1 Mass-Surveillance, Metadata, and Methamphetamine. 22 nd August 2015 Things We Know Leslie Hughes
2 Disclaimer The views expressed herein are presented for academic and/or entertainment purposes, and do not necessarily reflect those of Leslie Hughes, Monash University, the Liberal Democratic Party, Things We Know organisers, or Snoop Dogg. Nothing here constitutes as any type of professional advice: legal, technical, or otherwise. You are responsible for how you use this information. Listen to Les at your own risk.
3 Licencing/Copyright While I am fairly knowledgeable in this discipline, I am not looking to re-invent the wheel. Much of the information in this presentation has been taken from various sources on the internet, sometimes word for word. Where possible, I ve tried to give credit and/or link the to each website where material is referenced. While I have tried to ensure that all content in this presentation is free from restriction on copying/sharing/etc, I can not guarantee it. Given that, everything which I have authored may be modified, distributed, copied, in a personal, commercial, or whatever other means without giving credit. Whatever restrictions could possibly exist, none of them apply to my work within this slide. Credit is always nice, but I d rather the information be out there with no credit, than not out there at all.
4 About Les - Bachelor of Computer Science, Monash Clayton + Penn State. - Teaching Associate at Monash for seven years years working in the I.T. industry. - Secretary of the Liberal Democratic Party in Victoria. - Liberal Democratic Party Candidate 2014 Victorian Elections. - Winner RuxCon Capture the Flag Winner RuxCon Cryptography Challenge Has a messy car.
5 We are being watched. Telephone: Australia is known to be an avid user of telephone surveillance. In 2003, Australia issued 75% more wiretap warrants than the US did and this was 26 times greater than the US on a per capita basis. In 2012 it was reported that year-on-year "Access to private data has increased by 20 per cent by Australia s law enforcement and government agencies and with no warrant." https://en.wikipedia.org/wiki/mass_surveillance_in_australia
6 We are being watched. Internet: In 2013 it was reported that under Australian law state, territory and federal law enforcement authorities can access a variety of 'non-content' data from internet companies like Telstra, Optus and Google with authorization by senior police officers or government officials rather than judicial warrant, and that "During criminal and revenue investigations in , government agencies accessed private data and internet logs more than 300,000 times." https://en.wikipedia.org/wiki/mass_surveillance_in_australia
7 then came 2014/2015 National Security Legislation Amendment Bill (No. 1) giving ASIO the power to disrupt computers by adding, modifying or deleting files. - giving ASIO the power to spy on a number of computers including a whole computer network under a single computer-access warrant. - giving ASIS (Australia s foreign intelligence agency) the power to collect intelligence on Australian citizens overseas. - creating a new criminal offence, with a maximum penalty of 10 years imprisonment for revealing information about special intelligence operations. This comes with no exceptions and would apply to journalists, even if they were unaware that they were revealing information about such an operation. https://www.citizensnotsuspects.org.au/learn-more
8 National insecurity Legislation Amendment Bill (No.1 ) 2014 Schedule 2 Powers of the Organisation Part 1 Amendments Australian Security Intelligence Organisation Act 1979 Subdivision A Preliminary 4 Section 22 (definition of computer) Repeal the definition, substitute: computer means all or part of: a) one or more computers; or b) one or more computer systems; or c) one or more computer networks; or d) any combination of the above.
9 National insecurity Legislation Amendment Bill (No.1 ) Australian Security Intelligence Organisation officers will now have greater immunity from prosecution if they commit a crime in the course of a "special intelligence operation". - Authorised ASIO officers will decide which operations are classed as "special intelligence operations" and there is no limit on how many operations can be designated as such. The immunity is broad. The laws state only that ASIO officers must not be engaged in conduct that causes death or serious injury, involves a sexual offence against any person or the significant loss of or damage to property. After Liberal Democrat Senator David Leyonhjelm raised concerns about ASIO officers using torture, the government inserted a clause clarifying that torture is not permitted under these laws.
10 National insecurity Legislation Amendment Bill (No.1 ) 2014 TORTURE FFS!!!!1! Under the heading, "Immunity from liability", the bill stated: A participant in a special intelligence operation is not subject to any civil or criminal liability for or in relation to conduct if the conduct does not involve the participant engaging in any conduct that: (i) (ii) (iii) causes the death of, or serious injury to, any person; or involves the commission of a sexual offence against any person; or causes significant loss of, or serious damage to, property.
