Upload File

andrew lewman [email protected] 09 october 2013 · 2015. 3. 5. · andrew lewman...

43
SECURE Poland 2013 Andrew Lewman [email protected] 09 October 2013 Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 1 / 22

Upload: others

Post on 28-Jan-2021

3 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • SECURE Poland 2013

    Andrew [email protected]

    09 October 2013

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 1 / 22

  • George Orwell was an optimist

    Who controls the past, controls the future: who controlsthe present controls the past

    — George Orwell, Nineteen Eighty Four, 1949

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 3 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Internet Surveillance is getting more advanced

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 4 / 22

  • Twitter in Iran: Good.

    From http://www.time.com/time/world/article/0,8599,1905125,00.html

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 5 / 22

  • Twitter in USA: Bad.

    from http://gothamist.com/2009/10/05/fbi raids queens home in g20 protes.php

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 6 / 22

  • The Tor Project, Inc.

    501(c)(3) non-profit organization dedicated to the research anddevelopment of technologies for online anonymity and privacy

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 8 / 22

  • What is Tor?

    online anonymity software and network

    open source, freely available (3-clause BSD license)

    active research environment:Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University,University College London, Univ of Minnesota, National ScienceFoundation, Naval Research Labs, Cambridge UK, Bamberg Germany,MIT, NORDUnet...

    increasingly diverse toolset:Tor, Tor Browser Bundle, Tails LiveCD, Pluggable Transports, TorWeather, Tor auto-responder, Secure Updater, Orbot, Gibberbot,Arm and so on.

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 9 / 22

  • What is Tor?

    online anonymity software and network

    open source, freely available (3-clause BSD license)

    active research environment:Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University,University College London, Univ of Minnesota, National ScienceFoundation, Naval Research Labs, Cambridge UK, Bamberg Germany,MIT, NORDUnet...

    increasingly diverse toolset:Tor, Tor Browser Bundle, Tails LiveCD, Pluggable Transports, TorWeather, Tor auto-responder, Secure Updater, Orbot, Gibberbot,Arm and so on.

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 9 / 22

  • What is Tor?

    online anonymity software and network

    open source, freely available (3-clause BSD license)

    active research environment:Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University,University College London, Univ of Minnesota, National ScienceFoundation, Naval Research Labs, Cambridge UK, Bamberg Germany,MIT, NORDUnet...

    increasingly diverse toolset:Tor, Tor Browser Bundle, Tails LiveCD, Pluggable Transports, TorWeather, Tor auto-responder, Secure Updater, Orbot, Gibberbot,Arm and so on.

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 9 / 22

  • What is Tor?

    online anonymity software and network

    open source, freely available (3-clause BSD license)

    active research environment:Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University,University College London, Univ of Minnesota, National ScienceFoundation, Naval Research Labs, Cambridge UK, Bamberg Germany,MIT, NORDUnet...

    increasingly diverse toolset:Tor, Tor Browser Bundle, Tails LiveCD, Pluggable Transports, TorWeather, Tor auto-responder, Secure Updater, Orbot, Gibberbot,Arm and so on.

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 9 / 22

  • Why Tor?

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 10 / 22

  • Why Tor?

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 10 / 22

  • Who uses Tor?

    Normal people

    LawEnforcement

    Human RightsActivists

    Business Execs

    Militaries

    Abuse Victims

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 11 / 22

  • Online and Offline change happens

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 12 / 22

  • You missed a use case

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 13 / 22

  • You missed a use case

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 13 / 22

  • You missed a use case

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 13 / 22

  • estimated 1 million daily users

  • How is Tor different from other systems?

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 15 / 22

  • How is Tor different from other systems?

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 15 / 22

  • How is Tor different from other systems?

