SlideShare a Scribd company logo

The Surveillance Project is Real: Understanding Global Monitoring and 4 Key Ways Data is Collected

C
Christos Beretas
1 of 6
Download to read offline
- 1 - The Surveillance Project is Real Researcher: Christos Beretas, MSc Web: http://www.christosberetas.com Every person who is involving in cyber security and information security arena has been hearing about the various surveillance projects. Often in government surveillance projects participating big companies, organizations, ISPs, etc. Typically a surveillance project is divided by three stages data monitoring, data collection and data analysis. Data monitoring: • IRC • E-mail messages • VOIP • Every live online transaction • Mobile phones live activities Data Collection: • Mobile phones metadata • Keywords • Public data • Stored online data (cloud services) • E-mail accounts and content • Metadata • Any file • Online habits
- 2 - Data Analysis: • Who – Where – When • Number of frequently • Who with who • Keyword analysis • Special request Surveillance projects are based on idea that the most online traffic is passing through U.S networks, it is easy to monitor that traffic, but practically any country can monitor the online communications. And secondly the most important role is the collaboration between the government, companies and organizations globally. Let’s see the map below to understand better the online traffic. On the above map as we can see the data’s are passing through various continents, as I said above they can be collected and analyzed by each country they are passing. There mainly 4 surveillance ways in the picture below you can see the first option to monitor every online communication by using the global backbone infrastructure.
- 3 - As you can see on the above picture any country or collaboratively can monitor every communication. The second option that is easy to monitor any activity is to install special equipment either software or hardware to Internet Service Providers (ISPs) with purpose to collect “Special Traffic” based on specific “Keywords” ignoring the useless data, see the picture below to understand better.
- 4 - The third option is the companies who are participating in surveillance program, usually selecting companies which they offering services to the public and they have long customers list, for example free e-mail companies. This kind of surveillance usually is legal because is base on “security and protection laws” and usually asking from the company to provide non-stop information about its customers. The forth option is something that will make you think again and again, it is called “roving bug” this idea is not new, a part of code is embedded in smart phones (not only in smart phones the experienced software developers they know about the “Easter Eggs”) and is enabled when a specific action is happened, for example a specific SMS is received, by MMS sending you a beautiful picture by “mistake” by GPS and various other methods. The purpose is one and only one to listen what we say and what we send. I will close here with a question, are you wondering why people who care about privacy and security are they using NON smart phones or customized smart phones? Cryptography is the simple solution in surveillance threat but not the best. Some scientists around the world they are saying “cryptography is dead”. I will disagree with them, none service, none government in the world they know what someone else have on his/her mind. No one can predict what the other person will design and produce for it self or for a company. For example let’s think someone is making a software application that is free, for companies, or private use and this application is using the encryption algorithm AES and various other conversions, without specific file association (For example TXT input TXT export) even the encryption keys are embedded in the code and you just pressing one button for encryption and decryption, or by creating a customized encryption tool and make that encryption tool part of the encryption process by giving 200 characters key, do you believe the governments they
- 5 - known what each of us think? Or they know that this file is encrypted by this custom application? Of course NO. For example see the picture below. It is a good simple practice to create a custom encrypted tool for personal communication or for specific organization, hard coded keys are safe when the application doesn’t create specific file name extensions (for example program name and version) and is for individuals and companies for internal use to encrypt their data.
- 6 - Another one practice regarding cryptography and anti surveillance is to design your own encryption algorithm for example Christos Beretas snapXE + algorithm to encrypt sensitive data. Bibliography Nemati, Hamid. 2010. Security and Privacy Assurance in Advancing Technologies: New Developments. IGI Global.

Recommended

ASCL_Syllabus_Project Report Details
ASCL_Syllabus_Project Report DetailsASCL_Syllabus_Project Report Details
ASCL_Syllabus_Project Report DetailsPrakash Prasad ✔
 
Digital Crime & Forensics - Report
Digital Crime & Forensics - ReportDigital Crime & Forensics - Report
Digital Crime & Forensics - Reportprashant3535
 
Cyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraCyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraKapil Mehrotra
 
Prevent Strikes On Industrial And Civil Items Using Access Control
Prevent Strikes On Industrial And Civil Items Using Access ControlPrevent Strikes On Industrial And Civil Items Using Access Control
Prevent Strikes On Industrial And Civil Items Using Access Controlmorticelocksnational21
 
