SlideShare uma empresa Scribd logo
1 de 36
Baixar para ler offline
privacy is an illusion
and you’re all losers
or how 1984 was a manual for our panopticon society

!
By Cain Ransbottyn - @ransbottyn
End of privacy
•

9/11 attacks invigorated the
concept of terrorist threats

•

Post 9/11 there was a strong
and understandable argument
to prioritise security
End of civil liberties
•

New word: “asymmetrical
threats”

•

Actually means: “please give
up your civil liberties”, in 2001
55% US citizens were pro; in
2011 only 40% (and
declining).

•

Patriot Act changed the world
for good
So, terrorism huh ?
•

systematic use of violent
terror as a means of
coercion

•

violent acts which are
intended to create fear
(terror)

•

perpetrated for a religious,
political, or ideological goal

•

deliberately target or
disregard the safety of noncombatants (civilians)
Global terrorist threat map
Data of 2010. Seems legit.
Year on year doubling in surveillance
budget since the Patriot Act
Except for 2013, then there was a dark budget of US$ 52,6B
Fear. Uncertainty. Doubt.
•

Instilling fear is a premise for
coercion. But to whom ?

•

Mass media works as a
catalyst to bring fear in the
homes of citizens.

•

We all are very shitty at threat
and risk assessments. Pigs or
sharks ?

•

23,589

40

Or terrorist attacks ?
13,200

* 2010 facts and figures worldwide
Are we really capable of
understanding the real
threat level ?
Please demonstrate you can spot a rhetorical question when you see one
The convenience of circular
logic
•

Gov’t: We’re using
surveillance so we can
prevent terrorist attacks

You: I don’t see any terrorist
threat or attack

Gov’t: Awesome stuff, hey ?


•

Him: I’m using this repellent to
scare away elephants.

You: But I don’t see any
elephants.

Him: Awesome stuff, hey ?
quis custodiet ipsos
custodes ?
Total Information
Awareness
The 2002 - 2003 program that began a data mining project, following warantless surveillance decision in 2002
PRISM, XKeyScore, Tempora
!
Thank you Microsoft, Facebook, Yahoo!, Google, Paltalk, YouTube, AOL,
Apple, Skype

Snowden leaks the post 2007 surveillance industry is much worse than anyone could have imagined
The rise of private
intelligence agencies
•

The welcome gift of “social
networks”

•

The thankful adoption rate of
smart phones

•

The cloud as the ultimate data
gathering extension to
governments

•

The phone operators remain a
loyal friend

•

The overt investment strategy of
In-Q-Tel
The In-Q-Tel investment firm
•

Founded 1999 as not-for-profit
venture capital firm

•

So… if you are not looking to make a
profit, what are you looking for then ?

•

Investments in data mining, call
recording, surveillance, crypto,
biotech, …

•

E.g. 2007 AT&T - Narus STA 6400
backdoor = product of In-Q-Tel
funded company

•

Many (many) participations
worldwide (also Belgium)
Social networks as a private
intelligence agency
•

Perfect front offices

•

Facebook as the first global
private intelligence agency

•

Otherwise hard to obtain intel
is being shared voluntarily by
everyone (e.g. hobbies, etc.)

•

US$ 12,7M investment by
James Breyer (Accel), former
colleague of Gilman Louie
(CEO In-Q-Tel)
Smart-phones as the
ultimate tracking device
•

Device you carry 24/7 with you.
With a GPS on board.

•

Android has remote install/deinstall
hooks in its OS (so has IOS)

•

OTA vulnerabilities allow remote
installs of byte patches (e.g.
Blackberry incident in UAE)

•

Apple incident (“the bug that
stored your whereabouts”)

•

Any idea how many address
books are stored on iCloud ? :p
Smart-phones as the
ultimate tracking device

Wi-Fi based positioning has become very accurate and quickly deployed mainstream
Cloud providers as the
perfect honeypot
•

There is no company that is so
invasive as Google

•

Records voice calls (Voice),
analyses e-mail (GMail), knows who
you talk to and where you are
(Android), has all your documents
(Drive) and soon will see through
your eyes (Glass)

•

Robert David Steele (CIA) disclosed
Google takes money from US Intel.
community.

