(Straw) Man in the Middle: A Modest Post-Snowden Proposal Brussels, - - PowerPoint PPT Presentation

(Straw) Man in the Middle:

A Modest Post-Snowden Proposal Brussels, Belgium Jacob Appelbaum

[redacted]

10 December 2015

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 1 / 26

Post-Snowden?

What does that mean?

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 2 / 26

Understanding the plumbing

Mass surveillance works by first illegally and generally seizing data, and then indiscriminately searching all data, until a specific search term is

• found. This is selector based surveillance, a kind of surveillance that

requires mass surveillance. It comes from vulnerabilities in core internet and other network protocols.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 3 / 26

A shift?

We have experienced a huge shift.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 4 / 26

Key changes

Specific understanding about a handful of protocols.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 5 / 26

Key changes

A general and pervasive fear; a feeling of helplessness.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 6 / 26

Key changes

People have lost faith in the authorities and adopted a fatalistic attitude.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 7 / 26

A new assumption

A pervasive fear of mass surveillance, jokes about being on lists; a new default of total monitoring!

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 8 / 26

A new default to fight passive attackers

Changes are now detectable.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 9 / 26

A new default to fight passive attackers

Changes are now detectable. Encryption is here to stay. Passive interception moves to active.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 9 / 26

A new default to fight passive attackers

Changes are now detectable. Encryption is here to stay. Passive interception moves to active. Signal/ZRTP clients and Let’s Encrypt CA change the game.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 9 / 26

A new default to fight passive attackers

Changes are now detectable. Encryption is here to stay. Passive interception moves to active. Signal/ZRTP clients and Let’s Encrypt CA change the game. This impacts Law Enforcement and Intelligence; focusing on LE.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 9 / 26

Cultural differences

In the US, the UK and in other countries in Europe - searches and notification are different. Cryptography brings us to a new convergence for all cultures at once.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 10 / 26

A recent European Court of Human Rights ruling

Oversight isn’t enough: accountability is required

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 11 / 26

Checking validity

Example interactions with the police: Siren on an otherwise unmarked car pulling over a driver

Drive to a well lit area, dial 112/911, confirm identity of ”officer”

No know raid by armed people

Did they declare they are police? How do we verify it?

Knock at the door with a search warrant

Is it a valid warrant?

Other examples such as a famous Tupac shooting involving police in plain clothing

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 12 / 26

Reality check

In most of these situations - we acknowledge the serious issue of police impersonation.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 13 / 26

How do we detect crimes?

Cyber cyber cyber

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 14 / 26

How do we detect crimes?

Cyber cyber cyber (Hint: You will receive nearly no help from any authority!)

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 14 / 26

An example standard of evidence

In the German Chancellor Merkel case there was a supposed lack of evidence.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 15 / 26

An example standard of evidence

In the German Chancellor Merkel case there was a supposed lack of evidence. Thus we see - we need a new standard of evidence!

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 15 / 26

A short summary

First, we acknowledge a change in thinking because of Snowden. Secondly, we see a move towards more and more transparency. Thirdly, we control those we can control and not those that we don’t...

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 16 / 26

Wait, control?

I have no democratic control over the majority of services. I do have democratic control over a small set of services: local LE, national LE

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 17 / 26

Wait, transparency?

The new protocols force transparency, the proposed standard of evidence give us data for action; but how might we choose what to act on?

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 18 / 26

Ask the honest parties to prove their honesty

They sign their interception request in real time, point it to a given court (docket, judge, case, etc.) just as with the search of the home.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 19 / 26

And anyone who doesn’t sign...

Is subject to investigation with the collected evidence.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 20 / 26

Wait, what?

There is no requirement that cryptophone or signal help with this proposal

• only that a system of real time notification is implemented by states and

their relevant agencies.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 21 / 26

Wait, what about TARGETED surveillance

Like cryptography that horse has left the barn with the move from passive to active.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 22 / 26

Wait, what about malware

The same standard of evidence and notification should apply.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 23 / 26

Help the (honest) police

No ”Golden Key” required

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 24 / 26

Help the (honest) police

No ”Golden Key” required A trade of the secrecy property that keeps security for the majority of users

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 24 / 26

Help the (honest) police

No ”Golden Key” required A trade of the secrecy property that keeps security for the majority of users Law enforcement is always asking for a way to do this; my proposal allows an avenue while also asking them to give up secrecy and commit to accountability and transparency.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 24 / 26

An equal standard

From homes to phones - interference is not secret, lawful processes exist, crimes committed by thousands of unlawful attackers now subject to reporting.

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 25 / 26

Questions?

Jacob Appelbaum ([redacted]) (Straw) Man in the Middle: 10 December 2015 26 / 26