SlideShare une entreprise Scribd logo

DEF CON 27 - ROGER DINGLEDINE -tor censorship arms race

Felipe Prado
Felipe Prado

DEF CON 27 - ROGER DINGLEDINE -tor censorship arms race

Technologie
1  sur  72
Télécharger pour lire hors ligne
1 The Tor Censorship Arms Race: The Next Chapter
2 ● OnlineAnonymity – OpenSource – OpenNetwork ● Communityof researchers, developers,usersand relayoperators. ● U.S.501(c)(3)non- pro%torganization
3 Estimated 2,000,000 to 8,000,000 daily Tor users
4 Threat model: what can the attacker do? Alice Anonymity network Bob watch (or be!) Bob! watch Alice! Control part of the network!
5 Anonymity isn't encryption: Encryption just protects contents. Alice Bob “Hi, Bob!”“Hi, Bob!” <gibberish> attacker
6
7 Anonymity serves different interests for different user groups. Anonymity Private citizens“It's privacy!”
8 Anonymity serves different interests for different user groups. Anonymity Private citizens Businesses “It's network security!” “It's privacy!”
9 Anonymity serves different interests for different user groups. Anonymity Private citizens Governments Businesses “It's traffic-analysis resistance!” “It's network security!” “It's privacy!”
10 Anonymity serves different interests for different user groups. Anonymity Private citizens Governments Businesses “It's traffic-analysis resistance!” “It's network security!” “It's privacy!” Human rights activists “It's reachability!”
11
12
13
14
15
16 Tor's safety comes from diversity ● #1: Diversity of relays. The more relays we have and the more diverse they are, the fewer attackers are in a position to do traffic confirmation. (Research problem: measuring diversity over time) ● #2: Diversity of users and reasons to use it. 50000 users in Iran means almost all of them are normal citizens.
17 Transparency for Tor is key ● Open source / free software ● Public design documents and specifications ● Publicly identified developers ● Not a contradiction: privacy is about choice!
18 Tor censorship epochs ● Background / Phase 1 (2006-2011): Bridges, pluggable transports ● Phase 2 (2011-2019): Active probing, obfsproxy, domain fronting, many more countries ● Phase 3 (2019-?): Snowflake, obfs4, decoy routing, ...
19 Relay versus Discovery There are two pieces to all these “proxying” schemes: a relay component: building circuits, sending traffic over them, getting the crypto right a discovery component: learning what relays are available
20 The basic Tor design uses a simple centralized directory protocol. R2 R1 Alice Trusted directory Trusted directory R3 cache cache Relays publish self-signed descriptors. Authorities publish a consensus list of all descriptors Alice downloads consensus and descriptors from anywhere
21 Early blocking ● 2006: Thailand blocks our website by DNS ● 2007: Iran/Saudi Arabia/others use websense/smartfilter to block Tor’s http directory fetches. The fix: put everything inside TLS.
22
23
24 Iran throttles SSL (June 2009) ● We made Tor's TLS handshake look like Firefox+Apache. ● So when Iran freaked out and throttled SSL bandwidth by DPI in summer 2009, they got Tor for free
25 Attackers can block users from connecting to the Tor network 1) By blocking the directory authorities 2) By blocking all the relay IP addresses in the directory, or the addresses of other Tor services 3) By filtering based on Tor's network fingerprint 4) By preventing users from finding the Tor software (usually by blocking website)
26 R4 R2 R1 R3 Bob Alice Alice Alice Alice Alice Blocked User Blocked User Blocked User Blocked User Blocked User Alice Alice Alice Alice Alice Alice Alice Alice Alice Alice
27 How do you find a bridge? 1) https://bridges.torproject.org/ will tell you a few based on time and your IP address 2) Mail bridges@torproject.org from a gmail address and we'll send you a few 3) I mail some to a friend in Shanghai who distributes them via his social network 4) You can set up your own private bridge and tell your target users directly
28
29
30 China (September 2009) ● China grabbed the list of public relays and blocked them ● They also enumerated+blocked one of the three bridge buckets (https://bridges.torproject.org/) ● But they missed the other bridge buckets.
