Beyond Public Key Encryption | Matthew Green

Matthew Green; Beyond Public Key Encryption; In His Blog entitled A Few Thoughts on Cryptographic Engineering; 2017-07-02.
Matthew Green, professor, Johns Hopkins University.

tl;dr → overview & history of Identity Based Cryptography and allied arts.

Mentions

  • Eugen Belyakoff, an artist, The Noun Project (licensed artwork, specifically communicative graphics)
  • Voltage Security, now Hewlett-Packard Enterprise (HPE)
  • IBE systems effectively “bake in” key escrow
  • Christopher Cocks discovered RSA circa five years before RSA did.
    ellisdocdiscovered the RSA cryptosystem
  • Boneh-Franklin Scheme, 2001
    Uses

    • elliptic curves
    • support efficient bilinear maps (pdf)
  • Attribute-Based Encryption (ABE)
    think: biometric & encryption; record-level & field-level database access encryption

    • Sahai & Waters
    • “threshold gate”.
    • fuzzy IBE, or not.
    • is that a threshold gate can be used to implement the boolean AND and OR gates
    • ciphertext policy
  • Functional Encryption iacr:2010/543
    Concept: embed arbitrary computer programs? in the attributes of ABE, iacr:2013/337, arXiv:1210.5287

Practice

Argot

  • Attribute-Based Encryption (ABE)
  • Diffie-Hellman Key Exchange (DHKE)
  • Functional Encryption (FE?, <aside>everything gets an acronym</aside>)
  • Identity Based Encryption (IBE); a.k.a. Identity-Based Cryptography
  • Identity-Based Encryption (IBE)
  • Identity-Based Signature (IBS)
  • Key Generation Authority.
  • Master Public Key (MPK)
  • Master Secret Key (MSK)
  • Pretty Good Privacy (PGP)
  • Public Key Encryption (PKE)
  • Public Key Infrastructure (PKI)
  • Shamir-Rivest-Adelman (RSA), a cryptosystem
The Roles
  • Alice
  • Bob
  • Eve
  • Mallory

Key Servers

At GitHub

Who

References

At IACR

At arXiv

At Semantic Scholar

Popularizations

In Jimi Wales’ Wiki

Previously filled.

Experience with Let’s Encrypt certbot for Fedora 23 (fails)

At certbot.eff.org with Apache on Fedora 23+

sudo dnf install -y python-certbot-apache
Error: nothing provides python2-augeas needed by python2-certbot-apache-0.8.1-1.fc23.noarch
(try to add '--allowerasing' to command line to replace conflicting packages)

Flailing

dnf install -y augeas
dnf install -y python-augeas

Therefore: certbot isn’t ready for Fedora 23 yet.

Fedora 22?

Fail.

wget https://dl.eff.org/certbot-auto

Nope … too big and complicated … it will never work … and they didn’t test it on Fedora anyway.

Manual

Prerequisites of python-certbot-apache

dialog
python-parsedatetime
python-zope-component
python-zope-event
python-zope-interface
python2-acme
python2-certbot
python2-certbot-apache
python2-configargparse
python2-configobj
python2-dialog
python2-funcsigs
python2-mock
python2-pbr
python2-psutil
python2-pyrfc3339
pytz

Still fails

$ sudo dnf install python2-certbot-apache
Last metadata expiration check performed 2:49:52 ago on Wed Sep 28 04:06:26 2016.
Error: nothing provides python2-augeas needed by python2-certbot-apache-0.8.1-1.fc23.noarch
(try to add '--allowerasing' to command line to replace conflicting packages)

Workaround

wget https://dl.fedoraproject.org/pub/fedora/linux/updates/23/x86_64/p/python2-certbot-apache-0.8.1-1.fc23.noarch.rpm
sudo rpm --install --nodeps python2-certbot-apache-0.8.1-1.fc23.noarch.rpm

What got installed?

$ rpm -q -l -p ./python2-certbot-apache-0.8.1-1.fc23.noarch.rpm  | grep -v test
/usr/lib/python2.7/site-packages/certbot_apache
/usr/lib/python2.7/site-packages/certbot_apache-0.8.1-py2.7.egg-info
/usr/lib/python2.7/site-packages/certbot_apache-0.8.1-py2.7.egg-info/PKG-INFO
/usr/lib/python2.7/site-packages/certbot_apache-0.8.1-py2.7.egg-info/SOURCES.txt
/usr/lib/python2.7/site-packages/certbot_apache-0.8.1-py2.7.egg-info/dependency_links.txt
/usr/lib/python2.7/site-packages/certbot_apache-0.8.1-py2.7.egg-info/entry_points.txt
/usr/lib/python2.7/site-packages/certbot_apache-0.8.1-py2.7.egg-info/requires.txt
/usr/lib/python2.7/site-packages/certbot_apache-0.8.1-py2.7.egg-info/top_level.txt
/usr/lib/python2.7/site-packages/certbot_apache/__init__.py
/usr/lib/python2.7/site-packages/certbot_apache/__init__.pyc
/usr/lib/python2.7/site-packages/certbot_apache/__init__.pyo
/usr/lib/python2.7/site-packages/certbot_apache/augeas_configurator.py
/usr/lib/python2.7/site-packages/certbot_apache/augeas_configurator.pyc
/usr/lib/python2.7/site-packages/certbot_apache/augeas_configurator.pyo
/usr/lib/python2.7/site-packages/certbot_apache/augeas_lens
/usr/lib/python2.7/site-packages/certbot_apache/augeas_lens/httpd.aug
/usr/lib/python2.7/site-packages/certbot_apache/centos-options-ssl-apache.conf
/usr/lib/python2.7/site-packages/certbot_apache/configurator.py
/usr/lib/python2.7/site-packages/certbot_apache/configurator.pyc
/usr/lib/python2.7/site-packages/certbot_apache/configurator.pyo
/usr/lib/python2.7/site-packages/certbot_apache/constants.py
/usr/lib/python2.7/site-packages/certbot_apache/constants.pyc
/usr/lib/python2.7/site-packages/certbot_apache/constants.pyo
/usr/lib/python2.7/site-packages/certbot_apache/display_ops.py
/usr/lib/python2.7/site-packages/certbot_apache/display_ops.pyc
/usr/lib/python2.7/site-packages/certbot_apache/display_ops.pyo
/usr/lib/python2.7/site-packages/certbot_apache/obj.py
/usr/lib/python2.7/site-packages/certbot_apache/obj.pyc
/usr/lib/python2.7/site-packages/certbot_apache/obj.pyo
/usr/lib/python2.7/site-packages/certbot_apache/options-ssl-apache.conf
/usr/lib/python2.7/site-packages/certbot_apache/parser.py
/usr/lib/python2.7/site-packages/certbot_apache/parser.pyc
/usr/lib/python2.7/site-packages/certbot_apache/parser.pyo
/usr/lib/python2.7/site-packages/certbot_apache/tls_sni_01.py
/usr/lib/python2.7/site-packages/certbot_apache/tls_sni_01.pyc
/usr/lib/python2.7/site-packages/certbot_apache/tls_sni_01.pyo
/usr/share/doc/python2-certbot-apache
/usr/share/doc/python2-certbot-apache/README.rst
/usr/share/licenses/python2-certbot-apache
/usr/share/licenses/python2-certbot-apache/LICENSE.txt

You also have to install

certbot

. It will list, but fails to create, the directories /etc/letsencrypt and /var/lib/letsencrypt

