DOCSLIB.ORG

A Design for Real-Time Android

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Design for Real-Time Android RTDroid: A Design for Real-Time Android Yin Yan, Sree Harsha Konduri, Amit Kulkarni, Varun Anand, Steven Y. Ko, Lukasz Ziarek University at Buffalo, The State University of New York {yinyan, sreehars, amitshri, varunana, stevko, lziarek}@buffalo.edu ABSTRACT Since its inception, there has been much interest in a real- There has been much recent interest in adding support for time Android variant; researchers have proposed four canon- real-time capabilities to Android. Proposed architectures for ical system architectures [15, 17] for extending Android with doing so fall into four broad categories, but only two sup- real-time capabilities. These architectural models are illus- port real-time Android applications. These two proposals trated in Fig. 1. The first proposed system architecture include a real-time garbage collector for real-time memory (Fig. 1a) is built around a clean separation between Android management and a real-time operating system for real-time and real-time components, allowing for real-time applica- scheduling and resource management. Although they pro- tions to run directly on top of a real-time operating system vide the fundamental building blocks for real-time Android, (RTOS). Although viable, this model prevents the creation unfortunately such proposals are incomplete. In this paper of real-time Android apps, instead opting for a system that we examine the Android programming model, libraries, and can run both Android apps and separate real-time appli- core systems services in the context of the Fiji real-time VM cations. In addition, real-time applications are prevented coupled with the RT Linux and RTEMS real-time operat- from leveraging the features offered by Android and cannot ing systems. We show that even with a real-time operating include any Android related services or libraries. The next system as well as real-time memory management, the pre- approach (Fig. 1b) is similar to the first, but instead of swap- dictability of core Android constructs is poor. To address ping the standard Linux kernel for an RTOS, it introduces a this limitation we propose a preliminary RTDroid design and real-time hypervisor at the bottommost layer, running An- show its applicability to real-time systems. droid as a guest operating system in one partition and real- time applications in another. This model suffers from the same deficiencies of the first. Categories and Subject Descriptors The last two models (Fig. 1c and Fig. 1d) permit the con- C.3 [Special-Purpose and Application-Based Systems]: struction of real-time Android apps by adding a secondary Real-time and embedded systems VM with real-time capabilities or by extending DVM with real-time support (alternatively, replacing DVM with a real- time JVM) respectively. These two approaches provide the 1. INTRODUCTION ground work for predictability and determinism within the Android's open source nature has prompted its ubiquitous Android system by replacing the standard Linux kernel with adoption in various embedded system domains. Instead of an RTOS as well as introducing real-time features at the being built around the Java Virtual Machine (JVM), An- VM level. Notably, these models support real-time Android droid uses the Dalvik Virtual Machine (DVM) [12]. Unlike apps, the use of Android features, in addition to Android a JVM, DVM leverages register based [21] bytecode (called services and libraries. The last two models, unfortunately, DEX [2]) instead of Java bytecode. The DVM supports just- provide little or no insight on how Android features, ser- in-time compilation (JIT) [10] to optimize for the target de- vices, and libraries can themselves be extended to support ployment device. Android, itself, runs on top of a modified execution of real-time Android apps. Linux kernel and provides a framework layer for applications In this paper, we demonstrate a new approach to achieving to leverage. The framework layer is built from Linux kernel real-time capabilities with the Android system. Our pro- functionality, third party libraries, as well as core Android totype, called RTDroid, focuses on extending an existing mechanisms. Applications targeting the Android system are real-time JVM 1 with Android constructs and leveraging colloquially referred to as \apps." an off-the-shelf RTOS. We have identified critical changes to the Android framework and core mechanisms necessary to guarantee predictable runtime performance for apps that Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed leverage Android mechanisms and services. Specifically, the for profit or commercial advantage and that copies bear this notice and the full cita- contributions of this paper are: tion on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or re- • An investigation of the core Android components and publish, to post on servers or to redistribute to lists, requires prior