SlideShare a Scribd company logo



H
huertanix

An intro to mobile messaging security in text messages and messaging apps. Presented at CryptoParty NYC at Brooklyn Public Library.

Technology
1 of 14
Download to read offline
😧📱🔓🕵📱😩 David Huerta - CryptoParty @ BPL 11/9/2015
Plain Text Messages • Encrypted only between telco and device (sometimes). • Telco can read everything you type, so can their friends. • Bonus: This also means your plain phone calls can be intercepted. • Bonus: It's not just the Telco you have to worry about...
Stingrays • Used by law enforcement to intercept (and copy) cell phone text messages, phone calls, and location data. • Usually mounted in a van or plane. • More info on their legal use: https://www.eff.org/ deeplinks/2015/09/finally-doj-reverses-course-and- will-get-warrants-stingrays. • $13,500 per unit (barely over $9,000)
Software Defined Radio • Could be used by just about anyone with some tech expertise. • Julian Oliver's The Beacon Frame an example that just broadcasted messages rather than recording them. • Others may have few scruples. • HackRF: $299
0€ with CCC ticket
Messenger Apps • Many messenger apps offer different levels of protection to defend against people intercepting the wireless signal, but usually these are incomplete. • See how incomplete here: http:// projects.propublica.org/graphics/privacy-tools • …and… https://www.eff.org/secure-messaging- scorecard.
– Everyone “Which secure messaging app should I use?”






Recommended

Dave Troy's Presentation at eComm 2008
Dave Troy's Presentation at eComm 2008Dave Troy's Presentation at eComm 2008
Dave Troy's Presentation at eComm 2008eComm2008
 
Catching imsi catchers
Catching imsi catchersCatching imsi catchers
Catching imsi catchers
Geoffrey Vaughan
 
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
Andris Soroka
 
Earthmouse: Mobile Guardian
Earthmouse: Mobile GuardianEarthmouse: Mobile Guardian
Earthmouse: Mobile Guardian
earthmouse
 
Cell phone security lite
Cell phone security liteCell phone security lite
Cell phone security litecooperq
 
Final2
Final2Final2
Final2
pooja pal
 
Deepfakes
DeepfakesDeepfakes
Deepfakes
CA.Kolluru Narayanarao
 
Cyber security
Cyber securityCyber security
Cyber security
shachibattar
 

Recommended

Dave Troy's Presentation at eComm 2008
Dave Troy's Presentation at eComm 2008Dave Troy's Presentation at eComm 2008
Dave Troy's Presentation at eComm 2008eComm2008
 
Catching imsi catchers
Catching imsi catchersCatching imsi catchers
Catching imsi catchers
Geoffrey Vaughan
 
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
DSS - ITSEC Conference - Cellcrypt - Making secure voice calls - Riga Nov2011
Andris Soroka
 
Earthmouse: Mobile Guardian
Earthmouse: Mobile GuardianEarthmouse: Mobile Guardian
Earthmouse: Mobile Guardian
earthmouse
 
Cell phone security lite
Cell phone security liteCell phone security lite
Cell phone security litecooperq
 
Final2
Final2Final2
Final2
pooja pal
 
Deepfakes
DeepfakesDeepfakes
Deepfakes
CA.Kolluru Narayanarao
 
Cyber security
Cyber securityCyber security
Cyber security
shachibattar
 
Vaibhav. (1)
Vaibhav. (1)Vaibhav. (1)
Vaibhav. (1)Vaibhav Garud
 
Curriculum vitae
Curriculum vitaeCurriculum vitae
Curriculum vitaebismiilah
 
NSA-Resistant Mixtapes for a Post-PRISM World
NSA-Resistant Mixtapes for a Post-PRISM WorldNSA-Resistant Mixtapes for a Post-PRISM World
NSA-Resistant Mixtapes for a Post-PRISM World
huertanix
 
Navigating financial aid
Navigating financial aidNavigating financial aid
Navigating financial aidcincharge
 
How to get latent idea!
How to get latent idea!How to get latent idea!
How to get latent idea!
Bibhuti Kaji Shakya
 
