SlideShare a Scribd company logo
privacy is an illusion
and you’re all losers
or how 1984 was a manual for our panopticon society

!
By Cain Ransbottyn - @ransbottyn
End of privacy
•

9/11 attacks invigorated the
concept of terrorist threats

•

Post 9/11 there was a strong
and understandable argument
to prioritise security
End of civil liberties
•

New word: “asymmetrical
threats”

•

Actually means: “please give
up your civil liberties”, in 2001
55% US citizens were pro; in
2011 only 40% (and
declining).

•

Patriot Act changed the world
for good
So, terrorism huh ?
•

systematic use of violent
terror as a means of
coercion

•

violent acts which are
intended to create fear
(terror)

•

perpetrated for a religious,
political, or ideological goal

•

deliberately target or
disregard the safety of noncombatants (civilians)
Global terrorist threat map
Data of 2010. Seems legit.
Year on year doubling in surveillance
budget since the Patriot Act
Except for 2013, then there was a dark budget of US$ 52,6B
Fear. Uncertainty. Doubt.
•

Instilling fear is a premise for
coercion. But to whom ?

•

Mass media works as a
catalyst to bring fear in the
homes of citizens.

•

We all are very shitty at threat
and risk assessments. Pigs or
sharks ?

•

23,589

40

Or terrorist attacks ?
13,200

* 2010 facts and figures worldwide
Are we really capable of
understanding the real
threat level ?
Please demonstrate you can spot a rhetorical question when you see one
The convenience of circular
logic
•

Gov’t: We’re using
surveillance so we can
prevent terrorist attacks

You: I don’t see any terrorist
threat or attack

Gov’t: Awesome stuff, hey ?


•

Him: I’m using this repellent to
scare away elephants.

You: But I don’t see any
elephants.

Him: Awesome stuff, hey ?
quis custodiet ipsos
custodes ?
Total Information
Awareness
The 2002 - 2003 program that began a data mining project, following warantless surveillance decision in 2002
PRISM, XKeyScore, Tempora
!
Thank you Microsoft, Facebook, Yahoo!, Google, Paltalk, YouTube, AOL,
Apple, Skype

Snowden leaks the post 2007 surveillance industry is much worse than anyone could have imagined
The rise of private
intelligence agencies
•

The welcome gift of “social
networks”

•

The thankful adoption rate of
smart phones

•

The cloud as the ultimate data
gathering extension to
governments

•

The phone operators remain a
loyal friend

•

The overt investment strategy of
In-Q-Tel
The In-Q-Tel investment firm
•

Founded 1999 as not-for-profit
venture capital firm

•

So… if you are not looking to make a
profit, what are you looking for then ?

•

Investments in data mining, call
recording, surveillance, crypto,
biotech, …

•

E.g. 2007 AT&T - Narus STA 6400
backdoor = product of In-Q-Tel
funded company

•

Many (many) participations
worldwide (also Belgium)
Social networks as a private
intelligence agency
•

Perfect front offices

•

Facebook as the first global
private intelligence agency

•

Otherwise hard to obtain intel
is being shared voluntarily by
everyone (e.g. hobbies, etc.)

•

US$ 12,7M investment by
James Breyer (Accel), former
colleague of Gilman Louie
(CEO In-Q-Tel)
Smart-phones as the
ultimate tracking device
•

Device you carry 24/7 with you.
With a GPS on board.

•

Android has remote install/deinstall
hooks in its OS (so has IOS)

•

OTA vulnerabilities allow remote
installs of byte patches (e.g.
Blackberry incident in UAE)

•

Apple incident (“the bug that
stored your whereabouts”)

•

Any idea how many address
books are stored on iCloud ? :p
Smart-phones as the
ultimate tracking device

Wi-Fi based positioning has become very accurate and quickly deployed mainstream
Cloud providers as the
perfect honeypot
•

There is no company that is so
invasive as Google

•

Records voice calls (Voice),
analyses e-mail (GMail), knows who
you talk to and where you are
(Android), has all your documents
(Drive) and soon will see through
your eyes (Glass)

•

Robert David Steele (CIA) disclosed
Google takes money from US Intel.
community.

