internet surveillance building our own trojan horse
play

Internet Surveillance: Building Our Own Trojan Horse Susan Landau - PowerPoint PPT Presentation

Oct 09, 2023 •212 likes •702 views

Internet Surveillance: Building Our Own Trojan Horse Susan Landau Distinguished Engineer Sun Microsystems Laboratories The Changes since 9/11 TSA airport screenings Restrictions on visas. ID cards: RealID and PIV. Wiretap laws.

  1. Internet Surveillance: Building Our Own Trojan Horse Susan Landau Distinguished Engineer Sun Microsystems Laboratories

  2. The Changes since 9/11 • TSA airport screenings • Restrictions on visas. • ID cards: RealID and PIV. • Wiretap laws. Sun Confidential: Internal Only

  3. Wiretap Laws • USA PATRIOT Act (2001). • U.S.: Communications Assistance for Law Enforcement Act (CALEA) extended to VoIP (2003-). • U.S.: Protect America Act (2007). • Two-week extension to Protect America Act (2008). • (Cyber Initiative (2007)). Sun Confidential: Internal Only

  4. Wiretap Law • Title III: covers criminal cases (1968). • Foreign Intelligence Surveillance Act (FISA): covers surveillance for foreign intelligence (1978). • Communications Assistance for Law Enforcement Act: requires digitally-switched telephone networks to be built “wiretap accessible” (1994). • Protect America Act: “updates” FISA to warrantless wiretapping of foreign communications over fiber optic cables (2007). • Cyber Initiative (2008). Sun Confidential: Internal Only

  5. What risks do we face? • Serious risks --- nuclear explosions in cities (including dirty bombs). • Small risks, e.g., terrorists blowing up buses and trains. • Natural disasters --- 2005 Hurricane Katrina and the 2004 Indian Ocean earthquake tsunami. • 1931 Yellow River Flood, 1887 Yellow River Flood, 1970 Bhola Cyclone, 1556 Shaanxi Earthquake. Sun Confidential: Internal Only

  6. How efficacious are the proposed solutions? • Wiretaps critical in kidnapping cases. • Wiretaps used for other investigations. • June 2006 Department of Justice Counterterrorism Whitepaper: 441 defendants charged with terrorism or terrorism-related activities of an international “nexus.” Sun Confidential: Internal Only

  7. How efficacious are the proposed solutions? • Wiretaps used in kidnapping cases: an average of 2-3 cases between 1968 and 1994, 4-6 in subsequent years. • Wiretaps used for other investigations: 1968-73, 64% of cases were gambling; now it is 81% drugs. 1988-1994: arson and explosive cases: 0. • Between 2001-2006: Yes, 441 defendants including Sheikh Abdel-Rahman, Zacarias Moussaaoui, Richard Reed. But of 335 persons prosecuted between 2001 and 2006 as “international terrorists,” 123 received prison sentences, 14 of five years or more, 6 for twenty years or more. Sun Confidential: Internal Only

  8. What is the cost of the proposed solutions? • How long will this “war” last? • What will be the long-term costs of the proposed solutions? • Are we looking at long-term risk for short-term gain? • Use of surveillance previously limited to times of war. Sun Confidential: Internal Only

  9. The Real Question: how well do these work? • Enabling law enforcement and national security investigations versus • Hardening communication systems. Sun Confidential: Internal Only

  10. Communications Assistance for Law Enforcement Act (CALEA) • Law originally applied to telephone services, not “information services.” • 2003-2006 expansion of law to “easy” case of VoIP. • 2006: attempt to expand the law to all cases of real- time communications. • 2007: Request for “expedited rulemaking” to require broadband access providers to provide call- identifying information on packet activity for all online applications. Sun Confidential: Internal Only

  11. The Protect America Act: What and Why • Warrantless wiretapping permitted as long as one end of communication “reasonably believed to be outside U.S.” • “Update” to FISA. • Location difficult to obtain in real time. • Law expired in January 2008. • Renewal?? Sun Confidential: Internal Only

