Author: phobos Date: 2013-07-13 22:14:11 +0000 (Sat, 13 Jul 2013) New Revision: 26254 Added: projects/presentations/2013-07-08-LSM2013-header.tex projects/presentations/2013-07-08-LSM2013.GNUMakefile projects/presentations/2013-07-08-LSM2013.mdwn projects/presentations/2013-07-08-LSM2013.pdf projects/presentations/images/2012-03-19-IEEE-Boston-Presentation.svg projects/presentations/images/4478306185_72feb04b72_o.jpg projects/presentations/images/anonymity-different-users.svg projects/presentations/images/obfsproxy-logo.svg projects/presentations/images/onion-routing-crash-course-1.svg projects/presentations/images/onion-routing-crash-course-2.svg projects/presentations/images/onion-routing-crash-course-3.svg projects/presentations/images/onion-routing-crash-course-4.svg projects/presentations/images/onion-routing-crash-course-5.svg projects/presentations/images/onion-routing-crash-course-6.svg projects/presentations/images/onion-routing-crash-course-7.svg projects/presentations/images/onion-routing-crash-course-8.svg projects/presentations/images/orbot_orweb.png projects/presentations/images/projects-word-cloud-tor-only.svg projects/presentations/images/projects-word-cloud.svg projects/presentations/images/tails.png projects/presentations/images/tbb.png projects/presentations/images/threat-model.svg projects/presentations/images/tor-bubble-graph.svg projects/presentations/images/tor-consensus-vis-node-circle.svg projects/presentations/images/tor-consensus-vis-node-onion.svg projects/presentations/images/tor-logo-root-design.svg Log: add lunar's LSM presentation in various formats Added: projects/presentations/2013-07-08-LSM2013-header.tex =================================================================== --- projects/presentations/2013-07-08-LSM2013-header.tex (rev 0) +++ projects/presentations/2013-07-08-LSM2013-header.tex 2013-07-13 22:14:11 UTC (rev 26254) @@ -0,0 +1,53 @@ +\usepackage{eso-pic} + +\renewcommand\sfdefault{phv} +\renewcommand\familydefault{\sfdefault} +\usetheme{default} +\usepackage{color} +\useoutertheme{default} +\usepackage{texnansi} +\usepackage{marvosym} +%\definecolor{bottomcolour}{rgb}{0.32,0.3,0.38} +%\definecolor{middlecolour}{rgb}{0.08,0.08,0.16} +\definecolor{torgreen}{rgb}{0.8,1,0.16} +\setbeamerfont{title}{size=\Huge} +\setbeamercolor{structure}{fg=torgreen} +\setbeamertemplate{frametitle}[default]%[center] +\setbeamercolor{normal text}{bg=black, fg=white} +%\setbeamertemplate{background canvas}[vertical shading][bottom=bottomcolour, middle=middlecolour, top=black] + +\setbeamertemplate{background canvas}{% + \color{black!100}\rule{\paperwidth}{\paperheight}% +} + +\setbeamertemplate{items}[circle] +\setbeamerfont{frametitle}{size=\huge} +\setbeamertemplate{navigation symbols}{} %no nav symbols + +\setbeamertemplate{title page} +{ + \raisebox{\dimexpr\ht\strutbox-\height\relax}{\includegraphics[keepaspectratio,width=.3\textwidth]{images/tor-logo-root-design}}\hfill + \begin{minipage}[t]{.69\textwidth} + \begin{center} + \begin{beamercolorbox}[sep=8pt,center]{title} + \usebeamerfont{title}\inserttitle\par + \end{beamercolorbox} + \ifx\insertsubtitle\@empty + \else + \vskip2ex + \usebeamerfont{subtitle}\insertsubtitle + \fi + \ifx\insertauthor\@empty + \else + \vskip2ex + \usebeamerfont{author}\insertauthor + \fi + \ifx\insertdate\@empty + \else + \vskip2ex + \usebeamerfont{date}\insertdate% + \fi + \end{center} + \vfill + \end{minipage} +} Property changes on: projects/presentations/2013-07-08-LSM2013-header.tex ___________________________________________________________________ Added: svn:mime-type + text/x-tex Added: projects/presentations/2013-07-08-LSM2013.GNUMakefile =================================================================== --- projects/presentations/2013-07-08-LSM2013.GNUMakefile (rev 0) +++ projects/presentations/2013-07-08-LSM2013.GNUMakefile 2013-07-13 22:14:11 UTC (rev 26254) @@ -0,0 +1,17 @@ +.PHONY: all source + +PRESENTATION = 2013-07-08-LSM2013 + +all: $(PRESENTATION).pdf + +source: $(PRESENTATION)-src.tar.gz + +IMGS = $(shell echo $$(sed -n -e 's/^[^%]*\\includegraphics\([^{]*\)\?{\([^}]*\)}.*$$/\2.