•

In-Q-Tel and Google invest in
mutual companies (mutual interest)
Cloud providers as the
perfect honeypot
•

Not only Google. The latest
OSX Mavericks actually asked
me to… store my Keychain in
the cloud *sigh*

•

While Apple claims iMessage
cannot be intercepted, we
know it is possible because
Apple is the MITM and no
end-to-end crypto is used nor
certificate pinning.
The loyal friend, the phone
operator
•

Needs to be CALEA and ETSI
compliant. Yeah right :-)

•

Operators are both targets of
surveillance stakeholders (e.g.
Belgacom/BICS hack by GCHQ)
and providers of surveillance tactics
(taps, OTA installs, silent SMS, etc.)

•

Does KPN really trust NICE (Israel)
and does Belgacom really trust
Huawei (China) ?

•

Truth of the matter is: you cannot
trust your operator…
Privacy is for losers

If you think you have privacy,
you really are a loser
#dta

If a government needs to understand
its enemy, and we’re being surveilled.
Then, who exactly is the enemy ?
Conspiracy theory ?
!

Whistleblowers showed that reality
is far worse
So now what ?
Change your attitude.
Wake the f*ck up…
Reclaim ownership of your data.
Demand transparency of every
service you use.
Encryption is your
friend
Encryption today is built for security
professionals and engineers.
Not for your mom or dad.
Security and crypto engineers don’t
understand UI and UX
Android and IOS planned. Microsoft Mobile perhaps.
Requirements
•

Must provide strong crypto

•

Must be open source (GitHub)

•

Must be beautiful and easy to use, we
actually don’t want the user to be
confronted with complex crypto issues

•

Provide deniability

•

Provide alerting mechanisms that alert
the user when something is wrong

•

Even when your device is confiscated,
it should be able to withstand forensic
investigation
How it’s built
•

Using tor as transport layer for P2P
routing and provide anonymity (no
exit nodes used).

•

Obfuscated as HTTPS traffic to
prevent gov’t filtering.

•

Using OTR v3.1 to ensure perfect
forward secrecy and end-to-end
crypto.

•

Capable of detecting A5/GSM
tactical surveillance attacks.

•

Extremely effective anti forensic
mechanisms and triggers
How it’s used
Who’s using it
•

Journalists

•

Freedom Fighters

•

Whistleblowers

•

Lawyers and security
professionals

•

…
Why use it ?
•

To protect your human right
on privacy

•

To protect your human right
on freedom of speech

•

Because your communication
needs to remain confidential

•

Because excessive
surveillance is a threat to
modern democracy
Privacy might be for losers, but
that doesn’t mean you are OK
to give up your human rights…

More Related Content

What's hot

28 Pitching Essentials
28 Pitching Essentials28 Pitching Essentials
28 Pitching Essentials
Michael Parker
 
The Future Of Work & The Work Of The Future
The Future Of Work & The Work Of The FutureThe Future Of Work & The Work Of The Future
The Future Of Work & The Work Of The Future
Arturo Pelayo
 
Habits at Work - Merci Victoria Grace, Growth, Slack - 2016 Habit Summit
Habits at Work - Merci Victoria Grace, Growth, Slack - 2016 Habit SummitHabits at Work - Merci Victoria Grace, Growth, Slack - 2016 Habit Summit
Habits at Work - Merci Victoria Grace, Growth, Slack - 2016 Habit Summit
Habit Summit
 
Exploiting Fast and Slow Thinking
Exploiting Fast and Slow ThinkingExploiting Fast and Slow Thinking
Exploiting Fast and Slow Thinking
Rebecca Wirfs-Brock
 
5 Steps To A Smart Compensation Plan
5 Steps To A Smart Compensation Plan5 Steps To A Smart Compensation Plan
5 Steps To A Smart Compensation Plan
BambooHR
 
How Google Works
How Google WorksHow Google Works
How Google Works
Eric Schmidt
 
What's Next in Growth? 2016
What's Next in Growth? 2016What's Next in Growth? 2016
What's Next in Growth? 2016
Andrew Chen
 
Publishing Production: From the Desktop to the Cloud
Publishing Production: From the Desktop to the CloudPublishing Production: From the Desktop to the Cloud
Publishing Production: From the Desktop to the Cloud
Deanta
 
Blockchain and Real Estate
Blockchain and Real EstateBlockchain and Real Estate
Blockchain and Real Estate
Maka De Lameillieure
 
Generative AI Use cases for Enterprise - Second Session
Generative AI Use cases for Enterprise - Second SessionGenerative AI Use cases for Enterprise - Second Session
Generative AI Use cases for Enterprise - Second Session
Gene Leybzon
 