Ssl tls-beginners-guide
Ssl tls-beginners-guideSsl tls-beginners-guide
Ssl tls-beginners-guideJosephLamineDIALLO
 
Cyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital DomainCyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital Domainppd1961
 
Crowdsourcing & ethics: a few thoughts and refences.
Crowdsourcing & ethics: a few thoughts and refences. Crowdsourcing & ethics: a few thoughts and refences.
Crowdsourcing & ethics: a few thoughts and refences. Matthew Lease
 
Attacks Types
Attacks TypesAttacks Types
Attacks TypesRajuPrasad33
 

Recommended

ASCL_Syllabus_Project Report Details
ASCL_Syllabus_Project Report DetailsASCL_Syllabus_Project Report Details
ASCL_Syllabus_Project Report DetailsPrakash Prasad ✔
 
Digital Crime & Forensics - Report
Digital Crime & Forensics - ReportDigital Crime & Forensics - Report
Digital Crime & Forensics - Reportprashant3535
 
Cyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraCyber Security work shop by Kapil Mehrotra
Cyber Security work shop by Kapil MehrotraKapil Mehrotra
 
Prevent Strikes On Industrial And Civil Items Using Access Control
Prevent Strikes On Industrial And Civil Items Using Access ControlPrevent Strikes On Industrial And Civil Items Using Access Control
Prevent Strikes On Industrial And Civil Items Using Access Controlmorticelocksnational21
 
Ssl tls-beginners-guide
Ssl tls-beginners-guideSsl tls-beginners-guide
Ssl tls-beginners-guideJosephLamineDIALLO
 
Cyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital DomainCyber Forensic - Policing the Digital Domain
Cyber Forensic - Policing the Digital Domainppd1961
 
Crowdsourcing & ethics: a few thoughts and refences.
Crowdsourcing & ethics: a few thoughts and refences. Crowdsourcing & ethics: a few thoughts and refences.
Crowdsourcing & ethics: a few thoughts and refences. Matthew Lease
 
Attacks Types
Attacks TypesAttacks Types
Attacks TypesRajuPrasad33
 
I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examinerNeeraj Aarora
 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINamiable_indian
 
Software Piracy
Software PiracySoftware Piracy
Software Piracyjvonschilling
 
Prelude to cyber forensics
Prelude to cyber forensicsPrelude to cyber forensics
Prelude to cyber forensicsChaitanya Dhareshwar
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
 
Christopher furton-darpa-project-memex-erodes-internet-privacy
Christopher furton-darpa-project-memex-erodes-internet-privacyChristopher furton-darpa-project-memex-erodes-internet-privacy
Christopher furton-darpa-project-memex-erodes-internet-privacyChris Furton
 
Ethics and privacy ppt 3rd period
Ethics and privacy ppt 3rd periodEthics and privacy ppt 3rd period
Ethics and privacy ppt 3rd periodcharvill
 
Eamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E CommerceEamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E CommerceEamonnORagh
 
Hacking ppt
Hacking pptHacking ppt
Hacking pptgiridhar_sadasivuni
 
Chapter 3 ethics and privacy
Chapter 3 ethics and privacyChapter 3 ethics and privacy
Chapter 3 ethics and privacymrzapper
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy
 
Social Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligenceSocial Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligenceE Hacking
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaMohammed Mahfouz Alhassan
 
Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Marcus Leaning
 
Child protection system in ict of thailand
Child protection system in ict of thailandChild protection system in ict of thailand
Child protection system in ict of thailandNational Institute for Child and Family Development , Mahidol university
 
Chapter 3
Chapter 3Chapter 3
Chapter 3Jennifer Polack
 
Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Gol D Roger
 
Chinese taipei 1366688667
Chinese taipei 1366688667Chinese taipei 1366688667
Chinese taipei 1366688667Nurul Yakin
 
CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015Jörn Weber
 
Computer And The Law
Computer And The LawComputer And The Law
Computer And The LawSaimaRafiq
 
Portfolio of shafaat khan
Portfolio of shafaat khanPortfolio of shafaat khan
Portfolio of shafaat khanstudioshafaat
 
project design using OMI
project design using OMIproject design using OMI
project design using OMIPatrick Gorman
 

More Related Content

What's hot

I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examinerNeeraj Aarora
 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINamiable_indian
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
 