11 Thankyou, based Leyonhjelm.
12 Telecommunications (Interception and Access) Amendment (Data Retention) Bill Mandatory retention for two years of data relating to the internet and telecommunications activity of all Australians. This data could include records of your phone calls and texts, your location (if you use a mobile phone) and who you send s to and who you receive them from. As Sir Tim Berners-Lee said when he was down under last year, retention of data on this scale is so dangerous, you have to think of it as dynamite. https://www.citizensnotsuspects.org.au/learn-more/
13 Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2015 Twenty-two agencies who will be able to access metadata under the new laws is actually fewer than the roughly 80 who can do so currently. As a trade-off under the new laws, Attorney-General George Brandis limited the number of agencies to crucial crimefighting and national security bodies, removing groups like the RSPCA and local councils.
14 Telecommunications (Interception and Access) Amendment (Data Retention) Bill A Meaning of criminal law-enforcement agency (1) Each of the following is a criminal law-enforcement agency: (a) the Australian Federal Police; (b) a Police Force of a State; (c) the Australian Commission for Law Enforcement Integrity; (d) the ACC; (e) the Australian Customs and Border Protection Service; (ea) the Australian Securities and Investments Commission; (eb) the Australian Competition and Consumer Commission; (f) the Crime Commission; (g) the Independent Commission Against Corruption; (h) the Police Integrity Commission; (i) (j) the IBAC; the Crime and Corruption Commission of Queensland; (k) the Corruption and Crime Commission;
15 Metadata :: What is? Metadata is data about data Metadata describes data. Example: Word Document Author, Word Count, Time Created, Size, Pages, Fonts Used, etc Metadata can contain more data than the data itself. More: https://en.wikipedia.org/wiki/metadata
16 What is Metadata? We kill people based on metadata -- Gen. Michael Hayden Former head of the National Security Agency https://www.techdirt.com/articles/ / /michael-hayden-gleefully-admits-we-kill-people-based-metadata.shtml
17 Metadata :: EXIF Exchangeable Image File Format Some metadata collected: Camera Type, Exposure, Date time, Focal Length, GPS Location, Phone Serial Number? EXIF Data has been used to find criminals, rob people, and according to Edward Snowden s leaks: the NSA is targeting EXIF information under the XKeyscore program. https://en.wikipedia.org/wiki/exchangeable_image_fi le_format
18 Metadata :: Twitter Twitter allows you to post 140 character text messages. The public twitter API exposes ~31 pieces of metadata. Twitter themselves would have further metadata. Even more meta-data now: https://blog.twitter.com/2013/introdu cing-new-metadata-for-tweets
20 Metadata :: Inherent in Communications Technologies Metadata embedded in photographs is purely an extra ; not required for the picture itself. In contrast, metadata is inherent in communications technologies. If you have X devices connected to a network, the network must be able to differentiate between devices. Mobile Phones Your phone has a serial number: IMEI (International Mobile Station Equipment Identity) You put a SIM card into your phone (Subscriber Identification Module) Your SIM Card contains an IMSI (International Mobile Subscriber Identity). You access data (4G/WiFi/etc) each network interface has a MAC Address (Media Access Control Address) https://en.wikipedia.org/wiki/international_mobile_station_equipment_identity https://en.wikipedia.org/wiki/international_mobile_subscriber_identity https://en.wikipedia.org/wiki/subscriber_identity_module https://en.wikipedia.org/wiki/mac_address
21 Metadata :: Technology can leak data. As a result of the differing technical implementation of various technologies, devices can leak private data, which although not required for the operation of the device, can be deduced from required data. Example: Mobile Phones In order to relay a phone call or SMS to your mobile device, mobile infrastructure needs to know what towers you are connected to, and to which ones have the strongest signal. With this information, simple physics equations are able to determine your location within 50metres. We just needed to connect your phone, but we know you were at that nudist beach. Storing this information indefinitely is cheap and easy. https://en.wikipedia.org/wiki/mobile_phone_tracking - More on metadata leakage and uses.
22 Metadata :: Technology can leak data. Stated Differently: When you have your phone with you and switched on, telecommunications companies know where you are. Your location data will be accessible without a warrant for two years.