31
32
33 China (March 2010) ● China enumerated the second of our three bridge buckets (the ones available at bridges@torproject.org via Gmail) ● We were down to the social network distribution strategy, and the private bridges
34 Iran (January 2011) ● Iran blocked Tor by DPI for SSL and filtering our Diffie-Hellman parameter. ● Socks proxy worked fine the whole time (the DPI didn't pick it up) ● DH p is a server-side parameter, so the relays and bridges had to upgrade, but not the clients
36
37 Iran (September 2011) ● This time, DPI for SSL and look at our TLS certificate lifetime. ● (Tor rotated its TLS certificates every 2 hours, because key rotation is good, right?) ● Now our certificates last for a year ● These are all low-hanging fruit. Kind of a weird arms race.
38
39
40
41 Tunisia (October 2011) ● First country to announce officially that they censor ● Using Smartfilter ● Outsourced to a foreign corporation ● And Tunisia got a discount!
42 Pluggable transports
43 The two currently successful PTs ● obfsproxy (2012): add a layer of encryption on top so there are no recognizable headers. ● meek (2014): “domain fronting” via Google, Azure, Amazon
44 Tor censorship epochs ● Background / Phase 1 (2006-2011): Bridges, pluggable transports ● Phase 2 (2011-2019): Active probing, obfsproxy, domain fronting, many more countries ● Phase 3 (2019-?): Snowflake, obfs4, decoy routing, ...
45 China (October 2011) ● Started its active probing campaign by DPIing on Tor’s TLS handshake, and later on obfs2 and obfs3 ● Spoofed IP addresses from inside China ● The fix: obfs4 requires the client to prove knowledge of a secret, else it won’t admit to being an obfs4 bridge.
46
47 China (March 2015) ● “Great Cannon” targets github ● Greatfire declaring war, “you can’t block us” ● Huge difference from previous “let them save face” approach
50
51 China (pre 2018) ● China also shifted to blackholing the entire IP address (not just the offending port). ● Any old probers are enough to get bridges blocked (0.2.9, ORPort, etc)
52 China (mid 2018) ● Lantern uses obfs4 proxies for its own circumvention tool ● After a while, the proxies they give their users don’t work so well. ^ another example of tough feedback loop
53 China (mid 2019) ● 0.3.2 Tor clients, talking to 0.3.5 Tor bridges, don’t trigger active probing anymore. ● We guess it has to do with changes in advertised ciphersuites on the client side.
54
55
56
57
58 Tor censorship epochs ● Background / Phase 1 (2006-2011): Bridges, pluggable transports ● Phase 2 (2011-2019): Active probing, obfsproxy, domain fronting, many more countries ● Phase 3 (2019-?): Snowflake, obfs4, decoy routing, ...
59 Newpluggabletransport:Snow✓ake
60
61
62 Streamlined obfs4 deployment ● https://community.torproject.org/ relay/setup/bridge ● The future: “apt install tor-servers” ?
63 BridgeDB needs a feedback cycle ● Measure how much use each bridge sees ● Measure bridge blocking ● Then adapt bridge distribution to favor efficient distribution channels ● Need to invent new distribution channels, eg Salmon from PETS 2015
64 Measuring bridge reachability ● Passive: bridges track incoming connections by country; clients self-report blockage (via some other bridge) ● Active: scan bridges from within the country; or measure remotely via indirect scanning ● Bridges test for duplex blocking
65 ooni.torproject.org
66 explorer.ooni.torproject.org ● I
67 Other upcoming designs ● FTE/Marionette: transform traffic payloads according to a regexp or a state machine ● Decoy routing: run a tap at an ISP, look for steganographic tags, inject responses from the middle
68 Arms races ● Censorship arms race is bad ● Surveillance arms race is worse – And centralization of the Internet makes it worse still
69 How can you help? ● Run an obfs4 bridge, be a Snowflake ● Teach your friends about Tor, and privacy in general ● Help find – and fix – bugs ● Work on open research problems (petsymposium.org) ● donate.torproject.org
70
71
72