specific permission their suitability for real-time. and/or a fee. Request permissions from [email protected]. JTRES’13, October 09 - 11 2013, Karlsruhe, Germany 1 Copyright 2013 ACM 978-1-4503-2166-2/13/10 $15.00. Extending an RT JVM for Android requires DEX support; http://dx.doi.org/10.1145/2512989.2512993. we discuss this issue in Section 3.2.4. Applications Applications Applications Applications Application Framework Application Framework Application Framework Application Framework RT Core RT Apps Libraries Apps Core Core Core Dalvik VM Libraries Libraries RT JVM Libraries RT JVM / Dalvik VM Dalvik VM Linux Kernel Extend Dalvik RTOS Kernel RT Hypervisor RTOS Kernel RTOS Kernel (a) (b) (c) (d) Figure 1: Proposed RT Android System Architectures. Shaded components represent additions or changes to the Android architecture. • An initial system implementation of core Android con- The medical device industry has expended significant re- structs and services, which provides real-time guaran- sources in exploring Android as a future platform [5, 8, 9, tees for real-time threads. Our system is implemented 1]. They report that Android is well suited for envisioned on top of the Fiji VM, but is both VM and RTOS applications, such as remote patient monitoring devices in- agnostic. Our current design focuses on supporting a cluding cardio monitors and glucose analyzers, because such single real-time app, but its design can be generalized applications require support for wireless connectivity as well to support multiple apps. as good user interface design. Other proposed applications • A detailed evaluation study of our system leveraging include fall and gate monitoring for the elderly and patients two separate RTOSes, RT Linux and RTEMS. Our undergoing rehabilitation. performance results indicate that previously proposed In all of these scenarios, Android is used as a platform to models, without any changes to the framework layer, run a single real-time app. The underlying hardware can cannot provide real-time guarantees if real-time threads be a traditional embedded board or a mobile device. As and/or tasks leverage Android's core mechanisms and we detail in Section 3, the benefit of using Android in these services. scenarios is the rich APIs and libraries that exist on Android. It supports connectivity through Wi-Fi, Bluetooth, 3G, and The rest of paper is organized as follows: in Section 2, we 4G; it provides native support for various sensors such as provide two high-level motivating examples for RTDroid. In GPS, accelerometer, camera, and gyroscope; and it fosters Section 3 we outline Android details, specifically focusing an intuitive user interface design through a touch screen and on the challenges of adding real-time capabilities. We de- gestures. Control and medical apps typically require these tail our solution in Section 4. Evaluation and experiments functionalities and their development can be streamlined as are presented in Section 5. We discuss related work and well as standardized through the Android APIs and libraries. conclusions in Section 6 and Section 7 respectively. 2.2 Mixed-Criticality In addition to supporting a single real-time app, we en- 2. MOTIVATION vision allowing a mobile device to run multiple real-time This section presents two broad use cases as well as ex- apps along with regular apps through the use of a mixed- amples of their concrete deployments to motivate the design criticality system. For medical monitoring, the same mobile and utility of RTDroid. We envision RTDroid being lever- device that monitors its user's medical conditions can be aged in two distinct ways: 1) to run a single real-time app on used as a traditional smartphone. This reduces the number either specialized embedded hardware or a mobile device and of devices a user needs to carry. Similarly, if a user requires 2) to run real-time apps along with existing non-real-time multiple medical monitoring applications, they can be exe- apps in a mixed-criticality environment. The former case is cuted on the same device. the primary contribution of this paper, but important de- Google reports that its Play Store currently has 700,000 sign considerations must be made to support the latter in apps available for Android 2. The ability to install and lever- the same system. As such, we discuss salient implemen- age these apps will greatly simplify the development and tation details for supporting multiple real-time apps along maintenance of real-time apps. For example, any medical with non-real-time apps. monitoring device may be expected to send a report to the patient's doctor on a daily or weekly basis. Since there are 2.1 Single Real-Time App many apps that already provide such a functionality, e.g., As Android becomes increasingly popular, researchers have Gmail that allows other apps to send emails through it, the begun to explore its use as a platform for safety- and mission- monitoring app can simply leverage one of those apps; this critical apps.
