Andrew Lewman [email protected] 09 October 2013 · 2015. 3. 5. · Andrew Lewman...
Transcript of Andrew Lewman [email protected] 09 October 2013 · 2015. 3. 5. · Andrew Lewman...
-
SECURE Poland 2013
Andrew [email protected]
09 October 2013
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 1 / 22
-
George Orwell was an optimist
Who controls the past, controls the future: who controlsthe present controls the past
— George Orwell, Nineteen Eighty Four, 1949
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 3 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Internet Surveillance is getting more advanced
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22
-
Twitter in Iran: Good.
From http://www.time.com/time/world/article/0,8599,1905125,00.html
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 5 / 22
-
Twitter in USA: Bad.
from http://gothamist.com/2009/10/05/fbi raids queens home in g20 protes.php
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 6 / 22
-
The Tor Project, Inc.
501(c)(3) non-profit organization dedicated to the research anddevelopment of technologies for online anonymity and privacy
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 8 / 22
-
What is Tor?
online anonymity software and network
open source, freely available (3-clause BSD license)
active research environment:Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University,University College London, Univ of Minnesota, National ScienceFoundation, Naval Research Labs, Cambridge UK, Bamberg Germany,MIT, NORDUnet...
increasingly diverse toolset:Tor, Tor Browser Bundle, Tails LiveCD, Pluggable Transports, TorWeather, Tor auto-responder, Secure Updater, Orbot, Gibberbot,Arm and so on.
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 9 / 22
-
What is Tor?
online anonymity software and network
open source, freely available (3-clause BSD license)
active research environment:Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University,University College London, Univ of Minnesota, National ScienceFoundation, Naval Research Labs, Cambridge UK, Bamberg Germany,MIT, NORDUnet...
increasingly diverse toolset:Tor, Tor Browser Bundle, Tails LiveCD, Pluggable Transports, TorWeather, Tor auto-responder, Secure Updater, Orbot, Gibberbot,Arm and so on.
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 9 / 22
-
What is Tor?
online anonymity software and network
open source, freely available (3-clause BSD license)
active research environment:Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University,University College London, Univ of Minnesota, National ScienceFoundation, Naval Research Labs, Cambridge UK, Bamberg Germany,MIT, NORDUnet...
increasingly diverse toolset:Tor, Tor Browser Bundle, Tails LiveCD, Pluggable Transports, TorWeather, Tor auto-responder, Secure Updater, Orbot, Gibberbot,Arm and so on.
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 9 / 22
-
What is Tor?
online anonymity software and network
open source, freely available (3-clause BSD license)
active research environment:Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University,University College London, Univ of Minnesota, National ScienceFoundation, Naval Research Labs, Cambridge UK, Bamberg Germany,MIT, NORDUnet...
increasingly diverse toolset:Tor, Tor Browser Bundle, Tails LiveCD, Pluggable Transports, TorWeather, Tor auto-responder, Secure Updater, Orbot, Gibberbot,Arm and so on.
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 9 / 22
-
Why Tor?
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 10 / 22
-
Why Tor?
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 10 / 22
-
Who uses Tor?
Normal people
LawEnforcement
Human RightsActivists
Business Execs
Militaries
Abuse Victims
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 11 / 22
-
Online and Offline change happens
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 12 / 22
-
You missed a use case
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 13 / 22
-
You missed a use case
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 13 / 22
-
You missed a use case
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 13 / 22
-
estimated 1 million daily users
-
How is Tor different from other systems?
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 15 / 22
-
How is Tor different from other systems?
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 15 / 22
-
How is Tor different from other systems?
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 15 / 22
-
Tor hides communication patterns by relaying data throughvolunteer servers
Tor Node
Tor Node
Tor Node
Tor Node
Tor NodeTor Node
Tor Node
Tor Node
Tor Network
Web server
Tor user
Diagram: Robert Watson
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 16 / 22
-
Tor hides communication patterns by relaying data throughvolunteer servers
Tor Node
Tor Node
Tor Node
Tor Node
Tor NodeTor Node
Tor Node
Tor Node
Tor Network
Web server
Tor userTor Node
Tor Node
Tor Node
Exit node
Entry nodeMiddle node
Diagram: Robert Watson
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 16 / 22
-
Tor hides communication patterns by relaying data throughvolunteer servers
Tor Node
Tor Node
Tor Node
Tor Node
Tor NodeTor Node
Tor Node
Tor Node
Tor Network
Web server
Tor user
Encrypted tunnel
Unencrypted TCP
Tor Node
Tor Node
Tor Node
Exit node
Entry nodeMiddle node
Diagram: Robert Watson
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 16 / 22
-
Tor hides communication patterns by relaying data throughvolunteer servers
Diagram: Robert Watson
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 16 / 22
-
Vidalia Network Map
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 17 / 22
-
Metrics
Measuring metrics anonymously
NSF research grant
Archive of hourly consensus, ExoneraTor, VisiTor
Metrics portal:https://metrics.torproject.org/
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 18 / 22
https://metrics.torproject.org/
-
Tor hidden services allow privacy enhanced hosting
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 19 / 22
-
dot onion you say?
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 20 / 22
-
Thanks!
Visit https://www.torproject.org/ for more information, links, andideas.
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 21 / 22
https://www.torproject.org/
-
Credits & Thanks
applied theory, third image: Information Week,2011-04-09,http://www.informationweek.com/news/security/attacks/229400850
applied theory, fourth image: Al Jazeera, February 2011
six strikes, ars technica,http://arstechnica.com/tech-policy/news/2011/07/
major-isps-agree-to-six-strikes-copyright-enforcement-plan.
ars
spring is in the air, Paco Pomet, http://pacopomet.wordpress.com/
who uses tor?http://www.flickr.com/photos/mattw/2336507468/siz, MattWestervelt, CC-BY-SA.
danger!, http://flickr.com/photos/hmvh/58185411/sizes/o/,hmvh, CC-BY-SA.
1 Million, http://www.flickr.com/photos/lukaskracic/334850378/sizes/l/,Luka Skracic, used with permission.
Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 22 / 22
http://arstechnica.com/tech-policy/news/2011/07/major-isps-agree-to-six-strikes-copyright-enforcement-plan.arshttp://arstechnica.com/tech-policy/news/2011/07/major-isps-agree-to-six-strikes-copyright-enforcement-plan.arshttp://arstechnica.com/tech-policy/news/2011/07/major-isps-agree-to-six-strikes-copyright-enforcement-plan.arshttp://www.flickr.com/photos/mattw/2336507468/sizhttp://flickr.com/photos/hmvh/58185411/sizes/o/http://www.flickr.com/photos/lukaskracic/334850378/sizes/l/http://www.flickr.com/photos/lukaskracic/334850378/sizes/l/