Recommandé

Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routerAshly Liza
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaOWASP Delhi
 
How TOR works?
How TOR works?How TOR works?
How TOR works?Onkar Badiger
 
Tor
TorTor
TorBharat Sabne
 
ONION Routing - Jovial learning
ONION Routing - Jovial learningONION Routing - Jovial learning
ONION Routing - Jovial learningPrasanna Shanmugasundaram
 
Tor Network
Tor NetworkTor Network
Tor NetworkMuhammad Jabir A C K
 
2012 in review: Tor and the censorship arms race - 44CON 2012
2012 in review: Tor and the censorship arms race - 44CON 20122012 in review: Tor and the censorship arms race - 44CON 2012
2012 in review: Tor and the censorship arms race - 44CON 201244CON
 
TOR... ALL THE THINGS
TOR... ALL THE THINGSTOR... ALL THE THINGS
TOR... ALL THE THINGSCrowdStrike
 

Recommandé

Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routerAshly Liza
 
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaOWASP Delhi
 
How TOR works?
How TOR works?How TOR works?
How TOR works?Onkar Badiger
 
Tor
TorTor
TorBharat Sabne
 
ONION Routing - Jovial learning
ONION Routing - Jovial learningONION Routing - Jovial learning
ONION Routing - Jovial learningPrasanna Shanmugasundaram
 
Tor Network
Tor NetworkTor Network
Tor NetworkMuhammad Jabir A C K
 
2012 in review: Tor and the censorship arms race - 44CON 2012
2012 in review: Tor and the censorship arms race - 44CON 20122012 in review: Tor and the censorship arms race - 44CON 2012
2012 in review: Tor and the censorship arms race - 44CON 201244CON
 
TOR... ALL THE THINGS
TOR... ALL THE THINGSTOR... ALL THE THINGS
TOR... ALL THE THINGSCrowdStrike
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementationINSIGHT FORENSIC
 
Pyongyang Fortress
Pyongyang FortressPyongyang Fortress
Pyongyang FortressMayank Dhiman
 
Tor Project overview
Tor Project overviewTor Project overview
Tor Project overviewJorge Couchet
 
Onion protocol
Onion protocolOnion protocol
Onion protocolAnshu Raj
 
Tor
TorTor
TorGeorgino Abboud
 
TOR: The Onion Router
TOR: The Onion RouterTOR: The Onion Router
TOR: The Onion RouterVolodymyr Ostapiv
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to TorJaskaran Narula
 
Tor Pivoting Networks Share
Tor Pivoting Networks Share Tor Pivoting Networks Share
Tor Pivoting Networks Share Ricardo Robles, M.Eng.
 
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat Security Conference
 
Hacking SSL When Using RC4
Hacking SSL When Using RC4Hacking SSL When Using RC4
Hacking SSL When Using RC4Khairi Aiman
 
IPsec on Mikrotik
IPsec on MikrotikIPsec on Mikrotik
IPsec on MikrotikGLC Networks
 
Anonymity Systems: Tor
Anonymity Systems: TorAnonymity Systems: Tor
Anonymity Systems: Torantitree
 
Queue Type on Mikrotik
Queue Type on MikrotikQueue Type on Mikrotik
Queue Type on MikrotikGLC Networks
 
Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...
Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...
Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...Security Session
 
FIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclaveFIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclavewolfSSL
 
Tor
TorTor
Toranjalika sinha
 
Module: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness BeaconModule: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness BeaconIoannis Psaras
 
Information security using onion routing(tor)
Information security using onion routing(tor)Information security using onion routing(tor)
Information security using onion routing(tor)Kaustubh Joshi
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion routern|u - The Open Security Community
 
wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsBiagio Botticelli
 
Comparison of Anonymous Communication Networks-Tor, I2P, Freenet
Comparison of Anonymous Communication Networks-Tor, I2P, FreenetComparison of Anonymous Communication Networks-Tor, I2P, Freenet
Comparison of Anonymous Communication Networks-Tor, I2P, FreenetIRJET Journal
 

