10:00 AM
to 11:00 AM
Billy Hoffman & Matt Wood: Veiled - A Browser Based Darknet
119 Attendees
Location
Milano Ballroom 5-6-7-8
Type Privacy
Billy Hoffman, Matt Wood
The concept of a darknet has been around for several years now: a hidden underground where people anonymously and securely communicate and share files with each other. Various projects like Tor, FreeNet, WASTE, decentralized peer to peer networks, and other services attempt to provide people with some of these properties. Regardless of how people use darknets, the concept of a private secure network where people can freely communicate ideas as well as distribute content is compelling from both a technological and a philosophical perspective. Unfortunately, the reality is not as clean as the idea. Darknets traditionally require various software programs or components to be installed and configured. This is not for the technically faint of heart. This and other barriers of entry limit those who can participate in a darknet.
In this talk we will discuss and demonstrate Veiled, a proof-of-concept browser-based darknet. A browser-based darknet allows anyone to join from any platform which has a web browser whether it be it a PC or an iPhone. Veiled embodies many of the traditional properties of a darknet. Users can communicate with each other through encrypted channels. Shared files are encrypted, fragmented, and redundantly stored locally across members of Veiled. Another feature, inspired by Ross Anderson"
In this talk we will discuss and demonstrate Veiled, a proof-of-concept browser-based darknet. A browser-based darknet allows anyone to join from any platform which has a web browser whether it be it a PC or an iPhone. Veiled embodies many of the traditional properties of a darknet. Users can communicate with each other through encrypted channels. Shared files are encrypted, fragmented, and redundantly stored locally across members of Veiled. Another feature, inspired by Ross Anderson"
11:15 AM
to 12:30 PM
Andrea Barisani & Daniele Bianco: Sniff keystrokes with Lasers / Voltmeters
87 Attendees
Location
Milano Ballroom 5-6-7-8
Type Privacy
Andrea Barisani, Daniele Bianco
TEMPEST attacks, exploiting Electro Magnetic emissions in order to gather data, are often mentioned by the security community, movies and wanna-be spies (or NSA employees, we guess).
While some expensive attacks, especially the ones against CRT/LCD monitors, have been fully researched and described, some others remain relatively unknown and haven't been fully (publicly) researched.
Following the overwhelming success of the SatNav Traffic Channel hijacking talk we continue with the tradition of presenting cool and cheap hardware hacking projects.
We will explore two unconventional approaches for remotely sniffing keystrokes on laptops and desktop computers using mechanical energy emissions and power line leakage. The only thing you need for successful attacks are either the electrical grid or a distant line of sight, no expensive piece of equipment is required.
We will show in detail the two attacks and all the necessary instructions for setting up the equipment. As usual cool gear and videos are going to be featured in order to maximize the presentation.
While some expensive attacks, especially the ones against CRT/LCD monitors, have been fully researched and described, some others remain relatively unknown and haven't been fully (publicly) researched.
Following the overwhelming success of the SatNav Traffic Channel hijacking talk we continue with the tradition of presenting cool and cheap hardware hacking projects.
We will explore two unconventional approaches for remotely sniffing keystrokes on laptops and desktop computers using mechanical energy emissions and power line leakage. The only thing you need for successful attacks are either the electrical grid or a distant line of sight, no expensive piece of equipment is required.
We will show in detail the two attacks and all the necessary instructions for setting up the equipment. As usual cool gear and videos are going to be featured in order to maximize the presentation.
1:45 PM
to 3:00 PM
Nitesh Dhanjani: Psychotronica
89 Attendees
Location
Milano Ballroom 5-6-7-8
Type Privacy
Nitesh Dhanjani
This talk will expose how voluntary and public information from new communication paradigms such as social networking applications can enable you to remotely capture private information about targeted individuals.
Topics of discussion will include:
Hacking the Psyche: Remote behavior analysis that can be used to construct personality profiles to predict current and future psychological states of targeted individuals, including discussions on how emotional and subconscious states can be discovered even before the target is consciously aware.
Techniques on how individuals may be remotely influenced by messaging tactics, and how criminal groups and governments may use this capability, including a case study of Twitter and the recent terror attacks in Bombay.
Reconnaissance and pillage of private information, including critical data that the victim may not be aware of revealing, and that which may be impossible to protect by definition.
The goal of this presentation is to raise consciousness on how the new paradigms of social communication bring with it real risks as well as marketing and economic advantages.
Topics of discussion will include:
Hacking the Psyche: Remote behavior analysis that can be used to construct personality profiles to predict current and future psychological states of targeted individuals, including discussions on how emotional and subconscious states can be discovered even before the target is consciously aware.
Techniques on how individuals may be remotely influenced by messaging tactics, and how criminal groups and governments may use this capability, including a case study of Twitter and the recent terror attacks in Bombay.
Reconnaissance and pillage of private information, including critical data that the victim may not be aware of revealing, and that which may be impossible to protect by definition.
The goal of this presentation is to raise consciousness on how the new paradigms of social communication bring with it real risks as well as marketing and economic advantages.
3:15 PM
to 4:30 PM
Steve Topletz, Jonathan Logan & Kyle Williams: Global Spying
81 Attendees
Location
Milano Ballroom 5-6-7-8
Type Privacy
Steve Topletz, Jonathan Logan, Kyle Williams
When talking about the threat of Internet surveillance the argument most often presented is that "there is so much traffic that any one conversation or email won't be picked up unless there is reason to suspect those concerned; it is impossible that "
4:45 PM
to 6:00 PM
Alessandro Acquisti: I just found 10 Million SSNs
71 Attendees
Location
Milano Ballroom 5-6-7-8
Type Privacy
Alessandro Acquisti
Social Security numbers (SSNs) were created in the 1930s as identifiers for accounts tracking individual earnings. Over time,they started being used (and abused) as sensitive authenticators. Hence, they became one of the pieces of information most often sought by identity thieves. To respond to growing concerns with SSN over-exposure and counter the rise of identity theft, policy makers have encouraged individuals to keep their SSNs safe and confidential, and, more recently, enacted legislation to reduce their public availability. But what if even well-meaning consumers may provably be unable protect their SSNs, and legislative initiatives aimed at reducing their availability may in fact backfire? We will examine the possibility that SSNs may be more predictable than currently acknowledged, and discuss the unintended consequences of policy initiatives in the area of identity theft prevention.
