Author: phobos Date: 2012-08-01 01:25:30 +0000 (Wed, 01 Aug 2012) New Revision: 25736
Added: projects/presentations/2012-07-31-DHS-Tor-Overview.pdf projects/presentations/2012-07-31-DHS-Tor-Overview.tex projects/presentations/images/security-blocks-dec2011.png Log: add my presentation from today.
Added: projects/presentations/2012-07-31-DHS-Tor-Overview.pdf =================================================================== (Binary files differ)
Property changes on: projects/presentations/2012-07-31-DHS-Tor-Overview.pdf ___________________________________________________________________ Added: svn:mime-type + application/octet-stream
Added: projects/presentations/2012-07-31-DHS-Tor-Overview.tex =================================================================== --- projects/presentations/2012-07-31-DHS-Tor-Overview.tex (rev 0) +++ projects/presentations/2012-07-31-DHS-Tor-Overview.tex 2012-08-01 01:25:30 UTC (rev 25736) @@ -0,0 +1,301 @@ +\documentclass{beamer} +\mode<presentation> +\usetheme{Boadilla} +\title{DHS Tor Overview} +\author{Andrew Lewman \ andrew@torproject.org} +\date{July 31, 2012} +\begin{document} + +\begin{frame} +\maketitle +\begin{center} +\includegraphics[height=3cm]{./images/2009-tor-logo} +\end{center} +\end{frame} + +\begin{frame} +\frametitle{What are we talking about?} +\begin{itemize} +\item Crash course on anonymous communications +\item Quick overview of Tor +\item Quick overview of Tor Hidden Services +\item Future directions +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{The Tor Project, Inc.} +501(c)(3) non-profit organization dedicated to the research and development of technologies for online anonymity and privacy +\begin{center} +\includegraphics[height=5cm]{./images/2009-oval_sticker_new} +\end{center} +\end{frame} + +\begin{frame} +\frametitle{What is anonymity?} +\includegraphics[width=10cm]{./images/2llg3ts} +\end{frame} + +\begin{frame} +\frametitle{Anonymity isn't cryptography} +\begin{itemize} +\item Cryptography protects the contents in transit +\item You still know who is talking to whom, how often, and how much data is sent. +\end{itemize} +\begin{center} +\includegraphics[width=5cm]{./images/encryption-cc-by-sa} +\end{center} +\end{frame} + +\begin{frame} +\frametitle{Anonymity isn't steganography} +Attacker can tell Alice is talking to someone, how often, and how much data is sent. +\bigskip + +\begin{center} +\includegraphics[width=5cm]{./images/steganography-cc-by-sa} +\end{center} +\end{frame} + +\begin{frame} +\frametitle{Anonymity isn't just wishful thinking...} +\begin{itemize} +\item "You can't prove it was me!" +\pause \item "Promise you won't look" +\pause \item "Promise you won't remember" +\pause \item "Promise you won't tell" +\pause \item "I didn't write my name on it!" +\pause \item "Isn't the Internet already anonymous?" +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{..since "weak" isn't anonymity.} +\begin{itemize} +\item \textit{"You can't prove it was me!"} Proof is a very \textbf{strong} word. Statistical analysis allows suspicion to become certainty. +\pause \item \textit{"Promise you won't look/remember/tell"} Will other parties have the abilities and incentives to keep these promises? +\pause \item \textit{"I didn't write my name on it!"} Not what we're talking about. +\pause \item \textit{"Isn't the Internet already anonymous?"} Nope! +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Anonymous communication} +\begin{itemize} +\item People have to hide in a crowd of other people ("anonymity loves company") +\item The goal of the system is to make all users look as similar as possible, to give a bigger crowd +\item Hide who is communicating with whom +\item Layered encryption and random delays hide correlation between input traffic and output traffic +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Low versus High-latency anonymous communication systems} +\begin{itemize} +\item Tor is not the first system; ZKS, mixmaster, single-hop proxies, Crowds, Java Anon Proxy. +\item Low-latency systems are vulnerable to end-to-end correlation attacks. +\item High-latency systems are more resistant to end-to-end correlation attacks, but by definition, less interactive. +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Low-latency systems are generally more attractive to today's user} +\begin{itemize} +\item Interactive apps: web, instant messaging, VOIP, ssh, X11, cifs/nfs, video streaming (millions of users) +\item Multi-hour delays: email, nntp, blog posting? (tens of thousands of users?) +\pause \item \begin{center}\begin{Large}And if anonymity loves company...