Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • Safer Online

    Enviado por

    n25579
    17 visualizações25 páginas
    This training is incomplete. Make sure you keep informed about the latest developments. Realistic paranoia is fine, sometimes they are out to get you. Complete paranoia. Is your adversary known to follow the rule of law? technology alone will not keep you safe.

    Descrição original:

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    This training is incomplete. Make sure you keep informed about the latest developments. Realistic paranoia is fine, sometimes they are out to get you. Complete paranoia. Is your adversary known to follow the rule of law? technology alone will not keep you safe.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    17 visualizações25 páginas

    Safer Online

    Enviado por

    n25579
    This training is incomplete. Make sure you keep informed about the latest developments. Realistic paranoia is fine, sometimes they are out to get you. Complete paranoia. Is your adversary known to follow the rule of law? technology alone will not keep you safe.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 25

    Contact information :

    Chat contact : argleflarb@jabber.org You can use any XMPP chat (like gtalk) to contact me for questions. Use pidgin with OTR installed.

    This training is incomplete

    Things change, fast. Make sure you keep informed about the latest developments. Do not advise others on things you do not understand. Realistic paranoia is fine, sometimes they are out to get you. Complete paranoia is pointless, not everybody is out to get you.

    Being safe(er) online (and offline)

    1. Networking, an introduction 2. Threat modeling, or WHOs out to get you? 3. Protective technologies and circumvention 4. Social media & Profiling a short discussion 5. Practicum, installing some tech.

    What is this internetz anyway

    The main internet protocol : tcp/ip is like shouting a message in the street. A router is a designated re-shouter Everything you do inside a network is visible to the owners of that network.

    Commonly visited networks


    Your home network Your ISPs network Your work network Your works ISP network An 'open' wireless network

    A common path traveled

    Picture should go here

    Being identified on the network

    IP address : assigned by the access provider. Can be changed using tor or vpn. Mac address : unique identifier of network card : Can be changed by you. IMEI : unique telephone identifier : can not be changed by you. Your name : Can be changed by you

    Threat Modeling
    Who is your adversary?

    Your ISP ? Your neighbor ? Your government or part of your government ? A company ? An action group ?

    Adversaries technical capacities


    Listen to your communications ? See what you read ? Interfere with access to content you want. Interfere with access to content you publish. Know who you are. Know where you are and/or where youve been.

    Adversaries physical capacities


    Embarrass you, family or your friends Fire you, your family or your friends Arrest you, your family or your friends Hurt you, your family or your friends Kill you, your family or your friends

    Adversaries legal abilities

    Is your adversary known to follow the rule of law ? What does the law say about your activities

    Technology alone will not keep you safe.

    Short list of tools


    TrueCrypt : Disk encryption VPN : Encrypted network access GPG : Encrypted email TOR : Anonymous network access HTTPS Everywhere : Encrypted browsing OTR : Encrypted chat

    TrueCrypt

    Protects against theft. Does not protect against anything else. Does not protect against theft if the encrypted machine is turned on when stolen or confiscated.

    VPN

    Can protect all or some network communication from surveillance on the 'local' network. (between you and your access provider) Does not protect communication exiting from the vpn providers network.

    GPG (Gnu Privacy Guard)

    Encrypts email when traveling across the network. Encrypts mail when stored on remote emailsevers (gmail, yahoomail etc)

    TOR

    Encrypted network access Anonymous network access Anonymous publishing

    HTTPS Everywhere

    Encrypted browsing Does not protect your identity Does not hide the site you are visiting

    OTR (Off the Record)

    Verifies the identity of the person you are chatting with Encrypts the communication, hiding it from the network provider.

    Combining tools & behavior

    Do not send passwords on untrusted networks initiate a vpn connection to a safe location first. Make sure your email, chat, personal files etc are stored on encrypted volumes (trueCrypt) Get your friends & family to start using GPG when sending mails. Do NOT use server stored chat services like facebook chat.

    Tools & behavior 2


    Do not store passwords in your browser. Remember that in principle all internet activity is like shouting in the street. Your phone is exactly like a small computer Stop using online storage (dropbox etc)

    Social Networking & Profiling


    If avoidable, dont use it. Assume that all activity is, or will be viewable by everyone. You and your network Separate types of activity

    Some further reading


    https://securityinabox.org/ https://www.torproject.org/ https://www.eff.org/https-everywhere http://www.truecrypt.org/ http://www.cypherpunks.ca/otr/ http://www.gnupg.org/ http://www.enigmail.net/home/index.php

    Use cases : Anonymity


    Question : Anonymous from whom ?

    Case 1 : Twitter, Facebook etc. Case 2 : Publishing anonymously

    Use cases: Privacy

    Você também pode gostar