Mass-Surveillance, Metadata, and Methamphetamine. 22 nd August 2015 Things We Know Leslie Hughes

Size: px
Start display at page:

Download "Mass-Surveillance, Metadata, and Methamphetamine. 22 nd August 2015 Things We Know Leslie Hughes"

Transcription

1 Mass-Surveillance, Metadata, and Methamphetamine. 22 nd August 2015 Things We Know Leslie Hughes

2 Disclaimer The views expressed herein are presented for academic and/or entertainment purposes, and do not necessarily reflect those of Leslie Hughes, Monash University, the Liberal Democratic Party, Things We Know organisers, or Snoop Dogg. Nothing here constitutes as any type of professional advice: legal, technical, or otherwise. You are responsible for how you use this information. Listen to Les at your own risk.

3 Licencing/Copyright While I am fairly knowledgeable in this discipline, I am not looking to re-invent the wheel. Much of the information in this presentation has been taken from various sources on the internet, sometimes word for word. Where possible, I ve tried to give credit and/or link the to each website where material is referenced. While I have tried to ensure that all content in this presentation is free from restriction on copying/sharing/etc, I can not guarantee it. Given that, everything which I have authored may be modified, distributed, copied, in a personal, commercial, or whatever other means without giving credit. Whatever restrictions could possibly exist, none of them apply to my work within this slide. Credit is always nice, but I d rather the information be out there with no credit, than not out there at all.

4 About Les - Bachelor of Computer Science, Monash Clayton + Penn State. - Teaching Associate at Monash for seven years years working in the I.T. industry. - Secretary of the Liberal Democratic Party in Victoria. - Liberal Democratic Party Candidate 2014 Victorian Elections. - Winner RuxCon Capture the Flag Winner RuxCon Cryptography Challenge Has a messy car.

5 We are being watched. Telephone: Australia is known to be an avid user of telephone surveillance. In 2003, Australia issued 75% more wiretap warrants than the US did and this was 26 times greater than the US on a per capita basis. In 2012 it was reported that year-on-year "Access to private data has increased by 20 per cent by Australia s law enforcement and government agencies and with no warrant." https://en.wikipedia.org/wiki/mass_surveillance_in_australia

6 We are being watched. Internet: In 2013 it was reported that under Australian law state, territory and federal law enforcement authorities can access a variety of 'non-content' data from internet companies like Telstra, Optus and Google with authorization by senior police officers or government officials rather than judicial warrant, and that "During criminal and revenue investigations in , government agencies accessed private data and internet logs more than 300,000 times." https://en.wikipedia.org/wiki/mass_surveillance_in_australia

7 then came 2014/2015 National Security Legislation Amendment Bill (No. 1) giving ASIO the power to disrupt computers by adding, modifying or deleting files. - giving ASIO the power to spy on a number of computers including a whole computer network under a single computer-access warrant. - giving ASIS (Australia s foreign intelligence agency) the power to collect intelligence on Australian citizens overseas. - creating a new criminal offence, with a maximum penalty of 10 years imprisonment for revealing information about special intelligence operations. This comes with no exceptions and would apply to journalists, even if they were unaware that they were revealing information about such an operation. https://www.citizensnotsuspects.org.au/learn-more

8 National insecurity Legislation Amendment Bill (No.1 ) 2014 Schedule 2 Powers of the Organisation Part 1 Amendments Australian Security Intelligence Organisation Act 1979 Subdivision A Preliminary 4 Section 22 (definition of computer) Repeal the definition, substitute: computer means all or part of: a) one or more computers; or b) one or more computer systems; or c) one or more computer networks; or d) any combination of the above.

9 National insecurity Legislation Amendment Bill (No.1 ) Australian Security Intelligence Organisation officers will now have greater immunity from prosecution if they commit a crime in the course of a "special intelligence operation". - Authorised ASIO officers will decide which operations are classed as "special intelligence operations" and there is no limit on how many operations can be designated as such. The immunity is broad. The laws state only that ASIO officers must not be engaged in conduct that causes death or serious injury, involves a sexual offence against any person or the significant loss of or damage to property. After Liberal Democrat Senator David Leyonhjelm raised concerns about ASIO officers using torture, the government inserted a clause clarifying that torture is not permitted under these laws.

10 National insecurity Legislation Amendment Bill (No.1 ) 2014 TORTURE FFS!!!!1! Under the heading, "Immunity from liability", the bill stated: A participant in a special intelligence operation is not subject to any civil or criminal liability for or in relation to conduct if the conduct does not involve the participant engaging in any conduct that: (i) (ii) (iii) causes the death of, or serious injury to, any person; or involves the commission of a sexual offence against any person; or causes significant loss of, or serious damage to, property.

11 Thankyou, based Leyonhjelm.

12 Telecommunications (Interception and Access) Amendment (Data Retention) Bill Mandatory retention for two years of data relating to the internet and telecommunications activity of all Australians. This data could include records of your phone calls and texts, your location (if you use a mobile phone) and who you send s to and who you receive them from. As Sir Tim Berners-Lee said when he was down under last year, retention of data on this scale is so dangerous, you have to think of it as dynamite. https://www.citizensnotsuspects.org.au/learn-more/

13 Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015 Twenty-two agencies who will be able to access metadata under the new laws is actually fewer than the roughly 80 who can do so currently. As a trade-off under the new laws, Attorney-General George Brandis limited the number of agencies to crucial crimefighting and national security bodies, removing groups like the RSPCA and local councils.