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 15 / 22

  • Tor hides communication patterns by relaying data throughvolunteer servers

    Tor Node

    Tor Node

    Tor Node

    Tor Node

    Tor NodeTor Node

    Tor Node

    Tor Node

    Tor Network

    Web server

    Tor user

    Diagram: Robert Watson

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 16 / 22

  • Tor hides communication patterns by relaying data throughvolunteer servers

    Tor Node

    Tor Node

    Tor Node

    Tor Node

    Tor NodeTor Node

    Tor Node

    Tor Node

    Tor Network

    Web server

    Tor userTor Node

    Tor Node

    Tor Node

    Exit node

    Entry nodeMiddle node

    Diagram: Robert Watson

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 16 / 22

  • Tor hides communication patterns by relaying data throughvolunteer servers

    Tor Node

    Tor Node

    Tor Node

    Tor Node

    Tor NodeTor Node

    Tor Node

    Tor Node

    Tor Network

    Web server

    Tor user

    Encrypted tunnel

    Unencrypted TCP

    Tor Node

    Tor Node

    Tor Node

    Exit node

    Entry nodeMiddle node

    Diagram: Robert Watson

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 16 / 22

  • Tor hides communication patterns by relaying data throughvolunteer servers

    Diagram: Robert Watson

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 16 / 22

  • Vidalia Network Map

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 17 / 22

  • Metrics

    Measuring metrics anonymously

    NSF research grant

    Archive of hourly consensus, ExoneraTor, VisiTor

    Metrics portal:https://metrics.torproject.org/

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 18 / 22

    https://metrics.torproject.org/

  • Tor hidden services allow privacy enhanced hosting

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 19 / 22

  • dot onion you say?

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 20 / 22

  • Thanks!

    Visit https://www.torproject.org/ for more information, links, andideas.

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 21 / 22

    https://www.torproject.org/

  • Credits & Thanks

    applied theory, third image: Information Week,2011-04-09,http://www.informationweek.com/news/security/attacks/229400850

    applied theory, fourth image: Al Jazeera, February 2011

    six strikes, ars technica,http://arstechnica.com/tech-policy/news/2011/07/

    major-isps-agree-to-six-strikes-copyright-enforcement-plan.

    ars

    spring is in the air, Paco Pomet, http://pacopomet.wordpress.com/

    who uses tor?http://www.flickr.com/photos/mattw/2336507468/siz, MattWestervelt, CC-BY-SA.

    danger!, http://flickr.com/photos/hmvh/58185411/sizes/o/,hmvh, CC-BY-SA.

    1 Million, http://www.flickr.com/photos/lukaskracic/334850378/sizes/l/,Luka Skracic, used with permission.

    Andrew Lewman [email protected] () SECURE Poland 2013 09 October 2013 22 / 22

    http://arstechnica.com/tech-policy/news/2011/07/major-isps-agree-to-six-strikes-copyright-enforcement-plan.arshttp://arstechnica.com/tech-policy/news/2011/07/major-isps-agree-to-six-strikes-copyright-enforcement-plan.arshttp://arstechnica.com/tech-policy/news/2011/07/major-isps-agree-to-six-strikes-copyright-enforcement-plan.arshttp://www.flickr.com/photos/mattw/2336507468/sizhttp://flickr.com/photos/hmvh/58185411/sizes/o/http://www.flickr.com/photos/lukaskracic/334850378/sizes/l/http://www.flickr.com/photos/lukaskracic/334850378/sizes/l/

Andrew Lewman [email protected] August 8, 2011 · 2019. 10. 10. · Knowledge is power... Knowledge is happiness. Thomas Je erson, 1817 Andrew Lewman [email protected] Organizations,

Nick Mathewson The TorProject  · Extend by IP:Port was insufficient: nodes don't all know each other. Alice S1 S2 “Extend this circuit to S2 at 18.244.0.188:9010”

Andrew Johnson , Andrew Johnson App

The Tor Project€¦ · The Tor Project Anonymity Online Erinn Clark [email protected] Codebits 2010. In the future everyone will be anonymous for 15 minutes – Banksy. The Tor

Andrew Lewman [email protected] 07 Feb 2010 · O er anonymous tip lines ... Who is The Tor Project, Inc? The 501(c)(3) non-pro t organization dedicated to the ... Diagram: Robert

THE AMERICAN BORDER LEICESTER ASSOCIATION …THE AMERICAN BORDER LEICESTER ASSOCIATION QUARTERLY NEWS Winter 2007 EWE FLOCK SELECTION by Judy Lewman, Spring Creek Farm On a bright

HANNAH BROTHERS, ANDREW AND WILLIAM ANDREW HANNAH€¦ · HANNAH BROTHERS, ANDREW AND WILLIAM ANDREW HANNAH Andrew Hannah Born August 13, 1759 o Died April 1, 1843 Salem Cemetery,

Nick Mathewson The TorProject nickm/slides/Defcon07/TorChanges.pdf · Hacking on Tor.(Latest is 0.2.0.4-alpha) – Security: adding features/fixing security