Thinking fast and slow - How your brain makes decisions
Thinking fast and slow - How your brain makes decisionsThinking fast and slow - How your brain makes decisions
Thinking fast and slow - How your brain makes decisions
Vimi.co Ltd - Bangkok Web Agency
 
Jobs To Be Done Workshop
Jobs To Be Done WorkshopJobs To Be Done Workshop
Jobs To Be Done Workshop
Andy Fallshaw
 
Crap. The Content Marketing Deluge.
Crap. The Content Marketing Deluge.Crap. The Content Marketing Deluge.
Crap. The Content Marketing Deluge.
Velocity Partners
 
Zuora Sales Deck
Zuora Sales DeckZuora Sales Deck
Zuora Sales Deck
Ryan Gum
 
AI & Startups
AI & StartupsAI & Startups
AI & Startups
TomaszTunguz
 
[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?
InterQuest Group
 
A non-technical introduction to ChatGPT - SEDA.pptx
A non-technical introduction to ChatGPT - SEDA.pptxA non-technical introduction to ChatGPT - SEDA.pptx
A non-technical introduction to ChatGPT - SEDA.pptx
Sue Beckingham
 
10x THINKING: innovation mindset from google
10x THINKING: innovation mindset from google10x THINKING: innovation mindset from google
10x THINKING: innovation mindset from google
Annova Studio
 
Activism x Technology
Activism x TechnologyActivism x Technology
Activism x Technology
WebVisions
 
"Thinking, Fast and Slow" Applications
"Thinking, Fast and Slow" Applications"Thinking, Fast and Slow" Applications
"Thinking, Fast and Slow" Applications
abbentley
 

What's hot (20)

28 Pitching Essentials
28 Pitching Essentials28 Pitching Essentials
28 Pitching Essentials
 
The Future Of Work & The Work Of The Future
The Future Of Work & The Work Of The FutureThe Future Of Work & The Work Of The Future
The Future Of Work & The Work Of The Future
 
Habits at Work - Merci Victoria Grace, Growth, Slack - 2016 Habit Summit
Habits at Work - Merci Victoria Grace, Growth, Slack - 2016 Habit SummitHabits at Work - Merci Victoria Grace, Growth, Slack - 2016 Habit Summit
Habits at Work - Merci Victoria Grace, Growth, Slack - 2016 Habit Summit
 
Exploiting Fast and Slow Thinking
Exploiting Fast and Slow ThinkingExploiting Fast and Slow Thinking
Exploiting Fast and Slow Thinking
 
5 Steps To A Smart Compensation Plan
5 Steps To A Smart Compensation Plan5 Steps To A Smart Compensation Plan
5 Steps To A Smart Compensation Plan
 
How Google Works
How Google WorksHow Google Works
How Google Works
 
What's Next in Growth? 2016
What's Next in Growth? 2016What's Next in Growth? 2016
What's Next in Growth? 2016
 
Publishing Production: From the Desktop to the Cloud
Publishing Production: From the Desktop to the CloudPublishing Production: From the Desktop to the Cloud
Publishing Production: From the Desktop to the Cloud
 
Blockchain and Real Estate
Blockchain and Real EstateBlockchain and Real Estate
Blockchain and Real Estate
 
Generative AI Use cases for Enterprise - Second Session
Generative AI Use cases for Enterprise - Second SessionGenerative AI Use cases for Enterprise - Second Session
Generative AI Use cases for Enterprise - Second Session
 
Thinking fast and slow - How your brain makes decisions
Thinking fast and slow - How your brain makes decisionsThinking fast and slow - How your brain makes decisions
Thinking fast and slow - How your brain makes decisions
 
Jobs To Be Done Workshop
Jobs To Be Done WorkshopJobs To Be Done Workshop
Jobs To Be Done Workshop
 
Crap. The Content Marketing Deluge.
Crap. The Content Marketing Deluge.Crap. The Content Marketing Deluge.
Crap. The Content Marketing Deluge.
 
Zuora Sales Deck
Zuora Sales DeckZuora Sales Deck
Zuora Sales Deck
 
AI & Startups
AI & StartupsAI & Startups
AI & Startups
 
[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?[Infographic] How will Internet of Things (IoT) change the world as we know it?
[Infographic] How will Internet of Things (IoT) change the world as we know it?
 
