25 September 2018
Wagging The Tail - Covert Passive Surveillance and how to make their life difficult
In this modern digital age of technically competent adversaries we forget that there may still be a need to conduct old school physical surveillance against a target. Many organisations utilise surveillance teams and these may be in-house in the case of government agencies or third-party teams contracted for a specific task and their targets range from suspected terrorists to people accused of bogus insurance claims.
Whilst most people think that they may never be placed under surveillance some professions increase this probability. For example, if you are a member of the press with sources that you only meet face to face you could be a target especially if the source is a whistleblower or has information that their employer would rather they didn’t give to you. Would it seem far-fetched to think that a hacker, security researcher or a member of the EFF could be placed under surveillance?
These teams are not the lone Private Investigator sat in their car at the bottom of your street but are highly trained individuals whose job is to remain undetected. Their mission is to observe and identify interactions and document everything they see. They aim to be “The Grey Man”, that person, when asked to describe, you are unable to. Their techniques have changed very little over decades because they work.
This talk will focus on mobile and foot surveillance techniques used by surveillance teams. It will also include tips on identifying if you are under surveillance and how to make their life difficult.
Measuring RPKI with the data plane
BGP is a protocol all about trust, it is what helped it obtain huge adoption, but this trust model has later been regarded as a “victim of its own success” as the internet moved out of the era of trusting all parties on the network.
For a while some of the only things security people knew about BGP is that it is vulnerable to hijacking, and various incidents have been spawned from that (think youtube in Pakistan, and the more recent Amazon Route 53 crypto theft hijacking).
Slowly, the networking world has been working on a solution that involves signing IP ranges and their owners. The uptick of signed IP ranges is reaching as high as 16% in some regions, but how is validation doing?
Some others have tried to quantify this metric using control plane data (think BGP feeds) to test if networks are validating their incoming BGP feeds, with questionable success. In this talk I present a new approach of testing the whole Internet’s implementation of RPKI and show the truth of the progress of BGP security efforts.
We’re always happy for more talks, so if you’ve implemented Meltdown on your smartwatch, want to walk us through the highlights of a CTF, or have some insight into upcoming privacy regulations, we’re interested!
Drop a message to email@example.com with a title, synopsis and rough length, and don’t worry if you haven’t spoken before.