14 Telecommunications (Interception and Access) Amendment (Data Retention) Bill A Meaning of criminal law-enforcement agency (1) Each of the following is a criminal law-enforcement agency: (a) the Australian Federal Police; (b) a Police Force of a State; (c) the Australian Commission for Law Enforcement Integrity; (d) the ACC; (e) the Australian Customs and Border Protection Service; (ea) the Australian Securities and Investments Commission; (eb) the Australian Competition and Consumer Commission; (f) the Crime Commission; (g) the Independent Commission Against Corruption; (h) the Police Integrity Commission; (i) (j) the IBAC; the Crime and Corruption Commission of Queensland; (k) the Corruption and Crime Commission;

15 Metadata :: What is? Metadata is data about data Metadata describes data. Example: Word Document Author, Word Count, Time Created, Size, Pages, Fonts Used, etc Metadata can contain more data than the data itself. More: https://en.wikipedia.org/wiki/metadata

16 What is Metadata? We kill people based on metadata -- Gen. Michael Hayden Former head of the National Security Agency https://www.techdirt.com/articles/ / /michael-hayden-gleefully-admits-we-kill-people-based-metadata.shtml

17 Metadata :: EXIF Exchangeable Image File Format Some metadata collected: Camera Type, Exposure, Date time, Focal Length, GPS Location, Phone Serial Number? EXIF Data has been used to find criminals, rob people, and according to Edward Snowden s leaks: the NSA is targeting EXIF information under the XKeyscore program. https://en.wikipedia.org/wiki/exchangeable_image_fi le_format

18 Metadata :: Twitter Twitter allows you to post 140 character text messages. The public twitter API exposes ~31 pieces of metadata. Twitter themselves would have further metadata. Even more meta-data now: https://blog.twitter.com/2013/introdu cing-new-metadata-for-tweets

19 Metadata :: Further Examples Phone Calls - Caller. - Who they called. - Date/Time. - Call Duration. SMS - Sender. - Receiver. - Message encoding. (UTF8, UnicodeX, ) - Date/Time. - Length

20 Metadata :: Inherent in Communications Technologies Metadata embedded in photographs is purely an extra ; not required for the picture itself. In contrast, metadata is inherent in communications technologies. If you have X devices connected to a network, the network must be able to differentiate between devices. Mobile Phones Your phone has a serial number: IMEI (International Mobile Station Equipment Identity) You put a SIM card into your phone (Subscriber Identification Module) Your SIM Card contains an IMSI (International Mobile Subscriber Identity). You access data (4G/WiFi/etc) each network interface has a MAC Address (Media Access Control Address) https://en.wikipedia.org/wiki/international_mobile_station_equipment_identity https://en.wikipedia.org/wiki/international_mobile_subscriber_identity https://en.wikipedia.org/wiki/subscriber_identity_module https://en.wikipedia.org/wiki/mac_address

21 Metadata :: Technology can leak data. As a result of the differing technical implementation of various technologies, devices can leak private data, which although not required for the operation of the device, can be deduced from required data. Example: Mobile Phones In order to relay a phone call or SMS to your mobile device, mobile infrastructure needs to know what towers you are connected to, and to which ones have the strongest signal. With this information, simple physics equations are able to determine your location within 50metres. We just needed to connect your phone, but we know you were at that nudist beach. Storing this information indefinitely is cheap and easy. https://en.wikipedia.org/wiki/mobile_phone_tracking - More on metadata leakage and uses.

22 Metadata :: Technology can leak data. Stated Differently: When you have your phone with you and switched on, telecommunications companies know where you are. Your location data will be accessible without a warrant for two years.

23 Metadata :: Secret Metadata Steganography: the art or practice of concealing a message, image, or file within another message, image, or file. Example: You can hide secret messages in JPEG files. Your devices may be embedding metadata into your pictures, documents, without you knowing. and it s already been done! Colour Printers In 2005 it was discovered that various US Government agencies had been pressuring/forcing printer companies to mark your print-outs in a nearlyimpossible-to-see way with secret codes. Thus, if you print something they do not like, they know what printer it came from. https://w2.eff.org/privacy/printers/docucolor/ https://www.eff.org/issues/printers https://en.wikipedia.org/wiki/steganography https://en.wikipedia.org/wiki/printer_steganography

24 Metadata :: Secret Metadata

25 Metadata :: Secret Metadata

26 Privacy Most of us value our privacy. We get dressed in private, don't like people listening in on our phone calls, and choose whether to share our letters, diary entries, or medical records with others. Privacy is a basic human impulse, and the right to control who sees our most personal information and activities is recognised by most democratic legal systems. Without Privacy It would mean that you would be highly vulnerable to the control of others, you would lose your freedom which may lead to inhibition and tentativeness and you may be less spontaneous and you would be more likely to be manipulated.

27 Internet :: What is? The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite (TCP/IP) to link several billion devices worldwide. It is an international network of networks that consists of millions of private, public, academic, business, and government packet switched networks, linked by a broad array of electronic, wireless, and optical networking technologies. The internet is a Series of Tubes -- former United States Senator Ted Stevens (R-Alaska) Said differently: The internet is distributed network or network of networks. Despite Ted Stevens obvious ignorance on technical matters, the series of tubes metaphor, at least in my opinion, is a good one when talking about some of the Internet s physical implementation. https://en.wikipedia.org/wiki/internet https://en.wikipedia.org/wiki/series_of_tubes

28 The Internet Visualised Author: https://commons.wikimedia.org/wiki/user:rezonansowy

29 A quick lesson on files and bits: Internet :: How is? Files, such as a document, photo, or application, are each an array of bits. - A bit is a 1 or a 0-8 bits = 1 byte - 2^20 bytes = 1 megabyte - 1-megabyte = 1,048,576 bytes = 8,388,608 bits. Les wants to send a 3MB photo to his Mum: 3-megabytes = 3,145,728 bytes = 25,165,824 bits. How do we send 25million+ 1 s or 0 s across the internet? How does the receiving computer know what to do with the 1s and 0s? In order for computers to understand each other, Protocols are established, in the case of the Internet, we can use the Internet Protocol or IP. As the file is large, we break our file up into something called Packets. https://en.wikipedia.org/wiki/bit https://en.wikipedia.org/wiki/internet_protocol https://en.wikipedia.org/wiki/network_packet

30 TCP/IP :: What is? The Transmission Control Protocol (TCP) is one of the core protocols of the Internet protocol suite (IP), and is so common that the entire suite is often called TCP/IP. Web browsers use TCP when they connect to servers on the World Wide Web, and it is used to deliver and transfer files from one location to another. HTTP, HTTPS, SMTP, POP3, IMAP, SSH, FTP, Telnet and a variety of other protocols are typically encapsulated in TCP. When data is broken up into TCP packets, each packet looks like this. While there is one data field, there are 16 fields that make up 256 bits of metadata. https://en.wikipedia.org/ wiki/transmission_contr ol_protocol