A non-technical introduction to ChatGPT - SEDA.pptx
A non-technical introduction to ChatGPT - SEDA.pptxA non-technical introduction to ChatGPT - SEDA.pptx
A non-technical introduction to ChatGPT - SEDA.pptx
 
10x THINKING: innovation mindset from google
10x THINKING: innovation mindset from google10x THINKING: innovation mindset from google
10x THINKING: innovation mindset from google
 
Activism x Technology
Activism x TechnologyActivism x Technology
Activism x Technology
 
"Thinking, Fast and Slow" Applications
"Thinking, Fast and Slow" Applications"Thinking, Fast and Slow" Applications
"Thinking, Fast and Slow" Applications
 

Viewers also liked

What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
Edureka!
 
Inside Google's Numbers in 2017
Inside Google's Numbers in 2017Inside Google's Numbers in 2017
Inside Google's Numbers in 2017
Rand Fishkin
 
Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017
NVIDIA
 
The AI Rush
The AI RushThe AI Rush
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
Carol Smith
 
2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping season2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping season
Deloitte United States
 
10 facts about jobs in the future
10 facts about jobs in the future10 facts about jobs in the future
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Yevgeniy Brikman
 
Online Harassment 2017
Online Harassment 2017Online Harassment 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
Drift
 
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Shirshanka Das
 
Natural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring systemNatural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring system
Akshay Mistri
 
An Introduction to LGBTQ Oppression
An Introduction to LGBTQ OppressionAn Introduction to LGBTQ Oppression
An Introduction to LGBTQ Oppression
Olivia Domingo
 
How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)
Dasun Eranthika
 
Presentacion actividad 7
Presentacion actividad 7Presentacion actividad 7
Presentacion actividad 7
Martha Rocio Hernandez Fernandez
 
Lgbt community center
Lgbt community centerLgbt community center
Lgbt community center
Jason McLeod
 
Apresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJApresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJ
sibi_ufrj
 
Python as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats PackagesPython as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats Packages
Harold Henson
 
Electronic Communication Etiquette
Electronic Communication EtiquetteElectronic Communication Etiquette
Electronic Communication Etiquette
ladytj1754
 
Electronic Communication
Electronic CommunicationElectronic Communication
Electronic Communication
wmassie
 

Viewers also liked (20)

What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
 
Inside Google's Numbers in 2017
Inside Google's Numbers in 2017Inside Google's Numbers in 2017
Inside Google's Numbers in 2017
 
Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017Top 5 Deep Learning and AI Stories - October 6, 2017
Top 5 Deep Learning and AI Stories - October 6, 2017
 
The AI Rush
The AI RushThe AI Rush
The AI Rush
 
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
 
2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping season2017 holiday survey: An annual analysis of the peak shopping season
2017 holiday survey: An annual analysis of the peak shopping season
 
10 facts about jobs in the future
10 facts about jobs in the future10 facts about jobs in the future
10 facts about jobs in the future
 
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...Infrastructure as code: running microservices on AWS using Docker, Terraform,...
Infrastructure as code: running microservices on AWS using Docker, Terraform,...
 
Online Harassment 2017
Online Harassment 2017Online Harassment 2017
Online Harassment 2017
 
3 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 20173 Things Every Sales Team Needs to Be Thinking About in 2017
3 Things Every Sales Team Needs to Be Thinking About in 2017
 
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
Taming the ever-evolving Compliance Beast : Lessons learnt at LinkedIn [Strat...
 
Natural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring systemNatural Frequencies and Mode shape vectors for 10 Mass-Spring system
Natural Frequencies and Mode shape vectors for 10 Mass-Spring system
 
An Introduction to LGBTQ Oppression
An Introduction to LGBTQ OppressionAn Introduction to LGBTQ Oppression
An Introduction to LGBTQ Oppression
 
How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)How to Configure Selenium WebDriver (java)
How to Configure Selenium WebDriver (java)
 
Presentacion actividad 7
Presentacion actividad 7Presentacion actividad 7
Presentacion actividad 7
 
Lgbt community center
Lgbt community centerLgbt community center
Lgbt community center
 
Apresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJApresentação do curso de auxiliares de bibliotecas da UFRJ
Apresentação do curso de auxiliares de bibliotecas da UFRJ
 
Python as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats PackagesPython as a Replacement for Commercial Stats Packages
Python as a Replacement for Commercial Stats Packages
 