  12. Circuit Switched v. Packet Switched --- the Networks are the Same : • Same type of transmission facilities (often sharing same cable). • Use electric routing/switching devices • Use transmission links and switching and routing equipment parsimoniously. • Many facilities-based companies operate networks and must work together to deliver user's traffic. • Both use digital transmission and time-division multiplexing. Sun Confidential: Internal Only

  13. Circuit Switched v. Packet Switched --- The Networks are Different: • PSTN historically used expensive switches to provide quality. Internet and Arpanet used relatively inexpensive routers for “best-effort.” Internet now migrating to switch-based technology for QOS. • Internet eschews intelligence in the network. PSTN uses network-based intelligence for dumb terminals, enabling legacy telephones. Sun Confidential: Internal Only

  14. Looking at applying CALEA to VoIP, what's important about VoIP? • Variety of VoIP models. • Mobility. • Ease of creating new identities on the Internet. Sun Confidential: Internal Only

  15. What's Complicated about Applying CALEA to VoIP? • Variety of VoIP models. • Mobility. • Ease of creating new identities on the Internet (artifact of little or no authentication for most Internet applications). Sun Confidential: Internal Only

  16. Don't We Already Wiretap Mobile Communications? • Cell phones. • Roving wiretaps. Sun Confidential: Internal Only

  17. Sun Confidential: Internal Only

  18. What's the Problem? I • Physical security of the switching/routing equipment into which wiretaps are inserted --- can't be predicted in advance. For example,there are 1300 VoIP providers in U.S. with fewer than 100 employees. The same model exists elsewhere in the world. • Ease of creating new identities on the net. • Secure transport of signals to law enforcement. Sun Confidential: Internal Only

  19. What's the Problem? II • Increases risk that target discovers wiretap is in place. • Difficulty of ensuring proper minimization because of mobility and agility issues. • Increased risk of introducing vulnerabilities into Internet (IETF RFC 2804). • Search engines + vulnerabilities = a dangerous combination. Sun Confidential: Internal Only

  20. What's the Real Problem? • People call people, not IP addresses. • If you're trying to do VoIP on a fixed line directly to large ISP: Easy. Anything else: HARD. Sun Confidential: Internal Only

  21. This is not just theory: the Problems with DCS 3000: • Auditing system primitive: no unprivileged userids, passwords rather than token-based or biometric authenticators. • Outdated hashing algorithm (MD5) in 2007 document. • Single shared login, rather than login per user. Sun Confidential: Internal Only

  22. The Protect America Act: Dangers Lurk • Apparent removal of security and privacy role of communication carriers. • Placement of system properly within the U.S. rather than at borders. • Likely to be made of pieces previously used abroad. • Call Detail Records, built for network development purposes, now has new “customers.” Sun Confidential: Internal Only

  23. The Protect America Act: Risks • Risk of exploitation by opponents. • Lack of two-person (two-organization) control. • Lack of inherent technical minimization of traffic. • Domestic traffic penetrating into a system built for foreign surveillance traffic. Sun Confidential: Internal Only

  24. What are the type of threats we face? Sun Confidential: Internal Only

  25. What are the type of threats we face? • Threats from non-state actors. Sun Confidential: Internal Only

  26. What are the type of threats we face? • Threats from non-state actors. • Threats from state actors. Sun Confidential: Internal Only

  27. What are the type of threats we face? • Threats from non-state actors. • Threats from state actors. • Threats from insiders. Sun Confidential: Internal Only

  28. Threats from Non-State Actors • “Loop carrier” disabled Worcestor Airport tower communications (1998). • Attack on sewage treatment plant in Maroochy Shire, Australia released thousands of gallons of untreated sewage (2000). • Slammer worm disabled safety monitoring system at Davis-Besse nuclear power plant (2003). • Penetration into Harrisburg water filtration plant for distribution of spam, etc. (2006) ... Sun Confidential: Internal Only

  29. Threats: Attacks from State Actors • At 10:23 PM PST, attackers found vulnerabilities in computers at the U.S. Army Information Systems Engineering Command at Fort Huachuca, Arizona. • At 1:19 AM PST, they found the same hole in computers at the military's Defense Information Systems Agency in Arlington, Virginia. • At 3:25 AM, they hit the Naval Ocean Systems Center, a defense department installation in San Diego, California. • At 4:46 AM PST, they struck the United States Army Space and Strategic Defense installation in Huntsville, Alabama Nathan Thornburgh, Time Magazine, August 25, 2006 Sun Confidential: Internal Only