•

In-Q-Tel and Google invest in
mutual companies (mutual interest)
Cloud providers as the
perfect honeypot
•

Not only Google. The latest
OSX Mavericks actually asked
me to… store my Keychain in
the cloud *sigh*

•

While Apple claims iMessage
cannot be intercepted, we
know it is possible because
Apple is the MITM and no
end-to-end crypto is used nor
certificate pinning.
The loyal friend, the phone
operator
•

Needs to be CALEA and ETSI
compliant. Yeah right :-)

•

Operators are both targets of
surveillance stakeholders (e.g.
Belgacom/BICS hack by GCHQ)
and providers of surveillance tactics
(taps, OTA installs, silent SMS, etc.)

•

Does KPN really trust NICE (Israel)
and does Belgacom really trust
Huawei (China) ?

•

Truth of the matter is: you cannot
trust your operator…
Privacy is for losers

If you think you have privacy,
you really are a loser
#dta

If a government needs to understand
its enemy, and we’re being surveilled.
Then, who exactly is the enemy ?
Conspiracy theory ?
!

Whistleblowers showed that reality
is far worse
So now what ?
Change your attitude.
Wake the f*ck up…
Reclaim ownership of your data.
Demand transparency of every
service you use.
Encryption is your
friend
Encryption today is built for security
professionals and engineers.
Not for your mom or dad.
Security and crypto engineers don’t
understand UI and UX
Android and IOS planned. Microsoft Mobile perhaps.
Requirements
•

Must provide strong crypto

•

Must be open source (GitHub)

•

Must be beautiful and easy to use, we
actually don’t want the user to be
confronted with complex crypto issues

•

Provide deniability

•

Provide alerting mechanisms that alert
the user when something is wrong

•

Even when your device is confiscated,
it should be able to withstand forensic
investigation
How it’s built
•

Using tor as transport layer for P2P
routing and provide anonymity (no
exit nodes used).

•

Obfuscated as HTTPS traffic to
prevent gov’t filtering.

•

Using OTR v3.1 to ensure perfect
forward secrecy and end-to-end
crypto.

•

Capable of detecting A5/GSM
tactical surveillance attacks.

•

Extremely effective anti forensic
mechanisms and triggers
How it’s used
Who’s using it
•

Journalists

•

Freedom Fighters

•

Whistleblowers

•

Lawyers and security
professionals

•

…
Why use it ?
•

To protect your human right
on privacy

•

To protect your human right
on freedom of speech

•

Because your communication
needs to remain confidential

•

Because excessive
surveillance is a threat to
modern democracy
Privacy might be for losers, but
that doesn’t mean you are OK
to give up your human rights…

Mais conteúdo relacionado

Mais procurados

Top 10 staff development interview questions and answers
Top 10 staff development interview questions and answersTop 10 staff development interview questions and answers
Top 10 staff development interview questions and answerstonychoper0206
 
Towards Future Proof Customer Relations
Towards Future Proof Customer RelationsTowards Future Proof Customer Relations
Towards Future Proof Customer RelationsSteven Van Belleghem
 
UnMoney: The Value of Everything
UnMoney: The Value of EverythingUnMoney: The Value of Everything
UnMoney: The Value of Everythingsparks & honey
 
Business Storytelling and Soft Power
Business Storytelling and Soft PowerBusiness Storytelling and Soft Power
Business Storytelling and Soft PowerINNOVATION COPILOTS
 
Growth Lessons from Early Snapchat
Growth Lessons from Early SnapchatGrowth Lessons from Early Snapchat
Growth Lessons from Early SnapchatMozza
 
Speculative futures 11.12.2019 - strategic foresight 101
Speculative futures 11.12.2019  -  strategic foresight 101Speculative futures 11.12.2019  -  strategic foresight 101
Speculative futures 11.12.2019 - strategic foresight 101Andrew Do
 
Exploiting Fast and Slow Thinking
Exploiting Fast and Slow ThinkingExploiting Fast and Slow Thinking
Exploiting Fast and Slow ThinkingRebecca Wirfs-Brock
 
Facilitating Complexity: A Pervert's Guide to Exploration
Facilitating Complexity: A Pervert's Guide to ExplorationFacilitating Complexity: A Pervert's Guide to Exploration
Facilitating Complexity: A Pervert's Guide to ExplorationWilliam Evans
 
Understanding Reddit: The Social Media Superpower You've Probably Never Heard Of
Understanding Reddit: The Social Media Superpower You've Probably Never Heard OfUnderstanding Reddit: The Social Media Superpower You've Probably Never Heard Of
Understanding Reddit: The Social Media Superpower You've Probably Never Heard OfBrent Csutoras
 