23 Metadata :: Secret Metadata Steganography: the art or practice of concealing a message, image, or file within another message, image, or file. Example: You can hide secret messages in JPEG files. Your devices may be embedding metadata into your pictures, documents, without you knowing. and it s already been done! Colour Printers In 2005 it was discovered that various US Government agencies had been pressuring/forcing printer companies to mark your print-outs in a nearlyimpossible-to-see way with secret codes. Thus, if you print something they do not like, they know what printer it came from. https://w2.eff.org/privacy/printers/docucolor/ https://www.eff.org/issues/printers https://en.wikipedia.org/wiki/steganography https://en.wikipedia.org/wiki/printer_steganography
24 Metadata :: Secret Metadata
25 Metadata :: Secret Metadata
26 Privacy Most of us value our privacy. We get dressed in private, don't like people listening in on our phone calls, and choose whether to share our letters, diary entries, or medical records with others. Privacy is a basic human impulse, and the right to control who sees our most personal information and activities is recognised by most democratic legal systems. Without Privacy It would mean that you would be highly vulnerable to the control of others, you would lose your freedom which may lead to inhibition and tentativeness and you may be less spontaneous and you would be more likely to be manipulated.
27 Internet :: What is? The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite (TCP/IP) to link several billion devices worldwide. It is an international network of networks that consists of millions of private, public, academic, business, and government packet switched networks, linked by a broad array of electronic, wireless, and optical networking technologies. The internet is a Series of Tubes -- former United States Senator Ted Stevens (R-Alaska) Said differently: The internet is distributed network or network of networks. Despite Ted Stevens obvious ignorance on technical matters, the series of tubes metaphor, at least in my opinion, is a good one when talking about some of the Internet s physical implementation. https://en.wikipedia.org/wiki/internet https://en.wikipedia.org/wiki/series_of_tubes
28 The Internet Visualised Author: https://commons.wikimedia.org/wiki/user:rezonansowy
29 A quick lesson on files and bits: Internet :: How is? Files, such as a document, photo, or application, are each an array of bits. - A bit is a 1 or a 0-8 bits = 1 byte - 2^20 bytes = 1 megabyte - 1-megabyte = 1,048,576 bytes = 8,388,608 bits. Les wants to send a 3MB photo to his Mum: 3-megabytes = 3,145,728 bytes = 25,165,824 bits. How do we send 25million+ 1 s or 0 s across the internet? How does the receiving computer know what to do with the 1s and 0s? In order for computers to understand each other, Protocols are established, in the case of the Internet, we can use the Internet Protocol or IP. As the file is large, we break our file up into something called Packets. https://en.wikipedia.org/wiki/bit https://en.wikipedia.org/wiki/internet_protocol https://en.wikipedia.org/wiki/network_packet
30 TCP/IP :: What is? The Transmission Control Protocol (TCP) is one of the core protocols of the Internet protocol suite (IP), and is so common that the entire suite is often called TCP/IP. Web browsers use TCP when they connect to servers on the World Wide Web, and it is used to deliver and transfer files from one location to another. HTTP, HTTPS, SMTP, POP3, IMAP, SSH, FTP, Telnet and a variety of other protocols are typically encapsulated in TCP. When data is broken up into TCP packets, each packet looks like this. While there is one data field, there are 16 fields that make up 256 bits of metadata. https://en.wikipedia.org/ wiki/transmission_contr ol_protocol
31 Packets :: The Journey VIA 7 TUBES! LES MUM Original image author: https://commons.wikimedia.org/wiki/user:mro
32 Series of Tubes :: Tubes to 4chan.org c:\> tracert 4chan.org Tracing route to 4chan.org [ ] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms ms 7 ms 4 ms ms 29 ms 14 ms ms 9 ms 12 ms CPE vic.bigpond.net.au [ ] 5 12 ms 13 ms 15 ms ms 18 ms 12 ms bundle-ether4.lon-edge902.melbourne.telstra.net [ ] 7 14 ms 15 ms 15 ms bundle-ether11.exi-core1.melbourne.telstra.net [ ] 8 29 ms 26 ms 28 ms bundle-ether12.chw-core10.sydney.telstra.net [ ] 9 40 ms 31 ms 27 ms bundle-ether19.chw-core2.sydney.telstra.net [ ] ms 34 ms 25 ms tengigabitethernet8-1.ken45.sydney.telstra.net [ ] ms 26 ms 26 ms pacnet2.lnk.telstra.net [ ] ms 31 ms 32 ms te cr2.syd5.asianetcom.net [ ] ms 28 ms 26 ms gi gw1.syd2.asianetcom.net [ ] ms 24 ms 26 ms CDF-0011.asianetcom.net [ ] ms 34 ms 33 ms Trace complete.