  30. Threats from Insiders • Historically the most dangerous type of threat Sun Confidential: Internal Only

  31. Threats from Insiders • Historically the most dangerous type of threat • They know your systems, they know your vulnerabilities, they know your audit methods, ... Sun Confidential: Internal Only

  32. Threats from Insiders • Historically the most dangerous type of threat. • They know your systems, they know your vulnerabilities, they know your audit methods ... • Kim Philby, Aldrich Ames, ... Sun Confidential: Internal Only

Recommend

Trojan Horse Zion Maxwell and Kaylie Davis The Trojan horse The Greeks had a war against the

Trojan Horse Zion Maxwell and Kaylie Davis The Trojan horse The Greeks had a war against the

Trojan Horse Zion Maxwell and Kaylie Davis The Trojan horse The Greeks had a war against the Trojans for ten years. The Torjan horse So they build the Trojan horse the Greeks Gene The Trojan horse After they built it they put a

392 views • 5 slides
Is the European Is the European Union the Union the Trojan Trojan Horse Horse of National

Is the European Is the European Union the Union the Trojan Trojan Horse Horse of National

Is the European Is the European Union the Union the Trojan Trojan Horse Horse of National Health of National Health Care Systems? Care Systems? Course Health Care State: Past and Present Health Care State: Past and Present University

768 views • 73 slides
Trojan Horse Strategy : synthesis of piperazine-based siderophores Pauline Loupias 1, *, Alexandra

Trojan Horse Strategy : synthesis of piperazine-based siderophores Pauline Loupias 1, *, Alexandra

Trojan Horse Strategy : synthesis of piperazine-based siderophores Pauline Loupias 1, *, Alexandra Dassonville-Klimpt 1 , Elodie Lohou 1 , Nicolas Taudon 2 and Pascal Sonnet 1 1 AGIR, EA 4294, UFR de Pharmacie, Universit de Picardie Jules Verne,

659 views • 16 slides
Method Taking into Account Process Dispersion to Detect Hardware Trojan Horse by Side-Channel

Method Taking into Account Process Dispersion to Detect Hardware Trojan Horse by Side-Channel

Method Taking into Account Process Dispersion to Detect Hardware Trojan Horse by Side-Channel X. Ngo, Z. Najm, S. Guilley, S. Bhasin, J.-L.Danger PROOFS14, Busan, South Korea Introduction to HTH and its detection Proposed HTH Detection

429 views • 27 slides
Mandatory Access Control 1 DAC and Trojan Horse Brown: read, write Employee Employee Brown

Mandatory Access Control 1 DAC and Trojan Horse Brown: read, write Employee Employee Brown

Mandatory Access Control 1 DAC and Trojan Horse Brown: read, write Employee Employee Brown Read Employee Black, Brown: read, write REJECTED! Blacks Employee Black is not allowed To access Employee Black 2 1 DAC and Trojan Horse

643 views • 19 slides
Surface reactivity reactivity of of CuO CuO NPs NPs is is responsible responsible for for

Surface reactivity reactivity of of CuO CuO NPs NPs is is responsible responsible for for

Surface reactivity reactivity of of CuO CuO NPs NPs is is responsible responsible for for Surface the early early oxidative oxidative damages damages to to A549 A549 cells cells: : the a Trojan Trojan- -horse horse independent

469 views • 18 slides
Cell- -associated HIV transmission: associated HIV transmission: Cell the neglected pathway

Cell- -associated HIV transmission: associated HIV transmission: Cell the neglected pathway

Cell- -associated HIV transmission: associated HIV transmission: Cell the neglected pathway the neglected pathway Trojan Horse Leukocytes Trojan Horse Leukocytes in AIDS Transmission in AIDS Transmission Anderson DJ, Yunis Yunis EJ. NEJM

352 views • 17 slides
The Golden Age of Bulk Surveillance Nicholas C Weaver About Me... The Golden Age of Internet

The Golden Age of Bulk Surveillance Nicholas C Weaver About Me... The Golden Age of Internet