Electronic Communication Etiquette
Electronic Communication EtiquetteElectronic Communication Etiquette
Electronic Communication Etiquette
 
Electronic Communication
Electronic CommunicationElectronic Communication
Electronic Communication
 

Similar to Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013

Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01
Kenneth Carnesi, JD
 
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Andrew Schwabe
 
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
Hackito Ergo Sum
 
Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data   ITAG tech360 Penn State Great Valley 2015 Reining in the Data   ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015
Andrew Schwabe
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
CRS4 Research Center in Sardinia
 
Cybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationCybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generation
Hinne Hettema
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
Gianluca Varisco
 
nullcon 2010 - Underground Economy
nullcon 2010 - Underground Economynullcon 2010 - Underground Economy
nullcon 2010 - Underground Economy
n|u - The Open Security Community
 
Simon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 finalSimon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 final
Simon Harrison
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
Cyber Security Alliance
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is Different
Justin Grammens
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentation
Charles Mok
 
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
SERVICE DESIGN DAYS
 
Risk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Factory: Let's Get Physical
Risk Factory: Let's Get Physical
Risk Crew
 
Iot ppt
Iot pptIot ppt
Dark Net
Dark NetDark Net
Dark Net
jangezkhan
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictions
centralohioissa
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and Privacy
Brian Pichman
 
article cybersecurity must B2B metaverse
article cybersecurity must B2B metaversearticle cybersecurity must B2B metaverse
article cybersecurity must B2B metaverse
Mext Metaverse
 
nullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksnullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark links
n|u - The Open Security Community
 

Similar to Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013 (20)

Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01
 
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
Reigning in the Data (FOSSCON 2014) - Ephemeral Messaging and Privacy In Post...
 
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
 
Reining in the Data ITAG tech360 Penn State Great Valley 2015
Reining in the Data   ITAG tech360 Penn State Great Valley 2015 Reining in the Data   ITAG tech360 Penn State Great Valley 2015
Reining in the Data ITAG tech360 Penn State Great Valley 2015
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
 
Cybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generationCybersecurity Strategies - time for the next generation
Cybersecurity Strategies - time for the next generation
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
 
nullcon 2010 - Underground Economy
nullcon 2010 - Underground Economynullcon 2010 - Underground Economy
nullcon 2010 - Underground Economy
 
Simon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 finalSimon Harrison RWE - Chain of Things 010616 final
Simon Harrison RWE - Chain of Things 010616 final
 
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
ASFWS 2012 - Cybercrime to Information Warfare & “Cyberwar”: a hacker’s persp...
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is Different
 
Towngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentationTowngas Infomation Security Week 2013 presentation
Towngas Infomation Security Week 2013 presentation
 
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
Service Design Days 2017 - Keynote Jon Rogers (University of Dundee)
 
Risk Factory: Let's Get Physical
Risk Factory: Let's Get PhysicalRisk Factory: Let's Get Physical
Risk Factory: Let's Get Physical
 
Iot ppt
Iot pptIot ppt
Iot ppt
 
Dark Net
Dark NetDark Net
Dark Net
 
Jason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 PredictionsJason Samide - State of Security & 2016 Predictions
Jason Samide - State of Security & 2016 Predictions
 
Dark Web and Privacy
Dark Web and PrivacyDark Web and Privacy
Dark Web and Privacy
 
article cybersecurity must B2B metaverse
article cybersecurity must B2B metaversearticle cybersecurity must B2B metaverse
article cybersecurity must B2B metaverse
 
nullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark linksnullcon 2010 - Corporate Security and Intelligence – the dark links
nullcon 2010 - Corporate Security and Intelligence – the dark links
 

More from Cain Ransbottyn

Privacy is for losers 2016
Privacy is for losers 2016Privacy is for losers 2016
Privacy is for losers 2016
Cain Ransbottyn
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)
Cain Ransbottyn
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)
Cain Ransbottyn
 
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
Cain Ransbottyn
 
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Cain Ransbottyn
 
Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!
Cain Ransbottyn
 
#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product Placement#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product Placement
Cain Ransbottyn
 
Privacy is for losers
Privacy is for losersPrivacy is for losers
Privacy is for losers
Cain Ransbottyn
 
Emailvision: I'm a spammer!
Emailvision: I'm a spammer!Emailvision: I'm a spammer!
Emailvision: I'm a spammer!
Cain Ransbottyn
 

More from Cain Ransbottyn (9)

Privacy is for losers 2016
Privacy is for losers 2016Privacy is for losers 2016
Privacy is for losers 2016
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)
 
logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)logo - ident creation by @visualphill (@_visualstar)
logo - ident creation by @visualphill (@_visualstar)
 
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
The "Virtual Coaching Institute"-Pitch during Hack for Health weekend! (May 0...
 