Christopher furton-darpa-project-memex-erodes-internet-privacy
Christopher furton-darpa-project-memex-erodes-internet-privacyChristopher furton-darpa-project-memex-erodes-internet-privacy
Christopher furton-darpa-project-memex-erodes-internet-privacyChris Furton
 
Ethics and privacy ppt 3rd period
Ethics and privacy ppt 3rd periodEthics and privacy ppt 3rd period
Ethics and privacy ppt 3rd periodcharvill
 
Eamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E CommerceEamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E CommerceEamonnORagh
 
Chapter 3 ethics and privacy
Chapter 3 ethics and privacyChapter 3 ethics and privacy
Chapter 3 ethics and privacymrzapper
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy
 
Social Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligenceSocial Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligenceE Hacking
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaMohammed Mahfouz Alhassan
 
Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Marcus Leaning
 
Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Gol D Roger
 
Chinese taipei 1366688667
Chinese taipei 1366688667Chinese taipei 1366688667
Chinese taipei 1366688667Nurul Yakin
 
CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015Jörn Weber
 
Computer And The Law
Computer And The LawComputer And The Law
Computer And The LawSaimaRafiq
 

What's hot (20)

I want to be a cyber forensic examiner
I want to be a cyber forensic examinerI want to be a cyber forensic examiner
I want to be a cyber forensic examiner
 
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAINCOMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
COMPUTER LAW, INVESTIGATION AND ETHICS DOMAIN
 
Software Piracy
Software PiracySoftware Piracy
Software Piracy
 
Prelude to cyber forensics
Prelude to cyber forensicsPrelude to cyber forensics
Prelude to cyber forensics
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU Investigators
 
Christopher furton-darpa-project-memex-erodes-internet-privacy
Christopher furton-darpa-project-memex-erodes-internet-privacyChristopher furton-darpa-project-memex-erodes-internet-privacy
Christopher furton-darpa-project-memex-erodes-internet-privacy
 
Ethics and privacy ppt 3rd period
Ethics and privacy ppt 3rd periodEthics and privacy ppt 3rd period
Ethics and privacy ppt 3rd period
 
Eamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E CommerceEamonn O Raghallaigh The Major Security Issues In E Commerce
Eamonn O Raghallaigh The Major Security Issues In E Commerce
 
Hacking ppt
Hacking pptHacking ppt
Hacking ppt
 
Chapter 3 ethics and privacy
Chapter 3 ethics and privacyChapter 3 ethics and privacy
Chapter 3 ethics and privacy
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 Assignment
 
Social Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligenceSocial Media Monitoring tools as an OSINT platform for intelligence
Social Media Monitoring tools as an OSINT platform for intelligence
 
Computer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of GhanaComputer and Cyber forensics, a case study of Ghana
Computer and Cyber forensics, a case study of Ghana
 
Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR Dark Side of the Net Lecture 4 TOR
Dark Side of the Net Lecture 4 TOR
 
Child protection system in ict of thailand
Child protection system in ict of thailandChild protection system in ict of thailand
Child protection system in ict of thailand
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02
 
Chinese taipei 1366688667
Chinese taipei 1366688667Chinese taipei 1366688667
Chinese taipei 1366688667
 
CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015CORMA-FW REPRINT-APR2015
CORMA-FW REPRINT-APR2015
 
Computer And The Law
Computer And The LawComputer And The Law
Computer And The Law
 

Viewers also liked

Portfolio of shafaat khan
Portfolio of shafaat khanPortfolio of shafaat khan
Portfolio of shafaat khanstudioshafaat
 
project design using OMI
project design using OMIproject design using OMI
project design using OMIPatrick Gorman
 
Animal Kingdom
Animal KingdomAnimal Kingdom
Animal Kingdommeerzara
 
Economic article
Economic articleEconomic article
Economic articleTehreem101
 
Report on Stealth technology
Report on Stealth technology Report on Stealth technology
Report on Stealth technology Rohan Bhavsar
 
Honeypot Projects are Everywhere
Honeypot Projects are EverywhereHoneypot Projects are Everywhere
Honeypot Projects are EverywhereChristos Beretas
 
Christos_Beretas_Internet_Privacy_and_Myths_TE
Christos_Beretas_Internet_Privacy_and_Myths_TEChristos_Beretas_Internet_Privacy_and_Myths_TE
Christos_Beretas_Internet_Privacy_and_Myths_TEChristos Beretas
 
