Metadata

Theo Baschak

CryptoParty

Online HTML5 Slides

Presentation source/download available at github.com/tbaschak/cryptoparty-metadata

Who I Am

• Primary Network Administrator of VOI Network Solutions – Winnipeg-based commercial Internet Service Provider and carrier.
• Involved with both Internet Exchanges in Winnipeg.
  • Elected member on the Board of Directors for MBIX.
  • Also involved with the creation and technical operations of WpgIX.
• Avid opensource software user/fanatic, and recently, contributor.

00 00 00 00

• “Due to recent revelations…” / NSA / Global Surveillance / etc
• Will be talking tonight about:
  • Metadata
  • Your traffic, on the wire
  • Encrypting your data in transit

00 00 00 01

• Expectations of data privacy are no longer absolute
  • DO NOT TRUST PLAINTEXT, be wary of weak crypto
• Many previously “only theoretical” privileged access attacks now widespread
  • MITM attacks very real
  • And profitable too

00 00 00 10

• Metadata
  • More sources closer to users gives better information
  • Traditionally 5-tupple
    • ip_proto, src_ip, src_port, dst_ip, dst_port
    • along with timestamp
    • can be combined with DNS/Geo/BGP information
    • Provides information for troubleshooting and network planning
  • Detail Time Limited
  • Usage Graphs

00 00 00 11

• So What Can Your ISP See?
• Last CryptoParty Traffic - All SSL Ports, that was all
• Is this a concern?

00 00 01 00

• Routing Attacks
  • Accidental
  • On Purpose
• Implications of routing diversions
  • Plaintext can be considered compromised
• LinkedIn ‘Intro’ Email Proxying (2013-10-23 - 2014-03-07)

00 00 01 01

• Encryption
  • Always if you want your data to be private
  • When configuring SSL, check the ciphers, there are valid options which are silly

00 00 01 11

Questions / End

• Question & Answer period as time permits.