*/p' $(PRESENTATION).mdwn | sed -e 's/\.svg$$/\.pdf$$/' | sort -u)) + +$(PRESENTATION).pdf: $(PRESENTATION).mdwn $(PRESENTATION)-header.tex $(IMGS) + pandoc -t beamer \ + --include-in-header=$(PRESENTATION)-header.tex \ + --latex-engine=xelatex -o $@ $< + +%.pdf: %.svg + inkscape --export-pdf=$@ --export-dpi=600 $< Added: projects/presentations/2013-07-08-LSM2013.mdwn =================================================================== --- projects/presentations/2013-07-08-LSM2013.mdwn (rev 0) +++ projects/presentations/2013-07-08-LSM2013.mdwn 2013-07-13 22:14:11 UTC (rev 26254) @@ -0,0 +1,421 @@ +% Anonymity and censorship circumvention with Tor +% Lunar \<lunar@torproject.org\> +% July 8th, 2013 — LSM2013, Brussels + +---- + +\begin{center} +\begin{beamercolorbox}[sep=8pt,center]{title} + \usebeamerfont{title}What is this Tor thing? +\end{beamercolorbox} +\end{center} + +---- + +# Tor helps people + +\begin{center} +Estimated 500,000 daily Tor users + +\includegraphics[keepaspectratio,width=\textwidth,height=.6\textheight]{images/huge-crowd} +\end{center} + +\begin{flushright} +{\small cf. \url{https://metrics.torproject.org/users.html}} +\end{flushright} + +# Different sorts of people + +\begin{center} +Anonymity serves different interests +for different user groups + +\includegraphics[keepaspectratio,width=\textwidth]{images/anonymity-different-users} +\end{center} + +\begin{flushright} +\textit{Anonymity loves company...} +\end{flushright} + +# What's Tor? + + * `tor` is free software + * Running the Tor anonymity network + * Supported by *The Tor Project, Inc.*, a 501(c)(3) non-profit US organization + +---- + +\begin{center} +\begin{beamercolorbox}[sep=8pt,center]{title} + \usebeamerfont{title}Onion routing +\end{beamercolorbox} +\end{center} + +---- + +# Ideas behind onion routing + +\begin{center} +{\Large +The simplest design use a single\\ +relay to hide connections +} + +\includegraphics[keepaspectratio,width=\textwidth]{images/onion-routing-crash-course-1} + +(example: some commercial proxy providers) +\end{center} + +# Ideas behind onion routing + +\begin{center} +{\Large +But a single relay (or eavesdropper!) +is a single point of failure +} + +\includegraphics[keepaspectratio,width=\textwidth]{images/onion-routing-crash-course-2} +\end{center} + +# Ideas behind onion routing + +\begin{center} +{\Large +... or a single point of bypass +}\\ +(timing analysis allows to match sources and destinations) + +\includegraphics[keepaspectratio,width=\textwidth]{images/onion-routing-crash-course-3} +\end{center} + +# Ideas behind onion routing + +\begin{center} +{\Large +So, add multiple relays so that no single one can betray Alice +} + +\includegraphics[keepaspectratio,width=\textwidth]{images/onion-routing-crash-course-4} +\end{center} + +# Ideas behind onion routing + +\begin{center} +{\Large +A corrupt first hop can tell that Alice is talking, but not to whom +} + +\includegraphics[keepaspectratio,width=\textwidth]{images/onion-routing-crash-course-5} +\end{center} + +# Ideas behind onion routing + +\begin{center} +{\Large +A corrupt final hop can tell that somebody is talking to Bob, but not who +} + +\includegraphics[keepaspectratio,width=\textwidth]{images/onion-routing-crash-course-6} +\end{center} + +# Ideas behind onion routing + +\begin{center} +{\Large +Alice makes a session key with R1... and then tunnels to R2... and to R3 +} +\includegraphics[keepaspectratio,width=\textwidth]{images/onion-routing-crash-course-7} +\end{center} + +---- + +\begin{center} +\begin{beamercolorbox}[sep=8pt,center]{title} + \usebeamerfont{title}The Tor network +\end{beamercolorbox} +\end{center} + +---- + +# The Tor network + + * nearly 4000 relays + * around 3600 volunteer operators + * current total measured bandwidth 35 Gb/s + * diversity issue: a mere 40 relays see 80% of the total traffic + +# The Tor network + +\begin{center} +\includegraphics[keepaspectratio,width=\textwidth, height=.8\textheight]{images/tor-bubble-graph} +\end{center} + +---- + +\begin{center} +\begin{beamercolorbox}[sep=8pt,center]{title} + \usebeamerfont{title}Using Tor +\end{beamercolorbox} +\end{center} + +---- + +# Using Tor: the Tor Browser Bundle + +\begin{center} +\includegraphics[keepaspectratio,width=\textwidth, height=.8\textheight]{images/tbb} +\end{center} + +# Using Tor: the Tails live system + +\begin{center} +\includegraphics[keepaspectratio,width=\textwidth, height=.8\textheight]{images/tails} +\end{center} + +# Using Tor: Orbot and Orweb + +\begin{center} +\includegraphics[keepaspectratio,width=\textwidth, height=.8\textheight]{images/orbot_orweb} +\end{center} + +---- + +\begin{center} +\begin{beamercolorbox}[sep=8pt,center]{title} + \usebeamerfont{title}Circumventing censorship +\end{beamercolorbox} +\end{center} + +---- + +# Tor helps circumventing censorship + +\begin{center} +\includegraphics[keepaspectratio,width=\textwidth]{images/onion-routing-crash-course-8} + +{\Large +Tor routes around censorship +} +\end{center} + +# Censors do not want Tor + + * The list of Tor relays is public + * Upside: server administrators can block exit nodes if they really need to + * Downside: allow blocking access to the Tor network + +Direct Tor connections are currently blocked in China, Iran, Kazakhstan, +Syria, the