Wood supply and demand analysis in pakistan – key issues
Wood supply and demand analysis in pakistan – key issuesWood supply and demand analysis in pakistan – key issues
Wood supply and demand analysis in pakistan – key issuesTehreem101
 

Viewers also liked (11)

Portfolio of shafaat khan
Portfolio of shafaat khanPortfolio of shafaat khan
Portfolio of shafaat khan
 
project design using OMI
project design using OMIproject design using OMI
project design using OMI
 
Animal Kingdom
Animal KingdomAnimal Kingdom
Animal Kingdom
 
self-esteem
self-esteem self-esteem
self-esteem
 
Economic article
Economic articleEconomic article
Economic article
 
editing2
editing2editing2
editing2
 
Report on Stealth technology
Report on Stealth technology Report on Stealth technology
Report on Stealth technology
 
Honeypot Projects are Everywhere
Honeypot Projects are EverywhereHoneypot Projects are Everywhere
Honeypot Projects are Everywhere
 
Stealth technology
Stealth technology Stealth technology
Stealth technology
 
Christos_Beretas_Internet_Privacy_and_Myths_TE
Christos_Beretas_Internet_Privacy_and_Myths_TEChristos_Beretas_Internet_Privacy_and_Myths_TE
Christos_Beretas_Internet_Privacy_and_Myths_TE
 
Wood supply and demand analysis in pakistan – key issues
Wood supply and demand analysis in pakistan – key issuesWood supply and demand analysis in pakistan – key issues
Wood supply and demand analysis in pakistan – key issues
 

Similar to The Surveillance Project is Real: Understanding Global Monitoring and 4 Key Ways Data is Collected

1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsCSantosConleyha
 
1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsCAbbyWhyte974
 
I want you to Read intensively papers and give me a summary for ever.pdf
I want you to Read intensively papers and give me a summary for ever.pdfI want you to Read intensively papers and give me a summary for ever.pdf
I want you to Read intensively papers and give me a summary for ever.pdfamitkhanna2070
 
Project_Paper_ISSC455_Intindolo
Project_Paper_ISSC455_IntindoloProject_Paper_ISSC455_Intindolo
Project_Paper_ISSC455_IntindoloJohn Intindolo
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Joseph White MPA CPM
 
Sms base file search & automatic contact saving technique using gsm 38521
Sms base file search & automatic contact saving technique using gsm 38521Sms base file search & automatic contact saving technique using gsm 38521
Sms base file search & automatic contact saving technique using gsm 38521EditorIJAERD
 
How to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarHow to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarJudgeEagle
 
Steven Greschner - About Me
Steven Greschner - About MeSteven Greschner - About Me
Steven Greschner - About MeNextNet Partners
 
cyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricscyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricsMayank Diwakar
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesUlf Mattsson
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Kolluru N Rao
 
Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness (digital forensics)Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness (digital forensics)CA.Kolluru Narayanarao
 
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docx
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docxRunning Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docx
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docxtodd521
 

Similar to The Surveillance Project is Real: Understanding Global Monitoring and 4 Key Ways Data is Collected (16)

1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC
 
1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC1. Original Post by Catherine JohnsonCryptographic MethodsC
1. Original Post by Catherine JohnsonCryptographic MethodsC
 
I want you to Read intensively papers and give me a summary for ever.pdf
I want you to Read intensively papers and give me a summary for ever.pdfI want you to Read intensively papers and give me a summary for ever.pdf
I want you to Read intensively papers and give me a summary for ever.pdf
 
Project_Paper_ISSC455_Intindolo
Project_Paper_ISSC455_IntindoloProject_Paper_ISSC455_Intindolo
Project_Paper_ISSC455_Intindolo
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
 
PREPARING FOR THE GDPR
PREPARING FOR THE GDPRPREPARING FOR THE GDPR
PREPARING FOR THE GDPR
 
Sms base file search & automatic contact saving technique using gsm 38521
Sms base file search & automatic contact saving technique using gsm 38521Sms base file search & automatic contact saving technique using gsm 38521
Sms base file search & automatic contact saving technique using gsm 38521
 
How to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jarHow to protect the cookies once someone gets into the cookie jar
How to protect the cookies once someone gets into the cookie jar
 