33 Series of Tubes :: Who s watching? When sending a file, downloading a movie, or accessing a website, your packets go though a series of tubes, or more accurately, nodes. There can even be hidden nodes which are transparent to the user. Every single node receives a full copy of the data which passes though. Any node could store relayed information, or a subset of, for various purposes. (Spying, advertising data, research, etc) If a node were to collect data, this can be called a Man-in-the Middle attack. There are many methods that can and are used to intercept your communications. However, an in-depth discussion of this is outside the scope of this presentation. https://en.wikipedia.org/wiki/man-in-the-middle_attack
34 Series of Tubes :: Madman in the Middle One form of man-in-the-middle attack is to use SSID Spoofing, where you set up a wireless access point aimed at tricking people to connect to your network as opposed to their intended network. The same thing can be done with mobile phone towers, and recent news shows that Law Enforcement have been actively doing this. Adversaries do not necessarily need to be in the middle either. It s possible to passively listen in on wireless communications. Software such as Kismet will allow you to do this on unencrypted open networks fairly easily. Image Source: KQED https://en.wikipedia.org/wiki/monitor_mode https://en.wikipedia.org/wiki/packet_analyzer https://www.kismetwireless.net/ https://en.wikipedia.org/wiki/imsi-catcher https://en.wikipedia.org/wiki/stingray_phone_tracker
35 Internet :: Not just for cat photos Thinking back to Steganography: Maybe this image, although silly, contains the a secret message, with the details of what *really* happened to the Titanic.
36 Internet :: Accessing a website - Hypertext Transfer Protocol (HTTP) is the foundation of data communication for the World Wide Web. - Things such as webpages, videos, images, and sound are often delivered in your web browser by HTTP, which is why you see the in front of your website address. What does accessing a website actually entail from a data/network point of view? Let s check out and find out! Network Demo Using Firefox s Web Developer Tools (F12) https://en.wikipedia.org/wiki/hypertext_transfer_protocol
41 Series of Tubes :: Tubes to ldpvic.org.au c:\> tracert ldpvic.org.au Tracing route to ldpvic.org.au [ ] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms ms 3 ms 3 ms ms 11 ms 11 ms ms 11 ms 16 ms CPE vic.bigpond.net.au [ ] 5 12 ms 13 ms 12 ms ms 16 ms 16 ms bundle-ether4.lon-edge902.melbourne.telstra.net [ ] 7 13 ms 14 ms 13 ms bundle-ether11.exi-core1.melbourne.telstra.net [ ] 8 27 ms 28 ms 26 ms bundle-ether12.chw-core10.sydney.telstra.net [ ] 9 28 ms 36 ms 31 ms Bundle-ether17.oxf-gw2.sydney.telstra.net [ ] ms 27 ms 27 ms bundle-ether1.sydo-core01.sydney.reach.com [ ] ms 27 ms 31 ms i sydo-core02.bi.telstraglobal.net [ ] ms 216 ms 219 ms i eqnx-core01.bx.telstraglobal.net [ ] ms 243 ms 218 ms i eqnx03.bi.telstraglobal.net [ ] ms 182 ms 223 ms l3-peer.eqnx03.pr.telstraglobal.net [ ] 15 * * * Request timed out. 16 * * * Request timed out. 17 * * * Request timed out. 18 * * * Request timed out. 19 * * * Request timed out. 20 * * * Request timed out. 21 * * * Request timed out ms 215 ms 212 ms COLO4-DALLA.ear1.Dallas1.Level3.net [ ] ms 209 ms 211 ms ms 213 ms 211 ms ms 212 ms 209 ms starbuck.asmallorange.com [ ] Trace complete.