Philippines, ... + +# Bridges + + * Limited kind of Tor relay + * Private entry point in the Tor network + * Different pool of bridge addresses + * Some bridges are completely private + +\begin{flushright} +{\small +But the arm race goes on... +} +\end{flushright} + +# Censors really do not want Tor + + * Tor traffic is recognizable + * Deep Packet Inspection became pervasive + +# Obfuscated bridges + + * `obfsproxy` makes traffic to a bridge looks like random noise + * *Pluggable* transport framework to enable research + +\begin{center} +\includegraphics[keepaspectratio,width=0.3\textwidth]{images/obfsproxy-logo} +\end{center} + +\begin{flushright} +{\small +But the arm race goes on... +} +\end{flushright} + +# Further developments + +Shared secret against active probing + +New obfuscation protocols: + + * Flashproxy + * Scramblesuit + * Format Transforming Encryption + * More? + +---- + +\begin{center} +\begin{beamercolorbox}[sep=8pt,center]{title} + \usebeamerfont{title}Tor is not magic +\end{beamercolorbox} +\end{center} + +---- + +# Tor does not solve all problems + +\begin{center} +Threat model:\\ +what can the attacker do? + +\includegraphics[keepaspectratio,width=\textwidth]{images/threat-model} +\end{center} + +# Case study + +> * I present you Wendy. +> * Wendy works at ACME, Corp. +> * She discovers that ACME is releasing toxic waste in the environment. +> * **She wants the word out**. + +<!-- +Picture Global Water Partnership +CC BY-NC-SA 2.0 +<https://secure.flickr.com/photos/globalwaterpartnership/4478306185/> +--> + +# Case study + +\begin{center} +\includegraphics[keepaspectratio,width=\textwidth,height=0.8\textheight]{images/4478306185_72feb04b72_o} +\end{center} + +# Case study + +How to **hide who**'s blowing the whistle? + +<!-- +Actually, Wendy even likes her job, she'd like to keep it but she wants the +company to stop doing bad things. +--> + +# Case study + +In order to **publish pictures and other documents** about the issue: + + * Create a blog on a free service. + * Always connected using Tor. + +Pros: provider is unable to tell Wendy's location + +Cons: provider might shut down the blog in case of troubles + +# Case study + +Should Wendy work on her blog at **work**? + + * Tor traffic might stand out + * `obfsproxyssh` could do the trick, but not integrated yet + +# Case study + +Should Wendy work on her blog at **home**? + +Watch out for traffic confirmation attacks! + +# Case study + + * Few people can possibly know about this + * Tor is a low-latency network + * Monitoring Wi-Fi requires nothing more than being at range + * Packet flow can match the pattern of publishing a blog post + +# Case study + +Make traffic confirmation attacks harder: + + * Blur the local traffic by participating in torrents + * Blur the remote traffic by uploading unrelated files to the + blog provider + * Set a publication date so the blog post does not appear immediately after + +# Case study + +Another option would be to get a journalist to write about the story. + +But we need to train journalists in secure communications! + +# Case study + +What if her computer gets **searched** or **attacked by a malware** planted by +the company? + +Use Tails: + + * No traces on her computers + * Live systems are a lot harder to compromise + +# Case study + +Yet another pitfall: **metadata**. + +Digital cameras embed date, time, serial numbers and other information in +picture file. + +Tails ships with the *Metadata Anonymization Toolkit* which can easily +remove them. + +# Case study + +Summary of a possible solution: + + * Always use Tails + * Strip metadata using MAT + * Publish on a blog on a free platform + * Articles can be prepared at home + * The blog takes care of publishing the article at a later time + +Wendy should try to imitate someone else writing style to resist stylometry +analysis. + +---- + +\begin{center} +\begin{beamercolorbox}[sep=8pt,center]{title} + \usebeamerfont{title}Want to help? +\end{beamercolorbox} +\end{center} + +---- + +# The Tor ecosystem + +\begin{center} +\includegraphics[keepaspectratio,width=\textwidth,height=0.8\textheight]{images/projects-word-cloud-tor-only} +\end{center} + +# The Tor ecosystem + +\begin{center} +\includegraphics[keepaspectratio,width=\textwidth,height=0.8\textheight]{images/projects-word-cloud} +\end{center} + +# Help is more than welcome! + + * Support + * Translations + * Development (C, Python, C++, JavaScript, Java, ...) + * Research + * Testing + * Documentation + * Outreach + * Financial support + +# Questions? + +\begin{center} +\includegraphics[keepaspectratio,width=\textwidth, height=.6\textheight]{images/tor-logo-root-design} +\end{center} + + * English support: \texttt{help@rt.torproject.org} + * French support: \texttt{help-fr@rt.torproject.org} + * Press requests: \texttt{execdir@toproject.org} Added: projects/presentations/2013-07-08-LSM2013.pdf =================================================================== (Binary files differ) Property changes on: projects/presentations/2013-07-08-LSM2013.pdf ___________________________________________________________________ Added: svn:mime-type + application/octet-stream Added: projects/presentations/images/2012-03-19-IEEE-Boston-Presentation.