The Golden Age of Bulk Surveillance Nicholas C Weaver About Me... The Golden Age of Internet Surveillance Nicholas Weaver LITE TOP SECRET//SI//REL TO USA, FVEY 2 Not NOBUS (Nobody But Us) The Golden Age of Internet Surveillance Nicholas

369 views • 34 slides
DAC and Trojan Horse Brown: read, write Employee Mandatory Access Control Brown B Read

DAC and Trojan Horse Brown: read, write Employee Mandatory Access Control Brown B Read

DAC and Trojan Horse Brown: read, write Employee Mandatory Access Control Brown B Read Employee R d E l Black, Brown: read, write REJECTED! Blacks Employee Black is not allowed To access Employee Black 1 2 Mandatory Access

433 views • 6 slides
Mandatory Access Control Mandatory Access Control 1 DAC DAC and Trojan Horse d T j H Brown:

Mandatory Access Control Mandatory Access Control 1 DAC DAC and Trojan Horse d T j H Brown:

Mandatory Access Control Mandatory Access Control 1 DAC DAC and Trojan Horse d T j H Brown: read, write Employee Brown Read Employee Black Brown: read write Black, Brown: read, write REJECTED! Blacks Employee Black is not allowed

565 views • 38 slides
Building capacity, generating new surveillance information, and creating knowledge transfer and

Building capacity, generating new surveillance information, and creating knowledge transfer and

Building capacity, generating new surveillance information, and creating knowledge transfer and exchange through the Cancer Surveillance and Epidemiology Networks: An evaluation J. Shin, B. Candas, J. Brierley, A. Cloth, L. Fairclough Canadian

334 views • 4 slides
Horse Bowl, Horse Judging, and Hippology Developed by: Cecil Co. 4-H Volunteer, Monica Mason

Horse Bowl, Horse Judging, and Hippology Developed by: Cecil Co. 4-H Volunteer, Monica Mason

Horse Bowl, Horse Judging, and Hippology Developed by: Cecil Co. 4-H Volunteer, Monica Mason Horse Bowl In horse bowl, teams of four face off in front of a panel of judges and a moderator. In order to get the chance to answer, competitors must

714 views • 14 slides
SEA HORSE 2,5 HP SEA HORSE 2,5 HP SEA HORSE 2,5 HP SEA HORSE 2,5 HP Power Hp 2,5 Power

SEA HORSE 2,5 HP SEA HORSE 2,5 HP SEA HORSE 2,5 HP SEA HORSE 2,5 HP Power Hp 2,5 Power

MARINE SERVICE TRAINING MARINE SERVICE TRAINING MARINE SERVICE TRAINING MARINE SERVICE TRAINING SEA HORSE 2,5 HP SEA HORSE 2,5 HP SEA HORSE 2,5 HP SEA HORSE 2,5 HP Power Hp 2,5 Power Kw 1,84 Max RPM 5500/6000 Motor type 4 stroke

649 views • 18 slides
CS261N: Internet/Network Security Surveillance Who am I? Computer Science PhD Candidate at UC

CS261N: Internet/Network Security Surveillance Who am I? Computer Science PhD Candidate at UC

CS261N: Internet/Network Security Surveillance Who am I? Computer Science PhD Candidate at UC Berkeley Co-Founder of Bahrain Watch Senior Researcher at Citizen Lab Value Description 0 Not targeted , e.g. spam or financially motivated

1.06k views • 38 slides
Wild Horse and Burro Roundtable Wild Horse and Burro Roundtable Wild Horse and Burro Roundtable

Wild Horse and Burro Roundtable Wild Horse and Burro Roundtable Wild Horse and Burro Roundtable

Wild Horse and Burro Roundtable Wild Horse and Burro Roundtable Wild Horse and Burro Roundtable Wild Horse and Burro Roundtable Wild Horse and Burro Roundtable September 26, 2017 1 We must develop a broad coalition of interest groups and

355 views • 18 slides
Internet Resource Certification (RPKI) Building a More Secure Internet Sint-Maarten Internet Week

Internet Resource Certification (RPKI) Building a More Secure Internet Sint-Maarten Internet Week