Contenu connexe

Tendances

(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementationINSIGHT FORENSIC
 
Tor Project overview
Tor Project overviewTor Project overview
Tor Project overviewJorge Couchet
 
Onion protocol
Onion protocolOnion protocol
Onion protocolAnshu Raj
 
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat Security Conference
 
Hacking SSL When Using RC4
Hacking SSL When Using RC4Hacking SSL When Using RC4
Hacking SSL When Using RC4Khairi Aiman
 
Anonymity Systems: Tor
Anonymity Systems: TorAnonymity Systems: Tor
Anonymity Systems: Torantitree
 
Queue Type on Mikrotik
Queue Type on MikrotikQueue Type on Mikrotik
Queue Type on MikrotikGLC Networks
 
Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...
Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...
Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...Security Session
 
FIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclaveFIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclavewolfSSL
 
Module: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness BeaconModule: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness BeaconIoannis Psaras
 
Information security using onion routing(tor)
Information security using onion routing(tor)Information security using onion routing(tor)
Information security using onion routing(tor)Kaustubh Joshi
 
wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL
 

Tendances (20)

(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
 
Pyongyang Fortress
Pyongyang FortressPyongyang Fortress
Pyongyang Fortress
 
Tor Project overview
Tor Project overviewTor Project overview
Tor Project overview
 
Onion protocol
Onion protocolOnion protocol
Onion protocol
 
Tor
TorTor
Tor
 
TOR: The Onion Router
TOR: The Onion RouterTOR: The Onion Router
TOR: The Onion Router
 
Introduction to Tor
Introduction to TorIntroduction to Tor
Introduction to Tor
 
Tor Pivoting Networks Share
Tor Pivoting Networks Share Tor Pivoting Networks Share
Tor Pivoting Networks Share
 
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
 
Hacking SSL When Using RC4
Hacking SSL When Using RC4Hacking SSL When Using RC4
Hacking SSL When Using RC4
 
IPsec on Mikrotik
IPsec on MikrotikIPsec on Mikrotik
IPsec on Mikrotik
 
Anonymity Systems: Tor
Anonymity Systems: TorAnonymity Systems: Tor
Anonymity Systems: Tor
 
Queue Type on Mikrotik
Queue Type on MikrotikQueue Type on Mikrotik
Queue Type on Mikrotik
 
Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...
Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...
Getting your hands dirty: How to Analyze the Behavior of Malware Traffic / SE...
 
FIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclaveFIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure Enclave
 
Tor
TorTor
Tor
 
Module: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness BeaconModule: drand - the Distributed Randomness Beacon
Module: drand - the Distributed Randomness Beacon
 
Information security using onion routing(tor)
Information security using onion routing(tor)Information security using onion routing(tor)
Information security using onion routing(tor)
 
Tor the onion router
Tor the onion routerTor the onion router
Tor the onion router
 
wolfSSL and TLS 1.3
wolfSSL and TLS 1.3wolfSSL and TLS 1.3
wolfSSL and TLS 1.3
 

Similaire à DEF CON 27 - ROGER DINGLEDINE -tor censorship arms race

Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsBiagio Botticelli
 
Comparison of Anonymous Communication Networks-Tor, I2P, Freenet
Comparison of Anonymous Communication Networks-Tor, I2P, FreenetComparison of Anonymous Communication Networks-Tor, I2P, Freenet
Comparison of Anonymous Communication Networks-Tor, I2P, FreenetIRJET Journal
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymityanurag singh
 
Anonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsAnonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsBiagio Botticelli
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network torKhaled Mosharraf
 
The Considerations for Internet of Things @ 2017
The Considerations for Internet of Things @ 2017The Considerations for Internet of Things @ 2017
The Considerations for Internet of Things @ 2017Jian-Hong Pan
 
