0
Ola Bini
computational metalinguist & paranoia principal
ola@olabini.se
https://olabini.se/blog
698E 2885 C1DE 74E3 2CD5 0...
Threat models
What's really
happening
Why is it
important?
Weak points
Internet
Exchanges
DNS
Email
Not widely deployed
Users trained to disregard certificate errors
TLS 1.0 deployed, TLS 1.2 not widely supported
Most of t...
NSA tactics
Attacking crypto
Compromise standards
Sneak in weaknesses in implementations
Force downgrade to weaker algorithms
Attack c...
Attacking endpoints
Backdoors in software
Hardware implants (a wide variety of them)
Guessing passwords
Attacking nearby r...
Active attacks
Man-on-the-side attacks
0days, primarily in browsers
Spear phishing
Crypto basics
Algorithms
Keys
Symmetric encryption
Asymmetric encryption
Hashing
Random numbers
Kerckhoffs's principle
How To Fight
Back
Principles
FLOSH – Free and Libre Open Software and Hardware
Decentralization
End-to-end encryption
Fighting back as developers
Learn cryptography
Use opt-in share buttons
Learn safe and secure coding practices
Use content...
Fighting back as admins
Deploy only HTTPS
Use HTTP Strict Transport Security (HSTS)
Use Perfect Forward Secrecy
Use Piwik ...
Fighting back as individuals
Protest
Inform others
Use Tor
Learn to use encrypted email
Learn to use OTR for chats
Move aw...
What does the world need?
Decentralized services
An anti-browser revolution
Email/Voice/IM federated all over the world
A ...
Privacy haven?
Questions?
Ola Bini
obini@thoughtworks.com
https://olabini.se @olabini
obini@thoughtworks.com
The internet is broken, by Ola Bini
The internet is broken, by Ola Bini
The internet is broken, by Ola Bini
The internet is broken, by Ola Bini
The internet is broken, by Ola Bini
The internet is broken, by Ola Bini
The internet is broken, by Ola Bini
Upcoming SlideShare
Loading in...5
×

The internet is broken, by Ola Bini

480

Published on

Brazil, March, 2014

This presentation talks about the various ways that the technology of the Internet does not currently suit our needs for privacy and anonymity, and some ways we can combat these issues. We will discuss everything from the layout of cables and physical infrastructure to the issues with application layer systems. We might also spend some
time discussing what legislation and policy measures are necessary as a complement to technical solutions.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
480
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "The internet is broken, by Ola Bini"

  1. 1. Ola Bini computational metalinguist & paranoia principal ola@olabini.se https://olabini.se/blog 698E 2885 C1DE 74E3 2CD5 03AD 295C 7469 84AF 7F0C The Internet Is Broken
  2. 2. Threat models
  3. 3. What's really happening
  4. 4. Why is it important?
  5. 5. Weak points
  6. 6. Internet Exchanges
  7. 7. DNS
  8. 8. Email
  9. 9. Not widely deployed Users trained to disregard certificate errors TLS 1.0 deployed, TLS 1.2 not widely supported Most of the 1.0 ciphers have been broken CA system is hierarchical (you trust ca 650 auths) Including the China Government Known attacks: BEAST, CRIME, BREACH HTTPS
  10. 10. NSA tactics
  11. 11. Attacking crypto Compromise standards Sneak in weaknesses in implementations Force downgrade to weaker algorithms Attack crypto directly Attack weak random number generators Force providers to give out their keys Attack the endpoints and bypass completely
  12. 12. Attacking endpoints Backdoors in software Hardware implants (a wide variety of them) Guessing passwords Attacking nearby routers and use to listen Using baseband attacks and backdoors in cell phones
  13. 13. Active attacks Man-on-the-side attacks 0days, primarily in browsers Spear phishing
  14. 14. Crypto basics Algorithms Keys Symmetric encryption Asymmetric encryption Hashing Random numbers Kerckhoffs's principle
  15. 15. How To Fight Back
  16. 16. Principles FLOSH – Free and Libre Open Software and Hardware Decentralization End-to-end encryption
  17. 17. Fighting back as developers Learn cryptography Use opt-in share buttons Learn safe and secure coding practices Use content security policies Build decentralized systems Build free software Do not use Google-hosted JavaScript etc Get into open hardware
  18. 18. Fighting back as admins Deploy only HTTPS Use HTTP Strict Transport Security (HSTS) Use Perfect Forward Secrecy Use Piwik and locally hosted analytics
  19. 19. Fighting back as individuals Protest Inform others Use Tor Learn to use encrypted email Learn to use OTR for chats Move away from centralized services Use Jitsi instead of Skype Learn safe password usage Use ad-blockers Use open source
  20. 20. What does the world need? Decentralized services An anti-browser revolution Email/Voice/IM federated all over the world A privacy haven Transport and naming security Free software and hardware Safe payment processing Non biased search engines An alternative to cell phones
  21. 21. Privacy haven?
  22. 22. Questions? Ola Bini obini@thoughtworks.com https://olabini.se @olabini obini@thoughtworks.com
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×