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
Stop Wasting Money on Facebook Ads! - Digital Marketing First 2013
 
Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!Let's Google My Audience - Privacy is for Losers!
Let's Google My Audience - Privacy is for Losers!
 
#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product Placement#Smc040 @ransbottyn's Experiment: Social Media Product Placement
#Smc040 @ransbottyn's Experiment: Social Media Product Placement
 
Privacy is for losers
Privacy is for losersPrivacy is for losers
Privacy is for losers
 
Emailvision: I'm a spammer!
Emailvision: I'm a spammer!Emailvision: I'm a spammer!
Emailvision: I'm a spammer!
 

Recently uploaded

Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid ResearchHarnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Neo4j
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
DianaGray10
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
Fwdays
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
Jason Yip
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
Antonios Katsarakis
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE?  Session 1 – CoE VisionWhat is an RPA CoE?  Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
DianaGray10
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
AstuteBusiness
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS  at Code Europe 2024Introduction of Cybersecurity with OSS  at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Alex Pruden
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
Ivo Velitchkov
 

Recently uploaded (20)

Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid ResearchHarnessing the Power of NLP and Knowledge Graphs for Opioid Research
Harnessing the Power of NLP and Knowledge Graphs for Opioid Research
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsConnector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectors
 
"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota"Choosing proper type of scaling", Olena Syrota
"Choosing proper type of scaling", Olena Syrota
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
 
What is an RPA CoE? Session 1 – CoE Vision
What is an RPA CoE?  Session 1 – CoE VisionWhat is an RPA CoE?  Session 1 – CoE Vision
What is an RPA CoE? Session 1 – CoE Vision
 
Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |Astute Business Solutions | Oracle Cloud Partner |
Astute Business Solutions | Oracle Cloud Partner |
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS  at Code Europe 2024Introduction of Cybersecurity with OSS  at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
 