31 Packets :: The Journey VIA 7 TUBES! LES MUM Original image author: https://commons.wikimedia.org/wiki/user:mro

32 Series of Tubes :: Tubes to 4chan.org c:\> tracert 4chan.org Tracing route to 4chan.org [ ] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms ms 7 ms 4 ms ms 29 ms 14 ms ms 9 ms 12 ms CPE vic.bigpond.net.au [ ] 5 12 ms 13 ms 15 ms ms 18 ms 12 ms bundle-ether4.lon-edge902.melbourne.telstra.net [ ] 7 14 ms 15 ms 15 ms bundle-ether11.exi-core1.melbourne.telstra.net [ ] 8 29 ms 26 ms 28 ms bundle-ether12.chw-core10.sydney.telstra.net [ ] 9 40 ms 31 ms 27 ms bundle-ether19.chw-core2.sydney.telstra.net [ ] ms 34 ms 25 ms tengigabitethernet8-1.ken45.sydney.telstra.net [ ] ms 26 ms 26 ms pacnet2.lnk.telstra.net [ ] ms 31 ms 32 ms te cr2.syd5.asianetcom.net [ ] ms 28 ms 26 ms gi gw1.syd2.asianetcom.net [ ] ms 24 ms 26 ms CDF-0011.asianetcom.net [ ] ms 34 ms 33 ms Trace complete.

33 Series of Tubes :: Who s watching? When sending a file, downloading a movie, or accessing a website, your packets go though a series of tubes, or more accurately, nodes. There can even be hidden nodes which are transparent to the user. Every single node receives a full copy of the data which passes though. Any node could store relayed information, or a subset of, for various purposes. (Spying, advertising data, research, etc) If a node were to collect data, this can be called a Man-in-the Middle attack. There are many methods that can and are used to intercept your communications. However, an in-depth discussion of this is outside the scope of this presentation. https://en.wikipedia.org/wiki/man-in-the-middle_attack

34 Series of Tubes :: Madman in the Middle One form of man-in-the-middle attack is to use SSID Spoofing, where you set up a wireless access point aimed at tricking people to connect to your network as opposed to their intended network. The same thing can be done with mobile phone towers, and recent news shows that Law Enforcement have been actively doing this. Adversaries do not necessarily need to be in the middle either. It s possible to passively listen in on wireless communications. Software such as Kismet will allow you to do this on unencrypted open networks fairly easily. Image Source: KQED https://en.wikipedia.org/wiki/monitor_mode https://en.wikipedia.org/wiki/packet_analyzer https://www.kismetwireless.net/ https://en.wikipedia.org/wiki/imsi-catcher https://en.wikipedia.org/wiki/stingray_phone_tracker

35 Internet :: Not just for cat photos Thinking back to Steganography: Maybe this image, although silly, contains the a secret message, with the details of what *really* happened to the Titanic.

36 Internet :: Accessing a website - Hypertext Transfer Protocol (HTTP) is the foundation of data communication for the World Wide Web. - Things such as webpages, videos, images, and sound are often delivered in your web browser by HTTP, which is why you see the in front of your website address. What does accessing a website actually entail from a data/network point of view? Let s check out and find out! Network Demo Using Firefox s Web Developer Tools (F12) https://en.wikipedia.org/wiki/hypertext_transfer_protocol

37

38

39

40

41 Series of Tubes :: Tubes to ldpvic.org.au c:\> tracert ldpvic.org.au Tracing route to ldpvic.org.au [ ] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms ms 3 ms 3 ms ms 11 ms 11 ms ms 11 ms 16 ms CPE vic.bigpond.net.au [ ] 5 12 ms 13 ms 12 ms ms 16 ms 16 ms bundle-ether4.lon-edge902.melbourne.telstra.net [ ] 7 13 ms 14 ms 13 ms bundle-ether11.exi-core1.melbourne.telstra.net [ ] 8 27 ms 28 ms 26 ms bundle-ether12.chw-core10.sydney.telstra.net [ ] 9 28 ms 36 ms 31 ms Bundle-ether17.oxf-gw2.sydney.telstra.net [ ] ms 27 ms 27 ms bundle-ether1.sydo-core01.sydney.reach.com [ ] ms 27 ms 31 ms i sydo-core02.bi.telstraglobal.net [ ] ms 216 ms 219 ms i eqnx-core01.bx.telstraglobal.net [ ] ms 243 ms 218 ms i eqnx03.bi.telstraglobal.net [ ] ms 182 ms 223 ms l3-peer.eqnx03.pr.telstraglobal.net [ ] 15 * * * Request timed out. 16 * * * Request timed out. 17 * * * Request timed out. 18 * * * Request timed out. 19 * * * Request timed out. 20 * * * Request timed out. 21 * * * Request timed out ms 215 ms 212 ms COLO4-DALLA.ear1.Dallas1.Level3.net [ ] ms 209 ms 211 ms ms 213 ms 211 ms ms 212 ms 209 ms starbuck.asmallorange.com [ ] Trace complete.

42 Series of Tubes :: The Packets Wireshark Demo: Packet capture https://www.wireshark.org https://en.wikipedia.org/wiki/wiresharkrg/

43

44 Series of Tubes :: The Packets This time a secure connection using https:// Firefox Demo: Network https://reddit.com

45 Series of Tubes :: reddit.com

46 Series of Tubes :: reddit.com

47 Series of Tubes :: The Packets Wireshark Demo: Packet capture https://reddit.com

48

49 Encryption/Cryptography Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). Encryption doesn t stop others from intercepting your messages, but attempts to stop them from reading it. Symmetrical - Caesar (Add three letters: Les -> Ohv) - Advanced Encryption Standard (AES) Asymmetrical - RSA - Elliptic Curve cryptography (ECC) - Lattice-based cryptography https://en.wikipedia.org/wiki/encryption https://en.wikipedia.org/wiki/cryptography https://en.wikipedia.org/wiki/advanced_encryption_standard https://en.wikipedia.org/wiki/public-key_cryptography https://en.wikipedia.org/wiki/rsa_%28cryptosystem%29 https://en.wikipedia.org/wiki/elliptic_curve_cryptography https://en.wikipedia.org/wiki/lattice-based_cryptography

50 Encryption :: Demo Caesar Demo :

51 Encryption :: Demo Portable PGP Demo

52 Internet :: Cookies and Tracking What is a cookie? A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is a small piece of data sent from a website and stored in a user's web browser while the user is browsing that website. Every time the user loads the website, the browser sends the cookie back to the server to notify the website of the user's previous activity. Tracking cookies and especially third-party tracking cookies are commonly used as ways to compile long-term records of individuals' browsing histories Advertisers and Trackers get more Advanced Online tracking is no longer limited to the installation of the traditional "cookies" that record websites a user visits. Now, new tools can track in real time the data people are accessing or browsing on a web page and combine that with data about that user's location, income, hobbies, and even medical problems. Large Organisations like Google, Microsoft, Facebook, DoubleClick, QuanCast, Bizo, and sometimes even your own ISP want to track as much of your online activity as possible. Your habits, preferences, and personal details can be worth a lot of money! https://en.wikipedia.org/wiki/http_cookie https://www.eff.org/issues/online-behavioral-tracking

