iLab Countersurveillance Benjamin Hof hof@in.tum.de Lehrstuhl fr - - PowerPoint PPT Presentation

iLab

Countersurveillance Benjamin Hof hof@in.tum.de

Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München

Surveillance and operational security – 14ws

1

◮ lecture evaluation ◮ oral attestations in 03.05.051

◮ 2015-02-02 ◮ 2015-02-03 ◮ 2015-02-04

Register.

2

CC-BY-SA 3.0 Andreas Preuß

3

IEEE Spectrum 2007: The Athens Affair.

4

submarinecablemap.com

5

client the Internet server

6

client BND, NSA server IX, submarine cables

6

lifewinning.com/submarine-cable-taps

7

TOP SECRET//COMINT//NOFORN

RAMPART-A Typical Operation

A B C D

International Cable

USA Country X

Processing Center Access Point Partner Analysts

NSA Network

E

SECRET//COMINT NETWORK

8

9

◮ full traffic storage ◮ search engines ◮ financial transactions ◮ mobile systems 10

11

12

13

“I hunt sys admins”

◮ webmail/facebook ◮ quantum ◮ router target ◮ look for successful logins ◮ admin 14

GCHQ attack on Belgian ISP Belgacom

15

NSA attacks German satcom provider Stellar

16

Attacks on standards

◮ Dual_EC_DRBG ◮ IETF 17

BSI report on German steel mill

18

Think about your threat model

communications ./ endpoints

Everything starts with physical security.

Force Eve to become Mallory and Mallory to become a burglar.

19

Endpoint security requires control.

20

◮ get a strategy ◮ unlinkability, compartmentalization ◮ slideshare.net/grugq/opsec-for-hackers ◮ crimethinc.com/texts/atoz/security.php 21

22

Other helpful software

◮ OTR ◮ (GnuPG) ◮ Textsecure, Redphone ◮ Debian 23

Endpoints

◮ attack surface: browsers, drivers, . . . ◮ AMT/IPMI 24

QubesOS

25

◮ defence in depth ◮ diceware ◮ don’t store plaintext ◮ logging 26

◮ LANGSEC ◮ ENISA, Nov. 2014: Algorithms, key size and parameters ◮ OWASP 27

AV tracking devices with phone functionality

◮ SS7 ◮ data trail ◮ baseband processor ◮ additional batteries 28

Believe nothing. Research everything.

29