Internet Resource Certification (RPKI) Building a More Secure Internet Sint-Maarten Internet Week Carlos Mar2nez Cagnazzo carlos @ lacnic.net A9acks on rou;ng: IP hijacks How Internet number resources are managed IANA ARIN LACNIC APNIC

788 views • 31 slides
COMPUTER-INTERNET SECURITY How am I vulnerable? 1 COMPUTER-INTERNET SECURITY Virus

COMPUTER-INTERNET SECURITY How am I vulnerable? 1 COMPUTER-INTERNET SECURITY Virus

COMPUTER-INTERNET SECURITY How am I vulnerable? 1 COMPUTER-INTERNET SECURITY Virus Worm Trojan Spyware Adware Messenger Service 2 VIRUS VIRUS A virus must meet two A computer virus is a small criteria:

525 views • 23 slides
The Internet & Surveillance - Research Paper Series Edited by the Unified Theory of

The Internet & Surveillance - Research Paper Series Edited by the Unified Theory of

The Internet & Surveillance - Research Paper Series Edited by the Unified Theory of Information Research Group, Vienna, Austria (http://www.uti.at) ISSN 2219-603X Title: Research Design & Data Analysis,

989 views • 71 slides
Age Categories: 8-10, 11-13 & 14-18 Animal Science Horse Objective: To increase the level of

Age Categories: 8-10, 11-13 & 14-18 Animal Science Horse Objective: To increase the level of

Age Categories: 8-10, 11-13 & 14-18 Animal Science Horse Objective: To increase the level of horse knowledge and expertise. Topics Include: horse selection, feeding, health, management, training, etc. District Award if applicable: Medal

378 views • 11 slides
1 Virus Pseudocode Virus A Trojan Horse? Some say YES: Purpose of infected program is overt

1 Virus Pseudocode Virus A Trojan Horse? Some say YES: Purpose of infected program is overt

Introduction Malicious Logic: a set of instructions that cause violation of security policy Malicious Logic Idea taken from Troy: to breach an impenetrable perimeter, have someone from the inside unknowingly bring you inside Example:

481 views • 19 slides
MY LOVELY HORSE RESCUE MY LOVELY HORSE RESCUE WHO ARE MLHR? WHO WE ARE NOT! WHY WE EXIST - THE

MY LOVELY HORSE RESCUE MY LOVELY HORSE RESCUE WHO ARE MLHR? WHO WE ARE NOT! WHY WE EXIST - THE

LAST UPDATED: 18TH APRIL 2016 MY LOVELY HORSE RESCUE MY LOVELY HORSE RESCUE WHO ARE MLHR? WHO WE ARE NOT! WHY WE EXIST - THE PROBLEMS WHAT WE DO SOME FACTS & FIGURES THE LAW, YOU & YOUR HORSE HOW YOU CAN HELP US WHO ARE MLHR

661 views • 45 slides
NV Wild Horse and Burro Program NV Sagebrush Ecosystem Council Velma Johnston (Wild Horse Annie)

NV Wild Horse and Burro Program NV Sagebrush Ecosystem Council Velma Johnston (Wild Horse Annie)

NV Wild Horse and Burro Program NV Sagebrush Ecosystem Council Velma Johnston (Wild Horse Annie) Wife of Nevada Cattle Rancher in 1940s-50s Led Crusade Against Horse Abuses Horses were shot Chased by planes and roped from

455 views • 17 slides
Trojan Horses Seemingly useful program that contains code that does harmful things When

Trojan Horses Seemingly useful program that contains code that does harmful things When

Trojan Horses Seemingly useful program that contains code that does harmful things When you run it, the Greeks creep out and slaughter your system Lecture 12 Page 1 CS 236 Online Basic Trojan Horses A program you pick up somewhere

581 views • 23 slides
(In)Visibility and Surveillance Questions Surveillance & Security Positives to surveillance

(In)Visibility and Surveillance Questions Surveillance & Security Positives to surveillance

(In)Visibility and Surveillance Questions Surveillance & Security Positives to surveillance added security. Negatives to surveillance loss of privacy Dis-Appearance dis-appearance refers to the processes whereby a visible

496 views • 15 slides

More recommend