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defenderUsing a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defenderRemmy Nweke, mNGE, mNUJ, mGOCOP
 
Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After th...
Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After th... Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After th...
Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After th...i_scienceEU
 
Sergio González - WiFiSlax 4.0 [RootedCON 2010]
Sergio González - WiFiSlax 4.0 [RootedCON 2010]Sergio González - WiFiSlax 4.0 [RootedCON 2010]
Sergio González - WiFiSlax 4.0 [RootedCON 2010]RootedCON
 
Internet Of Things: Hands on: YOW! night
Internet Of Things: Hands on: YOW! nightInternet Of Things: Hands on: YOW! night
Internet Of Things: Hands on: YOW! nightAndy Gelme
 
IoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackIoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackPriyanka Aash
 
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security GLC Networks
 
Chapter 7 security tools i
Chapter 7 security tools iChapter 7 security tools i
Chapter 7 security tools iSyaiful Ahdan
 
Presentation darknet
Presentation darknetPresentation darknet
Presentation darknetDvir Barel
 
APIdays Barcelona 2019 - Introduction to Onion Services to secure APIs with P...
APIdays Barcelona 2019 - Introduction to Onion Services to secure APIs with P...APIdays Barcelona 2019 - Introduction to Onion Services to secure APIs with P...
APIdays Barcelona 2019 - Introduction to Onion Services to secure APIs with P...apidays
 

Similaire à DEF CON 27 - ROGER DINGLEDINE -tor censorship arms race (20)

Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocols
 
Comparison of Anonymous Communication Networks-Tor, I2P, Freenet
Comparison of Anonymous Communication Networks-Tor, I2P, FreenetComparison of Anonymous Communication Networks-Tor, I2P, Freenet
Comparison of Anonymous Communication Networks-Tor, I2P, Freenet
 
Onion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and AnonymityOnion routing and tor: Fundamentals and Anonymity
Onion routing and tor: Fundamentals and Anonymity
 
Anonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsAnonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing Protocols
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network tor
 
Anonymity Network TOR
Anonymity Network TOR Anonymity Network TOR
Anonymity Network TOR
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
 
The Considerations for Internet of Things @ 2017
The Considerations for Internet of Things @ 2017The Considerations for Internet of Things @ 2017
The Considerations for Internet of Things @ 2017
 
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defenderUsing a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
Using a VPN or and TOR by remmy nweke, fellow, cyber security policy defender
 
Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After th...
Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After th... Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After th...
Runa Sandvik, The Tor Project, London: Online Anonymity: Before and After th...
 
Sergio González - WiFiSlax 4.0 [RootedCON 2010]
Sergio González - WiFiSlax 4.0 [RootedCON 2010]Sergio González - WiFiSlax 4.0 [RootedCON 2010]
Sergio González - WiFiSlax 4.0 [RootedCON 2010]
 
Darknet
DarknetDarknet
Darknet
 
Internet Of Things: Hands on: YOW! night
Internet Of Things: Hands on: YOW! nightInternet Of Things: Hands on: YOW! night
Internet Of Things: Hands on: YOW! night
 
IoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation TrackIoTNEXT 2016 - SafeNation Track
IoTNEXT 2016 - SafeNation Track
 
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
Troubleshooting Layer 2 Ethernet Problem: Loop, Broadcast, Security
 
Overlay networks
Overlay networksOverlay networks
Overlay networks
 
Chapter 7 security tools i
Chapter 7 security tools iChapter 7 security tools i
Chapter 7 security tools i
 
Darknet
DarknetDarknet
Darknet
 
Presentation darknet
Presentation darknetPresentation darknet
Presentation darknet
 
APIdays Barcelona 2019 - Introduction to Onion Services to secure APIs with P...
APIdays Barcelona 2019 - Introduction to Onion Services to secure APIs with P...APIdays Barcelona 2019 - Introduction to Onion Services to secure APIs with P...
APIdays Barcelona 2019 - Introduction to Onion Services to secure APIs with P...
 