Personalizing "The Netflix Experience" with Deep Learning
Personalizing "The Netflix Experience" with Deep LearningPersonalizing "The Netflix Experience" with Deep Learning
Personalizing "The Netflix Experience" with Deep LearningAnoop Deoras
 
The Crisis of Self Sovereignty in The Age of Surveillance Capitalism
The Crisis of Self Sovereignty in The Age of Surveillance CapitalismThe Crisis of Self Sovereignty in The Age of Surveillance Capitalism
The Crisis of Self Sovereignty in The Age of Surveillance CapitalismJongseung Kim
 
[MIX2018]Making Banking Joyful-DBS數位轉型之路 - 何子明 / 台灣星展銀行 董事總經理
[MIX2018]Making Banking Joyful-DBS數位轉型之路 - 何子明 / 台灣星展銀行 董事總經理[MIX2018]Making Banking Joyful-DBS數位轉型之路 - 何子明 / 台灣星展銀行 董事總經理
[MIX2018]Making Banking Joyful-DBS數位轉型之路 - 何子明 / 台灣星展銀行 董事總經理悠識學院
 
100 Bullet Points from #CannesLions 2011 by @jessedee
100 Bullet Points from #CannesLions 2011 by @jessedee100 Bullet Points from #CannesLions 2011 by @jessedee
100 Bullet Points from #CannesLions 2011 by @jessedeeJesse Desjardins - @jessedee
 
Recommendation Systems
Recommendation SystemsRecommendation Systems
Recommendation SystemsRobin Reni
 
Snapchat Visual Marketing Strategy
Snapchat Visual Marketing StrategySnapchat Visual Marketing Strategy
Snapchat Visual Marketing StrategyKatai Robert
 
Developing an Intranet Strategy
Developing an Intranet StrategyDeveloping an Intranet Strategy
Developing an Intranet StrategyDNN
 
Work Hacks : Body Language
Work Hacks : Body LanguageWork Hacks : Body Language
Work Hacks : Body LanguageInterQuest Group
 

Mais procurados (20)

Top 10 staff development interview questions and answers
Top 10 staff development interview questions and answersTop 10 staff development interview questions and answers
Top 10 staff development interview questions and answers
 
Towards Future Proof Customer Relations
Towards Future Proof Customer RelationsTowards Future Proof Customer Relations
Towards Future Proof Customer Relations
 
How to Rock SXSW
How to Rock SXSWHow to Rock SXSW
How to Rock SXSW
 
The Hierarchy of Engagement
The Hierarchy of EngagementThe Hierarchy of Engagement
The Hierarchy of Engagement
 
UnMoney: The Value of Everything
UnMoney: The Value of EverythingUnMoney: The Value of Everything
UnMoney: The Value of Everything
 
Business Storytelling and Soft Power
Business Storytelling and Soft PowerBusiness Storytelling and Soft Power
Business Storytelling and Soft Power
 
Growth Lessons from Early Snapchat
Growth Lessons from Early SnapchatGrowth Lessons from Early Snapchat
Growth Lessons from Early Snapchat
 
Speculative futures 11.12.2019 - strategic foresight 101
Speculative futures 11.12.2019  -  strategic foresight 101Speculative futures 11.12.2019  -  strategic foresight 101
Speculative futures 11.12.2019 - strategic foresight 101
 
Exploiting Fast and Slow Thinking
Exploiting Fast and Slow ThinkingExploiting Fast and Slow Thinking
Exploiting Fast and Slow Thinking
 
Facilitating Complexity: A Pervert's Guide to Exploration
Facilitating Complexity: A Pervert's Guide to ExplorationFacilitating Complexity: A Pervert's Guide to Exploration
Facilitating Complexity: A Pervert's Guide to Exploration
 
Understanding Reddit: The Social Media Superpower You've Probably Never Heard Of
Understanding Reddit: The Social Media Superpower You've Probably Never Heard OfUnderstanding Reddit: The Social Media Superpower You've Probably Never Heard Of
Understanding Reddit: The Social Media Superpower You've Probably Never Heard Of
 
Personalizing "The Netflix Experience" with Deep Learning
Personalizing "The Netflix Experience" with Deep LearningPersonalizing "The Netflix Experience" with Deep Learning
Personalizing "The Netflix Experience" with Deep Learning
 
The Crisis of Self Sovereignty in The Age of Surveillance Capitalism
The Crisis of Self Sovereignty in The Age of Surveillance CapitalismThe Crisis of Self Sovereignty in The Age of Surveillance Capitalism
The Crisis of Self Sovereignty in The Age of Surveillance Capitalism
 