$ sudo dnf install certbot
Last metadata expiration check performed 0:18:54 ago on Wed Sep 28 07:09:29 2016.
Dependencies resolved.
====================================================================================================
 Package               Arch                 Version                     Repository             Size
====================================================================================================
Installing:
 certbot               noarch               0.8.1-2.fc23                updates                20 k

Transaction Summary
====================================================================================================
Install  1 Package

Total download size: 20 k
Installed size: 20 k
Is this ok [y/N]: y
Downloading Packages:
certbot-0.8.1-2.fc23.noarch.rpm                                      42 kB/s |  20 kB     00:00    
----------------------------------------------------------------------------------------------------
Total                                                                16 kB/s |  20 kB     00:01     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Installing  : certbot-0.8.1-2.fc23.noarch                                                     1/1 
  Verifying   : certbot-0.8.1-2.fc23.noarch                                                     1/1 

Installed:
  certbot.noarch 0.8.1-2.fc23                                                                       

Complete!
$ rpm -q -l certbot
/etc/letsencrypt
/usr/bin/certbot
/usr/bin/letsencrypt
/usr/share/doc/certbot
/usr/share/doc/certbot/CHANGES.rst
/usr/share/doc/certbot/CONTRIBUTING.md
/usr/share/doc/certbot/README.rst
/usr/share/licenses/certbot
/usr/share/licenses/certbot/LICENSE.txt
/var/lib/letsencrypt
$ rpm -q -l certbot | xargs ls -ld
ls: cannot access /etc/letsencrypt: No such file or directory
ls: cannot access /var/lib/letsencrypt: No such file or directory
-rwxr-xr-x. 1 root root   302 Jul  6 06:42 /usr/bin/certbot
lrwxrwxrwx. 1 root root    16 Jul  6 06:42 /usr/bin/letsencrypt -> /usr/bin/certbot
drwxr-xr-x. 2 root root  4096 Sep 28 07:28 /usr/share/doc/certbot
-rw-r--r--. 1 root root   362 Jun 14 16:46 /usr/share/doc/certbot/CHANGES.rst
-rw-r--r--. 1 root root   604 Jun 14 16:46 /usr/share/doc/certbot/CONTRIBUTING.md
-rw-r--r--. 1 root root  7702 Jun 14 16:46 /usr/share/doc/certbot/README.rst
drwxr-xr-x. 2 root root  4096 Sep 28 07:28 /usr/share/licenses/certbot
-rw-r--r--. 1 root root 11456 Jun 14 16:46 /usr/share/licenses/certbot/LICENSE.txt
$ certbot plugins
An unexpected error occurred:
OSError: [Errno 13] Permission denied: '/etc/letsencrypt'
Please see the logfile 'certbot.log' for more details.

You have to do it yourself:

sudo mkdir /etc/letsencrypt /var/lib/letsencrypt

Mobiad: Private and Scalable Mobile Advertising | Haddadi, Hui, Brown

Hamed Haddadi, Pan Hui, Ian Brown; Mobiad: Private and Scalable Mobile Advertising; In Proceedings of the Fifth ACM International Workshop on Mobility in the Evolving Internet Architecture (MobiArch ’10); 2010; pages 33–38; copy, paywall

Abstract

We introduce MobiAd; a scalable, location-aware, personalised and private advertising system for mobile platforms. Advertising is the driving force behind many websites and service providers on the Internet. With the ever-increasing number of smart phones, there is a fertile market for personalised and localised advertising. They key benefit of using mobile phones is to take advantage of the vast amount of information on the phones and the locations of interest to the user in order to provide personalised ads. Preservation of user privacy is however essential for successful deployment of such a system. MobiAd would perform a range of data mining tasks in order to maintain an interest profile on the user’s phone, and use the infrastructure network to download and display relevant ads and reports the clicks via a Delay Tolerant Networking (DTN) protocol. In this paper we provide an overview into existing advertising systems and privacy concerns on mobile phones, in addition to the scalable local ad download and privacy-aware DTN-based click report dissemination methods that we propose for MobiAd.

References

  • Directive 95/46/ec of the european parliament and of the council of 1995-10-24 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. OJ L 281 pp.31-50, 1995-11.
  • Google investor relations, financial tables, 2008.
  • Admob mobile metrics report, 2010.
  • Multimedia broadcast/multicast service (MBMS); stage 1, 3GPP specification detail, 2010.
  • S. Burleigh, A. Hooke, L. Torgerson, K. Fall, V. Cerf, B. Durst, K. Scott, H. Weiss. Delay-tolerant networking: an approach to interplanetary internet. In IEEE Communications Magazine, 41(6):128–136, 2003.
  • R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. In Proceedings of the 13th USENIX Security Symposium, pages 303–320, 2004.
  • K. Fall. A delay-tolerant network architecture for challenged internets. In Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM ’03), pages 27–34, New York, NY, USA, 2003. ACM.
  • B. Greenstein, D. McCoy, J. Pang, T. Kohno, S. Seshan, D. Wetherall. Improving wireless privacy with an identifier-free link layer protocol. In Proceeding of the 6th International Conference on Mobile Systems, Applications, and Services (MobiSys ’08), pages 40–53, New York, NY, USA, 2008. ACM.
  • S. Guha, A. Reznichenko, K. Tang, H. Haddadi, P. Francis. Serving Ads From Localhost For Performance, Privacy, and Profit. In Proceedings of the Eighth ACM Workshop on Hot Topics in Networks (HotNets-VIII), New York City, NY, 2009.
  • H. Haddadi. Fighting Online Click-Fraud Using Bluff Ads. In ACM Computer Communication Review, 40(2), 2010.
  • P. Hui, J. Crowcroft, E. Yoneki. Bubble Rap: Social-Based Forwarding In Delay Tolerant Networks. In Proceedings of the 9th ACM International Symposium on Mobile Ad Hoc Networking & Computing (MobiHoc ’08), 2008-05.
  • X. Lu, P. Hui, D. Towsley, J. Pu, Z. Xiong. Anti-Localization Anonymous Routing for Delay Tolerant Networks. In Elsevier Computer Network, 2010.
  • S. Milgram. The small world problem. In Psychology Today, (2):60–67, 1967.
  • C. Song, Z. Qu, N. Blumm, A.-L. Barabsi. Limits of Predictability in Human Mobility. In Science, 327(5968):1018–1021, 2010.
  • T. Spyropoulos, S. Member, K. Psounis, C. Raghavendra. Single-Copy Routing in Intermittently Connected Mobile Networks.In Proceedings of IEEE International Conference on Sensing, Communication and Networking (SECON), 2004.
  • F. Stajano, R. J. Anderson. The Cocaine Auction Protocol: On the Power of Anonymous Broadcast. In Information Hiding, pages 434–447, 1999.
  • V. Toubiana, A. Narayanan, D. Boneh, H. Nissenbaum, S. Barocas. Adnostic: Privacy Preserving Targeted Advertising. In Proceedings of the Network and Distributed System Security Symposium (NDSS). 2010, San Diego, California, USA.

Via: backfill

De-anonymizing Programmers via Code Stylometry | Caliskan-Islam, Harang, Liu, Narayanan

Aylin Caliskan-Islam, Richard Harang, Andrew Liu, Arvind Narayanan; De-anonymizing Programmers via Code Stylometry; Manuscript, submittable to Some Venue; 2015; 17 pages; listing.

Abstract

Source code authorship attribution could provide proof of authorship in court, automate the process of finding a cyber criminal from the source code left in an infected system, or aid in resolving copyright, copyleft and plagiarism issues in the programming fields. In this work, we investigate methods to deanonymize source code authors of C++ using coding style. We cast source code authorship attribution as a machine learning problem using natural language processing techniques to extract the necessary features. The Code Stylometry Feature Set is a novel representation of coding style found in source code that reflects coding style from properties derived from abstract syntax trees. Such a unique representation of coding style has not been used before in code attribution.