53 Stop Tracking: Browser Add-ons Most recent browsers give you options with regard to accepting cookies, and letting websites know if you want to be tracked or not. Web browsers alone are not providing adequate protection against tracking. There are various web-browser add-ons you can use to help prevent tracking. I personally use a combination of several, and would recommend using a combination of the following: HTTPS Everywhere : https://www.eff.org/https-everywhere Privacy Badger: https://www.eff.org/privacybadger Disconnect.Me : https://disconnect.me/ Ghostry : https://www.ghostery.com/en/ AdBlock Plus : https://adblockplus.org/ NoScript : RefControl : https://addons.mozilla.org/en-us/firefox/addon/refcontrol/ Lightbeam: https://www.mozilla.org/en-us/lightbeam/ There are also several other methods which can assist in limiting the extent to which you are tracked, many are out of the scope of this presentation. However the use of VPNs, I2P, TOR will be covered.

54 Stop Tracking: Search Engines Search engines (such as Google and Bing), make money via advertising and selling statistics. Some organisations spend a lot of time and effort in gathering large amounts of data on your usage as to create your own personalised dossier which probably knows more about you, than you know about yourself! Google s Flu Trends is able to figure out who is sick and where, by monitoring millions of users health tracking behaviours online, the large number of Google search queries gathered can be analysed to reveal if there is the presence of flu-like illness in a population. Google Flu Trends compares these findings to a historic baseline level of influenza activity for its corresponding region and then reports the activity level as either minimal, low, moderate, high, or intense. These estimates have been generally consistent with conventional surveillance data collected by health agencies, both nationally and regionally. There are alternatives! DuckDuckGo is my current favourite. Others: Startpage, Ixquick, Blekko, Ask.com with AskEraser + more Check their privacy policy! RTFM! https://en.wikipedia.org/wiki/google_flu_trends

55 VPN :: What Is? A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer or Wi-Fi-enabled device to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the private network. A VPN is created by establishing a virtual point-topoint connection through the use of dedicated connections, virtual tunnelling protocols, or traffic encryptions. While VPN encryption may stop adversaries from monitoring your data, they can still gather the metadata, which tells them you are hiding data. It can also show usage patterns (how much data at what time of day) https://en.wikipedia.org/wiki/virtual_private_network

56 VPN :: Uses - Connect to a remote office. - Have a continuous internet connection, no matter where you are. - Subvert internet censorship. - Hide the content of your internet session from (local) prying eyes. - Obfuscate your location from the servers you are accessing. - Access TV shows and other content which is not available at your location. Using a VPN - Setting up a VPN is easy, and there are various tutorials online. - Various businesses and non-profits provide VPN services. - Not all VPN services are equal, each organisation may distinguish themselves on things like speed, privacy, local laws and jurisdiction, data limits, etc. - Some are free, but most are paid subscriptions starting from a few dollars per month.

57 I2P :: What is? - I2P is an anonymous overlay network - a network within a network. It is intended to protect communication from dragnet surveillance and monitoring by third parties such as ISPs. - I2P is used by many people who care about their privacy: activists, oppressed people, journalists and whistle-blowers, as well as the average person. - The software is free and open source https://geti2p.net/en/ https://en.wikipedia.org/wiki/i2p

58 TOR The Onion Router What is Tor? Software for enabling online anonymity and resisting censorship. It is designed to make it possible for users to surf the Internet anonymously, so their activities and location cannot be discovered by government agencies, corporations, or anyone else. Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than five thousand relays to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult for Internet activity to be traced back to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms". Tor's use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored. An extract of a Top Secret appraisal by the National Security Agency (NSA) characterized Tor as "the King of high secure, low latency Internet anonymity" with "no contenders for the throne in waiting". https://www.torproject.org/ https://en.wikipedia.org/wiki/tor_%28anonymity_network%29 https://en.wikipedia.org/wiki/onion_routing

59 TOR :: What it (kind of) looks like

60 TOR :: Onion Routing

61 TOR :: Onion Routing Image Author: Primepq - https://en.wikipedia.org/wiki/file:decryption_mix_net.png

62 TOR :: Some Stats

63 TOR:: Demo TOR Browser Demonstration

64 Tails When NSA whistle-blower Edward Snowden first ed Glenn Greenwald, he insisted on using encryption software called PGP for all communications. But this month, we learned that Snowden used another technology to keep his communications out of the NSA s prying eyes. It s called Tails. Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to: - use the Internet anonymously and circumvent censorship; - all connections to the Internet are forced to go through the Tor network; - leave no trace on the computer you are using unless you ask it explicitly; - use state-of-the-art cryptographic tools to encrypt your files, s and instant messaging. https://tails.boum.org/

65 Bitcoin Bitcoin is a payment system invented by Satoshi Nakamoto, who published the invention in 2008 and released it as open-source software in The system is peer-to-peer; users can transact directly without needing an intermediary. Transactions are verified by network nodes and recorded in a public distributed ledger called the block chain. The ledger uses its own unit of account, also called bitcoin. The system works without a central repository or single administrator, which has led the US Treasury to categorize it as a decentralized virtual currency. Bitcoin is often called the first cryptocurrency, although prior systems existed. Bitcoin is more correctly described as the first decentralized digital currency. It is the largest of its kind in terms of total market value. https://en.wikipedia.org/wiki/bitcoin

Covert Channels. Some instances of use: Hotels that block specific ports Countries that block some access

Covert Channels. Some instances of use: Hotels that block specific ports Countries that block some access Covert Channels Covert Channels Tunnels that are used to bypass filters and intrusion detection systems Use traffic that is thought to be something else (i.e. DNS tunnels) Can also provide encryption (i.e.