42 Series of Tubes :: The Packets Wireshark Demo: Packet capture https://www.wireshark.org https://en.wikipedia.org/wiki/wiresharkrg/
44 Series of Tubes :: The Packets This time a secure connection using https:// Firefox Demo: Network https://reddit.com
45 Series of Tubes :: reddit.com
46 Series of Tubes :: reddit.com
47 Series of Tubes :: The Packets Wireshark Demo: Packet capture https://reddit.com
49 Encryption/Cryptography Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries). Encryption doesn t stop others from intercepting your messages, but attempts to stop them from reading it. Symmetrical - Caesar (Add three letters: Les -> Ohv) - Advanced Encryption Standard (AES) Asymmetrical - RSA - Elliptic Curve cryptography (ECC) - Lattice-based cryptography https://en.wikipedia.org/wiki/encryption https://en.wikipedia.org/wiki/cryptography https://en.wikipedia.org/wiki/advanced_encryption_standard https://en.wikipedia.org/wiki/public-key_cryptography https://en.wikipedia.org/wiki/rsa_%28cryptosystem%29 https://en.wikipedia.org/wiki/elliptic_curve_cryptography https://en.wikipedia.org/wiki/lattice-based_cryptography
50 Encryption :: Demo Caesar Demo :
51 Encryption :: Demo Portable PGP Demo
52 Internet :: Cookies and Tracking What is a cookie? A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is a small piece of data sent from a website and stored in a user's web browser while the user is browsing that website. Every time the user loads the website, the browser sends the cookie back to the server to notify the website of the user's previous activity. Tracking cookies and especially third-party tracking cookies are commonly used as ways to compile long-term records of individuals' browsing histories Advertisers and Trackers get more Advanced Online tracking is no longer limited to the installation of the traditional "cookies" that record websites a user visits. Now, new tools can track in real time the data people are accessing or browsing on a web page and combine that with data about that user's location, income, hobbies, and even medical problems. Large Organisations like Google, Microsoft, Facebook, DoubleClick, QuanCast, Bizo, and sometimes even your own ISP want to track as much of your online activity as possible. Your habits, preferences, and personal details can be worth a lot of money! https://en.wikipedia.org/wiki/http_cookie https://www.eff.org/issues/online-behavioral-tracking
53 Stop Tracking: Browser Add-ons Most recent browsers give you options with regard to accepting cookies, and letting websites know if you want to be tracked or not. Web browsers alone are not providing adequate protection against tracking. There are various web-browser add-ons you can use to help prevent tracking. I personally use a combination of several, and would recommend using a combination of the following: HTTPS Everywhere : https://www.eff.org/https-everywhere Privacy Badger: https://www.eff.org/privacybadger Disconnect.Me : https://disconnect.me/ Ghostry : https://www.ghostery.com/en/ AdBlock Plus : https://adblockplus.org/ NoScript : RefControl : https://addons.mozilla.org/en-us/firefox/addon/refcontrol/ Lightbeam: https://www.mozilla.org/en-us/lightbeam/ There are also several other methods which can assist in limiting the extent to which you are tracked, many are out of the scope of this presentation. However the use of VPNs, I2P, TOR will be covered.
55 VPN :: What Is? A virtual private network (VPN) extends a private network across a public network, such as the Internet. It enables a computer or Wi-Fi-enabled device to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security and management policies of the private network. A VPN is created by establishing a virtual point-topoint connection through the use of dedicated connections, virtual tunnelling protocols, or traffic encryptions. While VPN encryption may stop adversaries from monitoring your data, they can still gather the metadata, which tells them you are hiding data. It can also show usage patterns (how much data at what time of day) https://en.wikipedia.org/wiki/virtual_private_network
56 VPN :: Uses - Connect to a remote office. - Have a continuous internet connection, no matter where you are. - Subvert internet censorship. - Hide the content of your internet session from (local) prying eyes. - Obfuscate your location from the servers you are accessing. - Access TV shows and other content which is not available at your location. Using a VPN - Setting up a VPN is easy, and there are various tutorials online. - Various businesses and non-profits provide VPN services. - Not all VPN services are equal, each organisation may distinguish themselves on things like speed, privacy, local laws and jurisdiction, data limits, etc. - Some are free, but most are paid subscriptions starting from a few dollars per month.
