Infosec & counter-surveillance writing what powerful people - - PowerPoint PPT Presentation

infosec counter surveillance
SMART_READER_LITE
LIVE PREVIEW

Infosec & counter-surveillance writing what powerful people - - PowerPoint PPT Presentation

Jan 07, 2024 11 likes •515 views

Infosec & counter-surveillance writing what powerful people don't want written means you have something to hide Arjen Kamphuis arjen@gendo.ch Have you been using: Have you been using: e-mail e-mail video or voice chat video or voice

slide-1
SLIDE 1

Arjen Kamphuis arjen@gendo.ch

Infosec & counter-surveillance

writing what powerful people don't want written means you have something to hide

slide-2
SLIDE 2
slide-3
SLIDE 3
slide-4
SLIDE 4
slide-5
SLIDE 5
slide-6
SLIDE 6
slide-7
SLIDE 7

Have you been using: e-mail video or voice chat videos photos stored data VoIP calls file transfers video conferencing …from any of… Microsoft / Hotmail, since Sep 11, 2007 Google, since Jan 14, 2009 Yahoo, since Mar 12, 2008 Facebook, since June 3, 2009 PalTalk, since Dec 7, 2009 YouTube, since Sep 24, 2010 Skype, since Feb 6, 2011 AOL, since Mar 31, 2011 Apple, since Oct 2012 than you are in the NSA database Have you been using: e-mail video or voice chat videos photos stored data VoIP calls file transfers video conferencing …from any of… Microsoft / Hotmail, since Sep 11, 2007 Google, since Jan 14, 2009 Yahoo, since Mar 12, 2008 Facebook, since June 3, 2009 PalTalk, since Dec 7, 2009 YouTube, since Sep 24, 2010 Skype, since Feb 6, 2011 AOL, since Mar 31, 2011 Apple, since Oct 2012 than you are in the NSA database

slide-8
SLIDE 8
slide-9
SLIDE 9
slide-10
SLIDE 10
slide-11
SLIDE 11
slide-12
SLIDE 12
slide-13
SLIDE 13
slide-14
SLIDE 14
slide-15
SLIDE 15
slide-16
SLIDE 16
slide-17
SLIDE 17
slide-18
SLIDE 18

Government policy today

 EU & Euro nations have known

about Echelon since 2000

 Euro nations have known about

effective counter-measures since at least July 2001

 Despite formal repeated

requests from parliaments none

  • f these measures have been

implemented

 Government is, at best,

completely incompetent, at worst your enemy

slide-19
SLIDE 19
slide-20
SLIDE 20
slide-21
SLIDE 21
slide-22
SLIDE 22
slide-23
SLIDE 23

We fight back?

slide-24
SLIDE 24
slide-25
SLIDE 25

NSA budget: $78 billion (about $0,10 per westener per day) Increase the cost of monitoring you from $0,10 per day to $100.000+ per day

slide-26
SLIDE 26
slide-27
SLIDE 27

.com .org .net .ch .nl .de

slide-28
SLIDE 28

Infosec policies

C I A

 Confidentiality, who can acces the data?  Integrity, is the data unaltered?  Availability, is the data available?  Do the rules apply to everyone the same way?

slide-29
SLIDE 29

technology behaviour

confidentiality, integrity & availablilty

'security'

slide-30
SLIDE 30
slide-31
SLIDE 31
slide-32
SLIDE 32
slide-33
SLIDE 33

Pro-tection De-tection Re-action

slide-34
SLIDE 34

hardware

  • perating system

(Windows, MacOSX, Linux) middleware (database, crypto) applications (email, browser, office) interface (screen, keyboard, mouse) BIOS