Load more

Recommended publications
  • Backbox Penetration Testing Never Looked So Lovely
    DISTROHOPPER DISTROHOPPER Our pick of the latest releases will whet your appetite for new Linux distributions. Picaros Diego Linux for children. here are a few distributions aimed at children: Doudou springs to mind, Tand there’s also Sugar on a Stick. Both of these are based on the idea that you need to protect children from the complexities of the computer (and protect the computer from the children). Picaros Diego is different. There’s nothing stripped- down or shielded from view. Instead, it’s a normal Linux distro with a brighter, more kid-friendly interface. The desktop wallpaper perhaps best We were too busy playing Secret Mario on Picaros Diego to write a witty or interesting caption. exemplifies this. On one hand, it’s a colourful cartoon image designed to interest young file manager. In the programming category, little young for a system like this, but the it children. Some of the images on the we were slightly disappointed to discover it may well work for children on the upper end landscape are icons for games, and this only had Gambas (a Visual Basic-like of that age range. should encourage children to investigate the language), and not more popular teaching Overall, we like the philosophy of wrapping system rather than just relying on menus. languages like Scratch or a Python IDE. Linux is a child-friendly package, but not On the other hand, it still displays technical However, it’s based on Debian, so you do dumbing it down. Picaros Diego won’t work details such as the CPU usage and the RAM have the full range of software available for every child, but if you have a budding and Swap availability.
    [Show full text]
  • How to Use Encryption and Privacy Tools to Evade Corporate Espionage
    How to use Encryption and Privacy Tools to Evade Corporate Espionage An ICIT White Paper Institute for Critical Infrastructure Technology August 2015 NOTICE: The recommendations contained in this white paper are not intended as standards for federal agencies or the legislative community, nor as replacements for enterprise-wide security strategies, frameworks and technologies. This white paper is written primarily for individuals (i.e. lawyers, CEOs, investment bankers, etc.) who are high risk targets of corporate espionage attacks. The information contained within this briefing is to be used for legal purposes only. ICIT does not condone the application of these strategies for illegal activity. Before using any of these strategies the reader is advised to consult an encryption professional. ICIT shall not be liable for the outcomes of any of the applications used by the reader that are mentioned in this brief. This document is for information purposes only. It is imperative that the reader hires skilled professionals for their cybersecurity needs. The Institute is available to provide encryption and privacy training to protect your organization’s sensitive data. To learn more about this offering, contact information can be found on page 41 of this brief. Not long ago it was speculated that the leading world economic and political powers were engaged in a cyber arms race; that the world is witnessing a cyber resource buildup of Cold War proportions. The implied threat in that assessment is close, but it misses the mark by at least half. The threat is much greater than you can imagine. We have passed the escalation phase and have engaged directly into full confrontation in the cyberwar.
    [Show full text]
  • Diplomat: Using Delegations to Protect Community Repositories
    Diplomat: Using Delegations to Protect Community Repositories Trishank Karthik Kuppusamy, Santiago Torres-Arias, Vladimir Diaz, and Justin Cappos, New York University https://www.usenix.org/conference/nsdi16/technical-sessions/presentation/kuppusamy This paper is included in the Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI ’16). March 16–18, 2016 • Santa Clara, CA, USA ISBN 978-1-931971-29-4 Open access to the Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI ’16) is sponsored by USENIX. Diplomat: Using Delegations to Protect Community Repositories Trishank Karthik Kuppusamy Santiago Torres-Arias Vladimir Diaz Justin Cappos Tandon School of Engineering, New York University Abstract software. Major repositories run by Adobe, Apache, Debian, Fedora, FreeBSD, Gentoo, GitHub, GNU Sa- Community repositories, such as Docker Hub, PyPI, vannah, Linux, Microsoft, npm, Opera, PHP, RedHat, and RubyGems, are bustling marketplaces that distribute RubyGems, SourceForge, and WordPress repositories software. Even though these repositories use common have all been compromised at least once [4,5,7,27,28,30, software signing techniques (e.g., GPG and TLS), at- 31,35,36,39–41,48,59,61,62,67,70,79,80,82,86,87,90]. tackers can still publish malicious packages after a server For example, a compromised SourceForge repository compromise. This is mainly because a community repos- mirror located in Korea distributed a malicious ver- itory must have immediate access to signing keys in or- sion of phpMyAdmin, a popular database administration der to certify the large number of new projects that are tool [79]. The modified version allowed attackers to gain registered each day.
