The internet is broken, by Ola Bini

837 views
663 views

Published on

Brazil, March, 2014

This presentation talks about the various ways that the technology of the Internet does not currently suit our needs for privacy and anonymity, and some ways we can combat these issues. We will discuss everything from the layout of cables and physical infrastructure to the issues with application layer systems. We might also spend some
time discussing what legislation and policy measures are necessary as a complement to technical solutions.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
837
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

The internet is broken, by Ola Bini

  1. 1. Ola Bini computational metalinguist & paranoia principal ola@olabini.se https://olabini.se/blog 698E 2885 C1DE 74E3 2CD5 03AD 295C 7469 84AF 7F0C The Internet Is Broken
  2. 2. Threat models
  3. 3. What's really happening
  4. 4. Why is it important?
  5. 5. Weak points
  6. 6. Internet Exchanges
  7. 7. DNS
  8. 8. Email
  9. 9. Not widely deployed Users trained to disregard certificate errors TLS 1.0 deployed, TLS 1.2 not widely supported Most of the 1.0 ciphers have been broken CA system is hierarchical (you trust ca 650 auths) Including the China Government Known attacks: BEAST, CRIME, BREACH HTTPS
  10. 10. NSA tactics
  11. 11. Attacking crypto Compromise standards Sneak in weaknesses in implementations Force downgrade to weaker algorithms Attack crypto directly Attack weak random number generators Force providers to give out their keys Attack the endpoints and bypass completely
  12. 12. Attacking endpoints Backdoors in software Hardware implants (a wide variety of them) Guessing passwords Attacking nearby routers and use to listen Using baseband attacks and backdoors in cell phones
  13. 13. Active attacks Man-on-the-side attacks 0days, primarily in browsers Spear phishing
  14. 14. Crypto basics Algorithms Keys Symmetric encryption Asymmetric encryption Hashing Random numbers Kerckhoffs's principle
  15. 15. How To Fight Back
  16. 16. Principles FLOSH – Free and Libre Open Software and Hardware Decentralization End-to-end encryption
  17. 17. Fighting back as developers Learn cryptography Use opt-in share buttons Learn safe and secure coding practices Use content security policies Build decentralized systems Build free software Do not use Google-hosted JavaScript etc Get into open hardware
  18. 18. Fighting back as admins Deploy only HTTPS Use HTTP Strict Transport Security (HSTS) Use Perfect Forward Secrecy Use Piwik and locally hosted analytics
  19. 19. Fighting back as individuals Protest Inform others Use Tor Learn to use encrypted email Learn to use OTR for chats Move away from centralized services Use Jitsi instead of Skype Learn safe password usage Use ad-blockers Use open source
  20. 20. What does the world need? Decentralized services An anti-browser revolution Email/Voice/IM federated all over the world A privacy haven Transport and naming security Free software and hardware Safe payment processing Non biased search engines An alternative to cell phones
  21. 21. Privacy haven?
  22. 22. Questions? Ola Bini obini@thoughtworks.com https://olabini.se @olabini obini@thoughtworks.com

×