Our random forest and abstract syntax tree-based approach attributes more authors (250) with significantly higher accuracy (95%) on a larger data set (Google Code Jam) than has been previously attempted. Furthermore these novel features are more robust than previous approaches, and are still able to attribute authors even when code is run through commercial obfuscation with no significant change in accuracy. This analysis also produces interesting insights relevant to software engineering. We find that

(i) the code resulting from difficult programming tasks is easier to attribute than easier tasks and
(ii) skilled programmers (who can complete the more difficult tasks) are easier to attribute than less skilled programmers.

Mentions

  • Aylin Caliskan-Islam, a PhD student, Drexel University
    • Advisor: Rachel Greenstadt.
  • Implementations
    • JStylo
    • Anonymouth
  • Google Code Jam
  • Code Stylometry Feature Set
  • Classification Problem
    • 250 class
    • closed-world
    • 137 features mattered out of 20,000

Promotions

Via: backfill

Pure URL for Firefox removes garbage like ‘utm_source’ from URLs

Pure URL for Firefox

Data

More than the default settings (cut & paste this into) the config settings in about:addons

utm_cid, smprod, smid,it_source,wpmp_tp, utm_hp_ref,mod,tag,mbid, mtid,ncid,utm_cid,utm_source, utm_medium, utm_term, utm_content, utm_campaign, utm_reader, utm_place, ga_source, ga_medium, ga_term, ga_content, ga_campaign, ga_place, yclid, _openstat, feature@youtube.com, fb_action_ids, fb_action_types, fb_ref, fb_source, action_object_map, action_type_map, action_ref_map, ref@facebook.com, fref@facebook.com, hc_location@facebook.com, ref_@imdb.com, src@addons.mozilla.org

Investigating User Privacy in Android Ad Libraries | Stevens, Gibler, Crussell, Erickson, Chen

Ryan Stevens, Clint Gibler, Jon Crussell, Jeremy Erickson, Hao Chen; Investigating User Privacy in Android Ad Libraries; In Proceedings of MOST (MOST); 2012; 10 pages.

Abstract

Recent years have witnessed incredible growth in the popularity and prevalence of smart phones. A flourishing mobile application market has evolved to provide users with additional functionality such as interacting with social networks, games, and more. Mobile applications may have a direct purchasing cost or be free but ad-supported. Unlike in-browser ads, the privacy implications of ads in Android applications has not been thoroughly explored. We start by comparing the similarities and differences of in-browser ads and in-app ads. We examine the effect on user privacy of thirteen popular Android ad providers by reviewing their use of permissions. Worryingly, several ad libraries checked for permissions beyond the required and optional ones listed in their documentation, including dangerous permissions like CAMERA , WRITE CALENDAR and WRITE CONTACTS . Further, we discover the insecure use of Android’s JavaScript extension mechanism in several ad libraries. We identify fields in ad requests for private user information and confirm their presence in network data obtained from a tier-1 network provider. We also show that users can be tracked by a network sniffer across ad providers and by an ad provider across applications. Finally, we discuss several possible solutions to the privacy issues identified above.

Referenced

Claims

  • Mobclix: exfiltrate and/or modify the user’s calendar and contacts, exfiltrate user’s audio and image files, and turn on/off the camera LED.
  • Greystripe: get and/or set user’s cookies.
  • mOcean: send SMS and email messages, start phone calls, add calendar entries, get location, make arbitrary network requests.
  • Inmobi: send SMS and email messages, start phone calls, and modify the users calendar.

Auctions in Do-Not-Track Compliant Internet Advertising | Reznichenko, Guha, Francis

Alexy Reznichenko, Saikat Guha, Paul Francis; Auctions in Do-Not-Track Compliant Internet Advertising; In Proceedings of ACM Conference on Computer Communications & Security (CCS); 2011-10-17; pdf, html, landing.

Abstract

Online tracking of users in support of behavioral advertising is widespread. Several researchers have proposed nontracking online advertising systems that go well beyond the requirements of the Do-Not-Track initiative launched by the US Federal Trace Commission (FTC). The primary goal of these systems is to allow for behaviorally targeted advertising without revealing user behavior (clickstreams) or user profiles to the ad network. Although these designs purport to be practical solutions, none of them adequately consider the role of the ad auctions, which today are central to the operation of online advertising systems. This paper looks at the problem of running auctions that leverage user profiles for ad ranking while keeping the user profile private. We define the problem, broadly explore the solution space, and discuss the pros and cons of these solutions. We analyze the performance of our solutions using data from Microsoft Bing advertising auctions. We conclude that, while none of our auctions are ideal in all respects, they are adequate and practical solutions.

TaintDroid

TaintDroid Realtime Privacy Monitoring on Smartphones

William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, Anmol N. Sheth; Taintdroid: An Information-Flow Tracking System For Realtime Privacy Monitoring on Smartphones; In Proceedings of the 9th USENIX Conference On Operating Systems Design and Implementation (OSDI’10); 2010; conference version: pages 1–6, technical report version: 15 pages; landing

Abstract

Today’s smartphone operating systems frequently fail to provide users with adequate control over and visibility into how third-party applications use their private data. We address these shortcomings with TaintDroid, an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data. TaintDroid provides realtime analysis by leveraging Android’s virtualized execution environment. TaintDroid incurs only 14% performance overhead on a CPU-bound micro-benchmark and imposes negligible overhead on interactive third-party applications. Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, we found 68 instances of potential misuse of users’ private information across 20 applications. Monitoring sensitive data with TaintDroid provides informed use of third-party applications for phone users and valuable input for smartphone security service firms seeking to identify misbehaving applications.

Concept

  • A contagion algebra on taint tags
  • A taint tag database
  • A special OS, special ROM
  • Updated to Android 4.1, released 2010-10-06.

TunnelBear

TunnelBear

Concept

  • a VPN
    • for pay based on bandwidth/month
  • Support
    • Android
    • iOS
    • Windows
    • OS/X
  • Benefits Alleged
    • “Simple”
      • on or off
      • Country masquerade
    • Prophylaxis against “social sharing”
      • Facebook
      • Twitter
      • Linkedin’s Intro ref
      • Something vague about maybe blocking ad tracking
    • Consumer-grade privacy

Background

  • Toronto CA
  • private funding

Who

  • Ryan Dochuk, co-founder, CEO

Promotion

Earned

Owned

Mentioned Within

Via: backfill

A Critique Of Lavabit | Moxie Marlinspike

Moxie Marlinspike; A Critique Of Lavabit; In His Blog; at In His Blog at thoughtcrime.org; 2013-11-05.

Syndication

Moxie Marlinspike; Op-ed: Lavabit’s primary security claim wasn’t actually true; In Ars Technica; 2013-11-06.
Teaser: Ladar Levison stood up for users’ privacy—but perhaps a little too late.