المتنبي بور
المتنبي بورالمتنبي بور
المتنبي بورr-s-m-o
 
Fragas do eume
Fragas do eumeFragas do eume
Fragas do eumeelgacan
 
Bao ve chong cham dat
Bao ve chong cham datBao ve chong cham dat
Bao ve chong cham datDuy Nguyen
 
Presentacion del piston
Presentacion del pistonPresentacion del piston
Presentacion del piston
rudybac
 
We are hope
We are hopeWe are hope
We are hope
cincharge
 
Marchandis
MarchandisMarchandis
MarchandisMinar Hussain
 
Managing Security in External Software Dependencies
Managing Security in External Software DependenciesManaging Security in External Software Dependencies
Managing Security in External Software Dependencies
Tharindu Edirisinghe
 
الانتحال
الانتحالالانتحال
الانتحالr-s-m-o
 
موضوعات الشعر الجاهلي
موضوعات الشعر الجاهليموضوعات الشعر الجاهلي
موضوعات الشعر الجاهليr-s-m-o
 
Ruang lingkup ilmu kalam (1) copy
Ruang lingkup ilmu kalam (1) copyRuang lingkup ilmu kalam (1) copy
Ruang lingkup ilmu kalam (1) copy
Sahara Pond's
 
NWSLTR_Volume5_Issue2
NWSLTR_Volume5_Issue2NWSLTR_Volume5_Issue2
NWSLTR_Volume5_Issue2Charles Klondike
 
Defcon 22-weston-hecker-burner-phone-ddos
Defcon 22-weston-hecker-burner-phone-ddosDefcon 22-weston-hecker-burner-phone-ddos
Defcon 22-weston-hecker-burner-phone-ddos
Priyanka Aash
 
Protect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacksProtect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacks
Rohan Fernandes
 
TwilioCon 2013 - Communications Without Boundaries
TwilioCon 2013 - Communications Without BoundariesTwilioCon 2013 - Communications Without Boundaries
TwilioCon 2013 - Communications Without Boundaries
Andrew Jordan
 
Introduction to contact tracing apps and privacy issues
Introduction to contact tracing apps and privacy issuesIntroduction to contact tracing apps and privacy issues
Introduction to contact tracing apps and privacy issues
Christian Spolaore
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
acijjournal
 
Cyber Security: Stalking Prey: An RF Hackers Perspective
Cyber Security: Stalking Prey: An RF Hackers Perspective Cyber Security: Stalking Prey: An RF Hackers Perspective
Cyber Security: Stalking Prey: An RF Hackers Perspective
Signals Defense, LLC
 

More Related Content

Viewers also liked

Curriculum vitae
Curriculum vitaeCurriculum vitae
Curriculum vitaebismiilah
 
NSA-Resistant Mixtapes for a Post-PRISM World
NSA-Resistant Mixtapes for a Post-PRISM WorldNSA-Resistant Mixtapes for a Post-PRISM World
NSA-Resistant Mixtapes for a Post-PRISM World
huertanix
 
Navigating financial aid
Navigating financial aidNavigating financial aid
Navigating financial aidcincharge
 
How to get latent idea!
How to get latent idea!How to get latent idea!
How to get latent idea!
Bibhuti Kaji Shakya
 
المتنبي بور
المتنبي بورالمتنبي بور
المتنبي بورr-s-m-o
 
Fragas do eume
Fragas do eumeFragas do eume
Fragas do eumeelgacan
 
Bao ve chong cham dat
Bao ve chong cham datBao ve chong cham dat
Bao ve chong cham datDuy Nguyen
 
Presentacion del piston
Presentacion del pistonPresentacion del piston
Presentacion del piston
rudybac
 
We are hope
We are hopeWe are hope
We are hope
cincharge
 
Managing Security in External Software Dependencies
Managing Security in External Software DependenciesManaging Security in External Software Dependencies
Managing Security in External Software Dependencies
Tharindu Edirisinghe
 
الانتحال
الانتحالالانتحال
الانتحالr-s-m-o
 
موضوعات الشعر الجاهلي
موضوعات الشعر الجاهليموضوعات الشعر الجاهلي
موضوعات الشعر الجاهليr-s-m-o
 
Ruang lingkup ilmu kalam (1) copy
Ruang lingkup ilmu kalam (1) copyRuang lingkup ilmu kalam (1) copy
Ruang lingkup ilmu kalam (1) copy
Sahara Pond's
 