More information

The Surveillance State and what to do about it

The Surveillance State and what to do about it The Surveillance State and what to do about it Steve Revilak https://masspirates.org/ Boston Anarchist Bookfair Nov 21, 2015 1 / 29 First Principles surveillance (n) Close observation of a person or group,

More information

Introduction to Encryption What it s all about

Introduction to Encryption What it s all about Introduction to Encryption What it s all about At MOA Project, we believe privacy and the ability to communicate without government or corporate eavesdropping is a basic right of all people. Some groups,

More information

The Dark Web. Steven M. Bellovin March 21, 2016 1

The Dark Web. Steven M. Bellovin March 21, 2016 1 The Dark Web Steven M. Bellovin March 21, 2016 1 Tor and the Dark Web There are ways to use the Internet (almost) untraceably This can be used for good purposes or bad purposes Two technologies are necessary,

More information

Chapter 5. Data Communication And Internet Technology

Chapter 5. Data Communication And Internet Technology Chapter 5 Data Communication And Internet Technology Purpose Understand the fundamental networking concepts Agenda Network Concepts Communication Protocol TCP/IP-OSI Architecture Network Types LAN WAN

More information

An Example of Mobile Forensics

An Example of Mobile Forensics An Example of Mobile Forensics Kelvin Hilton K319 kchilton@staffsacuk k.c.hilton@staffs.ac.uk www.soc.staffs.ac.uk/kch1 Objectives The sources of evidence The subscriber The mobile station The network

More information

Keep Yourself Safe from the Prying Eyes of Hackers and Snoopers!

Keep Yourself Safe from the Prying Eyes of Hackers and Snoopers! Protect Your Privacy Online P 7/1 Keep Yourself Safe from the Prying Eyes of Hackers and Snoopers! With the information in this article you can: Find out what secret information your PC is sharing with

More information

Internet Privacy Options

Internet Privacy Options 2 Privacy Internet Privacy Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 19 June 2014 Common/Reports/internet-privacy-options.tex, r892 1 Privacy Acronyms

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

Facebook Smart Card FB 121211_1800

Facebook Smart Card FB 121211_1800 Facebook Smart Card FB 121211_1800 Social Networks - Do s and Don ts Only establish and maintain connections with people you know and trust. Review your connections often. Assume that ANYONE can see any

More information

The Internet and Network Technologies

The Internet and Network Technologies The Internet and Network Technologies Don Mason Associate Director Copyright 2013 National Center for Justice and the Rule of Law All Rights Reserved Inside vs. Outside Inside the Box What the computer

More information

Protect Your Online Footprint. HINTS & TIPS provided by MWR InfoSecurity and the Data Baby project

Protect Your Online Footprint. HINTS & TIPS provided by MWR InfoSecurity and the Data Baby project HINTS & TIPS provided by MWR InfoSecurity and the Data Baby project Logging on is now one of the first things we do every day. And every time we do, we leave a trace, often without giving a thought to

More information

alison@libraryfreedomproject.org

alison@libraryfreedomproject.org PRIVACY TOOLKIT FOR LIBRARIANS alison@libraryfreedomproject.org libraryfreedomproject.org/resources/privacy-toolkit-for-librarians/ THREAT MODELING assets adversaries capabilities consequences how much

More information

Lesson 1 Quiz. 2012 Certification Partners, LLC. All Rights Reserved. Version 2.0

Lesson 1 Quiz. 2012 Certification Partners, LLC. All Rights Reserved. Version 2.0 Quiz Answers-1 Lesson 1 Quiz 1. A server is: a. a computer connected to a mainframe. b. a computer that acts as a mainframe. c. a computer that shares resources with other computers on a network. d. a

More information

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY) E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system

More information

Bit Chat: A Peer-to-Peer Instant Messenger

Bit Chat: A Peer-to-Peer Instant Messenger Bit Chat: A Peer-to-Peer Instant Messenger Shreyas Zare shreyas@technitium.com https://technitium.com December 20, 2015 Abstract. Bit Chat is a peer-to-peer instant messaging concept, allowing one-to-one

More information

anonymous secure decentralized SMS stealthtext transactions

anonymous secure decentralized SMS stealthtext transactions anonymous secure decentralized SMS stealthtext transactions WHITEPAPER STATE OF THE ART 2/8 WHAT IS STEALTHTEXT? stealthtext is a way to send stealthcoin privately and securely using SMS texting. stealthtext

More information

Big Data Big Security Problems? Ivan Damgård, Aarhus University

Big Data Big Security Problems? Ivan Damgård, Aarhus University Big Data Big Security Problems? Ivan Damgård, Aarhus University Content A survey of some security and privacy issues related to big data. Will organize according to who is collecting/storing data! Intelligence

More information

This guide will go through the common ways that a user can make their computer more secure.

This guide will go through the common ways that a user can make their computer more secure. A beginners guide in how to make a Laptop/PC more secure. This guide will go through the common ways that a user can make their computer more secure. Here are the key points covered: 1) Device Password

More information

SecureCom Mobile s mission is to help people keep their private communication private.

SecureCom Mobile s mission is to help people keep their private communication private. About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 12 Applying Cryptography Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

More information

Global Information Society Watch 2014

Global Information Society Watch 2014 Global Information Society Watch 2014 Communications surveillance in the digital age This report was originally published as part of a larger compilation, which can be downloaded from GISWatch.org Association

More information

Music, Film, TV and the Internet. A guide for parents and teachers

Music, Film, TV and the Internet. A guide for parents and teachers Music, Film, TV and the Internet A guide for parents and teachers Music, film and TV on the internet what you should know There are many great ways of accessing music, film, TV and video safely and legally

More information

A Guide to Mobile Security For Citizen Journalists

A Guide to Mobile Security For Citizen Journalists A Guide to Mobile Security For Citizen Journalists Your Citizen journalism, and with it the rise of alternative media voices, is one of the most exciting possibilities for mobile phones in activism. Mobile

More information

Hiding Tracks on the Net

Hiding Tracks on the Net Hiding Tracks on the Net Ways one might hide their tracks Private Browsing Anonymizers & Proxy Servers SSL / TLS Passwords False Information Public Networks Email Services Encryption Firewalls Private

More information

High-speed cryptography and DNSCurve. D. J. Bernstein University of Illinois at Chicago

High-speed cryptography and DNSCurve. D. J. Bernstein University of Illinois at Chicago High-speed cryptography and DNSCurve D. J. Bernstein University of Illinois at Chicago Stealing Internet mail: easy! Given a mail message: Your mail software sends a DNS request, receives a server address,

More information

Privacy, Anonymity and Pseudonymity in Business Transactions over the Internet. Contents

Privacy, Anonymity and Pseudonymity in Business Transactions over the Internet. Contents Internet Economics Seminar Privacy, Anonymity and Pseudonymity in Business Transactions over the Internet Daniel Bruggesser Jarkko Laine Contents Introduction (definitions, history) State of the privacy

More information

ISM/ISC Middleware Module

ISM/ISC Middleware Module ISM/ISC Middleware Module Lecture 13: Security for Middleware Applications Dr Geoff Sharman Visiting Professor in Computer Science Birkbeck College Geoff Sharman Sept 07 Lecture 13 Aims to: 2 Show why

More information

National Cyber Security Month 2015: Daily Security Awareness Tips

National Cyber Security Month 2015: Daily Security Awareness Tips National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.