Oped

Mentions

  • <quote>Unfortunately, Lavabit’s primary security claim wasn’t actually true. As Ladar himself explained in this blog post, the system consisted of four basic steps:
    1. At account creation time, the user selected a login passphrase and transmitted it to the server.
    2. The server generated a keypair for that user, encrypted the private key with the login passphrase the user had selected, and stored it on the server.
    3. For every incoming e-mail the user received, the server would encrypt it with the user’s public key, and store it on the server.
    4. When the user wanted to retrieve an e-mail, they would transmit their password to the server, which would avert its eyes from the plaintext encryption password it had just received, use it to decrypt the private key (averting its eyes), use the private key to decrypt the e-mail (again averting its eyes), and transmit the plaintext e-mail to the user (averting its eyes one last time).</quote>

Elaboration

  • <quote>The cryptography was nothing more than a lot of overhead and some shorthand for a promise not to peek</quote>
  • <quote>Perhaps we’re just not reading between the lines, and all this handwaving was a ruse designed to trick the legal system (by claiming it was “unable” to respond to subpoenas) rather than a ruse designed to trick Lavabit’s users. That could have been a plausible experiment to try, but Hushmail already tried the exact same experiment a decade earlier and met the exact same fate.</quote>
  • <quote>It’s not clear whether the Lavabit crew consciously understood the system’s shortcomings and chose to misrepresent them, or if it really believed it built something based on can’t rather than won’t. One way or the other, in the security world, a product that uses the language of cryptography to fundamentally misrepresent its capabilities is the basic definition of snake oil.</quote>

Referenced

Via: backfill

Inferring Trip Destinations From Driving Habits Data | Dewri, Annadata, Eltarjaman, Thurimella

Rinku Dewri, Prasad Annadata, Wisam Eltarjaman, Ramakrishna Thurimella; Inferring Trip Destinations From Driving Habits Data; In Proceedings of Workshop on Privacy in the Electronic Society (WPES); 2013; 9 pages.

Abstract

The collection of driving habits data is gaining momentum as vehicle telematics based solutions become popular in consumer markets such as auto-insurance and driver assistance services. These solutions rely on driving features such as time of travel, speed, and braking to assess accident risk and driver safety. Given the privacy issues surrounding the geographic tracking of individuals, many solutions explicitly claim that the customer’s GPS coordinates are not recorded. Although revealing driving habits can give us access to a number of innovative products, we believe that the disclosure of this data only offers a false sense of privacy. Using speed and time data from real world driving trips, we show that the destinations of trips may also be determined without having to record GPS coordinates. Based on this, we argue that customer privacy expectations in non-tracking telematics applications need to be reset, and new policies need to be implemented to inform customers of possible risks.

Mentions

  • Products
    • Progressive’sSnapshot,
    • AllState’s Drivewise,
    • State Farm’s In-Drive,
    • National General Insurance’s Low-Mileage Discount,
    • Travelers’ Intellidrive,
    • Esurance’s Drivesense,
    • Safeco’s Rewind,
    • Aviva’s Drive,
    • Amaguiz PAYD,
    • Insure The Box,
    • Cover-box,
    • Ingenie,
    • MyDrive.
  • Quasi-identifiers
  • Telematics
  • OnStar
  • OBD-II
  • LandAirSea GPS Tracking Key
  • OpenStreetMap
  • Stop Points
  • Depth-First Search (DFS)

Via: backfill, backfill

Forensic Identification of GSM Mobile Phones | Hasse, Gloe, Beck

Jakob Hasse, Thomas Gloe (dence), Martin Beck (T.U. Dresden); Forensic Identification of GSM Mobile Phones; In Proceedings of IH & MM Sec (huh?); 2013-06-17; 10 pages.

Abstract

With the rapid growth of GSM telecommunication, special requirements arise in digital forensics to identify mobile phones operating in a GSM network. This paper introduces a novel method to identify GSM devices based on physical characteristics of the radio frequency hardware. An implementation of a specialised receiver software allows passive monitoring of GSM traffic along with physical layer burst extraction even for handover and frequency hopping techniques. We introduce time-based patterns of modulation errors as a unique device-dependent feature and carefully remove random effects of the wireless communication channel. Using our characteristics, we could distinguish 13 mobile phones at an overall success rate of 97.62% under realworld conditions. This work proves practical feasibility of physical layer identification scenarios capable of tracking or authenticating GSM-based devices.

Promotions

  • Paul Marks; Any cellphone can be traced by its digital fingerprint; In New Scientist; 2013-08-01.
    Mentions

    • Jakob Hasse et al.
    • Technical University of Dresden
    • Testing: N=13 devices (the ones “laying around their lab”)
    • Scope: 2G phones
    • Precision: identify the source handset with an accuracy of 97.6 per cent.
    • Quotes, Jakob Hasse:
      • “Our method does not send anything to the mobile phones. It works completely passively and just listens to the ongoing transmissions of a mobile phone – it cannot be detected.”
      • [Results on 2G only but] “defects are present in every radio device, so it should also be possible to do this with 3G and 4G phones.”
    • Quotes. attributed to random other people, for color & balance:

openPDS – The privacy-preserving Personal Data Store

Buzzy Terms

  • A full Trust Network reference platform.
  • Privacy-preserving group computation.

Concept

  • A Personal Data Store (PDS) is a service (a server) that answers questions, rather than aggregating and (re-)serving a profile.
  • Respond to questions about claims; e.g. is over 18, is-righthanded, has driver license.

Mentions

Via backfill

ID3 Popularizations

References

Code

Implementations of a PDS to hold personal data, and provide answers to questions about that data.