Viewers also liked (15)

Vaibhav. (1)
Vaibhav. (1)Vaibhav. (1)
Vaibhav. (1)
 
Curriculum vitae
Curriculum vitaeCurriculum vitae
Curriculum vitae
 
NSA-Resistant Mixtapes for a Post-PRISM World
NSA-Resistant Mixtapes for a Post-PRISM WorldNSA-Resistant Mixtapes for a Post-PRISM World
NSA-Resistant Mixtapes for a Post-PRISM World
 
Navigating financial aid
Navigating financial aidNavigating financial aid
Navigating financial aid
 
How to get latent idea!
How to get latent idea!How to get latent idea!
How to get latent idea!
 
المتنبي بور
المتنبي بورالمتنبي بور
المتنبي بور
 
Fragas do eume
Fragas do eumeFragas do eume
Fragas do eume
 
Bao ve chong cham dat
Bao ve chong cham datBao ve chong cham dat
Bao ve chong cham dat
 
Presentacion del piston
Presentacion del pistonPresentacion del piston
Presentacion del piston
 
We are hope
We are hopeWe are hope
We are hope
 
Marchandis
MarchandisMarchandis
Marchandis
 
Managing Security in External Software Dependencies
Managing Security in External Software DependenciesManaging Security in External Software Dependencies
Managing Security in External Software Dependencies
 
الانتحال
الانتحالالانتحال
الانتحال
 
موضوعات الشعر الجاهلي
موضوعات الشعر الجاهليموضوعات الشعر الجاهلي
موضوعات الشعر الجاهلي
 
Ruang lingkup ilmu kalam (1) copy
Ruang lingkup ilmu kalam (1) copyRuang lingkup ilmu kalam (1) copy
Ruang lingkup ilmu kalam (1) copy
 

Similar to 

Defcon 22-weston-hecker-burner-phone-ddos
Defcon 22-weston-hecker-burner-phone-ddosDefcon 22-weston-hecker-burner-phone-ddos
Defcon 22-weston-hecker-burner-phone-ddos
Priyanka Aash
 
Protect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacksProtect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacks
Rohan Fernandes
 
TwilioCon 2013 - Communications Without Boundaries
TwilioCon 2013 - Communications Without BoundariesTwilioCon 2013 - Communications Without Boundaries
TwilioCon 2013 - Communications Without Boundaries
Andrew Jordan
 
Introduction to contact tracing apps and privacy issues
Introduction to contact tracing apps and privacy issuesIntroduction to contact tracing apps and privacy issues
Introduction to contact tracing apps and privacy issues
Christian Spolaore
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
acijjournal
 
Cyber Security: Stalking Prey: An RF Hackers Perspective
Cyber Security: Stalking Prey: An RF Hackers Perspective Cyber Security: Stalking Prey: An RF Hackers Perspective
Cyber Security: Stalking Prey: An RF Hackers Perspective
Signals Defense, LLC
 
Cell phone cloning
Cell phone cloningCell phone cloning
Cell phone cloning
Gudia Khan
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David Turahi
Commonwealth Telecommunications Organisation
 
A tale of mobile threats
A tale of mobile threatsA tale of mobile threats
A tale of mobile threatsVincenzo Iozzo
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security Risks
Michael Davis
 
Phone Hacking: A lucrative, but largely hidden history
Phone Hacking: A lucrative, but largely hidden historyPhone Hacking: A lucrative, but largely hidden history
Phone Hacking: A lucrative, but largely hidden history
David Rogers
 
Ce hv6 module 46 securing laptop computers
Ce hv6 module 46 securing laptop computersCe hv6 module 46 securing laptop computers
Ce hv6 module 46 securing laptop computers
Vi Tính Hoàng Nam
 
Making your Asterisk System Secure
Making your Asterisk System SecureMaking your Asterisk System Secure
Making your Asterisk System Secure
Digium
 
Sniffer for detecting lost mobiles
Sniffer for detecting lost mobilesSniffer for detecting lost mobiles
Sniffer for detecting lost mobiles
home
 
Voice communication security
Voice communication securityVoice communication security
Voice communication security
Fabio Pietrosanti
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
Nemwos
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to know
Eric Klein
 