More information

Oct 15, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html 3. Internet : the vast collection of interconnected networks that all use the TCP/IP protocols

Oct 15, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html 3. Internet : the vast collection of interconnected networks that all use the TCP/IP protocols E-Commerce Infrastructure II: the World Wide Web The Internet and the World Wide Web are two separate but related things Oct 15, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html 1 Outline The Internet and

More information

The ISP Column A monthly column on things Internet. What is Metadata, and Why Should I Care? August 2014. Geoff Huston

The ISP Column A monthly column on things Internet. What is Metadata, and Why Should I Care? August 2014. Geoff Huston The ISP Column A monthly column on things Internet August 2014 Geoff Huston What is Metadata, and Why Should I Care? August 2014 is proving yet again to be an amusing month in the Australian political

More information

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS

More information

20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7

20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7 20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic

More information

Online Research and Investigation

Online Research and Investigation Online Research and Investigation This document is intended to provide guidance to police officers or staff engaged in research and investigation across the internet. This guidance is not a source of law

More information

Networks and the Internet A Primer for Prosecutors and Investigators

Networks and the Internet A Primer for Prosecutors and Investigators Computer Crime & Intellectual Property Section Networks and the Internet A Primer for Prosecutors and Investigators Michael J. Stawasz Senior Counsel Computer Crime and Intellectual Property Section ()

More information

GCSE Computing A451 Unit 6.1 Networks

GCSE Computing A451 Unit 6.1 Networks Candidates should be able to: a. Explain the advantages of networking stand-alone computers into a LAN b. Describe H/W needed to connect stand-alone computers into a LAN, including hub/switches, wireless

More information

Three short case studies

Three short case studies Three short case studies peer to peer networking wireless systems search engines each includes issues of hardware processors, storage, peripherals, networks,... representation of information, analog vs.

More information

2. What personal information do we collect and hold?

2. What personal information do we collect and hold? PRIVACY POLICY Conexus Financial Pty Ltd [ABN 51 120 292 257], (referred to as Conexus, us, we" or our"), are committed to protecting the privacy of the personal information that we collect and complying

More information

Bitmessage: A Peer to Peer Message Authentication and Delivery System

Bitmessage: A Peer to Peer Message Authentication and Delivery System Bitmessage: A Peer to Peer Message Authentication and Delivery System Jonathan Warren jonathan@bitmessage.org www.bitmessage.org November 27, 2012 Abstract. We propose a system that allows users to securely

More information

Mobility (and philosophical questions about names and identity) David Andersen CMU CS 15-744. The problem

Mobility (and philosophical questions about names and identity) David Andersen CMU CS 15-744. The problem Mobility (and philosophical questions about names and identity) David Andersen CMU CS 15-744 The problem How to support mobile users What do we mean by support? Make it easy and convenient to effectively

More information

The Case For Secure Email

The Case For Secure Email The Case For Secure Email By Erik Kangas, PhD, President, Lux Scientiae, Incorporated http://luxsci.com Contents Section 1: Introduction Section 2: How Email Works Section 3: Security Threats to Your Email

More information

Masters of Science in Information Technology

Masters of Science in Information Technology Objective: At the end of this module, you must be able to 1. Establish a basic understanding of the Internet 2. Understand the Internet's evolution What is Internet? Internet is a vast collection of different

More information

NETWORKS AND THE INTERNET

NETWORKS AND THE INTERNET NETWORKS AND THE INTERNET Outline to accompany the slide presentation 1. Networks and the Internet A Primer for Prosecutors and Investigators 2. Getting There From networks to the Internet Locating a place

More information

THE NATIONAL JUDICIAL COLLEGE

THE NATIONAL JUDICIAL COLLEGE E DUCATION I NNOVATION A DVANCING J USTICE THE NATIONAL JUDICIAL COLLEGE OUTSIDE THE BOX: INTERNET & NETWORK TECHNOLOGY DIVIDER 7 Professor Donald R. Mason OBJECTIVES: After this session, you will be able

More information

NSA Surveillance, National Security and Privacy

NSA Surveillance, National Security and Privacy NSA Surveillance, National Security and Privacy Ir Roy Ko Former HKCERT Manager 20 August 2014 HKIE Veneree Club 1 Agenda Background Edward Snowden National Security Agency (NSA) What NSA has done PRISM

More information

Michael Seltzer COMP 116: Security Final Paper. Client Side Encryption in the Web Browser Mentor: Ming Chow

Michael Seltzer COMP 116: Security Final Paper. Client Side Encryption in the Web Browser Mentor: Ming Chow Michael Seltzer COMP 116: Security Final Paper Client Side Encryption in the Web Browser Mentor: Ming Chow 1 Abstract Web service providers generally look to encryption as a means of ensuring data privacy

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

CITS1231 Web Technologies. Client, Server, the Internet, and the Web

CITS1231 Web Technologies. Client, Server, the Internet, and the Web CITS1231 Web Technologies Client, Server, the Internet, and the Web Topic Outline How does the Internet work Client Server Architecture Connections Communications Protocols Addressing Routing One of the

More information

Secure Use of the New NHS Network (N3): Good Practice Guidelines

Secure Use of the New NHS Network (N3): Good Practice Guidelines Programme NPFIT Document Record ID Key Sub-Prog / Project Information Governance NPFIT-FNT-TO-IG-GPG-0003.01 Prog. Director Mark Ferrar Status Approved Owner Tim Davis Version 1.0 Author Phil Benn Version

More information

High Performance VPN Solutions Over Satellite Networks

High Performance VPN Solutions Over Satellite Networks High Performance VPN Solutions Over Satellite Networks Enhanced Packet Handling Both Accelerates And Encrypts High-Delay Satellite Circuits Characteristics of Satellite Networks? Satellite Networks have

More information

Guidelines for smart phones, tablets and other mobile devices

Guidelines for smart phones, tablets and other mobile devices Guidelines for smart phones, tablets and other mobile devices Summary Smart phones, tablets and other similar mobile devices are being used increasingly both privately and in organisations. Another emerging

More information

Privacy and Encryption in egovernment. Dewey Landrum Technical Architect CSO SLED West Sector CISSP August 11, 2008

Privacy and Encryption in egovernment. Dewey Landrum Technical Architect CSO SLED West Sector CISSP August 11, 2008 Privacy and Encryption in egovernment Dewey Landrum Technical Architect CSO SLED West Sector CISSP August 11, 2008 Privacy Regulations Health Insurance Portability and Accountability Act (HIPPA) Gramm-Leach-Bliley

More information

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure) Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.