HumanDynamics/openPDS

  • 16624 LOC overall
  • 2801 LOC Python
  • 4255 LOC JavaScript
$ find openPDS -name .git -prune -o -print | sort
openPDS
openPDS/celerytest
openPDS/celerytest/__init__.py
openPDS/celerytest/models.py
openPDS/celerytest/task.py
openPDS/celerytest/tests.py
openPDS/celerytest/views.py
openPDS/conf
openPDS/conf/requirements.txt
openPDS/.gitignore
openPDS/LICENSE.txt
openPDS/manage.py
openPDS/oms_pds
openPDS/oms_pds/apache
openPDS/oms_pds/apache/django.wsgi
openPDS/oms_pds/authentication.py
openPDS/oms_pds/authorization.py
openPDS/oms_pds/discovery
openPDS/oms_pds/discovery/__init__.py
openPDS/oms_pds/discovery/urls.py
openPDS/oms_pds/discovery/views.py
openPDS/oms_pds/django-crossdomainxhr-middleware.py
openPDS/oms_pds/extract-user-middleware.py
openPDS/oms_pds/forms
openPDS/oms_pds/forms/__init__.py
openPDS/oms_pds/forms/settingsforms.py
openPDS/oms_pds/__init__.py
openPDS/oms_pds/pds
openPDS/oms_pds/pds/api.py
openPDS/oms_pds/pds/create.py
openPDS/oms_pds/pds/fixtures
openPDS/oms_pds/pds/fixtures/initial_data.json
openPDS/oms_pds/pds/forms.py
openPDS/oms_pds/pds/__init__.py
openPDS/oms_pds/pds/models.py
openPDS/oms_pds/pds/templatetags
openPDS/oms_pds/pds/templatetags/__init__.py
openPDS/oms_pds/pds/templatetags/mustache.py
openPDS/oms_pds/pds/templatetags/straight_include.py
openPDS/oms_pds/pds/templatetags/verbatim.py
openPDS/oms_pds/pds/tests.py
openPDS/oms_pds/pds/tools.py
openPDS/oms_pds/pds/urls.py
openPDS/oms_pds/pds/views.py
openPDS/oms_pds/settings.py
openPDS/oms_pds/settings.py.orig
openPDS/oms_pds/sharing
openPDS/oms_pds/sharing/fixtures
openPDS/oms_pds/sharing/fixtures/initial_data.json
openPDS/oms_pds/sharing/forms
openPDS/oms_pds/sharing/forms/__init__.py
openPDS/oms_pds/sharing/forms/settingsforms.py
openPDS/oms_pds/sharing/__init__.py
openPDS/oms_pds/sharing/models.py
openPDS/oms_pds/sharing/urls.py
openPDS/oms_pds/sharing/views.py
openPDS/oms_pds/static
openPDS/oms_pds/static/css
openPDS/oms_pds/static/css/audit.css
openPDS/oms_pds/static/css/bootstrap.css
openPDS/oms_pds/static/css/bootstrap.min.css
openPDS/oms_pds/static/css/bootstrap-responsive.css
openPDS/oms_pds/static/css/bootstrap-responsive.min.css
openPDS/oms_pds/static/css/jquery.ui.datepicker.mobile.css
openPDS/oms_pds/static/css/sharing.css
openPDS/oms_pds/static/css/style.css
openPDS/oms_pds/static/img
openPDS/oms_pds/static/img/glyphicons-halflings.png
openPDS/oms_pds/static/img/glyphicons-halflings-white.png
openPDS/oms_pds/static/js
openPDS/oms_pds/static/js/admin.js
openPDS/oms_pds/static/js/audit.js
openPDS/oms_pds/static/js/backbone-min.js
openPDS/oms_pds/static/js/backbone-tastypie.js
openPDS/oms_pds/static/js/bootstrap.js
openPDS/oms_pds/static/js/bootstrap.min.js
openPDS/oms_pds/static/js/box.js
openPDS/oms_pds/static/js/heatmap-gmaps.js
openPDS/oms_pds/static/js/heatmap.js
openPDS/oms_pds/static/js/ICanHaz.min.js
openPDS/oms_pds/static/js/jQuery.ui.datepicker.js
openPDS/oms_pds/static/js/jquery.ui.datepicker.mobile.js
openPDS/oms_pds/static/js/modernizr.custom.56582.js
openPDS/oms_pds/static/js/radialScriptRealityAnalysis.js
openPDS/oms_pds/static/js/radialScriptSimple.js
openPDS/oms_pds/static/js/role.js
openPDS/oms_pds/static/js/sharing.js
openPDS/oms_pds/static/js/underscore-min.js
openPDS/oms_pds/tastypie_mongodb
openPDS/oms_pds/tastypie_mongodb/__init__.py
openPDS/oms_pds/tastypie_mongodb/resources.py
openPDS/oms_pds/templates
openPDS/oms_pds/templates/auditEntryTemplate.mustache
openPDS/oms_pds/templates/audit.html
openPDS/oms_pds/templates/backboneLayout.html
openPDS/oms_pds/templates/base.html
openPDS/oms_pds/templates/discovery
openPDS/oms_pds/templates/discovery/members.html
openPDS/oms_pds/templates/home.html
openPDS/oms_pds/templates/permissions.html
openPDS/oms_pds/templates/purpose.html
openPDS/oms_pds/templates/reality_analysis
openPDS/oms_pds/templates/reality_analysis/reality_analysis
openPDS/oms_pds/templates/reality_analysis/reality_analysis/boxPlot.html
openPDS/oms_pds/templates/reality_analysis/reality_analysis/login.html
openPDS/oms_pds/templates/reality_analysis/reality_analysis/map.html
openPDS/oms_pds/templates/reality_analysis/reality_analysis/morley.csv
openPDS/oms_pds/templates/reality_analysis/reality_analysis/settings.html
openPDS/oms_pds/templates/reality_analysis/reality_analysis/simpleDialog2
openPDS/oms_pds/templates/reality_analysis/reality_analysis/simpleDialog2/jquery.mobile.simpledialog2.min.js
openPDS/oms_pds/templates/reality_analysis/reality_analysis/simpleDialog2/jquery.mobile.simpledialog.min.css
openPDS/oms_pds/templates/reality_analysis/reality_analysis/simpleRadial.html
openPDS/oms_pds/templates/reality_analysis/reality_analysis/visualizationCSS.css
openPDS/oms_pds/templates/reality_analysis/reality_analysis/visualization.html
openPDS/oms_pds/templates/roles.html
openPDS/oms_pds/templates/roleTemplate.mustache
openPDS/oms_pds/templates/sharing
openPDS/oms_pds/templates/sharing/edit.html
openPDS/oms_pds/templates/sharing/sharingTemplate.mustache
openPDS/oms_pds/templates/sharing/sharingThumbTemplate.mustache
openPDS/oms_pds/templates/sharing/update.html
openPDS/oms_pds/templates/trust
openPDS/oms_pds/templates/trust/add.html
openPDS/oms_pds/trust
openPDS/oms_pds/trust/fixtures
openPDS/oms_pds/trust/fixtures/initial_data.json
openPDS/oms_pds/trust/__init__.py
openPDS/oms_pds/trust/models.py
openPDS/oms_pds/trust/urls.py
openPDS/oms_pds/trust/views.py
openPDS/oms_pds/urls.py
openPDS/oms_pds/views.py
openPDS/oms_pds/wsgi.py
openPDS/README.md

RetroShare on Fedora 17, 18, 19

RetroShare
Secure communication with friends

Installation Summary

  • Successfully installed, started & initialized a profile on Fedora 18

Known Problems

  • Bringing up the About dialog has no Close action
    • That modal dialog greys-and-blocks the application
    • You must kill the program to recover control
  • IPv4 only; there is no IPv6 support FAQ
  • There are order-dependent package conflicts in Fedora 18
    • libupnp1-1.6.7-11.1.x86_64 => required for RetroShare
    • libupnp-1.6.18-1.fc18.x86_64 => prevents RetroShare, required by gmyth, gstreamer-plugins-bad-free-extras
  • Expects UPnP to punch DNAT holes back through your (IPv4) NAT
    • linux-igd the Linux UPNP Internet GATEWAY DEVICE

Release History

  • 2013-03-23: Version 0.5.4e
  • 2012-12-17: Version 0.5.4d
  • 2012-11-21: Version 0.5.4c
  • 2012-09-26: Version 0.5.4b

Outreach

Promotions

And backfilled

Theory

Actualities

Screenshots (from Windows?); attribution in the links

Practice

  • IPv4 with uPnP?
  • IPv6?
  • Key Exchange
    • You’re exchanging public keys … so what’s the big deal
    • Suggestion: use cryptobin.org

Availability

(yum) Repos

The scheme seems to be to identify a yum repo for the distribution rather than to provide a download directly.

AsamK

AsamK’s work is nominated on the RetroShare Project Site

File: /etc/yum.repos.d/home:AsamK:RetroShare.repo

[home_AsamK_RetroShare]
name=RetroShare (Fedora_19)
type=rpm-md
baseurl=http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_19/
gpgcheck=1
gpgkey=http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_19/repodata/repomd.xml.key
enabled=1

Reference: home:AsamK:RetroShare.repo
Origin: Fedora 19 from the Downloads at the RetroShare Project Site

File: /etc/yum.repos.d/home:AsamK:RetroShare.repo

[home_AsamK_RetroShare]
name=RetroShare (Fedora_18)
type=rpm-md
baseurl=http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_18/
gpgcheck=1
gpgkey=http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_18/repodata/repomd.xml.key
enabled=1

Reference: home:AsamK:RetroShare.repo
Origin: Fedora 18 from the Downloads at the RetroShare Project Site

File: /etc/yum.repos.d/home:AsamK:RetroShare.repo

[home_AsamK_RetroShare]
name=RetroShare (Fedora_17)
type=rpm-md
baseurl=http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_17/
gpgcheck=1
gpgkey=http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_17/repodata/repomd.xml.key
enabled=1

Reference: home:AsamK:RetroShare.repo
Origin: Fedora 17 from the Downloads at the RetroShare Project Site

RPM Sphere

Zhong Huaren(?)’s work is nominated in Linux Packages Search. It features a Fedora 19 build and both x86_64 and i686 builds.