Apps Break Data
Apps Break DataApps Break Data
Apps Break Data
 

Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013

  • 1. privacy is an illusion and you’re all losers or how 1984 was a manual for our panopticon society ! By Cain Ransbottyn - @ransbottyn
  • 2. End of privacy • 9/11 attacks invigorated the concept of terrorist threats • Post 9/11 there was a strong and understandable argument to prioritise security
  • 3. End of civil liberties • New word: “asymmetrical threats” • Actually means: “please give up your civil liberties”, in 2001 55% US citizens were pro; in 2011 only 40% (and declining). • Patriot Act changed the world for good
  • 4. So, terrorism huh ? • systematic use of violent terror as a means of coercion • violent acts which are intended to create fear (terror) • perpetrated for a religious, political, or ideological goal • deliberately target or disregard the safety of noncombatants (civilians)
  • 5. Global terrorist threat map Data of 2010. Seems legit.
  • 6. Year on year doubling in surveillance budget since the Patriot Act Except for 2013, then there was a dark budget of US$ 52,6B
  • 7. Fear. Uncertainty. Doubt. • Instilling fear is a premise for coercion. But to whom ? • Mass media works as a catalyst to bring fear in the homes of citizens. • We all are very shitty at threat and risk assessments. Pigs or sharks ? • 23,589 40 Or terrorist attacks ? 13,200 * 2010 facts and figures worldwide
  • 8. Are we really capable of understanding the real threat level ? Please demonstrate you can spot a rhetorical question when you see one
  • 9. The convenience of circular logic • Gov’t: We’re using surveillance so we can prevent terrorist attacks
 You: I don’t see any terrorist threat or attack
 Gov’t: Awesome stuff, hey ?
 • Him: I’m using this repellent to scare away elephants.
 You: But I don’t see any elephants.
 Him: Awesome stuff, hey ?
  • 11. Total Information Awareness The 2002 - 2003 program that began a data mining project, following warantless surveillance decision in 2002
  • 12. PRISM, XKeyScore, Tempora ! Thank you Microsoft, Facebook, Yahoo!, Google, Paltalk, YouTube, AOL, Apple, Skype Snowden leaks the post 2007 surveillance industry is much worse than anyone could have imagined
  • 13. The rise of private intelligence agencies • The welcome gift of “social networks” • The thankful adoption rate of smart phones • The cloud as the ultimate data gathering extension to governments • The phone operators remain a loyal friend • The overt investment strategy of In-Q-Tel
  • 14. The In-Q-Tel investment firm • Founded 1999 as not-for-profit venture capital firm • So… if you are not looking to make a profit, what are you looking for then ? • Investments in data mining, call recording, surveillance, crypto, biotech, … • E.g. 2007 AT&T - Narus STA 6400 backdoor = product of In-Q-Tel funded company • Many (many) participations worldwide (also Belgium)
  • 15. Social networks as a private intelligence agency • Perfect front offices • Facebook as the first global private intelligence agency • Otherwise hard to obtain intel is being shared voluntarily by everyone (e.g. hobbies, etc.) • US$ 12,7M investment by James Breyer (Accel), former colleague of Gilman Louie (CEO In-Q-Tel)
  • 16. Smart-phones as the ultimate tracking device • Device you carry 24/7 with you. With a GPS on board. • Android has remote install/deinstall hooks in its OS (so has IOS) • OTA vulnerabilities allow remote installs of byte patches (e.g. Blackberry incident in UAE) • Apple incident (“the bug that stored your whereabouts”) • Any idea how many address books are stored on iCloud ? :p
  • 17. Smart-phones as the ultimate tracking device Wi-Fi based positioning has become very accurate and quickly deployed mainstream
  • 18. Cloud providers as the perfect honeypot • There is no company that is so invasive as Google • Records voice calls (Voice), analyses e-mail (GMail), knows who you talk to and where you are (Android), has all your documents (Drive) and soon will see through your eyes (Glass) • Robert David Steele (CIA) disclosed Google takes money from US Intel. community. • In-Q-Tel and Google invest in mutual companies (mutual interest)
  • 19. Cloud providers as the perfect honeypot • Not only Google. The latest OSX Mavericks actually asked me to… store my Keychain in the cloud *sigh* • While Apple claims iMessage cannot be intercepted, we know it is possible because Apple is the MITM and no end-to-end crypto is used nor certificate pinning.
  • 20. The loyal friend, the phone operator • Needs to be CALEA and ETSI compliant. Yeah right :-) • Operators are both targets of surveillance stakeholders (e.g. Belgacom/BICS hack by GCHQ) and providers of surveillance tactics (taps, OTA installs, silent SMS, etc.) • Does KPN really trust NICE (Israel) and does Belgacom really trust Huawei (China) ? • Truth of the matter is: you cannot trust your operator…
  • 21. Privacy is for losers If you think you have privacy, you really are a loser
  • 22. #dta If a government needs to understand its enemy, and we’re being surveilled. Then, who exactly is the enemy ?
  • 23. Conspiracy theory ? ! Whistleblowers showed that reality is far worse
  • 25. Change your attitude. Wake the f*ck up…
  • 26. Reclaim ownership of your data. Demand transparency of every service you use.
  • 28. Encryption today is built for security professionals and engineers. Not for your mom or dad.
  • 29. Security and crypto engineers don’t understand UI and UX
  • 30. Android and IOS planned. Microsoft Mobile perhaps.
  • 31. Requirements • Must provide strong crypto • Must be open source (GitHub) • Must be beautiful and easy to use, we actually don’t want the user to be confronted with complex crypto issues • Provide deniability • Provide alerting mechanisms that alert the user when something is wrong • Even when your device is confiscated, it should be able to withstand forensic investigation
  • 32. How it’s built • Using tor as transport layer for P2P routing and provide anonymity (no exit nodes used). • Obfuscated as HTTPS traffic to prevent gov’t filtering. • Using OTR v3.1 to ensure perfect forward secrecy and end-to-end crypto. • Capable of detecting A5/GSM tactical surveillance attacks. • Extremely effective anti forensic mechanisms and triggers
  • 34. Who’s using it • Journalists • Freedom Fighters • Whistleblowers • Lawyers and security professionals • …
  • 35. Why use it ? • To protect your human right on privacy • To protect your human right on freedom of speech • Because your communication needs to remain confidential • Because excessive surveillance is a threat to modern democracy
  • 36. Privacy might be for losers, but that doesn’t mean you are OK to give up your human rights…