    [Show full text]
  • Introduction to Fmxlinux Delphi's Firemonkey For
    Introduction to FmxLinux Delphi’s FireMonkey for Linux Solution Jim McKeeth Embarcadero Technologies [email protected] Chief Developer Advocate & Engineer For quality purposes, all lines except the presenter are muted IT’S OK TO ASK QUESTIONS! Use the Q&A Panel on the Right This webinar is being recorded for future playback. Recordings will be available on Embarcadero’s YouTube channel Your Presenter: Jim McKeeth Embarcadero Technologies [email protected] | @JimMcKeeth Chief Developer Advocate & Engineer Agenda • Overview • Installation • Supported platforms • PAServer • SDK & Packages • Usage • UI Elements • Samples • Database Access FireDAC • Migrating from Windows VCL • midaconverter.com • 3rd Party Support • Broadway Web Why FMX on Linux? • Education - Save money on Windows licenses • Kiosk or Point of Sale - Single purpose computers with locked down user interfaces • Security - Linux offers more security options • IoT & Industrial Automation - Add user interfaces for integrated systems • Federal Government - Many govt systems require Linux support • Choice - Now you can, so might as well! Delphi for Linux History • 1999 Kylix: aka Delphi for Linux, introduced • It was a port of the IDE to Linux • Linux x86 32-bit compiler • Used the Trolltech QT widget library • 2002 Kylix 3 was the last update to Kylix • 2017 Delphi 10.2 “Tokyo” introduced Delphi for x86 64-bit Linux • IDE runs on Windows, cross compiles to Linux via the PAServer • Designed for server side development - no desktop widget GUI library • 2017 Eugene
    [Show full text]
  • Tails Free Download Tails Nightmare Game Free Download
    tails free download Tails nightmare game free download. Most people looking for Tails nightmare game free downloaded: Sonic - The Tails Nightmare. This is a Sonic fan-based game. The characters in this game are copyright to Sega and Sonic Team. Similar choice. › Ww2 tail gunner game download pc › Tails nightmare download. Programs for query ″tails nightmare game free download″ Naruto World Screensaver. Naruto is a carrier of nine-tails demon-fox sealed up in his body and he has incredible abilities. of nine- tails demon-fox . Ultimate Sonic. Ultimate Sonic is an amazing remake of the Sega genesis game Sonic the Hedgehog. Sega genesis game Sonic the . Select Sonic, Tails , Knuckles or . a life. The game ends once . SPL De-Verb. SPL De-Verb is a program that provides support for dynamic sound processing. and reverb- tails . De-Verb . Sonic Compilation. Save the world from destruction by defeating the evil Dr. Robotnik with your choice of Sega's best heroes. , Knuckles and Tails ! Blast through . enter a video game , this is . Perfect Cut. This application gives you the possibility of entering cutting orders even with different material families, with automatic decomposition into sub- problems. obtain reusable tails and sectioning . can reduce tails significantly) and . Rainbow Web. In the heart of a wonderland, surrounded by crystal clear lakes, mighty stone, and age-old forests there existed the Rainbow Kingdom. all fairy tails , there appears . all fairy tail creatures and . you must free letters from . Let's Ride Friends Forever. In Let's Ride Friends Forever you need to groom, train and care for your horse and practice hard to perfect your riding .