File: /etc/yum.repos.d/rpm-sphere.repo

[rpm-sphere]
name=RPM Sphere
baseurl=http://download.opensuse.org/repositories/home:/zhonghuaren/Fedora_19/
gpgkey=http://download.opensuse.org/repositories/home:/zhonghuaren/Fedora_19/repodata/repomd.xml.key
enabled=1
gpgcheck=1

Reference: retroshare-0.5.3c-12.1.x86_64.rpm

File: /etc/yum.repos.d/rpm-sphere.repo

[rpm-sphere]
name=RPM Sphere
baseurl=http://download.opensuse.org/repositories/home:/zhonghuaren/Fedora_18/
gpgkey=http://download.opensuse.org/repositories/home:/zhonghuaren/Fedora_18/repodata/repomd.xml.key
enabled=1
gpgcheck=1

Reference: retroshare-0.5.3c-12.1.x86_64.rpm

File: /etc/yum.repos.d/rpm-sphere.repo

[rpm-sphere]
name=RPM Sphere
baseurl=http://download.opensuse.org/repositories/home:/zhonghuaren/Fedora_17/
gpgkey=http://download.opensuse.org/repositories/home:/zhonghuaren/Fedora_17/repodata/repomd.xml.key
enabled=1
gpgcheck=1

Reference: retroshare-0.5.3c-12.1.x86_64.rpm

Olea

Only has i686. See the Search Results

Installation

Create file: /etc/yum.repos.d/home:AsamK:RetroShare.repo

[home_AsamK_RetroShare]
name=RetroShare (Fedora_18)
type=rpm-md
baseurl=http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_18/
gpgcheck=1
gpgkey=http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_18/repodata/repomd.xml.key
enabled=1

What will be installed?

$ yum 'search' 'retroshare' 
Loaded plugins: langpacks, presto, refresh-packagekit
<snip/>
=========================== N/S Matched: retroshare ============================
retroshare-debuginfo.i686 : Debug information for package retroshare
retroshare-debuginfo.x86_64 : Debug information for package retroshare
retroshare-nogui.i686 : RetroShare without gui
retroshare-nogui.x86_64 : RetroShare without gui
retroshare-plugins.i686 : Precompiled plugins for RetroShare
retroshare-plugins.x86_64 : Precompiled plugins for RetroShare
retroshare-svn-debuginfo.i686 : Debug information for package retroshare-svn
retroshare-svn-debuginfo.x86_64 : Debug information for package retroshare-svn
retroshare-svn-nogui.i686 : RetroShare without gui
retroshare-svn-nogui.x86_64 : RetroShare without gui
retroshare-svn-plugins.i686 : Precompiled plugins for RetroShare
retroshare-svn-plugins.x86_64 : Precompiled plugins for RetroShare
retroshare.i686 : Secure chat and file sharing
retroshare.x86_64 : Secure chat and file sharing
retroshare-svn.i686 : Secure chat and file sharing
retroshare-svn.x86_64 : Secure chat and file sharing
<snip/>

The difference between the “regular” and the “svn”-suffixed packages is unclear.

$ sudo yum install -y retroshare retroshare-nogui
Loaded plugins: langpacks, presto, refresh-packagekit
Resolving Dependencies
--> Running transaction check
---> Package retroshare.x86_64 0:0.5.4e-2.1 will be installed
--> Processing Dependency: libupnp.so.3()(64bit) for package: retroshare-0.5.4e-2.1.x86_64
---> Package retroshare-nogui.x86_64 0:0.5.4e-2.1 will be installed
--> Running transaction check
---> Package libupnp1.x86_64 0:1.6.7-11.1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package              Arch       Version        Repository                 Size
================================================================================
Installing:
 retroshare           x86_64     0.5.4e-2.1     home_AsamK_RetroShare     5.0 M
 retroshare-nogui     x86_64     0.5.4e-2.1     home_AsamK_RetroShare     1.2 M
Installing for dependencies:
 libupnp1             x86_64     1.6.7-11.1     home_AsamK_RetroShare     114 k

Transaction Summary
================================================================================
Install  2 Packages (+1 Dependent package)

Total download size: 6.3 M
Installed size: 17 M
Downloading Packages:
warning: /var/cache/yum/x86_64/18/home_AsamK_RetroShare/packages/libupnp1-1.6.7-11.1.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 21691f91: NOKEY
Public key for libupnp1-1.6.7-11.1.x86_64.rpm is not installed
--------------------------------------------------------------------------------
Total                                            37 kB/s | 6.3 MB     02:57     
Retrieving key from http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_18/repodata/repomd.xml.key
Importing GPG key 0x21691F91:
 Userid     : "home:AsamK OBS Project "
 Fingerprint: e2ce 3677 c801 5772 d097 b0aa 9418 a479 2169 1f91
 From       : http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_18/repodata/repomd.xml.key
Running Transaction Check
Running Transaction Test

Transaction Check Error:
  file /usr/lib64/libixml.so.2 from install of libupnp1-1.6.7-11.1.x86_64 conflicts with file from package libupnp-1.6.18-1.fc18.x86_64

Error Summary
-------------

FAIL (on cathedral)

Diagnosis
cathedral (F18) fails

$ rpm -q -a | grep pnp | sort
gupnp-0.18.4-1.fc18.x86_64
gupnp-av-0.10.3-1.fc18.x86_64
gupnp-igd-0.2.1-2.fc18.x86_64
libupnp-1.6.18-1.fc18.x86_64

cavernous (F18) succeeds:

$ rpm -q -a |grep pnp | sort
gupnp-0.18.4-1.fc18.x86_64
gupnp-av-0.10.3-1.fc18.x86_64
gupnp-igd-0.2.1-2.fc18.x86_64
libupnp1-1.6.7-11.1.x86_64

Great … so it’s the difference between libupnp and libupnp1  What needs which?

Try again (on cavernous) …

$ sudo yum install -y retroshare retroshare-nogui
Loaded plugins: langpacks, presto, refresh-packagekit
<snip/>
Resolving Dependencies
--> Running transaction check
---> Package retroshare.x86_64 0:0.5.4e-2.1 will be installed
--> Processing Dependency: libupnp.so.3()(64bit) for package: retroshare-0.5.4e-2.1.x86_64
--> Processing Dependency: libixml.so.2()(64bit) for package: retroshare-0.5.4e-2.1.x86_64
---> Package retroshare-nogui.x86_64 0:0.5.4e-2.1 will be installed
--> Processing Dependency: libssh.so.4()(64bit) for package: retroshare-nogui-0.5.4e-2.1.x86_64
--> Processing Dependency: libssh_threads.so.4()(64bit) for package: retroshare-nogui-0.5.4e-2.1.x86_64
--> Running transaction check
---> Package libssh.x86_64 0:0.5.4-3.fc18 will be installed
---> Package libupnp1.x86_64 0:1.6.7-11.1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package             Arch      Version           Repository                Size
================================================================================
Installing:
 retroshare          x86_64    0.5.4e-2.1        home_AsamK_RetroShare    5.0 M
 retroshare-nogui    x86_64    0.5.4e-2.1        home_AsamK_RetroShare    1.2 M
Installing for dependencies:
 libssh              x86_64    0.5.4-3.fc18      updates                  126 k
 libupnp1            x86_64    1.6.7-11.1        home_AsamK_RetroShare    114 k