57 I2P :: What is? - I2P is an anonymous overlay network - a network within a network. It is intended to protect communication from dragnet surveillance and monitoring by third parties such as ISPs. - I2P is used by many people who care about their privacy: activists, oppressed people, journalists and whistle-blowers, as well as the average person. - The software is free and open source https://geti2p.net/en/ https://en.wikipedia.org/wiki/i2p
58 TOR The Onion Router What is Tor? Software for enabling online anonymity and resisting censorship. It is designed to make it possible for users to surf the Internet anonymously, so their activities and location cannot be discovered by government agencies, corporations, or anyone else. Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than five thousand relays to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult for Internet activity to be traced back to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms". Tor's use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored. An extract of a Top Secret appraisal by the National Security Agency (NSA) characterized Tor as "the King of high secure, low latency Internet anonymity" with "no contenders for the throne in waiting". https://www.torproject.org/ https://en.wikipedia.org/wiki/tor_%28anonymity_network%29 https://en.wikipedia.org/wiki/onion_routing
59 TOR :: What it (kind of) looks like
60 TOR :: Onion Routing
61 TOR :: Onion Routing Image Author: Primepq - https://en.wikipedia.org/wiki/file:decryption_mix_net.png
62 TOR :: Some Stats
63 TOR:: Demo TOR Browser Demonstration
64 Tails When NSA whistle-blower Edward Snowden first ed Glenn Greenwald, he insisted on using encryption software called PGP for all communications. But this month, we learned that Snowden used another technology to keep his communications out of the NSA s prying eyes. It s called Tails. Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to: - use the Internet anonymously and circumvent censorship; - all connections to the Internet are forced to go through the Tor network; - leave no trace on the computer you are using unless you ask it explicitly; - use state-of-the-art cryptographic tools to encrypt your files, s and instant messaging. https://tails.boum.org/
65 Bitcoin Bitcoin is a payment system invented by Satoshi Nakamoto, who published the invention in 2008 and released it as open-source software in The system is peer-to-peer; users can transact directly without needing an intermediary. Transactions are verified by network nodes and recorded in a public distributed ledger called the block chain. The ledger uses its own unit of account, also called bitcoin. The system works without a central repository or single administrator, which has led the US Treasury to categorize it as a decentralized virtual currency. Bitcoin is often called the first cryptocurrency, although prior systems existed. Bitcoin is more correctly described as the first decentralized digital currency. It is the largest of its kind in terms of total market value. https://en.wikipedia.org/wiki/bitcoin
Covert Channels Covert Channels Tunnels that are used to bypass filters and intrusion detection systems Use traffic that is thought to be something else (i.e. DNS tunnels) Can also provide encryption (i.e.
The Surveillance State and what to do about it Steve Revilak https://masspirates.org/ Boston Anarchist Bookfair Nov 21, 2015 1 / 29 First Principles surveillance (n) Close observation of a person or group,
Introduction to Encryption What it s all about At MOA Project, we believe privacy and the ability to communicate without government or corporate eavesdropping is a basic right of all people. Some groups,
The Dark Web Steven M. Bellovin March 21, 2016 1 Tor and the Dark Web There are ways to use the Internet (almost) untraceably This can be used for good purposes or bad purposes Two technologies are necessary,
Protect Your Privacy Online P 7/1 Keep Yourself Safe from the Prying Eyes of Hackers and Snoopers! With the information in this article you can: Find out what secret information your PC is sharing with
2 Privacy Internet Privacy Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 19 June 2014 Common/Reports/internet-privacy-options.tex, r892 1 Privacy Acronyms
Facebook Smart Card FB 121211_1800 Social Networks - Do s and Don ts Only establish and maintain connections with people you know and trust. Review your connections often. Assume that ANYONE can see any
The Internet and Network Technologies Don Mason Associate Director Copyright 2013 National Center for Justice and the Rule of Law All Rights Reserved Inside vs. Outside Inside the Box What the computer
PRIVACY TOOLKIT FOR LIBRARIANS email@example.com libraryfreedomproject.org/resources/privacy-toolkit-for-librarians/ THREAT MODELING assets adversaries capabilities consequences how much
E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system
Bit Chat: A Peer-to-Peer Instant Messenger Shreyas Zare firstname.lastname@example.org https://technitium.com December 20, 2015 Abstract. Bit Chat is a peer-to-peer instant messaging concept, allowing one-to-one
anonymous secure decentralized SMS stealthtext transactions WHITEPAPER STATE OF THE ART 2/8 WHAT IS STEALTHTEXT? stealthtext is a way to send stealthcoin privately and securely using SMS texting. stealthtext
Big Data Big Security Problems? Ivan Damgård, Aarhus University Content A survey of some security and privacy issues related to big data. Will organize according to who is collecting/storing data! Intelligence
A beginners guide in how to make a Laptop/PC more secure. This guide will go through the common ways that a user can make their computer more secure. Here are the key points covered: 1) Device Password
About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used
Global Information Society Watch 2014 Communications surveillance in the digital age This report was originally published as part of a larger compilation, which can be downloaded from GISWatch.org Association
Music, Film, TV and the Internet A guide for parents and teachers Music, film and TV on the internet what you should know There are many great ways of accessing music, film, TV and video safely and legally
A Guide to Mobile Security For Citizen Journalists Your Citizen journalism, and with it the rise of alternative media voices, is one of the most exciting possibilities for mobile phones in activism. Mobile
High-speed cryptography and DNSCurve D. J. Bernstein University of Illinois at Chicago Stealing Internet mail: easy! Given a mail message: Your mail software sends a DNS request, receives a server address,
Internet Economics Seminar Privacy, Anonymity and Pseudonymity in Business Transactions over the Internet Daniel Bruggesser Jarkko Laine Contents Introduction (definitions, history) State of the privacy
National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.