slide-35
SLIDE 35
slide-36
SLIDE 36
slide-37
SLIDE 37

 programming language

versus

 machine language

int main () { printf (“Hello World!\n”); }

^ELF^A^A^A^@^@^@^@^@^@^@^@^@^B^@^C^@^A^@^@^@À<82>^4^@^@^@<9C>^G^@^@^@^@^@^ @4^@^@^G^@(^@^Y^@^X^@^F^@^@^@4^@^@^@4<80>^4<80>^à^@^@^@à^@^@^@^E^@^@^@^D^@^ @^@^C^@^@^@^T^A^@^@^T<81>^^T<81>^^S^@^@^@^S^@^@^@^D^@^@^@^A^@^@^@^A^@^@^@^@ ^@^@^@^@<80>^^@<80>^Ò^D^@^@Ò^D^@^@^E^@^@^@^@^P^@^@^A^@^@^@Ô^D^@^@Ô<94>^Ô<94 >^^D^A^@^^A^@^@^F^@^@^@^@^P^@^@^B^@^@^@ä^D^@^@ä<94>^ä<94>^È^@^@^@È^@^@^@^F^@ ^@^@^D^@^@^@^D^@^@^@( ^A^@^@(<81>^(<81>^^@^@^@^@^@^@^D^@^@^@^D^@^@^@Qåtd^@^@ ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^F^@^@^@^D^@^@^@/lib/ldinux.so.2^@^@^D^@^ @^@^P^@^@^@^A^@^@^@GNU^@^@^@^@^@^B^@^@^@^B^@^@^@^@^@^@^@^C^@^@^@^F^@^@^ @^E^@^@^@^A^@^@^@^C^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^B^@^@^@^@^@^@^@^D^@^ @^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@D^@^@^@^@^@^@^@ú^@^@^@^R^@^@^@.^@^ @^@^@^@^@^@9^@^@^@^R^@^@^@5^@^@^@À<84>^^D^@^@^@^Q^@^N^@^A^@^@^@^@^@^@^@^ @^@^@^@^@^@^@^U^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@_Jv_RegisterClasses^@__gmon_start __^@libc.^@_IO_stdin_used^@__libc_start_main^@GLIBC_2.0^@^@^@^B^@^B^@^A^@^@^@^@^@^A^@^A ^@$^@^@^@^P^@^@^@^@^@^@^@^Pii^M^@^@^B^@V^@^@^@^@^@^@^@Ô<95>^^F^E^@^@Ì<95>^^G ^A^@^@Ð<95>^^G^B^@^@U<89>å<83>èa^@^@^@èÈ^@^@^@èã^A^@^@ÉÃ^@ÿ5Ä<95>^ÿ %È<95>^^@^@^ %Ì<95>^h^@^@^@^@éàÿÿÿÐ<95>^^@^@^@éÐÿÿÿ1í^<89>á<83>äðPTRh^P<84>^h°<83>^QVh<84><83>^è¿ÿÿ ÿô<90><90>U<89>åSè^@^@^@^@[<81>ÃÓ^R^@^@P<8B><83>^T^@^@^@<85>Àt^BÿÐ<8B>]üÉÃ<90><90> <90><90><90><90><90><90><90><90>U<89>å<83><80>=Ø<95>^^@u¡Ü<94>^<8B>^P<85>ÒtESC<8D>¶^@^ @^@^@<83>À^D£Ü<94>^ÿÒ¡Ü<94>^<8B>^P<85>ÒuëÆ^EØ<95>^^AÉÃ<89>öU<89>å<83>¡¼<95>^<85>Àt! ¸^@^@^@^@<85>Àt^XÇ^D$¼<95>^è<8C>÷<8D>¶^@^@^@^@<8D>¿^@^@^@^@<89>ì]ÃU<89>å<83><83>ä ð¸^@^@^@^@)ÄÇ^D$Ä<84>^è^PÿÿÿÉÃ<90><90><90><90><90><90><90><90><90><90><90><90><90><90> U<89>åWV1öS<83>ì^Lè ^@^@^@<81>Ã^@^R^@^@è þÿÿ<8D><93>^Tÿÿÿ<8D><83>^Tÿÿÿ)ÂÁú^B9Ös^\<89>×<8D>´

compiler Hello World!

What is sourcecode?

slide-38
SLIDE 38
slide-39
SLIDE 39

use different browsers!

slide-40
SLIDE 40
slide-41
SLIDE 41
slide-42
SLIDE 42
slide-43
SLIDE 43
slide-44
SLIDE 44
slide-45
SLIDE 45

protects the content & integrity of your communications protects your (IP) location and (sometimes) identity protects the content of your communications

What is protected? OTR

slide-46
SLIDE 46
slide-47
SLIDE 47
slide-48
SLIDE 48
slide-49
SLIDE 49
slide-50
SLIDE 50

Arjen Kamphuis arjen@gendo.ch gendo.ch/en/blog/arjen @arjenkamphuis email blog twitter 55FB B3B7 949D ABF5 F31B BA1D 237D 4C50 118A 0EC2 PGP fingerprint