SECURITY & PRIVACY SAFE BROWSING IN 2016 SAFE BROWSING IN 2016 me_irl
• Gabor Szathmari
• Information Security Professional Hacker Freelancer
• Privacy Advocate SAFE BROWSING IN 2016 I WILL BE TALKING ABOUT
• Web browsing ‣Privately ‣Securely THE SMALL PRINT SAFE BROWSING IN 2016 THIS GUIDE IS NOT FOR YOU, IF…
• Targeted surveillance • Whistleblower protection • Browsing the web anonymously SAFE BROWSING IN 2016 YOU NEED INSTEAD …
• Tor browser • Tails OS, Qubes OS • PGP, Signal, WhatsApp, Ricochet • SecureDrop, GlobaLeaks KNOW YOUR ADVISORY SAFE BROWSING IN 2016 CYBER CRIMINALS •Ransomware ‣ Your files for Bitcoins
•Info stealing malware ‣ Passwords ‣ Bank and credit card details SAFE BROWSING IN 2016 THE GOVERNMENT Metadata law1 excludes2:
•URLs
•Web Page Content
•DNS requests
•Destination IPs and Ports [1]: Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 [2]: https://www.ag.gov.au/NationalSecurity/DataRetention/Documents/DataRetentionIndustryFAQS.pdf SAFE BROWSING IN 2016 THE GOVERNMENT
ISPs must retain1:
• Assigned IP and Port
• Date and Duration
• Data Volume
• Subscriber Data
[1]: https://www.ag.gov.au/NationalSecurity/DataRetention/Documents/DataRetentionIndustryFAQS.pdf SAFE BROWSING IN 2016 THE GOVERNMENT On Request
ISPs must retain1: Service Providers have:
• Assigned IP and Port • Connecting IP and Port
• Date and Duration • Date and Duration
• Data Volume • Data Volume
• Subscriber Data • Content
[1]: https://www.ag.gov.au/NationalSecurity/DataRetention/Documents/DataRetentionIndustryFAQS.pdf SAFE BROWSING IN 2016 DATA CORRELATION
• Hello Google, give us all the IP addresses searching for “whistleblowing” in January 2016 SAFE BROWSING IN 2016 DATA CORRELATION
• Hey Facebook, tell us the URL of all websites that this IP address visited with your ‘Like button’ on the page1
[1]: http://arstechnica.com/tech-policy/2015/03/report-facebook-tracks-all-visitors-even-if-youre-not-a-user-and-opted-out/
SAFE BROWSING IN 2016 SAFE BROWSING IS • Protection from ransomware and info stealing malware • De-linking data between the ISP and Service Providers OPERATING SYSTEM HYGIENE SAFE BROWSING IN 2016 HOW MALWARE GETS IN?
• File downloads • Browser and add-on exploits ‣ Adobe Flash ‣ Java ‣ PDF SAFE BROWSING IN 2016 WHAT CAN PROTECT ME? • Anti-virus software • Anti-exploit kit SAFE BROWSING IN 2016 ANTI-VIRUS SOFTWARE
Modern AV protects from: • Known and unknown malware • Loading malicious URLs • Ransomware • Keystroke logging SAFE BROWSING IN 2016 ANTI-EXPLOIT KIT Protects from: • Browser exploits • Browser add-on exploits
SAFE BROWSING IN 2016 OPERATING SYSTEM HYGIENE
Anti-malware1: Anti-exploit kit2: ‣ Kaspersky Internet ‣ MalwareBytes Security Anti-Exploit ‣ Norton Security ‣ HitmanPro.Alert
[1]: https://www.mrg-effitas.com/wp-content/uploads/2016/05/MRG-Effitas-360-Assessment-Q1-2016.pdf [2]: https://www.mrg-effitas.com/wp-content/uploads/2015/04/MRG_Effitas_Real_world_exploit_prevention_test.pdf SEARCH ENGINE SAFE BROWSING IN 2016 DATA CORRELATION
• Hello Google, give us all the IP addresses searching for “whistleblowing” in January 2016 SAFE BROWSING IN 2016 SAFE BROWSING IS
• Protection from ransomware and malware • De-linking data between the ISP and Service Providers SAFE BROWSING IN 2016 CHOOSING THE SEARCH ENGINE • Doesn't keep logs • Nothing to hand over SAFE BROWSING IN 2016 CHOOSING THE SEARCH ENGINE • startpage.com • search.disconnect.me • duckduckgo.com WEB BROWSER SAFE BROWSING IN 2016 HOW MALWARE GETS IN?