E-Commerce Infrastructure II: the World Wide Web The Internet and the World Wide Web are two separate but related things Oct 15, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html 1 Outline The Internet and
Online Research and Investigation This document is intended to provide guidance to police officers or staff engaged in research and investigation across the internet. This guidance is not a source of law
Computer Crime & Intellectual Property Section Networks and the Internet A Primer for Prosecutors and Investigators Michael J. Stawasz Senior Counsel Computer Crime and Intellectual Property Section ()
Candidates should be able to: a. Explain the advantages of networking stand-alone computers into a LAN b. Describe H/W needed to connect stand-alone computers into a LAN, including hub/switches, wireless
Three short case studies peer to peer networking wireless systems search engines each includes issues of hardware processors, storage, peripherals, networks,... representation of information, analog vs.
Bitmessage: A Peer to Peer Message Authentication and Delivery System Jonathan Warren email@example.com www.bitmessage.org November 27, 2012 Abstract. We propose a system that allows users to securely
Mobility (and philosophical questions about names and identity) David Andersen CMU CS 15-744 The problem How to support mobile users What do we mean by support? Make it easy and convenient to effectively
The Case For Secure Email By Erik Kangas, PhD, President, Lux Scientiae, Incorporated http://luxsci.com Contents Section 1: Introduction Section 2: How Email Works Section 3: Security Threats to Your Email
Objective: At the end of this module, you must be able to 1. Establish a basic understanding of the Internet 2. Understand the Internet's evolution What is Internet? Internet is a vast collection of different
NETWORKS AND THE INTERNET Outline to accompany the slide presentation 1. Networks and the Internet A Primer for Prosecutors and Investigators 2. Getting There From networks to the Internet Locating a place
E DUCATION I NNOVATION A DVANCING J USTICE THE NATIONAL JUDICIAL COLLEGE OUTSIDE THE BOX: INTERNET & NETWORK TECHNOLOGY DIVIDER 7 Professor Donald R. Mason OBJECTIVES: After this session, you will be able
NSA Surveillance, National Security and Privacy Ir Roy Ko Former HKCERT Manager 20 August 2014 HKIE Veneree Club 1 Agenda Background Edward Snowden National Security Agency (NSA) What NSA has done PRISM
Michael Seltzer COMP 116: Security Final Paper Client Side Encryption in the Web Browser Mentor: Ming Chow 1 Abstract Web service providers generally look to encryption as a means of ensuring data privacy
CITS1231 Web Technologies Client, Server, the Internet, and the Web Topic Outline How does the Internet work Client Server Architecture Connections Communications Protocols Addressing Routing One of the
Programme NPFIT Document Record ID Key Sub-Prog / Project Information Governance NPFIT-FNT-TO-IG-GPG-0003.01 Prog. Director Mark Ferrar Status Approved Owner Tim Davis Version 1.0 Author Phil Benn Version
High Performance VPN Solutions Over Satellite Networks Enhanced Packet Handling Both Accelerates And Encrypts High-Delay Satellite Circuits Characteristics of Satellite Networks? Satellite Networks have
Guidelines for smart phones, tablets and other mobile devices Summary Smart phones, tablets and other similar mobile devices are being used increasingly both privately and in organisations. Another emerging
Privacy and Encryption in egovernment Dewey Landrum Technical Architect CSO SLED West Sector CISSP August 11, 2008 Privacy Regulations Health Insurance Portability and Accountability Act (HIPPA) Gramm-Leach-Bliley
Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.