    [Show full text]
  • Debian \ Amber \ Arco-Debian \ Arc-Live \ Aslinux \ Beatrix
    Debian \ Amber \ Arco-Debian \ Arc-Live \ ASLinux \ BeatriX \ BlackRhino \ BlankON \ Bluewall \ BOSS \ Canaima \ Clonezilla Live \ Conducit \ Corel \ Xandros \ DeadCD \ Olive \ DeMuDi \ \ 64Studio (64 Studio) \ DoudouLinux \ DRBL \ Elive \ Epidemic \ Estrella Roja \ Euronode \ GALPon MiniNo \ Gibraltar \ GNUGuitarINUX \ gnuLiNex \ \ Lihuen \ grml \ Guadalinex \ Impi \ Inquisitor \ Linux Mint Debian \ LliureX \ K-DEMar \ kademar \ Knoppix \ \ B2D \ \ Bioknoppix \ \ Damn Small Linux \ \ \ Hikarunix \ \ \ DSL-N \ \ \ Damn Vulnerable Linux \ \ Danix \ \ Feather \ \ INSERT \ \ Joatha \ \ Kaella \ \ Kanotix \ \ \ Auditor Security Linux \ \ \ Backtrack \ \ \ Parsix \ \ Kurumin \ \ \ Dizinha \ \ \ \ NeoDizinha \ \ \ \ Patinho Faminto \ \ \ Kalango \ \ \ Poseidon \ \ MAX \ \ Medialinux \ \ Mediainlinux \ \ ArtistX \ \ Morphix \ \ \ Aquamorph \ \ \ Dreamlinux \ \ \ Hiwix \ \ \ Hiweed \ \ \ \ Deepin \ \ \ ZoneCD \ \ Musix \ \ ParallelKnoppix \ \ Quantian \ \ Shabdix \ \ Symphony OS \ \ Whoppix \ \ WHAX \ LEAF \ Libranet \ Librassoc \ Lindows \ Linspire \ \ Freespire \ Liquid Lemur \ Matriux \ MEPIS \ SimplyMEPIS \ \ antiX \ \ \ Swift \ Metamorphose \ miniwoody \ Bonzai \ MoLinux \ \ Tirwal \ NepaLinux \ Nova \ Omoikane (Arma) \ OpenMediaVault \ OS2005 \ Maemo \ Meego Harmattan \ PelicanHPC \ Progeny \ Progress \ Proxmox \ PureOS \ Red Ribbon \ Resulinux \ Rxart \ SalineOS \ Semplice \ sidux \ aptosid \ \ siduction \ Skolelinux \ Snowlinux \ srvRX live \ Storm \ Tails \ ThinClientOS \ Trisquel \ Tuquito \ Ubuntu \ \ A/V \ \ AV \ \ Airinux \ \ Arabian
    [Show full text]
  • Slides Ndh2k16.Pdf
    Tails: Security, Maintainability and Usability Pick three! Julien Voisin Jérôme Boursier July 4, 2016 Nuit du Hack Who are we ? Who are we ? Julien Voisin Jérôme Boursier • Radare2 • AdwCleaner • NBS-System • Student • dustri.org • fr33tux.org 1 Who are we ? Julien Voisin Jérôme Boursier • Radare2 • AdwCleaner • NBS-System • Student • dustri.org • fr33tux.org 1 Tails - The Amnesic Incognito Live System Tails - The Amnesic Incognito Live System What is Tails? Tails, born in 2009, is a live operating system, aiming at preserving your privacy and anonymity. 2 Tails - The Amnesic Incognito Live System What is Tails? Tails, born in 2009, is a live operating system, aiming at preserving your privacy and anonymity. • All connections to the Internet are forced to go through the Tor network; • It leaves no trace on the computer you are using unless you ask it explicitly; • It provides cryptographic tools to encrypt your files, emails and IM. • Secure and usable by default 2 Tails - The Amnesic Incognito Live System According to the NSA (S//REL) Tails: Complete Bootable OS on CD for anonymity - includes Tor (S//REL) Adds Severe CNE1 misery to equation 1Computer Network Exploitation 3 Tails - The Amnesic Incognito Live System According to the NSA (S//REL) Tails: Complete Bootable OS on CD for anonymity - includes Tor (S//REL) Adds Severe CNE These variables define terms and websites relating to the TAILs (The Amnesic Incognito Live System) software program, a comsec mechanism advocated by extremists on extremist forums. 3 Tails - The Amnesic Incognito Live System According to the NSA1 (S//REL) Tails: Complete Bootable OS on CD for anonymity - includes Tor (S//REL) Adds Severe CNE These variables define terms and websites relating to the TAILs (The Amnesic Incognito Live System) software program, a comsec mechanism advocated by extremists on extremist forums.