\end{Large}\end{center} +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{What is Tor?} +\begin{itemize} +\item online anonymity software and network +\pause \item open source, freely available (3-clause BSD license) +\pause \item active research environment: \ +Drexel, Univ of Waterloo, Georgia Tech, Princeton, Boston University, University College London, Univ of Minnesota, National Science Foundation, Naval Research Labs, Cambridge UK, Bamberg Germany, MIT... +\pause \item increasingly diverse toolset: \ +Tor, Tor Browser Bundle, Tails LiveCD, Tor Weather, Tor auto-responder, Secure Updater, Orbot, Torora, Tor Check, Arm, Nymble, Tor Control, and so on. +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Other Systems} +\begin{itemize} +\item VPN - Virtual Private Network, 1 to 1 connection, can redirect all traffic, generally encrypted +\pause \item Proxy - 1 to 1 connection, per application traffic redirection, sometimes encrypted +\pause \item I2P - Garlic routing, closed network, anonymity and reputation +\pause \item Freenet - closed network, anonymity, distributed file storage and sharing +\pause \item GNUnet - closed network, anonymity, distributed file storage and sharing +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{How is Tor different from other systems?} +\begin{overlayarea}{9cm}{6cm} +\only<1>{\includegraphics[height=7cm]{./images/single_hop_relay}} +\only<2>{\includegraphics[height=7cm]{./images/evil_single_hop_relay}} +\only<3>{\includegraphics[height=7cm]{./images/data_snooping_single_hop_relay}} +\end{overlayarea} +\end{frame} + +\begin{frame} +\frametitle{Who uses Tor?} +\parbox{8cm}{\sloppy \setbeamercolor{background}[\includegraphics[scale=0.35]{./images/anonymousman}} +\parbox{3cm}{\sloppy +\begin{flushleft} +\begin{itemize} +\begin{small} +\item Normal people +\item Law Enforcement +\item Human Rights Activists +\item Business Execs +\item Militaries +\item Abuse Victims +\end{small} +\end{itemize} +\end{flushleft} +} +\end{frame} + +\begin{frame} +\frametitle{Who uses Tor?} +\begin{itemize} +\item <1> \textit{Normal users} \ linking sensitive information to their current identities, online advertising networks, search engines, censorship circumvention +\item <2> \textit{Law enforcement}\ accidental disclosure to targets, family and friend concerns, separating work from home life +\item <3> \textit{Rights Activists}\ Personal safety, family safety, narrowly-defined publicity, censorship circumvention +\item <4> \textit{Business Execs}\ separating work from home life, competitor research, censorship circumvention +\item <5> \textit{Abuse Victims and Survivors}\ complete separation of past abuse and current life, finding help and safety, need to help others anonymously +\item <6> \textit{Militaries}\ intelligence gathering, separating work from home life, other activities +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Doesn't Tor enable criminals to do bad things?} +\begin{quotation} +\noindent \includegraphics[width=1cm]{./images/opquo}\quad Criminals can already do bad things. Since they're willing to break laws, they already have lots of options available that provide better privacy than Tor provides. +\end{quotation} +\flushright +\small source: https://www.torproject.org/docs/faq-abuse.html.en%5C#WhatAboutCriminals +\end{frame} + +\begin{frame} +\frametitle{Breakdown of suspect traffic on the Internet} +\begin{center} +\begin{tabular}{|c|r|} +\hline +\textit{Category} & \textit{Percent}\ +\hline Botnets & 79.59 \ +\hline Malicious URLS & 14.32\ +\hline Antivirus & 3.40\ +\hline XSS & 1.21\ +\hline Cookie Stealing & 1.07\ +\hline Phishing & 0.20\ +\hline Browser Exploits & 0.10\ +\hline Adware & Spyware & 0.07\ +\hline WRI & 0.02\ +\hline