy is for losers 2016Privacy is for losers 2016
Privacy is for losers 2016Cain Ransbottyn
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)Cain Ransbottyn
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)Cain Ransbottyn
 
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...Cain Ransbottyn
 
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013Cain Ransbottyn
 
Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!Cain Ransbottyn
 
#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product Placement#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product PlacementCain Ransbottyn
 
Emailvision: I'm a spammer!
Emailvision: I'm a spammer!Emailvision: I'm a spammer!
Emailvision: I'm a spammer!Cain Ransbottyn
 

Más de Cain Ransbottyn (9)

Privacy is for losers 2016
Privacy is for losers 2016Privacy is for losers 2016
Privacy is for losers 2016
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)
 
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
 
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
 
Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!
 
#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product Placement#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product Placement
 
Privacy is for losers
Privacy is for losersPrivacy is for losers
Privacy is for losers
 
Emailvision: I'm a spammer!
Emailvision: I'm a spammer!Emailvision: I'm a spammer!
Emailvision: I'm a spammer!
 

Último

Bitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactiveBitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactivestartupro
 
Introduction-to-Wazuh-and-its-integration.pptx
Introduction-to-Wazuh-and-its-integration.pptxIntroduction-to-Wazuh-and-its-integration.pptx
Introduction-to-Wazuh-and-its-integration.pptxmprakaash5
 
Transcript: Green paths: Learning from publishers’ sustainability journeys - ...
Transcript: Green paths: Learning from publishers’ sustainability journeys - ...Transcript: Green paths: Learning from publishers’ sustainability journeys - ...
Transcript: Green paths: Learning from publishers’ sustainability journeys - ...BookNet Canada
 
Software Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey HightowerSoftware Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey HightowerAnchore
 
HCI Lesson 1 - Introduction to Human-Computer Interaction.pdf
HCI Lesson 1 - Introduction to Human-Computer Interaction.pdfHCI Lesson 1 - Introduction to Human-Computer Interaction.pdf
HCI Lesson 1 - Introduction to Human-Computer Interaction.pdfROWELL MARQUINA
 
Deliver Latency Free Customer Experience
Deliver Latency Free Customer ExperienceDeliver Latency Free Customer Experience
Deliver Latency Free Customer ExperienceOpsTree solutions
 
Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Memoori
 
Which standard is best for your content?
Which standard is best for your content?Which standard is best for your content?
Which standard is best for your content?Rustici Software
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 

Último (20)

Bitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactiveBitdefender-CSG-Report-creat7534-interactive
Bitdefender-CSG-Report-creat7534-interactive
 
Introduction-to-Wazuh-and-its-integration.pptx
Introduction-to-Wazuh-and-its-integration.pptxIntroduction-to-Wazuh-and-its-integration.pptx
Introduction-to-Wazuh-and-its-integration.pptx
 
Transcript: Green paths: Learning from publishers’ sustainability journeys - ...
Transcript: Green paths: Learning from publishers’ sustainability journeys - ...Transcript: Green paths: Learning from publishers’ sustainability journeys - ...
Transcript: Green paths: Learning from publishers’ sustainability journeys - ...
 
Software Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey HightowerSoftware Security in the Real World w/Kelsey Hightower
Software Security in the Real World w/Kelsey Hightower
 
HCI Lesson 1 - Introduction to Human-Computer Interaction.pdf
HCI Lesson 1 - Introduction to Human-Computer Interaction.pdfHCI Lesson 1 - Introduction to Human-Computer Interaction.pdf
HCI Lesson 1 - Introduction to Human-Computer Interaction.pdf
 
Deliver Latency Free Customer Experience
Deliver Latency Free Customer ExperienceDeliver Latency Free Customer Experience
Deliver Latency Free Customer Experience
 
Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!
 
Which standard is best for your content?
Which standard is best for your content?Which standard is best for your content?
Which standard is best for your content?
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 

Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013

  • 1. privacy is an illusion and you’re all losers or how 1984 was a manual for our panopticon society ! By Cain Ransbottyn - @ransbottyn
  • 2. End of privacy • 9/11 attacks invigorated the concept of terrorist threats • Post 9/11 there was a strong and understandable argument to prioritise security
  • 3. End of civil liberties • New word: “asymmetrical threats” • Actually means: “please give up your civil liberties”, in 2001 55% US citizens were pro; in 2011 only 40% (and declining). • Patriot Act changed the world for good
  • 4. So, terrorism huh ? • systematic use of violent terror as a means of coercion • violent acts which are intended to create fear (terror) • perpetrated for a religious, political, or ideological goal • deliberately target or disregard the safety of noncombatants (civilians)
  • 5. Global terrorist threat map Data of 2010. Seems legit.
  • 6. Year on year doubling in surveillance budget since the Patriot Act Except for 2013, then there was a dark budget of US$ 52,6B
  • 7. Fear. Uncertainty. Doubt. • Instilling fear is a premise for coercion. But to whom ? • Mass media works as a catalyst to bring fear in the homes of citizens. • We all are very shitty at threat and risk assessments. Pigs or sharks ? • 23,589 40 Or terrorist attacks ? 13,200 * 2010 facts and figures worldwide
  • 8. Are we really capable of understanding the real threat level ? Please demonstrate you can spot a rhetorical question when you see one
  • 9. The convenience of circular logic • Gov’t: We’re using surveillance so we can prevent terrorist attacks
 You: I don’t see any terrorist threat or attack
 Gov’t: Awesome stuff, hey ?
 • Him: I’m using this repellent to scare away elephants.
 You: But I don’t see any elephants.
 Him: Awesome stuff, hey ?
  • 11. Total Information Awareness The 2002 - 2003 program that began a data mining project, following warantless surveillance decision in 2002
  • 12. PRISM, XKeyScore, Tempora ! Thank you Microsoft, Facebook, Yahoo!, Google, Paltalk, YouTube, AOL, Apple, Skype Snowden leaks the post 2007 surveillance industry is much worse than anyone could have imagined
  • 13. The rise of private intelligence agencies • The welcome gift of “social networks” • The thankful adoption rate of smart phones • The cloud as the ultimate data gathering extension to governments • The phone operators remain a loyal friend • The overt investment strategy of In-Q-Tel
  • 14. The In-Q-Tel investment firm • Founded 1999 as not-for-profit venture capital firm • So… if you are not looking to make a profit, what are you looking for then ? • Investments in data mining, call recording, surveillance, crypto, biotech, … • E.g. 2007 AT&T - Narus STA 6400 backdoor = product of In-Q-Tel funded company • Many (many) participations worldwide (also Belgium)
  • 15. Social networks as a private intelligence agency • Perfect front offices • Facebook as the first global private intelligence agency • Otherwise hard to obtain intel is being shared voluntarily by everyone (e.g. hobbies, etc.) • US$ 12,7M investment by James Breyer (Accel), former colleague of Gilman Louie (CEO In-Q-Tel)
  • 16. Smart-phones as the ultimate tracking device • Device you carry 24/7 with you. With a GPS on board. • Android has remote install/deinstall hooks in its OS (so has IOS) • OTA vulnerabilities allow remote installs of byte patches (e.g. Blackberry incident in UAE) • Apple incident (“the bug that stored your whereabouts”) • Any idea how many address books are stored on iCloud ? :p
  • 17. Smart-phones as the ultimate tracking device Wi-Fi based positioning has become very accurate and quickly deployed mainstream
  • 18. Cloud providers as the perfect honeypot • There is no company that is so invasive as Google • Records voice calls (Voice), analyses e-mail (GMail), knows who you talk to and where you are (Android), has all your documents (Drive) and soon will see through your eyes (Glass) • Robert David Steele (CIA) disclosed Google takes money from US Intel. community. • In-Q-Tel and Google invest in mutual companies (mutual interest)
  • 19. Cloud providers as the perfect honeypot • Not only Google. The latest OSX Mavericks actually asked me to… store my Keychain in the cloud *sigh* • While Apple claims iMessage cannot be intercepted, we know it is possible because Apple is the MITM and no end-to-end crypto is used nor certificate pinning.
  • 20. The loyal friend, the phone operator • Needs to be CALEA and ETSI compliant. Yeah right :-) • Operators are both targets of surveillance stakeholders (e.g. Belgacom/BICS hack by GCHQ) and providers of surveillance tactics (taps, OTA installs, silent SMS, etc.) • Does KPN really trust NICE (Israel) and does Belgacom really trust Huawei (China) ? • Truth of the matter is: you cannot trust your operator…
  • 21. Privacy is for losers If you think you have privacy, you really are a loser
  • 22. #dta If a government needs to understand its enemy, and we’re being surveilled. Then, who exactly is the enemy ?
  • 23. Conspiracy theory ? ! Whistleblowers showed that reality is far worse
  • 25. Change your attitude. Wake the f*ck up…
  • 26. Reclaim ownership of your data. Demand transparency of every service you use.
  • 28. Encryption today is built for security professionals and engineers. Not for your mom or dad.
  • 29. Security and crypto engineers don’t understand UI and UX
  • 30. Android and IOS planned. Microsoft Mobile perhaps.
  • 31. Requirements • Must provide strong crypto • Must be open source (GitHub) • Must be beautiful and easy to use, we actually don’t want the user to be confronted with complex crypto issues • Provide deniability • Provide alerting mechanisms that alert the user when something is wrong • Even when your device is confiscated, it should be able to withstand forensic investigation
  • 32. How it’s built • Using tor as transport layer for P2P routing and provide anonymity (no exit nodes used). • Obfuscated as HTTPS traffic to prevent gov’t filtering. • Using OTR v3.1 to ensure perfect forward secrecy and end-to-end crypto. • Capable of detecting A5/GSM tactical surveillance attacks. • Extremely effective anti forensic mechanisms and triggers
  • 34. Who’s using it • Journalists • Freedom Fighters • Whistleblowers • Lawyers and security professionals • …
  • 35. Why use it ? • To protect your human right on privacy • To protect your human right on freedom of speech • Because your communication needs to remain confidential • Because excessive surveillance is a threat to modern democracy
  • 36. Privacy might be for losers, but that doesn’t mean you are OK to give up your human rights…