You and Your Phone are Huge Threats to the Net

1,339 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,339
On SlideShare
0
From Embeds
0
Number of Embeds
561
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

You and Your Phone are Huge Threats to the Net

  1. 1. you and your phone are a huge threat to the net @alecmuffett www.alecmuffett.com green lane security www.greenlanesecurity.com@alecmuffett www.greenlanesecurity.com
  2. 2. ...but not in the way you may think@alecmuffett www.greenlanesecurity.com
  3. 3. 1: You@alecmuffett www.greenlanesecurity.com
  4. 4. knowledge & memory@alecmuffett www.greenlanesecurity.com
  5. 5. example: you & phone numbers@alecmuffett www.greenlanesecurity.com
  6. 6. nowadays your phone helps you remember phone numbers so you can ignore the phonebook@alecmuffett www.greenlanesecurity.com
  7. 7. example: you & IP addresses@alecmuffett www.greenlanesecurity.com
  8. 8. your computer is not yet bypassing DNS for you@alecmuffett www.greenlanesecurity.com
  9. 9. 2: Your Phone@alecmuffett www.greenlanesecurity.com
  10. 10. (my phone)@alecmuffett www.greenlanesecurity.com
  11. 11. samsung galaxy S2@alecmuffett www.greenlanesecurity.com
  12. 12. (I used to sysadmin for universities which had less CPU power)@alecmuffett www.greenlanesecurity.com
  13. 13. networking@alecmuffett www.greenlanesecurity.com
  14. 14. GPRS, 3G, HSDPA/+, Wifi@alecmuffett www.greenlanesecurity.com
  15. 15. @alecmuffett www.greenlanesecurity.com
  16. 16. @alecmuffett www.greenlanesecurity.com
  17. 17. Mon Jan 9 21:40:05 82.xx.xx.xx Vigor[4294967295] <Info>: DoS smurf Block31.106.0.240 -> 82.xx.xx.xx PR icmp len 2084 icmp 0/8Mon Jan 9 21:40:11 82.xx.xx.xx Vigor[4294967295] <Info>: DoS smurf Block31.106.0.240 -> 82.xx.xx.xx PR icmp len 2084 icmp 0/8@alecmuffett www.greenlanesecurity.com
  18. 18. @alecmuffett www.greenlanesecurity.com
  19. 19. @alecmuffett www.greenlanesecurity.com
  20. 20. @alecmuffett www.greenlanesecurity.com
  21. 21. Your phone is...@alecmuffett www.greenlanesecurity.com
  22. 22. powerful enough to be a server@alecmuffett www.greenlanesecurity.com
  23. 23. thoroughly connected@alecmuffett www.greenlanesecurity.com
  24. 24. but underutilised.@alecmuffett www.greenlanesecurity.com
  25. 25. So what?@alecmuffett www.greenlanesecurity.com
  26. 26. threat 1: censorship@alecmuffett www.greenlanesecurity.com
  27. 27. domain filtering@alecmuffett www.greenlanesecurity.com
  28. 28. UAE, Saudi, Ireland...@alecmuffett www.greenlanesecurity.com
  29. 29. DNS domain seizure@alecmuffett www.greenlanesecurity.com
  30. 30. newzbin2, dajaz1, ...@alecmuffett www.greenlanesecurity.com
  31. 31. threat 2: network isolation@alecmuffett www.greenlanesecurity.com
  32. 32. “divided we stand”@alecmuffett www.greenlanesecurity.com
  33. 33. restricted ingress & egress = easier control = simpler censorship@alecmuffett www.greenlanesecurity.com
  34. 34. direct communication = disintermediation = harder to block@alecmuffett www.greenlanesecurity.com
  35. 35. so why is your phone NAT’ed?@alecmuffett www.greenlanesecurity.com
  36. 36. not security, else you need to avoid wifi@alecmuffett www.greenlanesecurity.com
  37. 37. your phone is NAT’ed and firewalled instead for another reason:@alecmuffett www.greenlanesecurity.com
  38. 38. “because it’s what people currently expect”@alecmuffett www.greenlanesecurity.com
  39. 39. summary@alecmuffett www.greenlanesecurity.com
  40. 40. in three sentences:@alecmuffett www.greenlanesecurity.com
  41. 41. “why can’t I ping your phone?”@alecmuffett www.greenlanesecurity.com
  42. 42. “you’d do more with full connectivity...”@alecmuffett www.greenlanesecurity.com
  43. 43. network access is not the same as network connectivity@alecmuffett www.greenlanesecurity.com
  44. 44. until this changes, you and your phone are promoting inferior methods of network connectivity@alecmuffett www.greenlanesecurity.com
  45. 45. ie: you are part of the problem@alecmuffett www.greenlanesecurity.com
  46. 46. solutions?@alecmuffett www.greenlanesecurity.com
  47. 47. technologies • IPv6 • no more scarcity of addresses • no more argument for NAT • NAT is not a security mechanism • NAT is not a firewall@alecmuffett www.greenlanesecurity.com
  48. 48. “a /48 is big enough for anyone?” *281,474,976,710,656 devices in your home?@alecmuffett www.greenlanesecurity.com
  49. 49. technologies • Alternatives to DNS • several out there • “.p2p” domain project • also better DNS (i.e. DNSSEC) • Unloved by censors • SOPA would forbid@alecmuffett www.greenlanesecurity.com
  50. 50. technologies • Tor • ignores DNS internally • “.onion” domain@alecmuffett www.greenlanesecurity.com
  51. 51. but the real solution@alecmuffett www.greenlanesecurity.com
  52. 52. demand change.@alecmuffett www.greenlanesecurity.com
  53. 53. (fin)@alecmuffett www.greenlanesecurity.com

×