Anonymizers & 0.02\ +\hline +\end{tabular} +\end{center} +\flushright +\tiny source: http://research.zscaler.com/2011/12/web-threats-trends-and-statistics.html +\end{frame} + +\begin{frame} +\frametitle{estimated 500k to 900k daily users} +\includegraphics[scale=0.4]{./images/huge-crowd} +\end{frame} + +\begin{frame} +\frametitle{Tor hides communication patterns by relaying data through volunteer servers} +\begin{center} +\begin{overlayarea}{9cm}{6cm} +\only<1>{\includegraphics[width=9cm]{./images/tor-network}} +\only<2>{\includegraphics[width=9cm]{./images/tor-safe-selection}} +\only<3>{\includegraphics[width=9cm]{./images/tor-safe-path}} +\only<4>{\includegraphics[width=9cm]{./images/tor-keys1}} +\end{overlayarea} +\flushright +\tiny Diagram: Robert Watson +\end{center} +\end{frame} + +\begin{frame} +\frametitle{Vidalia Network Map} +\includegraphics[scale=0.4]{./images/vidalia-network-map} +\end{frame} + +\begin{frame} +\frametitle{Metrics} +\begin{itemize} +\item Measuring metrics anonymously +\item NSF grant to find out +\item Archive of hourly consensus, ExoneraTor, VisiTor +\item Metrics portal: \ \url{https://metrics.torproject.org/%7D +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Tor hidden services allow privacy enhanced hosting of services} +\includegraphics[scale=0.5]{./images/hidden-federalist} +\end{frame} + +\begin{frame} +\frametitle{dot onion you say?} +\includegraphics[scale=0.6]{./images/hidden-federalist-zoom} +\end{frame} + +\begin{frame} +\frametitle{Hidden Services, in graphics} +\begin{overlayarea}{9cm}{6cm} +\only<1>{\includegraphics[scale=0.5]{../../website/trunk/images/THS-1}} +\only<2>{\includegraphics[scale=0.5]{../../website/trunk/images/THS-2}} +\only<3>{\includegraphics[scale=0.5]{../../website/trunk/images/THS-3}} +\only<4>{\includegraphics[scale=0.5]{../../website/trunk/images/THS-4}} +\only<5>{\includegraphics[scale=0.5]{../../website/trunk/images/THS-5}} +\only<6>{\includegraphics[scale=0.5]{../../website/trunk/images/THS-6}} +\end{overlayarea} +\end{frame} + +\begin{frame} +\frametitle{Operating Systems leak info like a sieve} +\parbox{5cm}{\sloppy \setbeamercolor{background}[\includegraphics[height=7cm]{./images/cropped-hijack-sign-south-africa}} +\parbox{5cm}{\begin{itemize} +\item Applications, network stacks, plugins, oh my.... +\pause some call this "sharing" +\pause \item Did you know Microsoft Word and OpenOffice Writer are browsers? +\pause \item \url{www.decloak.net} is a fine test +\end{itemize} +} +\end{frame} + +\begin{frame} +\frametitle{Mobile Operating Systems} +\begin{itemize} +\item Entirely new set of challenges for something designed to know where you are at all times. +\item Orbot: Tor on Android. \url{https://guardianproject.info/apps/%7D +\item Tor on iphone, maemo/meego, symbian, etc +\item Tor on Windows Mobile, \url{http://www.gsmk.de%7D as an example. +\item Guardian Project, \url{https://guardianproject.info/%7D +\end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Thanks!} +\includegraphics[scale=0.6]{./images/thankyou_img} +\flushright +Visit \url{https://www.torproject.org/%7D for more information, links, and ideas. +\end{frame} + +\begin{frame} +\frametitle{Credits & Thanks} +\begin{itemize} +\item who uses tor? \url{http://www.flickr.com/photos/mattw/2336507468/siz%7D, Matt Westervelt, CC-BY-SA. +\item danger!, \url{http://flickr.com/photos/hmvh/58185411/sizes/o/%7D, hmvh, CC-BY-SA. +\item 500k, \url{http://www.flickr.com/photos/lukaskracic/334850378/sizes/l/%7D, Luka Skracic, used with permission. +\item zscaler research, http://research.zscaler.com/2011/12/web-threats-trends-and-statistics.html +\end{itemize} +\end{frame} + +\end{document}
Property changes on: projects/presentations/2012-07-31-DHS-Tor-Overview.tex ___________________________________________________________________ Added: svn:mime-type + text/x-tex
Added: projects/presentations/images/security-blocks-dec2011.png =================================================================== (Binary files differ)
Property changes on: projects/presentations/images/security-blocks-dec2011.png ___________________________________________________________________ Added: svn:mime-type + image/png