Published on March 16, 2016
1. PUBLIC//NSI//ORNCON//YESFORN By Ron Williams & Hyun Seo TAKE BACK CONTROL IN A POST-SNOWDEN WORLD
2. PUBLIC//NSI//ORNCON//YESFORN The content and tools mentioned in this workshop are for educational purposes only. We do not endorse or promote any specific products or tools. Any opinions expressed are our own and are not intended to reflect the views of our employer.
3. PUBLIC//NSI//ORNCON//YESFORN Ron Williams Architect, IBM Security Hyun Seo Designer, IBM Security
4. PUBLIC//NSI//ORNCON//YESFORN Our mission...
5. PUBLIC//NSI//ORNCON//YESFORN Security Being free from danger and/or threat.
6. PUBLIC//NSI//ORNCON//YESFORN Anonymity Without any name acknowledged, as that of author, contributor, or the like.
7. PUBLIC//NSI//ORNCON//YESFORN Privacy Being free from unwanted or undue intrusion or disturbance in one’s life or affairs.
8. PUBLIC//NSI//ORNCON//YESFORN We are not deliberately hiding anything when we seek out private places for reflection or conversation. We keep private journals, sing in the privacy of the shower, and write letters to secret lovers and then burn them. Privacy is a basic human need. “ Bruce Schneier, Schneier on Security ”
10. PUBLIC//NSI//ORNCON//YESFORN Government, Personal, Commercial, Criminal.
11. PUBLIC//NSI//ORNCON//YESFORN Anytime you share information, you lose control over it.
12. PUBLIC//NSI//ORNCON//YESFORN Legitimate* and illegitimate surveillance. Employer, government (local, state, federal) agencies, criminals. *Within the bounds of existing law.
13. PUBLIC//NSI//ORNCON//YESFORN Automated surveillance techniques are not perfect. Profiles (of employees, citizens) are developed from incomplete data.
14. PUBLIC//NSI//ORNCON//YESFORN Government Surveillance
15. PUBLIC//NSI//ORNCON//YESFORN If I’m not doing anything wrong, why should I care about government surveillance?
16. PUBLIC//NSI//ORNCON//YESFORN December 7th, 1941
17. PUBLIC//NSI//ORNCON//YESFORN “NATIONAL SECURITY”
19. PUBLIC//NSI//ORNCON//YESFORN Lavabit
20. PUBLIC//NSI//ORNCON//YESFORN The government is constrained by law.
21. PUBLIC//NSI//ORNCON//YESFORN The government is constrained by law. Today.
23. PUBLIC//NSI//ORNCON//YESFORN Commercial Surveillance
24. PUBLIC//NSI//ORNCON//YESFORN If you’re not paying for the product, you’re the product.
25. PUBLIC//NSI//ORNCON//YESFORN Commercial Social Media Aggregation & Analysis of User Data Monetization of Analysis Product Services User market data Retail optimization Who What Why
26. PUBLIC//NSI//ORNCON//YESFORN Employee Browser activity Information access and usage Compliance monitoring Social Media usage Phone voice monitoring Employee Monitoring Who What Why Business Security
27. PUBLIC//NSI//ORNCON//YESFORN Crime as a Service
28. PUBLIC//NSI//ORNCON//YESFORN BOT-NET OPERATOR MALWARE AUTHORS VULNERABILITY RESEARCHERS BOT-NET cCommerce sales & marketing service catalog advertising finance counter-surveillance Services ddos spam bot-net C&C malware delivery key logging surveillance credential theft espionage CaaS CONSUMER
29. PUBLIC//NSI//ORNCON//YESFORN Reducing your digital footprint
30. PUBLIC//NSI//ORNCON//YESFORN Three can keep a secret, if two are dead. “Benjamin Franklin ”
31. PUBLIC//NSI//ORNCON//YESFORN Android Email Voice & SMS IM Mail Services S/MIME, PGP Signal ChatSecure ProtonMail, Tutanota, GhostMail
32. PUBLIC//NSI//ORNCON//YESFORN iOS Email Voice & SMS IM Mail Services S/MIME Facetime, iMessage, Signal iMessage ProtonMail, Tutanota, GhostMail
33. PUBLIC//NSI//ORNCON//YESFORN Traditional PC’s Text & Files IM Mail Services S/MIME, PGP Off-the-record XMPP Protocol ProtonMail, Tutanota, GhostMail
34. PUBLIC//NSI//ORNCON//YESFORN Network Router Software VPN Passphrase DNS Don’t rent your router Install an open source firmware OpenVPN Strong passphrase, disable “WPS” OpenNIC, FreeDNS
35. PUBLIC//NSI//ORNCON//YESFORN Digital Hygiene
37. PUBLIC//NSI//ORNCON//YESFORN Android Device Search Browser VPN Other Disable Backup, Turn off Location, Info Collection, and radios DuckDuckGo, Disconnect.Me ORFox & ORBot, Firefox Anonymous VPN Try to be “Google Play”-free
38. PUBLIC//NSI//ORNCON//YESFORN iOS Device Search Browser VPN Disable iCloud Backup, Turn off Location, Info Collection, and radios DuckDuckGo, Disconnect.Me Safari, Firefox Anonymous VPN
39. PUBLIC//NSI//ORNCON//YESFORN Traditional PC’s Device Search Browser VPN Disable cloud backup, turn off location, Info Collection, and radios DuckDuckGo, Disconnect.Me Safari, Firefox, Chromium Anonymous VPN
40. PUBLIC//NSI//ORNCON//YESFORN Citizenfour & No Place To Hide privacytools.io
41. PUBLIC//NSI//ORNCON//YESFORN Thank you! https://www.linkedin.com/in/rbwilliams https://www.linkedin.com/in/hyunseo firstname.lastname@example.org@us.ibm.com
42. PUBLIC//NSI//ORNCON//YESFORN http://pastebin.com/byUPX6Wm Additional Information
What common online surveillance techniques do business, government, and criminals employ and how do they affect personal privacy and ability to control ...
The most common data quality problems holding back ... How to decide if 3D printing is the right manufacturing approach to take . ... Being in control of ...
World Economic Forum – who do we trust in a post-Snowden digital world? ... Take Sony, take Snowden – there are some concerns. People don’t trust.
World Economic Forum – who do we trust in a post-Snowden digital world? (part 1) January 23, 2015 By Stuart Lauchlan. SUMMARY: Take 3 US CEOS, ...
By Policy or Design? Privacy in the US in a Post-Snowden World ... Privacy in the US in a Post-Snowden World ... HERE’S HOW WE TAKE BACK THE I ...
By Policy or Design? Privacy in the US in a Post-Snowden World Halbert, ... HERE’S HOW WE TAKE BACK THE INTERNET, ...
... and Surveillance In a Post-Snowden World. February 23 ... and outlined guidelines one could take to be a ... amount of power back into the ...
Cloud ComputingIn a Post‐Snowden World ... Loss of control ... We don’t engineer back doors into our products and we take steps to ensure
But it all depends on how long it is until you switch back. ... One thought on “ In A Post-Snowden World, The Tor Project Need Updating To Better Protect ...