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the EnterpriseJ.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the EnterpriseDroidcon Berlin
 

Similar to  (20)

NWSLTR_Volume5_Issue2
NWSLTR_Volume5_Issue2NWSLTR_Volume5_Issue2
NWSLTR_Volume5_Issue2
 
Defcon 22-weston-hecker-burner-phone-ddos
Defcon 22-weston-hecker-burner-phone-ddosDefcon 22-weston-hecker-burner-phone-ddos
Defcon 22-weston-hecker-burner-phone-ddos
 
Protect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacksProtect your IPPBX against VOIP attacks
Protect your IPPBX against VOIP attacks
 
TwilioCon 2013 - Communications Without Boundaries
TwilioCon 2013 - Communications Without BoundariesTwilioCon 2013 - Communications Without Boundaries
TwilioCon 2013 - Communications Without Boundaries
 
Introduction to contact tracing apps and privacy issues
Introduction to contact tracing apps and privacy issuesIntroduction to contact tracing apps and privacy issues
Introduction to contact tracing apps and privacy issues
 
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
Do New Mobile Devices in Enterprises Pose A Serious Security Threat?
 
Cyber Security: Stalking Prey: An RF Hackers Perspective
Cyber Security: Stalking Prey: An RF Hackers Perspective Cyber Security: Stalking Prey: An RF Hackers Perspective
Cyber Security: Stalking Prey: An RF Hackers Perspective
 
Cell phone cloning
Cell phone cloningCell phone cloning
Cell phone cloning
 
CTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David TurahiCTO Cybersecurity Forum 2013 David Turahi
CTO Cybersecurity Forum 2013 David Turahi
 
A tale of mobile threats
A tale of mobile threatsA tale of mobile threats
A tale of mobile threats
 
Internet security
Internet securityInternet security
Internet security
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security Risks
 
Phone Hacking: A lucrative, but largely hidden history
Phone Hacking: A lucrative, but largely hidden historyPhone Hacking: A lucrative, but largely hidden history
Phone Hacking: A lucrative, but largely hidden history
 
Ce hv6 module 46 securing laptop computers
Ce hv6 module 46 securing laptop computersCe hv6 module 46 securing laptop computers
Ce hv6 module 46 securing laptop computers
 
Making your Asterisk System Secure
Making your Asterisk System SecureMaking your Asterisk System Secure
Making your Asterisk System Secure
 
Sniffer for detecting lost mobiles
Sniffer for detecting lost mobilesSniffer for detecting lost mobiles
Sniffer for detecting lost mobiles
 
Voice communication security
Voice communication securityVoice communication security
Voice communication security
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to know
 
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the EnterpriseJ.-P. Seifert; Security-Aware Android Applications for the Enterprise
J.-P. Seifert; Security-Aware Android Applications for the Enterprise
 

Recently uploaded

The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 

Recently uploaded (20)

The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 



  • 1. 😧📱🔓🕵📱😩 David Huerta - CryptoParty @ BPL 11/9/2015
  • 2. Plain Text Messages • Encrypted only between telco and device (sometimes). • Telco can read everything you type, so can their friends. • Bonus: This also means your plain phone calls can be intercepted. • Bonus: It's not just the Telco you have to worry about...
  • 3.
  • 4. Stingrays • Used by law enforcement to intercept (and copy) cell phone text messages, phone calls, and location data. • Usually mounted in a van or plane. • More info on their legal use: https://www.eff.org/ deeplinks/2015/09/finally-doj-reverses-course-and- will-get-warrants-stingrays. • $13,500 per unit (barely over $9,000)
  • 5.
  • 6. Software Defined Radio • Could be used by just about anyone with some tech expertise. • Julian Oliver's The Beacon Frame an example that just broadcasted messages rather than recording them. • Others may have few scruples. • HackRF: $299
  • 7. 0€ with CCC ticket
  • 8. Messenger Apps • Many messenger apps offer different levels of protection to defend against people intercepting the wireless signal, but usually these are incomplete. • See how incomplete here: http:// projects.propublica.org/graphics/privacy-tools • …and… https://www.eff.org/secure-messaging- scorecard.
  • 9. – Everyone “Which secure messaging app should I use?”