Quantcast

Articles

Get all-in-one coverage of Internet security and online privacy issues brought up by the industry’s leading experts at security conferences and seminars.

Masquerade 3: “The Great Firewall of China”

In addition to describing China’s web traffic restriction approaches, the speakers also touch upon the benefits and disadvantages of VPNs and Tor. Ryan Lackey: Then we’ve got examples of when you travel to places like China. China is a great place to visit, but they have a fairly restrictive...

Masquerade 2: The Verbose Metadata

Ryan Lackey and Marc Rogers mostly focus on network forensics here, in particular the types of metadata that can be retrieved as a result of such analysis. Ryan Lackey: So, what are the common mistakes and vulnerabilities here? These are just several examples (see right-hand image), there’s a bunch more....

Masquerade: How a helpful man-in-the-middle can help you evade monitoring

Presenting at DEF CON, Ryan Lackey and Marc Rogers, security researchers at CloudFlare, highlight various methods and helpful tools to avoid OPSEC failures. Ryan Lackey: Hello everyone! I’m Ryan Lackey, and this is Marc Rogers. Unfortunately, our third co-speaker The Grugq is not here, as you can tell. I...

Don’t Fuck It Up 7: Secure Messaging

Staying on the safe side with things like commercial webmail, Skype and online chats is what Zoz talks about in the closing part of his DEF CON presentation. Let’s go to messaging (see right-hand image). After all these years, email still fucking sucks. Fighting spam aids tracking because that’s why...

Don’t Fuck It Up 6: OPSEC with Phones

Zoz underscores the immense amount of personally identifiable data that cell phones can leak and provides recommendations on using burner phones securely. Let’s move to phones. What does that little Benedict Arnold in your pocket do to give you away? So much frickin’ stuff (see right-hand image). The...

Don’t Fuck It Up 5: The Silk Road and Dread Pirate Roberts Story

Zoz contemplates on the potential weak links of using Tor hidden services, making some assumptions about OPSEC fails by the infamous Dread Pirate Roberts. Here’s some more good news: the big list and the small list. These are the recently leaked XKeyscore filter rules (see left-hand image). Basically,...

Don’t Fuck It Up 4: Use Tor the Right Way

Zoz has got some great points on the ways of using Tor securely, providing real-world fail examples and underscoring that Tor is not really for encryption. Let’s go multi-hop. Don’t fuck it up when you use Tor. Hopefully everyone here knows what Tor is and the main way you fuck it up when you use Tor,...

Don’t Fuck It Up 3: The Ins and Outs of VPNs

This part provides the analysis of whether using VPN services prevents traffic interception and gets a user on some kind of a potential suspects list. So, here’s the first tool, VPNs (see left-hand image). You are going to use an insecure network – are you safe? Two questions when it comes to tools:...

Don’t Fuck It Up 2: The 7 Deadly Sins

The things that Zoz focuses on in this part are the notions of tradecraft and OPSEC as well as the 7 critical don’ts that can get you busted unless followed. People who were trained to do sketchy shit and not fuck it up, including organized crime and the feds – two groups to which there’s not an...

Presentation by Zoz – Don’t Fuck It Up!

Technology and security enthusiast Andew ‘Zoz’ Brooks delivers a fascinating DEF CON presentation about proper OPSEC and other guidelines to stay safe online. I didn’t know that disobedience was going to be the theme of DEF CON 22 and I submitted this talk. So I guess I didn’t fuck it up....