Plus de Felipe Prado

DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directoryDEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directoryFelipe Prado
 
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...Felipe Prado
 
DEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got antsDEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got antsFelipe Prado
 
DEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryptionDEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryptionFelipe Prado
 
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101Felipe Prado
 
DEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a governmentDEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a governmentFelipe Prado
 
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardwareDEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardwareFelipe Prado
 
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...Felipe Prado
 
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustrationDEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustrationFelipe Prado
 
DEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interfaceDEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interfaceFelipe Prado
 
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionistDEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionistFelipe Prado
 
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locksDEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locksFelipe Prado
 
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityDEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityFelipe Prado
 
DEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portalsDEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portalsFelipe Prado
 
DEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitchDEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitchFelipe Prado
 
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...Felipe Prado
 
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucksDEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucksFelipe Prado
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationDEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationFelipe Prado
 
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vncDEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vncFelipe Prado
 
DEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devicesDEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devicesFelipe Prado
 

Plus de Felipe Prado (20)

DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directoryDEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
DEF CON 24 - Sean Metcalf - beyond the mcse red teaming active directory
 
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
DEF CON 24 - Bertin Bervis and James Jara - exploiting and attacking seismolo...
 
DEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got antsDEF CON 24 - Tamas Szakaly - help i got ants
DEF CON 24 - Tamas Szakaly - help i got ants
 
DEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryptionDEF CON 24 - Ladar Levison - compelled decryption
DEF CON 24 - Ladar Levison - compelled decryption
 
DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101DEF CON 24 - Clarence Chio - machine duping 101
DEF CON 24 - Clarence Chio - machine duping 101
 
DEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a governmentDEF CON 24 - Chris Rock - how to overthrow a government
DEF CON 24 - Chris Rock - how to overthrow a government
 
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardwareDEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
DEF CON 24 - Fitzpatrick and Grand - 101 ways to brick your hardware
 
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
DEF CON 24 - Rogan Dawes and Dominic White - universal serial aBUSe remote at...
 
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustrationDEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
DEF CON 24 - Jay Beale and Larry Pesce - phishing without frustration
 
DEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interfaceDEF CON 24 - Gorenc Sands - hacker machine interface
DEF CON 24 - Gorenc Sands - hacker machine interface
 
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionistDEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
DEF CON 24 - Allan Cecil and DwangoAC - tasbot the perfectionist
 
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locksDEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
DEF CON 24 - Rose and Ramsey - picking bluetooth low energy locks
 
DEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud securityDEF CON 24 - Rich Mogull - pragmatic cloud security
DEF CON 24 - Rich Mogull - pragmatic cloud security
 
DEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portalsDEF CON 24 - Grant Bugher - Bypassing captive portals
DEF CON 24 - Grant Bugher - Bypassing captive portals
 
DEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitchDEF CON 24 - Patrick Wardle - 99 problems little snitch
DEF CON 24 - Patrick Wardle - 99 problems little snitch
 
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
DEF CON 24 - Plore - side -channel attacks on high security electronic safe l...
 
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucksDEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
DEF CON 24 - Six Volts and Haystack - cheap tools for hacking heavy trucks
 
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitationDEF CON 24 - Dinesh and Shetty - practical android application exploitation
DEF CON 24 - Dinesh and Shetty - practical android application exploitation
 
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vncDEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
DEF CON 24 - Klijnsma and Tentler - stargate pivoting through vnc
 
DEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devicesDEF CON 24 - Antonio Joseph - fuzzing android devices
DEF CON 24 - Antonio Joseph - fuzzing android devices
 

Dernier

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Dernier (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