    [Show full text]
  • Online Self Defense – Black Belt Level
    Online Self Defense – Black Belt Level Review - White Belt Level 1.Do your updates 2.Use good antivirus/antimalware software 3.A long password is a strong password 4.Be suspicious of all emails, particularly those asking you to click on links, or that have attachments. Review – Yellow Belt 1.Always verify t!at you are on the we#site you mean to be 2.$et #rowser to more secure settings 3.Use privacy enhancing browser plugins 4.$can everything you download %.Only download programs from the official we#site Review - Green Belt Level ● (nformation is the currency of the internet ● )rivacy has finincial as well as ethical implications ● *a"e sure that your connection is encrypted +,--)$. ● Anonymizing we# proxies can help ● 1)Ns are better ● -or Browser is even better Review – Brown Belt Level 1.Unencrypted email is like sending a postcard instead of a letter 2.-o encrypt email use *ozilla -!under#ird with the 3nigmail plugin 3.-o encrypt chat use Pidgin with the OTR plugin Threat Modeling Decide what your most likely t!reats and plan your defense based on the following questions. 1. What is the most vulnerable/exploitable? 2. What is the most valuable? 3.How can I mitigate my vulnerabilities? 4. What can I o to limit amage i! an attac" is success!ul? Segregation of Identity ● Limit ability of a t!ird party to connect di'erent aspects of your life. 7or e0ample casual we# #rowsing and !ome #anking. ● 8roup activities wit! similar security re5uirements. ● Be self disciplined a#out t!is segregation.
    [Show full text]
  • Given the Pace of Development in Linux, It's Always
    BEST DISTRO Is your current Linux distribution really 2014 the best in town, or are you missing something even better? Graham, Ben and Mike put a bunch to the test. e’re going to get a lot of flak for writing pace of development in Linux, it’s always worth these words, but we’re not scared – Linux keeping your eyes open for something better. WVoice drops ice cubes down the vest of With all these things in mind, we decided to look at fear. So here we go: you might be using the wrong the current state of play in the Linux distro world. We Linux distribution. Or to put it more diplomatically, wanted to see which distros excel in certain you might not be running the distro that’s best suited important areas, to find out who’s leading the charge to you. “What a load of codswallop!”, you respond. here in mid-late 2014. “My distro does In tests like these, exactly what I need it it’s often possible to to do. I’ve been using “Given the pace of development in bundle certain distros it for years and I’m Linux, it’s always worth keeping an together as they’re so happy with it.” closely related. In the That’s great, but eye out for something better.” Packages section, for could it still do a lot instance, we look at more? Have you really tried all of the big-name Ubuntu and Mint together because they share the distros in depth? Could there be another distro out same repositories.