[MIX2018]Making Banking Joyful-DBS數位轉型之路 - 何子明 / 台灣星展銀行 董事總經理
[MIX2018]Making Banking Joyful-DBS數位轉型之路 - 何子明 / 台灣星展銀行 董事總經理[MIX2018]Making Banking Joyful-DBS數位轉型之路 - 何子明 / 台灣星展銀行 董事總經理
[MIX2018]Making Banking Joyful-DBS數位轉型之路 - 何子明 / 台灣星展銀行 董事總經理
 
The Media System Goes Global
The Media System Goes GlobalThe Media System Goes Global
The Media System Goes Global
 
100 Bullet Points from #CannesLions 2011 by @jessedee
100 Bullet Points from #CannesLions 2011 by @jessedee100 Bullet Points from #CannesLions 2011 by @jessedee
100 Bullet Points from #CannesLions 2011 by @jessedee
 
Recommendation Systems
Recommendation SystemsRecommendation Systems
Recommendation Systems
 
Snapchat Visual Marketing Strategy
Snapchat Visual Marketing StrategySnapchat Visual Marketing Strategy
Snapchat Visual Marketing Strategy
 
Developing an Intranet Strategy
Developing an Intranet StrategyDeveloping an Intranet Strategy
Developing an Intranet Strategy
 
Work Hacks : Body Language
Work Hacks : Body LanguageWork Hacks : Body Language
Work Hacks : Body Language
 

Destaque

What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...Edureka!
 
Inside Google's Numbers in 2017
Inside Google's Numbers in 2017Inside Google's Numbers in 2017
Inside Google's Numbers in 2017Rand Fishkin
 
Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017NVIDIA
 
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017Carol Smith
 
2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping season2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping seasonDeloitte United States
 
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...Yevgeniy Brikman
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017Drift
 
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...Shirshanka Das
 
Natural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring systemNatural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring systemAkshay Mistri
 
An Introduction to LGBTQ Oppression
An Introduction to LGBTQ OppressionAn Introduction to LGBTQ Oppression
An Introduction to LGBTQ OppressionOlivia Domingo
 
How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)Dasun Eranthika
 
Lgbt community center
Lgbt community centerLgbt community center
Lgbt community centerJason McLeod
 
Apresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJApresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJsibi_ufrj
 
Python as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats PackagesPython as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats PackagesHarold Henson
 
Electronic Communication Etiquette
Electronic Communication EtiquetteElectronic Communication Etiquette
Electronic Communication Etiquetteladytj1754
 
Electronic Communication
Electronic CommunicationElectronic Communication
Electronic Communicationwmassie
 

Destaque (20)

What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
 
Inside Google's Numbers in 2017
Inside Google's Numbers in 2017Inside Google's Numbers in 2017
Inside Google's Numbers in 2017
 
Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017
 
The AI Rush
The AI RushThe AI Rush
The AI Rush
 
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
 
2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping season2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping season
 
10 facts about jobs in the future
10 facts about jobs in the future10 facts about jobs in the future
10 facts about jobs in the future
 
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
 
Online Harassment 2017
Online Harassment 2017Online Harassment 2017
Online Harassment 2017
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
 
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
 
Natural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring systemNatural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring system
 
An Introduction to LGBTQ Oppression
An Introduction to LGBTQ OppressionAn Introduction to LGBTQ Oppression
An Introduction to LGBTQ Oppression
 
How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)
 
Presentacion actividad 7
Presentacion actividad 7Presentacion actividad 7
Presentacion actividad 7
 
Lgbt community center
Lgbt community centerLgbt community center
Lgbt community center
 
Apresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJApresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJ
 
Python as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats PackagesPython as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats Packages
 
Electronic Communication Etiquette
Electronic Communication EtiquetteElectronic Communication Etiquette
Electronic Communication Etiquette
 
Electronic Communication
Electronic CommunicationElectronic Communication
Electronic Communication
 

Semelhante a Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013

Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Kenneth Carnesi, JD
 
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...Andrew Schwabe
 
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...Hackito Ergo Sum
 
Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data   ITAG tech360 Penn State Great Valley 2015 Reining in the Data   ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015 Andrew Schwabe
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyCRS4 Research Center in Sardinia
 
Cybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationCybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationHinne Hettema
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
 
Simon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 finalSimon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 finalSimon Harrison
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...Cyber Security Alliance
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentJustin Grammens
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationCharles Mok
 
