Presentation is loading. Please wait.

Presentation is loading. Please wait.

Name: John Ostrander Website: exclusionzone.org GPG: B9151AAE

Similar presentations


Presentation on theme: "Name: John Ostrander Website: exclusionzone.org GPG: B9151AAE"— Presentation transcript:

1 Name: John Ostrander Website: exclusionzone.org GPG: B9151AAE 1906 : F4DE : DA5B : 6681 : F3FB : 46CD : A99B : 31D8 : B915 : 1AAE

2 Warnings & Disclaimers
I am not a lawyer Do not misconstrue anything I say as legal advice There is no such thing as a 100% secure system Hardware bugs, software bugs, and OpSec bugs still exist InfoSec and OpSec are a system These are just tools; not a comprehensive solution InfoSec and OpSec take study and practice This will not protect you from an APT Alphabet soup is slimy I am human I wont maliciously mislead y'all, but I make mistakes too

3 WhatD.o while( Privacy != 'Respected' || Autonomy != 'Respected' || Agency != 'Respected' ) { if( ToolChain == 'A good start' ){ Wayne(CryproPartyOn); } else{ RenewResearch(ToolChain);

4 Tools We Will Be Using Tails
(From: “Tails is a live system that aims to preserve your privacy and anonymity.” “It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly.” “It is Free Software and based on Debian GNU/Linux.” “Tails comes with several built-in applications pre-configured with security in mind: web browser, instant messaging client, client, office suite, image and sound editor, etc.”

5 More Tools We Will Be Using
TOR The Onion Router (From: “Tor is an open and distributed network that helps defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.” “Tor protects you by bouncing your communications around a network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. “

6 Yet More Tools We Will Be Using
GPG Gnu Privacy Guard (From: “GnuPG allows to encrypt and sign your data and communication, features a versatile key management system…” “GnuPG is Free Software (meaning that it respects your freedom). It can be freely used, modified and distributed under the terms of the GNU General Public License.” Enigmail Enigmail is a gui frontend for the IceDove client that leverages GPG and makes encrypting and decrypting easy peasy.

7 Still More Tools We Will Be Using
MAT Metadata Anonymization Toolkit Tool that allows one to strip metadata from most popular digital file types Pidgin Chat messaging client for IRC, ICQ, Jabber, AIM, etc OTR plugin for Pidgin Off The Record Chat encryption standard that allows for one to chat with accomplices with reasonable assurance that the chats are confidential KeePass2 Password vault that allows the user to securely store multiple unique passwords inside an encrypted container

8 Tails Specific Warnings
Straight from the horses’ mouth(s): Tails does not protect against compromised hardware Tails can be compromised if installed or plugged in untrusted systems Tails does not protect against BIOS or firmware attacks Tor exit nodes can eavesdrop on communications Tails makes it clear that you are using Tor and probably Tails Man-in-the-middle attacks Confirmation attacks Tails doesn't encrypt your documents by default Tails doesn't clear the metadata of your documents for you and doesn't encrypt the Subject: and other headers of your encrypted messages Tor doesn't protect you from a global adversary Tails doesn't magically separate your different contextual identities Tails doesn't make your crappy passwords stronger Tails is a work in progress

9 Getting Tails Booted Shut down computer
Ensure booting from USB/CD/DVD/Disk is enabled Crypto angels can help with this Insert your shiny new DVD Turn on computer Spam the button to select boot device (F10, F12, F2) Crypto angels up Select USB/CD/DVD/Disk as boot device ??? Profit!

10 Move to Install Check List

11 Some Rules of Thumb for TOR
Do not try to torrent things It hurts the network DHT kills the anonymity Use additional crypto everywhere you can This helps mitigate compromise by malicious exit nodes HTTPS, GPG, X.509 Do not use Java Script or Flash unless you really need to If you have to use Java Script then it’s wise to reboot and use it with persistence turned off If you have to use Flash then download the .swf and run it offline with persistence turned off

12 Some Do’s and Do not’s Do Not Do Log into your clearnet accounts
Torrent things “Do malicious things” “Use it to buy illegal things” “Use it to circumvent the law” Do Browse the Internet your commrades ShitPost on IRC ShitPost on chans Make BitCoin Transactions Stream “not pirated” content

13 My Personal Guidelines
Trust no one; question everything Avoid circuits that lie entirely inside of 5 eyes, 6 eyes, 9 eyes, 14 eyes, and NATO countries Avoid exit nodes hosted by institutions that receive government monies Verify data retrieved by non-trusted means through 3 or more circuits for authenticity Clearnet files Self signed certs Cat pictures Never use Flash Try no be dumb

14 Things to Keep in Mind Your ISP can see that you are using TOR, just not what you are doing over TOR That camera in the coffee shop There are ways that you can be deanonymized Traffic correlation Exploits Writing style Meta Data Ignorance Laziness

15 Questions?

16 Resources https://www.exclusionzone.org https://tails.boum.org


Download ppt "Name: John Ostrander Website: exclusionzone.org GPG: B9151AAE"

Similar presentations


Ads by Google