DEF CON 27 - ROGER DINGLEDINE -tor censorship arms race

  • 1. 1 The Tor Censorship Arms Race: The Next Chapter
  • 2. 2 ● OnlineAnonymity – OpenSource – OpenNetwork ● Communityof researchers, developers,usersand relayoperators. ● U.S.501(c)(3)non- pro%torganization
  • 3. 3 Estimated 2,000,000 to 8,000,000 daily Tor users
  • 4. 4 Threat model: what can the attacker do? Alice Anonymity network Bob watch (or be!) Bob! watch Alice! Control part of the network!
  • 5. 5 Anonymity isn't encryption: Encryption just protects contents. Alice Bob “Hi, Bob!”“Hi, Bob!” <gibberish> attacker
  • 6. 6
  • 7. 7 Anonymity serves different interests for different user groups. Anonymity Private citizens“It's privacy!”
  • 8. 8 Anonymity serves different interests for different user groups. Anonymity Private citizens Businesses “It's network security!” “It's privacy!”
  • 9. 9 Anonymity serves different interests for different user groups. Anonymity Private citizens Governments Businesses “It's traffic-analysis resistance!” “It's network security!” “It's privacy!”
  • 10. 10 Anonymity serves different interests for different user groups. Anonymity Private citizens Governments Businesses “It's traffic-analysis resistance!” “It's network security!” “It's privacy!” Human rights activists “It's reachability!”
  • 11. 11
  • 12. 12
  • 13. 13
  • 14. 14
  • 15. 15
  • 16. 16 Tor's safety comes from diversity ● #1: Diversity of relays. The more relays we have and the more diverse they are, the fewer attackers are in a position to do traffic confirmation. (Research problem: measuring diversity over time) ● #2: Diversity of users and reasons to use it. 50000 users in Iran means almost all of them are normal citizens.
  • 17. 17 Transparency for Tor is key ● Open source / free software ● Public design documents and specifications ● Publicly identified developers ● Not a contradiction: privacy is about choice!
  • 18. 18 Tor censorship epochs ● Background / Phase 1 (2006-2011): Bridges, pluggable transports ● Phase 2 (2011-2019): Active probing, obfsproxy, domain fronting, many more countries ● Phase 3 (2019-?): Snowflake, obfs4, decoy routing, ...
  • 19. 19 Relay versus Discovery There are two pieces to all these “proxying” schemes: a relay component: building circuits, sending traffic over them, getting the crypto right a discovery component: learning what relays are available
  • 20. 20 The basic Tor design uses a simple centralized directory protocol. R2 R1 Alice Trusted directory Trusted directory R3 cache cache Relays publish self-signed descriptors. Authorities publish a consensus list of all descriptors Alice downloads consensus and descriptors from anywhere
  • 21. 21 Early blocking ● 2006: Thailand blocks our website by DNS ● 2007: Iran/Saudi Arabia/others use websense/smartfilter to block Tor’s http directory fetches. The fix: put everything inside TLS.
  • 22. 22
  • 23. 23
  • 24. 24 Iran throttles SSL (June 2009) ● We made Tor's TLS handshake look like Firefox+Apache. ● So when Iran freaked out and throttled SSL bandwidth by DPI in summer 2009, they got Tor for free
  • 25. 25 Attackers can block users from connecting to the Tor network 1) By blocking the directory authorities 2) By blocking all the relay IP addresses in the directory, or the addresses of other Tor services 3) By filtering based on Tor's network fingerprint 4) By preventing users from finding the Tor software (usually by blocking website)
  • 27. 27 How do you find a bridge? 1) https://bridges.torproject.org/ will tell you a few based on time and your IP address 2) Mail bridges@torproject.org from a gmail address and we'll send you a few 3) I mail some to a friend in Shanghai who distributes them via his social network 4) You can set up your own private bridge and tell your target users directly
  • 28. 28
  • 29. 29
  • 30. 30 China (September 2009) ● China grabbed the list of public relays and blocked them ● They also enumerated+blocked one of the three bridge buckets (https://bridges.torproject.org/) ● But they missed the other bridge buckets.