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/2012-03-19-IEEE-Boston-Presentation.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/4478306185_72feb04b72_o.jpg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/4478306185_72feb04b72_o.jpg ___________________________________________________________________ Added: svn:mime-type + image/jpeg Added: projects/presentations/images/anonymity-different-users.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/anonymity-different-users.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/obfsproxy-logo.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/obfsproxy-logo.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/onion-routing-crash-course-1.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/onion-routing-crash-course-1.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/onion-routing-crash-course-2.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/onion-routing-crash-course-2.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/onion-routing-crash-course-3.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/onion-routing-crash-course-3.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/onion-routing-crash-course-4.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/onion-routing-crash-course-4.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/onion-routing-crash-course-5.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/onion-routing-crash-course-5.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/onion-routing-crash-course-6.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/onion-routing-crash-course-6.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/onion-routing-crash-course-7.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/onion-routing-crash-course-7.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/onion-routing-crash-course-8.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/onion-routing-crash-course-8.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/orbot_orweb.png =================================================================== (Binary files differ) Property changes on: projects/presentations/images/orbot_orweb.png ___________________________________________________________________ Added: svn:mime-type + image/png Added: projects/presentations/images/projects-word-cloud-tor-only.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/projects-word-cloud-tor-only.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/projects-word-cloud.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/projects-word-cloud.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/tails.png =================================================================== (Binary files differ) Property changes on: projects/presentations/images/tails.png ___________________________________________________________________ Added: svn:mime-type + image/png Added: projects/presentations/images/tbb.png =================================================================== (Binary files differ) Property changes on: projects/presentations/images/tbb.png ___________________________________________________________________ Added: svn:mime-type + image/png Added: projects/presentations/images/threat-model.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/threat-model.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/tor-bubble-graph.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/tor-bubble-graph.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/tor-consensus-vis-node-circle.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/tor-consensus-vis-node-circle.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/tor-consensus-vis-node-onion.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/tor-consensus-vis-node-onion.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml Added: projects/presentations/images/tor-logo-root-design.svg =================================================================== (Binary files differ) Property changes on: projects/presentations/images/tor-logo-root-design.svg ___________________________________________________________________ Added: svn:mime-type + image/svg+xml