Steven Greschner - About Me
Steven Greschner - About MeSteven Greschner - About Me
Steven Greschner - About Me
 
Cyber security macau
Cyber security macau Cyber security macau
Cyber security macau
 
cyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometricscyberlaws and cyberforensics,biometrics
cyberlaws and cyberforensics,biometrics
 
IoT
IoTIoT
IoT
 
ISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniquesISACA Houston - Practical data privacy and de-identification techniques
ISACA Houston - Practical data privacy and de-identification techniques
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]
 
Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness (digital forensics)Lessons v on fraud awareness (digital forensics)
Lessons v on fraud awareness (digital forensics)
 
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docx
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docxRunning Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docx
Running Head TRENDS IN CYBERSECURITY1TRENDS IN CYBERSECURITY.docx
 

The Surveillance Project is Real: Understanding Global Monitoring and 4 Key Ways Data is Collected

  • 1. - 1 - The Surveillance Project is Real Researcher: Christos Beretas, MSc Web: http://www.christosberetas.com Every person who is involving in cyber security and information security arena has been hearing about the various surveillance projects. Often in government surveillance projects participating big companies, organizations, ISPs, etc. Typically a surveillance project is divided by three stages data monitoring, data collection and data analysis. Data monitoring: • IRC • E-mail messages • VOIP • Every live online transaction • Mobile phones live activities Data Collection: • Mobile phones metadata • Keywords • Public data • Stored online data (cloud services) • E-mail accounts and content • Metadata • Any file • Online habits
  • 2. - 2 - Data Analysis: • Who – Where – When • Number of frequently • Who with who • Keyword analysis • Special request Surveillance projects are based on idea that the most online traffic is passing through U.S networks, it is easy to monitor that traffic, but practically any country can monitor the online communications. And secondly the most important role is the collaboration between the government, companies and organizations globally. Let’s see the map below to understand better the online traffic. On the above map as we can see the data’s are passing through various continents, as I said above they can be collected and analyzed by each country they are passing. There mainly 4 surveillance ways in the picture below you can see the first option to monitor every online communication by using the global backbone infrastructure.
  • 3. - 3 - As you can see on the above picture any country or collaboratively can monitor every communication. The second option that is easy to monitor any activity is to install special equipment either software or hardware to Internet Service Providers (ISPs) with purpose to collect “Special Traffic” based on specific “Keywords” ignoring the useless data, see the picture below to understand better.
  • 4. - 4 - The third option is the companies who are participating in surveillance program, usually selecting companies which they offering services to the public and they have long customers list, for example free e-mail companies. This kind of surveillance usually is legal because is base on “security and protection laws” and usually asking from the company to provide non-stop information about its customers. The forth option is something that will make you think again and again, it is called “roving bug” this idea is not new, a part of code is embedded in smart phones (not only in smart phones the experienced software developers they know about the “Easter Eggs”) and is enabled when a specific action is happened, for example a specific SMS is received, by MMS sending you a beautiful picture by “mistake” by GPS and various other methods. The purpose is one and only one to listen what we say and what we send. I will close here with a question, are you wondering why people who care about privacy and security are they using NON smart phones or customized smart phones? Cryptography is the simple solution in surveillance threat but not the best. Some scientists around the world they are saying “cryptography is dead”. I will disagree with them, none service, none government in the world they know what someone else have on his/her mind. No one can predict what the other person will design and produce for it self or for a company. For example let’s think someone is making a software application that is free, for companies, or private use and this application is using the encryption algorithm AES and various other conversions, without specific file association (For example TXT input TXT export) even the encryption keys are embedded in the code and you just pressing one button for encryption and decryption, or by creating a customized encryption tool and make that encryption tool part of the encryption process by giving 200 characters key, do you believe the governments they
  • 5. - 5 - known what each of us think? Or they know that this file is encrypted by this custom application? Of course NO. For example see the picture below. It is a good simple practice to create a custom encrypted tool for personal communication or for specific organization, hard coded keys are safe when the application doesn’t create specific file name extensions (for example program name and version) and is for individuals and companies for internal use to encrypt their data.
  • 6. - 6 - Another one practice regarding cryptography and anti surveillance is to design your own encryption algorithm for example Christos Beretas snapXE + algorithm to encrypt sensitive data. Bibliography Nemati, Hamid. 2010. Security and Privacy Assurance in Advancing Technologies: New Developments. IGI Global.