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)SERVICE DESIGN DAYS
 
Risk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Crew
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictionscentralohioissa
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and PrivacyBrian Pichman
 
article cybersecurity must B2B metaverse
article cybersecurity must B2B metaversearticle cybersecurity must B2B metaverse
article cybersecurity must B2B metaverseMext Metaverse
 
nullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksnullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksn|u - The Open Security Community
 

Semelhante a Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013 (20)

Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01
 
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
 
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
 
Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data   ITAG tech360 Penn State Great Valley 2015 Reining in the Data   ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
 
Cybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationCybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generation
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
 
nullcon 2010 - Underground Economy
nullcon 2010 - Underground Economynullcon 2010 - Underground Economy
nullcon 2010 - Underground Economy
 
Simon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 finalSimon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 final
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is Different
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentation
 
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
 
Risk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Factory: Let's Get Physical
Risk Factory: Let's Get Physical
 
Iot ppt
Iot pptIot ppt
Iot ppt
 
Dark Net
Dark NetDark Net
Dark Net
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictions
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and Privacy
 
article cybersecurity must B2B metaverse
article cybersecurity must B2B metaversearticle cybersecurity must B2B metaverse
article cybersecurity must B2B metaverse
 
nullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksnullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark links
 

Mais de Cain Ransbottyn

Privacy is for losers 2016
Privacy is for losers 2016Privacy is for losers 2016
Privacy is for losers 2016Cain Ransbottyn
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)Cain Ransbottyn
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)Cain Ransbottyn
 
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...Cain Ransbottyn
 
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013Cain Ransbottyn
 
Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!Cain Ransbottyn
 
#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product Placement#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product PlacementCain Ransbottyn
 
Emailvision: I'm a spammer!
Emailvision: I'm a spammer!Emailvision: I'm a spammer!
Emailvision: I'm a spammer!Cain Ransbottyn
 

Mais de Cain Ransbottyn (9)

Privacy is for losers 2016
Privacy is for losers 2016Privacy is for losers 2016
Privacy is for losers 2016
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)
 
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
 
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
 
Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!
 
#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product Placement#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product Placement
 
Privacy is for losers
Privacy is for losersPrivacy is for losers
Privacy is for losers
 
Emailvision: I'm a spammer!
Emailvision: I'm a spammer!Emailvision: I'm a spammer!
Emailvision: I'm a spammer!
 

Último

Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...itnewsafrica
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 

Último (20)

Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 

Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013

  • 1. privacy is an illusion and you’re all losers or how 1984 was a manual for our panopticon society ! By Cain Ransbottyn - @ransbottyn
  • 2. End of privacy • 9/11 attacks invigorated the concept of terrorist threats • Post 9/11 there was a strong and understandable argument to prioritise security
  • 3. End of civil liberties • New word: “asymmetrical threats” • Actually means: “please give up your civil liberties”, in 2001 55% US citizens were pro; in 2011 only 40% (and declining). • Patriot Act changed the world for good
  • 4. So, terrorism huh ? • systematic use of violent terror as a means of coercion • violent acts which are intended to create fear (terror) • perpetrated for a religious, political, or ideological goal • deliberately target or disregard the safety of noncombatants (civilians)
  • 5. Global terrorist threat map Data of 2010. Seems legit.
  • 6. Year on year doubling in surveillance budget since the Patriot Act Except for 2013, then there was a dark budget of US$ 52,6B
  • 7. Fear. Uncertainty. Doubt. • Instilling fear is a premise for coercion. But to whom ? • Mass media works as a catalyst to bring fear in the homes of citizens. • We all are very shitty at threat and risk assessments. Pigs or sharks ? • 23,589 40 Or terrorist attacks ? 13,200 * 2010 facts and figures worldwide
  • 8. Are we really capable of understanding the real threat level ? Please demonstrate you can spot a rhetorical question when you see one
  • 9. The convenience of circular logic • Gov’t: We’re using surveillance so we can prevent terrorist attacks
 You: I don’t see any terrorist threat or attack
 Gov’t: Awesome stuff, hey ?
 • Him: I’m using this repellent to scare away elephants.
 You: But I don’t see any elephants.
 Him: Awesome stuff, hey ?
  • 11. Total Information Awareness The 2002 - 2003 program that began a data mining project, following warantless surveillance decision in 2002
  • 12. PRISM, XKeyScore, Tempora ! Thank you Microsoft, Facebook, Yahoo!, Google, Paltalk, YouTube, AOL, Apple, Skype Snowden leaks the post 2007 surveillance industry is much worse than anyone could have imagined
  • 13. The rise of private intelligence agencies • The welcome gift of “social networks” • The thankful adoption rate of smart phones • The cloud as the ultimate data gathering extension to governments • The phone operators remain a loyal friend • The overt investment strategy of In-Q-Tel
  • 14. The In-Q-Tel investment firm • Founded 1999 as not-for-profit venture capital firm • So… if you are not looking to make a profit, what are you looking for then ? • Investments in data mining, call recording, surveillance, crypto, biotech, … • E.g. 2007 AT&T - Narus STA 6400 backdoor = product of In-Q-Tel funded company • Many (many) participations worldwide (also Belgium)
  • 15. Social networks as a private intelligence agency • Perfect front offices • Facebook as the first global private intelligence agency • Otherwise hard to obtain intel is being shared voluntarily by everyone (e.g. hobbies, etc.) • US$ 12,7M investment by James Breyer (Accel), former colleague of Gilman Louie (CEO In-Q-Tel)
  • 16. Smart-phones as the ultimate tracking device • Device you carry 24/7 with you. With a GPS on board. • Android has remote install/deinstall hooks in its OS (so has IOS) • OTA vulnerabilities allow remote installs of byte patches (e.g. Blackberry incident in UAE) • Apple incident (“the bug that stored your whereabouts”) • Any idea how many address books are stored on iCloud ? :p
  • 17. Smart-phones as the ultimate tracking device Wi-Fi based positioning has become very accurate and quickly deployed mainstream
  • 18. Cloud providers as the perfect honeypot • There is no company that is so invasive as Google • Records voice calls (Voice), analyses e-mail (GMail), knows who you talk to and where you are (Android), has all your documents (Drive) and soon will see through your eyes (Glass) • Robert David Steele (CIA) disclosed Google takes money from US Intel. community. • In-Q-Tel and Google invest in mutual companies (mutual interest)
  • 19. Cloud providers as the perfect honeypot • Not only Google. The latest OSX Mavericks actually asked me to… store my Keychain in the cloud *sigh* • While Apple claims iMessage cannot be intercepted, we know it is possible because Apple is the MITM and no end-to-end crypto is used nor certificate pinning.
  • 20. The loyal friend, the phone operator • Needs to be CALEA and ETSI compliant. Yeah right :-) • Operators are both targets of surveillance stakeholders (e.g. Belgacom/BICS hack by GCHQ) and providers of surveillance tactics (taps, OTA installs, silent SMS, etc.) • Does KPN really trust NICE (Israel) and does Belgacom really trust Huawei (China) ? • Truth of the matter is: you cannot trust your operator…
  • 21. Privacy is for losers If you think you have privacy, you really are a loser
  • 22. #dta If a government needs to understand its enemy, and we’re being surveilled. Then, who exactly is the enemy ?
  • 23. Conspiracy theory ? ! Whistleblowers showed that reality is far worse
  • 25. Change your attitude. Wake the f*ck up…
  • 26. Reclaim ownership of your data. Demand transparency of every service you use.
  • 28. Encryption today is built for security professionals and engineers. Not for your mom or dad.
  • 29. Security and crypto engineers don’t understand UI and UX
  • 30. Android and IOS planned. Microsoft Mobile perhaps.
  • 31. Requirements • Must provide strong crypto • Must be open source (GitHub) • Must be beautiful and easy to use, we actually don’t want the user to be confronted with complex crypto issues • Provide deniability • Provide alerting mechanisms that alert the user when something is wrong • Even when your device is confiscated, it should be able to withstand forensic investigation
  • 32. How it’s built • Using tor as transport layer for P2P routing and provide anonymity (no exit nodes used). • Obfuscated as HTTPS traffic to prevent gov’t filtering. • Using OTR v3.1 to ensure perfect forward secrecy and end-to-end crypto. • Capable of detecting A5/GSM tactical surveillance attacks. • Extremely effective anti forensic mechanisms and triggers
  • 34. Who’s using it • Journalists • Freedom Fighters • Whistleblowers • Lawyers and security professionals • …
  • 35. Why use it ? • To protect your human right on privacy • To protect your human right on freedom of speech • Because your communication needs to remain confidential • Because excessive surveillance is a threat to modern democracy
  • 36. Privacy might be for losers, but that doesn’t mean you are OK to give up your human rights…