    [Show full text]
  • A New Generation of Linux-Only
    Newsdesk THIS ISSUE: Linux-exclusive PCs Linus Torvalds has doubts Microsoft protects Linux severs Steam on Chromebooks HARDWARE SYSTEMS A new generation of Dell Linux-only PCs CREDIT: It’s the year of Linux on some desktops – perhaps this whole FOSS thing will catch on! omething unusual is happening in the output supporting 4K at world of computing: companies big and 60Hz it’s ideal for use as a S small are releasing PCs with Linux media centre system, but running on them. Crucially, in these cases a Linux would run well as either a The Dell XPS 13 Developer operating systems being the only OS option. mini-destop or mini-server. Edition is an Ubuntu-only model. This shows an operational change in the Juno Computers, based both in the UK and marketplace, demonstrating that companies are the US, has made us aware of its all-new gaming not only confident that Linux-only models can laptop, the Neptune 15, that can be bought either sell in enough volume to make money, but that with Ubuntu 20.04 pre-installed, or no OS at all3. they’re happy to support those devices. It’s one It’s powered by the latest Intel Core i7-10875H thing to offer variations of existing Windows eight-core processor and runs a high-end Nvidia models, but quite another to only build a model GeForce RTX 2060 GPU with 6GB of GDDR6. At that offers Linux. £1,650 it’s one powerful – if expensive – system. We reported in LXF265 that Lenovo has We could argue that this trend, in part, extended its Ubuntu certification, making it able coincides with figures that show during the to offer Ubuntu pre-installed on a wider range of its Workstation offerings.
    [Show full text]
  • Untraceable Links: Technology Tricks Used by Crooks to Cover Their Tracks
    UNTRACEABLE LINKS: TECHNOLOGY TRICKS USED BY CROOKS TO COVER THEIR TRACKS New mobile apps, underground networks, and crypto-phones are appearing daily. More sophisticated technologies such as mesh networks allow mobile devices to use public Wi-Fi to communicate from one device to another without ever using the cellular network or the Internet. Anonymous and encrypted email services are under development to evade government surveillance. Learn how these new technology capabilities are making anonymous communication easier for fraudsters and helping them cover their tracks. You will learn how to: Define mesh networks. Explain the way underground networks can provide untraceable email. Identify encrypted email services and how they work. WALT MANNING, CFE President Investigations MD Green Cove Springs, FL Walt Manning is the president of Investigations MD, a consulting firm that conducts research related to future crimes while also helping investigators market and develop their businesses. He has 35 years of experience in the fields of criminal justice, investigations, digital forensics, and e-discovery. He retired with the rank of lieutenant after a 20-year career with the Dallas Police Department. Manning is a contributing author to the Fraud Examiners Manual, which is the official training manual of the ACFE, and has articles published in Fraud Magazine, Police Computer Review, The Police Chief, and Information Systems Security, which is a prestigious journal in the computer security field. “Association of Certified Fraud Examiners,” “Certified Fraud Examiner,” “CFE,” “ACFE,” and the ACFE Logo are trademarks owned by the Association of Certified Fraud Examiners, Inc. The contents of this paper may not be transmitted, re-published, modified, reproduced, distributed, copied, or sold without the prior consent of the author.
    [Show full text]
  • Design of the Next-Generation Securedrop Workstation Freedom of the Press Foundation
    1 Design of the Next-Generation SecureDrop Workstation Freedom of the Press Foundation I. INTRODUCTION Whistleblowers expose wrongdoing, illegality, abuse, misconduct, waste, and/or threats to public health or safety. Whistleblowing has been critical for some of the most important stories in the history of investigative journalism, e.g. the Pentagon Papers, the Panama Papers, and the Snowden disclosures. From the Government Accountability Project’s Whistleblower Guide (1): The power of whistleblowers to hold institutions and leaders accountable very often depends on the critical work of journalists, who verify whistleblowers’ disclosures and then bring them to the public. The partnership between whistleblowers and journalists is essential to a functioning democracy. In the United States, shield laws and reporter’s privilege exists to protect the right of a journalist to not reveal the identity of a source. However, under both the Obama and Trump administrations, governments have attempted to identify journalistic sources via court orders to third parties holding journalist’s records. Under the Obama administration, the Associated Press had its telephone records acquired in order to identify a source (2). Under the Trump Administration, New York Times journalist Ali Watkins had her phone and email records acquired by court order (3). If source—journalist communications are mediated by third parties that can be subject to subpoena, source identities can be revealed without a journalist being aware due to a gag that is often associated with such court orders. Sources can face a range of reprisals. These could be personal reprisals such as reputational or relationship damage, or for employees that reveal wrongdoing, loss of employment and career opportunities.
    [Show full text]