Own your LAN with Arp Poison Routing By: Rorik Koster April 17, 2006 Security is a popular buzzword heard every day throughout our American culture and possibly even more so in our global economy. From
Overview According to Dr. Gloria Mark at the University of California, Irvine, workers are having to struggle through overflowing inboxes more than ever during their work day now. They are also checking
Introduction to Web Technology Content of the course Diana Inkpen The Internet and the WWW. Internet Connectivity. Basic Internet Services. University of Ottawa School of Information Technology and Engineering
IT 4823 Information Security Concepts and Administration March 17 Network Threats Notice: This session is being recorded. Happy 50 th, Vanguard II March 17, 1958 R.I.P. John Backus March 17, 2007 Copyright
Professional Ethics for Computer Science Chapter 4: Privacy Jie Gao Computer Science Department Stony Brook University Privacy Issues Internet privacy consists of privacy over the media of the Internet:
Chapter 9 Connecting to and Setting Up a Network Reviewing the Basics 1. How many bits are in a MAC address? 48 bits 2. How many bits are in an IPv4 IP address? In an IPv6 IP address? 32 bits, 128 bits
1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the
AV-Comparatives F-Secure Freedome Language: English November 2014 Last revision: 20. November 2014-1- Introduction As mobile phone network coverage is not universal, and data tariffs tend to be expensive,
Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html
NETWORKING What is a packet-switching network? The internet is an example of a packet-switching network! All internet traffic is broken down into packets, which are small chunks of data that are sent individually
Partnership with Benetech, a non-profit organization that develops and supports Martus, secure information management software for human rights monitoring. 1 Benetech creates and develops new technology
Music and the Internet A guide for parents and teachers Music on the internet what you should know There are many great ways of accessing music safely and legally online. This guide aims to keep parents,
Just Net Coalition statement on Internet governance (Just Net Coalition is a global coalition of civil society actors working on Internet governance issues) All states should work together to provide a
Music, Film, TV and the Internet A guide for parents and teachers Music, film and TV on the internet what you should know There are many great ways of accessing music, film, TV and video safely and legally
WHITEPAPER: OCTOBER 2014 The Hidden Dangers of Public WiFi 2 EXECUTIVE SUMMARY 4 MARKET DYNAMICS 4 The Promise of Public WiFi 5 The Problem with Public WiFi 6 MARKET BEHAVIOR 6 Most People Do Not Protect
STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of
High Speed Internet - User Guide Welcome to your world. 1 Welcome to your world :) Thank you for choosing Cogeco High Speed Internet. Welcome to your new High Speed Internet service. When it comes to a
Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology
Virtual Private Networks Jonathan Reed firstname.lastname@example.org MIT IS&T VPN Release Team Overview Basic Networking Terms General Concepts How the VPN works Why it s useful What to watch out for Q&A Networking 101
CS 665: Computer System Security Network Security Bojan Cukic Lane Department of Computer Science and Electrical Engineering West Virginia University 1 Usage environment Anonymity Automation, minimal human
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
Chapter 7: Computer Networks, the Internet, and the World Wide Web Invitation to Computer Science, C++ Version, Third Edition Objectives In this chapter, you will learn about: Basic networking concepts
AFFINION INTERNATIONAL AB COMPANY PRIVACY AND COOKIES POLICY The privacy and cookies policy sets out how we use any personal information that you give to us, or that we may collect or otherwise process
DATRET/EXPGRP (2009) 3 - FINAL EXPERTS GROUP "THE PLATFORM FOR ELECTRONIC DATA RETENTION FOR THE INVESTIGATION, DETECTION AND PROSECUTION OF SERIOUS CRIME" ESTABLISHED BY COMMISSION DECISION 2008/324/EC
Network Security - ISA 656 Angelos Stavrou November 13, 2007 The Usual Questions The Usual Questions Assets What are we trying to protect? Against whom? 2 / 33 Assets The Usual Questions Assets Confidentiality
Acceleration of Data through SSL Virtual Private Networks Rob Jansen University of Minnesota, Morris 600 East Fourth Street Morris, MN 56267 (123) 456-7890 email@example.com ABSTRACT A Virtual Private
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
CPS221 Lecture: Layered Network Architecture Objectives last revised 9/10/12 1. To discuss the OSI layered architecture model 2. To discuss the specific implementation of this model in TCP/IP Materials:
Background OpenSSL is an open source project which provides a Secure Socket Layer (SSL) V2/V3 and Transport Layer Security (TLS) V1 implementation along with a general purpose cryptographic library. It
Wireless Encryption Protection We re going to jump around a little here and go to something that I really find interesting, how do you secure yourself when you connect to a router. Now first and foremost
DB1 Phishing attacks, usually implemented through HTML enabled e-mails, are becoming more common and more sophisticated. As a network manager, how would you go about protecting your users from a phishing
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
VOIP THE ULTIMATE GUIDE VERSION 1.0 9/23/2014 onevoiceinc.com WHAT S IN THIS GUIDE? WHAT IS VOIP REQUIREMENTS OF A VOIP SYSTEM IMPLEMENTING A VOIP SYSTEM METHODS OF VOIP BENEFITS OF VOIP PROBLEMS OF VOIP
Tor: Anonymous Communications for the Dept of Defense...and you. Roger Dingledine Free Haven Project Electronic Frontier Foundation http://tor.eff.org/ 17 September 2005 Talk Outline Motivation: Why anonymous
Realizing a Vision Interesting Student Projects Do you want to be part of a revolution? We are looking for exceptional students who can help us realize a big vision: a global, distributed storage system