£275,000 Cornwall Lewman Road, Probus, Truro,media.your-move.co.uk/images/414/media/528196549.pdf · 2014. 9. 24. · Lewman Road is located in the popular village of Probus which

Andrew Lewman [email protected] 09 Sep 2011 · 2019. 10. 10. · Andrew Lewman [email protected] 09 Sep 2011. George Orwell was an optimist Who controls the past, controls

Tor Metrics Data Collection, Aggregation, and Presentation · 3/25/2019  · Presentation Iain R. Learmonth The Tor Project [email protected] Karsten Loesing The Tor Project [email protected]

Runa A. Sandvik [email protected] 12 September 2011 · Online anonymity software and network Open source, freely available (3-clause BSD license) Active research environment: Rice,

Andrew Lewman [email protected] 2 May 2011 · 2019. 10. 10. · World Press Freedom Day 2011 Andrew Lewman [email protected] 2 May 2011

Andrew Lewman [email protected] January 17, 2012 · 1/17/2012  · Foundation, Naval Research Labs, Cambridge UK, Bamberg Germany, MIT... increasingly diverse toolset: Tor, Tor

Andrew Johnston • Curriculum Vitaewordsforchange.com/Andrew-Johnston-CV-new-2018.pdf · Andrew Johnston • Curriculum Vitae Andrew Johnston • [email protected] • +336-6517-3966

Understanding, Growing, & Extending Online Anonymity · Understanding, Growing, & Extending Online Anonymity Andrew Lewman ... O er anonymous tip lines ... Diagram: Robert Watson

MINUTES OF THE LAW SOCIETY OF KENYA ORDINARY GENERAL ... ANNUAL GENERAL... · Andrew Muma Andrew John Kiilu Andrew Kidula Amadi Andrew Kitavu Kiluva Andrew Mainye Nyachio Andrew Muchigi

Andrew Lewman [email protected] August 4, 2010 · Andrew Lewman [email protected] ICCS Tor Overview August 4, 2010 12 / 15 Mobile Operating Systems Entirely new set of challenges

Introduction to Torsukhbir/talks/toronto-aug... · 2017-08-10 · Introduction to Tor and The Tor Software Ecosystem Sukhbir Singh [email protected] August 9, 2017

Andrew Lewman [email protected] August 4, 2010 · 2019. 10. 10. · The Tor Project, Inc. 501(c)(3) non-pro t organization dedicated to the research and development of technologies

Technology: Gifted Students and 21 st Century Learning Cindy Sheets [email protected] Ginger Lewman [email protected]

Sida - svn.torproject.org · 5/26/2014  · Sida Andrew Lewman [email protected] 26 May 2014. Who is this guy? Tor, a non-pro t organization dedicated to the research and development

Andrew Jones Probate Property UK [email protected]

Technical analysis of the Ultrasurf proxying software · Technical analysis of the Ultrasurf proxying software Jacob Appelbaum [email protected] The Tor Project Abstract Ultrasurf

Andrew Lewman [email protected] November 4, 2009 · 11/4/2009  · Nymble, Tor Control, Tor Wall. What is Tor? online anonymity software and network open source, freely available

Freedom of Expression, Censorship, & The Internet · Freedom of Expression, Censorship, & The Internet Andrew Lewman [email protected] March 7, 2011. Universal Declaration of

X-ray spectroscopy Andrew Preston [email protected]

Andrew Lewman [email protected] 11 Jan 2012 · 2019. 10. 10. · The Tor Project, Inc. 501(c)(3) non-pro t organization dedicated to the research and development of technologies

Andrew Jackson How Democratic was Andrew Jackson?

Andrew Lewman [email protected] January 11, 2013 · 1/11/2013  · Andrew Lewman [email protected] DEA Tor Overview January 11, 2013 10 / 1. Low-latency systems are generally

Andrew Lewman andrew@torproject

Tracking Darknet - RSA Conference · SESSION ID: #RSAC Andrew Lewman. Tracking Darknet: A Window into Attackers' Motives, Methods, and Targets . HT-R02

Andrew Carnegie, The Autobiography of Andrew Carnegie

Andrew Lewman [email protected] January 19, 2011 · 2019. 10. 10. · Andrew Lewman [email protected] NCMEC Tor Overview January 19, 2011 18 / 28. Tor hides communication

Andrew Lewman The Tor Project andrew@torproject