More information

Own your LAN with Arp Poison Routing

Own your LAN with Arp Poison Routing Own your LAN with Arp Poison Routing By: Rorik Koster April 17, 2006 Security is a popular buzzword heard every day throughout our American culture and possibly even more so in our global economy. From

More information

Swiftcoin is electronic money that resides on the user s computer, much like Word documents do, enabling it to be sent to anybody just as quickly and

Swiftcoin is electronic money that resides on the user s computer, much like Word documents do, enabling it to be sent to anybody just as quickly and Overview According to Dr. Gloria Mark at the University of California, Irvine, workers are having to struggle through overflowing inboxes more than ever during their work day now. They are also checking

More information

Introduction to Web Technology. Content of the course. What is the Internet? Diana Inkpen

Introduction to Web Technology. Content of the course. What is the Internet? Diana Inkpen Introduction to Web Technology Content of the course Diana Inkpen The Internet and the WWW. Internet Connectivity. Basic Internet Services. University of Ottawa School of Information Technology and Engineering

More information

Network Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media

Network Concepts. IT 4823 Information Security Concepts and Administration. The Network Environment. Resilience. Network Topology. Transmission Media IT 4823 Information Security Concepts and Administration March 17 Network Threats Notice: This session is being recorded. Happy 50 th, Vanguard II March 17, 1958 R.I.P. John Backus March 17, 2007 Copyright

More information

Professional Ethics for Computer Science

Professional Ethics for Computer Science Professional Ethics for Computer Science Chapter 4: Privacy Jie Gao Computer Science Department Stony Brook University Privacy Issues Internet privacy consists of privacy over the media of the Internet:

More information

Connecting to and Setting Up a Network

Connecting to and Setting Up a Network Chapter 9 Connecting to and Setting Up a Network Reviewing the Basics 1. How many bits are in a MAC address? 48 bits 2. How many bits are in an IPv4 IP address? In an IPv6 IP address? 32 bits, 128 bits

More information

CS5008: Internet Computing

CS5008: Internet Computing CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is

More information

TNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is

TNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is 1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the

More information

Firefox and Security Add-ons

Firefox and Security Add-ons Firefox and Security Add-ons by Andy Pepperdine Introduction With recent revelations, there is much more interest in matters of security. This paper contains a quick review of some relevant add-ons to

More information

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Security. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1 Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions

More information

WHAT INFORMATION IS COLLECTED AT MOTOROLA.COM.VN AND/OR MOTOROLA.VN AND HOW IS IT PROCESSED AND USED?

WHAT INFORMATION IS COLLECTED AT MOTOROLA.COM.VN AND/OR MOTOROLA.VN AND HOW IS IT PROCESSED AND USED? MOTOROLA PRIVACY POLICY This Privacy Statement ( Policy ) is subject to change at Motorola s discretion. If we decide to change this Policy, we will post the amended Policy on this website so you will

More information

AV-Comparatives. F-Secure Freedome. Language: English. November 2014 Last revision: 20. November 2014. www.av-comparatives.org -1-

AV-Comparatives. F-Secure Freedome. Language: English. November 2014 Last revision: 20. November 2014. www.av-comparatives.org -1- AV-Comparatives F-Secure Freedome Language: English November 2014 Last revision: 20. November 2014-1- Introduction As mobile phone network coverage is not universal, and data tariffs tend to be expensive,

More information

Privacy Policy/Your California Privacy Rights Last Updated: May 28, 2015 Introduction

Privacy Policy/Your California Privacy Rights Last Updated: May 28, 2015 Introduction Privacy Policy/Your California Privacy Rights Last Updated: May 28, 2015 Introduction Welcome! TripleFirrre, LLC, dba Just Seconds Apart knows that safeguarding your privacy is serious business. Your privacy

More information

Technical papers Virtual private networks

Technical papers Virtual private networks Technical papers Virtual private networks This document has now been archived Virtual private networks Contents Introduction What is a VPN? What does the term virtual private network really mean? What

More information

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications

E-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html

More information

NETWORKING. What is a packet-switching network?

NETWORKING. What is a packet-switching network? NETWORKING What is a packet-switching network? The internet is an example of a packet-switching network! All internet traffic is broken down into packets, which are small chunks of data that are sent individually

More information

Partnership with Benetech, a non-profit organization that develops and supports Martus, secure information management software for human rights

Partnership with Benetech, a non-profit organization that develops and supports Martus, secure information management software for human rights Partnership with Benetech, a non-profit organization that develops and supports Martus, secure information management software for human rights monitoring. 1 Benetech creates and develops new technology

More information

Music and the Internet. A guide for parents and teachers

Music and the Internet. A guide for parents and teachers Music and the Internet A guide for parents and teachers Music on the internet what you should know There are many great ways of accessing music safely and legally online. This guide aims to keep parents,

More information

Just Net Coalition statement on Internet governance

Just Net Coalition statement on Internet governance Just Net Coalition statement on Internet governance (Just Net Coalition is a global coalition of civil society actors working on Internet governance issues) All states should work together to provide a

More information

Music, Film, TV and the Internet. A guide for parents and teachers

Music, Film, TV and the Internet. A guide for parents and teachers Music, Film, TV and the Internet A guide for parents and teachers Music, film and TV on the internet what you should know There are many great ways of accessing music, film, TV and video safely and legally