• File downloads • Browser and add-on exploits ‣ Adobe Flash ‣ Java ‣ PDF SAFE BROWSING IN 2016 A MODERN WEB BROWSER • Warns if something bad is going to happen • Stops bad things from happening SAFE BROWSING IN 2016 BROWSER SECURITY
File / URL Yes Yes Yes Yes Reputation Sandboxing Yes Yes Yes
Sandboxed Flash Yes Yes Yes
Sandboxed PDF Yes Yes Yes
Certificate Yes Transparency Token Binding Yes SAFE BROWSING IN 2016 CHROME, BECAUSE …
• Implements state of the art security technologies • Privacy and security extensions SAFE BROWSING IN 2016 BEFORE YOU BEGIN…
• Don’t log in with a Google account • Fine-tune its privacy settings1 • Read the Chrome Privacy Whitepaper2
[1]: http://www.dummies.com/how-to/content/how-to-use-google-chrome-privacy-settings.html [2]: https://www.google.com/chrome/browser/privacy/whitepaper.html BROWSER EXTENSIONS SAFE BROWSING IN 2016 DATA CORRELATION
• Hey Facebook, tell us the URL of all websites that this IP address visited with your ‘Like button’ on the page1
[1]: http://arstechnica.com/tech-policy/2015/03/report-facebook-tracks-all-visitors-even-if-youre-not-a-user-and-opted-out/ SAFE BROWSING IN 2016 SAFE BROWSING IS
• Protection from ransomware and malware • De-linking data between the ISP and Service Providers SAFE BROWSING IN 2016 EXTENSIONS: PRIVACY • Disable tracking pixels • Prevent leaks ‣ Disconnect -or- ‣ Referer Control ‣ Privacy Badger ‣ WebRTC Leak Prevent
• Enforce encryption • Prevent fingerprinting ‣ HTTPS Everywhere ‣ CanvasFingerprintBlock ‣ User-Agent Switcher SAFE BROWSING IN 2016 HOW MALWARE GETS IN?
• File downloads • Browser and add-on exploits ‣ Adobe Flash ‣ Java ‣ PDF SAFE BROWSING IN 2016 EXTENSIONS: SECURITY • Click to Flash • Browser and add-on ‣ Flashcontrol health check ‣ • Control third-party code Qualys BrowserCheck ‣ uBlock Origin • URL Reputation ‣ ‣ ScriptSafe WOT: Web of Trust SAFE BROWSING IN 2016 WHAT’S YOUR FAVOURITE EXTENSION?
• https://chrome.google.com/webstore/detail/disconnect/jeoacafpbcihiomhlakheieifhpjdfeo
• https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp
• https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp
• https://chrome.google.com/webstore/detail/referer-control/hnkcfpcejkafcihlgbojoidoihckciin
• https://chrome.google.com/webstore/detail/canvasfingerprintblock/ipmjngkmngdcdpmgmiebdmfbkcecdndc
• https://chrome.google.com/webstore/detail/webrtc-leak-prevent/eiadekoaikejlgdbkbdfeijglgfdalml
• https://chrome.google.com/webstore/detail/user-agent-switcher-for-g/ffhkkpnppgnfaobgihpdblnhmmbodake
• https://chrome.google.com/webstore/detail/flashcontrol/mfidmkgnfgnkihnjeklbekckimkipmoe
• https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm
• https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf
• https://chrome.google.com/webstore/detail/qualys-browsercheck-for-w/ejhnkognlohdkpjkjongioociddgoibk
• https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp SUMMARY SAFE BROWSING IN 2016 SUMMARY • Cyber criminals, The Government • Anti-malware, anti-exploit • Search engine • Secure web browser • Browser extensions SAFE BROWSING IN 2016 THANK YOU • @gszathmari
• PGP: keybase.io/gszathmari
• Threema: PRN7228A SAFE BROWSING IN 2016 PHOTOS
• https://americangallery.files.wordpress.com/2012/06/sheep-in-wolfs-clothing.jpg
• http://dropsafe.crypticide.com/wp-content/uploads/2013/08/Secure-Beneath-Watchful-Eyes.png
• https://uploads.skyhighnetworks.com/2014/12/blog-banner-dr-evil.png
• https://twitter.com/malware_traffic/status/738801324955832321