Transaction Summary
================================================================================
Install  2 Packages (+2 Dependent packages)

Total download size: 6.5 M
Installed size: 18 M
Downloading Packages:
<snip>
--------------------------------------------------------------------------------
Total                                            36 kB/s | 6.5 MB     03:04     
Retrieving key from http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_18/repodata/repomd.xml.key
Importing GPG key 0x21691F91:
 Userid     : "home:AsamK OBS Project "
 Fingerprint: e2ce 3677 c801 5772 d097 b0aa 9418 a479 2169 1f91
 From       : http://download.opensuse.org/repositories/home:/AsamK:/RetroShare/Fedora_18/repodata/repomd.xml.key
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : libupnp1-1.6.7-11.1.x86_64                                   1/4 
  Installing : libssh-0.5.4-3.fc18.x86_64                                   2/4 
  Installing : retroshare-nogui-0.5.4e-2.1.x86_64                           3/4 
  Installing : retroshare-0.5.4e-2.1.x86_64                                 4/4 
  Verifying  : retroshare-0.5.4e-2.1.x86_64                                 1/4 
  Verifying  : libupnp1-1.6.7-11.1.x86_64                                   2/4 
  Verifying  : retroshare-nogui-0.5.4e-2.1.x86_64                           3/4 
  Verifying  : libssh-0.5.4-3.fc18.x86_64                                   4/4 

Installed:
  retroshare.x86_64 0:0.5.4e-2.1      retroshare-nogui.x86_64 0:0.5.4e-2.1     

Dependency Installed:
  libssh.x86_64 0:0.5.4-3.fc18           libupnp1.x86_64 0:1.6.7-11.1          

Complete!

What got installed?

$ rpm -q -l retroshare
/usr/bin/RetroShare
/usr/share/applications/retroshare.desktop
/usr/share/icons/hicolor
/usr/share/icons/hicolor/128x128
/usr/share/icons/hicolor/128x128/apps
/usr/share/icons/hicolor/128x128/apps/retroshare.png
/usr/share/icons/hicolor/24x24
/usr/share/icons/hicolor/24x24/apps
/usr/share/icons/hicolor/24x24/apps/retroshare.png
/usr/share/icons/hicolor/48x48
/usr/share/icons/hicolor/48x48/apps
/usr/share/icons/hicolor/48x48/apps/retroshare.png
/usr/share/icons/hicolor/64x64
/usr/share/icons/hicolor/64x64/apps
/usr/share/icons/hicolor/64x64/apps/retroshare.png
/usr/share/pixmaps/retroshare.xpm
$ rpm -q -l retroshare-nogui
/usr/bin/retroshare-nogui
/usr/share/RetroShare
/usr/share/RetroShare/bdboot.txt
/usr/share/RetroShare/qss
/usr/share/RetroShare/qss/blacknight
/usr/share/RetroShare/qss/blacknight.qss
/usr/share/RetroShare/qss/blacknight/check_sel.png
/usr/share/RetroShare/qss/blacknight/check_unsel.png
/usr/share/RetroShare/qss/blacknight/clbg.png
/usr/share/RetroShare/qss/blacknight/down.png
/usr/share/RetroShare/qss/blacknight/radio_sel.png
/usr/share/RetroShare/qss/blacknight/radio_unsel.png
/usr/share/RetroShare/qss/blacknight/up.png
/usr/share/RetroShare/qss/blue
/usr/share/RetroShare/qss/blue.qss
/usr/share/RetroShare/qss/blue/blue.png
/usr/share/RetroShare/qss/blue/blue2.png
/usr/share/RetroShare/qss/blue/tab1.png
/usr/share/RetroShare/qss/blue/tabselected.png
/usr/share/RetroShare/qss/groove.qss
/usr/share/RetroShare/qss/orangesurfer
/usr/share/RetroShare/qss/orangesurfer.qss
/usr/share/RetroShare/qss/orangesurfer/border.png
/usr/share/RetroShare/qss/orangesurfer/main.png
/usr/share/RetroShare/qss/orangesurfer/main2.png
/usr/share/RetroShare/qss/orangesurfer/sizegrip.png
/usr/share/RetroShare/qss/orangesurfer/tab_hover.png
/usr/share/RetroShare/qss/orangesurfer/tab_normal.png
/usr/share/RetroShare/qss/orangesurfer/tab_pressed.png
/usr/share/RetroShare/qss/orangesurfer/toolbar.png
/usr/share/RetroShare/qss/qlive
/usr/share/RetroShare/qss/qlive.qss
/usr/share/RetroShare/qss/qlive/qb.png
/usr/share/RetroShare/qss/qlive/qb2.png
/usr/share/RetroShare/qss/redscorpion
/usr/share/RetroShare/qss/redscorpion.qss
/usr/share/RetroShare/qss/redscorpion/red.png
/usr/share/RetroShare/qss/redscorpion/red2.png
/usr/share/RetroShare/qss/silver
/usr/share/RetroShare/qss/silver.qss
/usr/share/RetroShare/qss/silver/silver.png
/usr/share/RetroShare/qss/silver/silver2.png
/usr/share/RetroShare/qss/silvergrey.qss
/usr/share/RetroShare/qss/uus
/usr/share/RetroShare/qss/uus.qss
/usr/share/RetroShare/qss/uus/uus.png
/usr/share/RetroShare/qss/uus/uus2.png
/usr/share/RetroShare/qss/wx
/usr/share/RetroShare/qss/wx.qss
/usr/share/RetroShare/qss/wx/wx.png
/usr/share/RetroShare/qss/yaba
/usr/share/RetroShare/qss/yaba.qss
/usr/share/RetroShare/qss/yaba/yaba.png
/usr/share/RetroShare/qss/yaba/yaba2.png
/usr/share/RetroShare/qss/yaba/yaba3.png
/usr/share/RetroShare/qss/yeah
/usr/share/RetroShare/qss/yeah.qss
/usr/share/RetroShare/qss/yeah/yeah.png

The Linux UPNP Internet GATEWAY DEVICE

Bitmessage

Basics

Instructions & Documentation

Chatter

Theory

Jonathan Warren (Bitmessage.org); Bitmessage: A Peer-to-Peer Message Authentication and Delivery System; self-published; 2012-11-27; 5 pages.

Abstract:

We propose a system that allows users to securely send and receive messages, and subscribe to broadcast messages, using a trustless decentralized peer‐to‐peer protocol. Users need not exchange any data beyond a relatively short (around 36 character) address to ensure security and they need not have any concept of public or private keys to use the system. It is also designed to mask non‐content data, like the sender and receiver of messages, from those not involved in the communication

S. Nakamoto; Bitcoin: A Peer‐to‐Peer Electronic Cash System; self-published; 2008.

Who

  • Jonathan Warren
  • Adam Melton

Spelling

Apparently it’s Bitmessage not BitMessage.

Promotions

  • Max Raskin; Bitmessage’s NSA-Proof E-Mail; In Business Week; 2013-06-27.
    Mentions

    • The basics and the authors
    • Quoted for color and attestation of importance (quoting)
      • Johannes Ullrich, chief research officer of the SANS Institute, a Bethesda (Md.)-based organization that certifies computer security specialists.
      • Jim Harper, director of information policy studies at the Cato Institute, a Washington-based research group dedicated to libertarian principles.
      • Jarad Carleton, a San Francisco-based principal consultant at Frost & Sullivan.

Via: backfill, backfill.