  • 31. 31
  • 32. 32
  • 33. 33 China (March 2010) ● China enumerated the second of our three bridge buckets (the ones available at bridges@torproject.org via Gmail) ● We were down to the social network distribution strategy, and the private bridges
  • 34. 34 Iran (January 2011) ● Iran blocked Tor by DPI for SSL and filtering our Diffie-Hellman parameter. ● Socks proxy worked fine the whole time (the DPI didn't pick it up) ● DH p is a server-side parameter, so the relays and bridges had to upgrade, but not the clients
  • 35.
  • 36. 36
  • 37. 37 Iran (September 2011) ● This time, DPI for SSL and look at our TLS certificate lifetime. ● (Tor rotated its TLS certificates every 2 hours, because key rotation is good, right?) ● Now our certificates last for a year ● These are all low-hanging fruit. Kind of a weird arms race.
  • 38. 38
  • 39. 39
  • 40. 40
  • 41. 41 Tunisia (October 2011) ● First country to announce officially that they censor ● Using Smartfilter ● Outsourced to a foreign corporation ● And Tunisia got a discount!
  • 43. 43 The two currently successful PTs ● obfsproxy (2012): add a layer of encryption on top so there are no recognizable headers. ● meek (2014): “domain fronting” via Google, Azure, Amazon
  • 44. 44 Tor censorship epochs ● Background / Phase 1 (2006-2011): Bridges, pluggable transports ● Phase 2 (2011-2019): Active probing, obfsproxy, domain fronting, many more countries ● Phase 3 (2019-?): Snowflake, obfs4, decoy routing, ...
  • 45. 45 China (October 2011) ● Started its active probing campaign by DPIing on Tor’s TLS handshake, and later on obfs2 and obfs3 ● Spoofed IP addresses from inside China ● The fix: obfs4 requires the client to prove knowledge of a secret, else it won’t admit to being an obfs4 bridge.
  • 46. 46
  • 47. 47 China (March 2015) ● “Great Cannon” targets github ● Greatfire declaring war, “you can’t block us” ● Huge difference from previous “let them save face” approach
  • 48.
  • 49.
  • 50. 50
  • 51. 51 China (pre 2018) ● China also shifted to blackholing the entire IP address (not just the offending port). ● Any old probers are enough to get bridges blocked (0.2.9, ORPort, etc)
  • 52. 52 China (mid 2018) ● Lantern uses obfs4 proxies for its own circumvention tool ● After a while, the proxies they give their users don’t work so well. ^ another example of tough feedback loop
  • 53. 53 China (mid 2019) ● 0.3.2 Tor clients, talking to 0.3.5 Tor bridges, don’t trigger active probing anymore. ● We guess it has to do with changes in advertised ciphersuites on the client side.
  • 54. 54
  • 55. 55
  • 56. 56
  • 57. 57
  • 58. 58 Tor censorship epochs ● Background / Phase 1 (2006-2011): Bridges, pluggable transports ● Phase 2 (2011-2019): Active probing, obfsproxy, domain fronting, many more countries ● Phase 3 (2019-?): Snowflake, obfs4, decoy routing, ...
  • 60. 60
  • 61. 61
  • 63. 63 BridgeDB needs a feedback cycle ● Measure how much use each bridge sees ● Measure bridge blocking ● Then adapt bridge distribution to favor efficient distribution channels ● Need to invent new distribution channels, eg Salmon from PETS 2015
  • 64. 64 Measuring bridge reachability ● Passive: bridges track incoming connections by country; clients self-report blockage (via some other bridge) ● Active: scan bridges from within the country; or measure remotely via indirect scanning ● Bridges test for duplex blocking
  • 67. 67 Other upcoming designs ● FTE/Marionette: transform traffic payloads according to a regexp or a state machine ● Decoy routing: run a tap at an ISP, look for steganographic tags, inject responses from the middle
  • 68. 68 Arms races ● Censorship arms race is bad ● Surveillance arms race is worse – And centralization of the Internet makes it worse still
  • 69. 69 How can you help? ● Run an obfs4 bridge, be a Snowflake ● Teach your friends about Tor, and privacy in general ● Help find – and fix – bugs ● Work on open research problems (petsymposium.org) ● donate.torproject.org
  • 70. 70
  • 71. 71
  • 72. 72