More information

The Hidden Dangers of Public WiFi

The Hidden Dangers of Public WiFi WHITEPAPER: OCTOBER 2014 The Hidden Dangers of Public WiFi 2 EXECUTIVE SUMMARY 4 MARKET DYNAMICS 4 The Promise of Public WiFi 5 The Problem with Public WiFi 6 MARKET BEHAVIOR 6 Most People Do Not Protect

More information

Guidance Regarding Skype and Other P2P VoIP Solutions

Guidance Regarding Skype and Other P2P VoIP Solutions Guidance Regarding Skype and Other P2P VoIP Solutions Ver. 1.1 June 2012 Guidance Regarding Skype and Other P2P VoIP Solutions Scope This paper relates to the use of peer-to-peer (P2P) VoIP protocols,

More information

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 1 January 9, 2012 CPSC 467b, Lecture 1 1/22 Course Overview Symmetric Cryptography CPSC 467b, Lecture 1 2/22 Course Overview CPSC

More information

DATA AND PAYMENT SECURITY PART 1

DATA AND PAYMENT SECURITY PART 1 STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of

More information

High Speed Internet - User Guide. Welcome to. your world.

High Speed Internet - User Guide. Welcome to. your world. High Speed Internet - User Guide Welcome to your world. 1 Welcome to your world :) Thank you for choosing Cogeco High Speed Internet. Welcome to your new High Speed Internet service. When it comes to a

More information

Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100

Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology

More information

Virtual Private Networks

Virtual Private Networks Virtual Private Networks Jonathan Reed jdreed@mit.edu MIT IS&T VPN Release Team Overview Basic Networking Terms General Concepts How the VPN works Why it s useful What to watch out for Q&A Networking 101

More information

Over the PSTN... 2 Over Wireless Networks... 2. Network Architecture... 3

Over the PSTN... 2 Over Wireless Networks... 2. Network Architecture... 3 Content Introduction... 1 History of Modems... 2 Over the PSTN... 2 Over Wireless Networks... 2 Network Architecture... 3 Circuit-Switched Cellular Data... 3 Short Message Service... 3 Packet-Switched

More information

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human

More information

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:

More information

Chapter 7: Computer Networks, the Internet, and the World Wide Web. Invitation to Computer Science, C++ Version, Third Edition

Chapter 7: Computer Networks, the Internet, and the World Wide Web. Invitation to Computer Science, C++ Version, Third Edition Chapter 7: Computer Networks, the Internet, and the World Wide Web Invitation to Computer Science, C++ Version, Third Edition Objectives In this chapter, you will learn about: Basic networking concepts

More information

AFFINION INTERNATIONAL AB COMPANY PRIVACY AND COOKIES POLICY

AFFINION INTERNATIONAL AB COMPANY PRIVACY AND COOKIES POLICY AFFINION INTERNATIONAL AB COMPANY PRIVACY AND COOKIES POLICY The privacy and cookies policy sets out how we use any personal information that you give to us, or that we may collect or otherwise process

More information

SERIES A : GUIDANCE DOCUMENTS. Document Nr 3

SERIES A : GUIDANCE DOCUMENTS. Document Nr 3 DATRET/EXPGRP (2009) 3 - FINAL EXPERTS GROUP "THE PLATFORM FOR ELECTRONIC DATA RETENTION FOR THE INVESTIGATION, DETECTION AND PROSECUTION OF SERIOUS CRIME" ESTABLISHED BY COMMISSION DECISION 2008/324/EC

More information

Network Security - ISA 656 Email Security

Network Security - ISA 656 Email Security Network Security - ISA 656 Angelos Stavrou November 13, 2007 The Usual Questions The Usual Questions Assets What are we trying to protect? Against whom? 2 / 33 Assets The Usual Questions Assets Confidentiality

More information

Acceleration of Data through SSL Virtual Private Networks

Acceleration of Data through SSL Virtual Private Networks Acceleration of Data through SSL Virtual Private Networks Rob Jansen University of Minnesota, Morris 600 East Fourth Street Morris, MN 56267 (123) 456-7890 jans0184@morris.umn.edu ABSTRACT A Virtual Private

More information

Cornerstones of Security

Cornerstones of Security Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to

More information

Security vulnerabilities in the Internet and possible solutions

Security vulnerabilities in the Internet and possible solutions Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in

More information

CPS221 Lecture: Layered Network Architecture

CPS221 Lecture: Layered Network Architecture CPS221 Lecture: Layered Network Architecture Objectives last revised 9/10/12 1. To discuss the OSI layered architecture model 2. To discuss the specific implementation of this model in TCP/IP Materials:

More information

Specific recommendations

Specific recommendations Background OpenSSL is an open source project which provides a Secure Socket Layer (SSL) V2/V3 and Transport Layer Security (TLS) V1 implementation along with a general purpose cryptographic library. It

More information

Wireless Encryption Protection

Wireless Encryption Protection Wireless Encryption Protection We re going to jump around a little here and go to something that I really find interesting, how do you secure yourself when you connect to a router. Now first and foremost

More information

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from http://www.antiphishing.org/ DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing

More information

Predictive Analytics, Privacy & You:

Predictive Analytics, Privacy & You: Predictive Analytics, Privacy & You: Creeping Up On Creepy Christopher Surdak, JD, Global Subject Matter Expert 13 February, 2015 Copyright Copyright 2012 2015 Hewlett-Packard Development Company, Company,

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

VOIP THE ULTIMATE GUIDE VERSION 1.0. 9/23/2014 onevoiceinc.com

VOIP THE ULTIMATE GUIDE VERSION 1.0. 9/23/2014 onevoiceinc.com VOIP THE ULTIMATE GUIDE VERSION 1.0 9/23/2014 onevoiceinc.com WHAT S IN THIS GUIDE? WHAT IS VOIP REQUIREMENTS OF A VOIP SYSTEM IMPLEMENTING A VOIP SYSTEM METHODS OF VOIP BENEFITS OF VOIP PROBLEMS OF VOIP

More information

Tor: Anonymous Communications for the Dept of Defense...and you.

Tor: Anonymous Communications for the Dept of Defense...and you. Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine Free Haven Project Electronic Frontier Foundation http://tor.eff.org/ 17 September 2005 Talk Outline Motivation: Why anonymous

More information

Realizing a Vision Interesting Student Projects

Realizing a Vision Interesting Student Projects Realizing a Vision Interesting Student Projects Do you want to be part of a revolution? We are looking for exceptional students who can help us realize a big vision: a global, distributed storage system

More information