Proactively Accountable Anonymous Messaging in Verdict | Corrigan-Gibbs, Wolinsky, Ford

Henry Corrigan-Gibbs, David Isaac Wolinsky, Bryan Ford (Yale); Proactively Accountable Anonymous Messaging in Verdict; In Proceedings of the 22nd USENIX Security Symposium; 2013-08-14.; 16 pages; extended paper, 24 pages; landing

Abstract

Among anonymity systems, DC-nets have long held attraction for their resistance to traffic analysis attacks, but practical implementations remain vulnerable to internal disruption or “jamming” attacks, which require time-consuming detection procedures to resolve. We present Verdict, the first practical anonymous group communication system built using proactively verifiable DC-nets: participants use public-key cryptography to construct DC-net ciphertexts, and use zero-knowledge proofs of knowledge to detect and exclude misbehavior before disruption. We compare three alternative constructions for verifiable DC-nets: one using bilinear maps and two based on simpler ElGamal encryption. While verifiable DC-nets incur higher computational overheads due to the public-key cryptography involved, our experiments suggest that Verdict is practical for anonymous group messaging or microblogging applications, supporting groups of 100 clients at 1 second per round or 1000 clients at 10 seconds per round. Furthermore, we show how existing symmetric-key DC-nets can “fall back” to a verifiable DC-net to quickly identify misbehavior, speeding up previous detections schemes by two orders of magnitude.

Mentions

  • Verdict builds on Dissent.
  • DeterLab testbed
  • DeDiS/Dissent at github
  • Related
    • Crowds
    • Dissent
    • Herbivore
    • LAP
    • Mixminion
    • Tarzan
    • Tor
  • Algorithms
    • AES
    • Golle-Juels
    • ElGamal
    • Eliptic Curve Groups
    • Neff proof-of-knowledge
    • PRNG
    • Schnorr
    • XOR

Via backfill

Unique in the Crowd: The privacy bounds of human mobility | de Montjoye, Hidalgo, Verleysen, Blondel

Yves-Alexandre de Montjoye, Cesar A. Hidalgo, Michel Verleysen & Vincent D. Blondel; Unique in the Crowd: The privacy bounds of human mobility; In Scientific Reports; 2013-03-25; accepted: 2013-02-04, received: 2012-10-01; 5 pages.

Abstract

We study fifteen months of human mobility data for one and a half million individuals and find that human mobility traces are highly unique. In fact, in a dataset where the location of an individual is specified hourly, and with a spatial resolution equal to that given by the carrier’s antennas, four spatio-temporal points are enough to uniquely identify 95% of the individuals. We coarsen the data spatially and temporally to find a formula for the uniqueness of human mobility traces given their resolution and the available outside information. This formula shows that the uniqueness of mobility traces decays approximately as the 1/10 power of their resolution. Hence, even coarse datasets provide little anonymity. These findings represent fundamental constraints to an individual’s privacy and have important implications for the design of frameworks and institutions dedicated to protect the privacy of individuals.

Also

Sousveillance | Existential Technology | eyetap | Steve Mann

Who

Steven Mann
cite is a tenured professor at the Department of Electrical and Computer Engineering at the University of Toronto. Mann holds degrees from the Massachusetts Institute of Technology (PhD in Media Arts and Sciences ’97) and McMaster University, where he was also inducted into the McMaster University Alumni Hall of Fame, Alumni Gallery, 2004, in recognition of his career as an inventor and teacher. While at MIT he was one of the founding members of the Wearable Computers group in the Media Lab. In 2004 he was named the recipient of the 2004 Leonardo Award for Excellence for his article Existential Technology, published in Leonardo, Volume 36:1. Mann’s blog is: eyetap

References

  • Sousveillance; In Jimi Wales’ Wiki
  • Philip Virgo; Plebgate, the Sousveillance society and your Boxing Day Browsing; In Some Trade Rag; 2012-12-21.
    Summary: generic opinement
  • ;
  • Steve Mann; Existential Technology: Wearable Computing Is Not The Real Issue!; In Leonardo; pdf[1] pdf[2]; MIT Press: PDF[1], PDF[2]
    Abstract:

    The author presents “Existential Technology” as a new category of in(ter)ventions and as a new theoretical framework for understanding privacy and identity. His thesis is twofold: (1) The unprotected individual has lost ground to invasive surveillance technologies and complex global organizations that undermine the humanistic property of the individual; (2) A way for the individual to be free and collegially assertive in such a world is to be “bound to freedom” by an articulably external force. To that end, the author explores empowerment via self-demotion. He has founded a federally incorporated company and appointed himself to a low enough position to be bound to freedom within that company. His performances and in(ter)ventions over the last 30 years have led him to an understanding of such concepts as individual self-corporatization and submissivity reciprocity for the creation of a balance of bureaucracy.

  • Steve Mann, Jason Nolan, Barry Wellman; Sousveillance: Inventing and Using Wearable Computing Devices for Data Collection in Surveillance Environments; In Surveillance & Society; DATE; Volume 1(3); pages 331-355 (25 pages); ISSN: 1477-7487
    Abstract

    This paper describes using wearable computing devices to perform “sousveillance” (inverse surveillance) as a counter to organizational surveillance. A variety of wearable computing devices generated different kinds of responses, and allowed for the collection of data in different situations. Visible sousveillance often evoked counter-performances by front-line surveillance workers. The juxtaposition of sousveillance with surveillance generates new kinds of information in a social surveillance situation.

  • Surveillance and Society; The international, interdisciplinary, open access, peer-reviewed journal of Surveillance Studies.

Faces of Facebook: Privacy in the Age of Augmented Reality

Faces of Facebook: Privacy in the Age of Augmented Reality

Presentation

Mentions

  • Google
    • acquired Neven Vision, Riya, and PittPatt
    • face recognition into Picasa.
  • Apple
    • acquired Polar Rose
    • face recognition into iPhoto.
  • Facebook
    • licensed Face.com
    • automated (face) tagging.
  • CyLab at CMU.

Results

But does it work?  Apparently it does work well enough for the publication. FAQ

SafeSlinger

SafeSlinger Messaging for Mobile Devices

Summary

Seems to work.

The promotionals run so heavy on the “benies” that it is a little unclear on the use case; what this thing does for you.  It feels like it is an application of SPATE towards instant messaging and file transfer, more generally contact transfer.  Is similar to but different from from the TextSecure, which requires an SMS channel. Seems to use Google Talk? with chatter on ports https(465) and xmpp-client (5222)

Usage

Architecture

  • Central server; probably at 69.10.178.46 (?)
  • The server application is written for the Google App Engine platform in Python.

Registration

  • Message: Push Registration ID Arrived (from where?)

Quality

There are frequent crashes and loss of password, but … retry and rework.

Experience on

  • HTC Desire, Gingerbread (CM7)
  • Atrix 2, Ice Cream Sandwich (AT&T factory OTA)
  • Atrix 1, Jelly Bean (CM10, Emerson Pinter).

Source Code

Permissions

  • Read & Write Contacts
  • Read & Write Call Log
  • Phone State & Identity
  • Modify SD Card
  • Prevent from Sleeping

Abandonware

  • Ho-Po Key on Android Market
  • Ho-Po Key on AppsZoom

Technical Reports

Developers

Adrian PerrigMichael Farb

Promotions

References

Mentions

  • Moxie Marlinspike is credited with the slinger concept in the tech report.

Similarities

Seems to solve the same problem as the excellent TextSecure (org.thoughtcrime.securesms, github code) by Moxie Marlinspike at Whisper Systems.  TextSecure requires a valid SMS capability (i.e. it only works on live phones).

Related

Adrian Perrig’s Research Group