Security, surveillance, and privacy
What does it mean to be hacked? Can you hack yourself? Social engineering, phishing, cross-site scripting, trolling, authenticity.
- Early Work
- Recent Work
- keytweeter inspired by Thoughts on Total Openness of Information
- Default To Public
- "$", A Document
- two point four
- Newstweek and video and Critical Engineering Manifesto
- Men in Grey
- Ai Weiwei surveillance camera blocker
- Surveillance Chess
- Stranger Visions
- Drone Shadows
- Trevor Paglen
- [TSA Communication] (http://www.evan-roth.com/photos/tsa_communication)
- Surveillance culture
Intro to Computer Security / Hacking
- There’s a lot of information you can get from people without them realizing it. Some of it can be totally passive, like probe request frames:
sudo tcpdump -e -I -i en0 'type mgt subtype probe-req'and databases like http://wigle.net/ that keep track of SSID locations or OUI lookup tools for looking up MAC addresses. Also check out airport for wireless monitoring and nshey for sniffing.
- If someone visits a website that you have control over, there’s a lot more you can do. One tool that extracts some of this info available by default is made by the EFF https://panopticlick.eff.org/ Try clicking on “Show full results for fingerprinting”
- Another tool that show some of the same, and some different information (like which social networks you’re logged into, or what your battery life is) http://webkay.robinlinus.com/
- Your browser leaks some things automatically when it goes to a website, most of these pieces of info are used by the server to figure out what to send back http://headers.cloxy.net/request.php
- Besides getting info, you can also trick people into doing things. Phishing is one of the classic examples https://getgophish.com/
- But sometimes it’s even more insidious or unexpected. Clickjacking will trick people into clicking one thing when they think they’re clicking on another thing. For example, getting people to click a like button: http://webkay.robinlinus.com/clickjacking/facebook.html
- Samy Kamkar has a great tool that makes clickjacking easy, and posted a video explaining how to do it.
- Historical (less common) exploits:
- Some of these are still active, but not super common. For example, Heartbleed: https://zmap.io/heartbleed/ e.g., wm-seo.ru which you can test with https://gist.github.com/eelsivart/10174134
- After an exploit is well understood, one of the first places it ends up is inside Metasploit, a toolkit used by penetration testers and hackers all around the world:
- Or in databases like https://www.exploit-db.com/
- A little later, some of the most influential ones get turned into web based tools like https://pentest-tools.com/network-vulnerability-scanning/openssl-heartbleed-scanner and you can bet they are keeping track of which sites are vulnerable.
- There's a good chance the Panama Papers were the result of a Wordpress vulnerability along the lines of something Metasploit could handle: https://www.wordfence.com/blog/2016/04/mossack-fonseca-breach-vulnerable-slider-revolution/ Which means the Panama Papers could have been collected and released a while ago, but no one took the initiative.
- Sometimes hacking just means keeping your eyes open. If you see a link that has some numbers at the end, what happens if you change them? Can you find other peoples’ numbers?
- Or if there’s a server that you find interesting, what happens if you change the last digit on the IP address?
- There are a lot of cameras out there:
- Poking at different numbers is the foundation of services like:
- Types of hacking. Black hat vs white hat vs grey hat. Selling exploits.
- Social engineering - Social engineering is the art of manipulating people so they give up confidential information.
- Appeal to vanity, appeal to authority, appeal to greed, appeal to willingness to be helpful.
- Usually easier to exploit your natural inclination to trust than it is to discover ways to hack your software.
- Pretexting - the act of creating and using an invented scenario (the pretext) to engage a targeted victim.
- Baiting - leave a malware-infected physical device in a place likely to be found, promise a download, great deal, etc.
- Phishing - a fraudulent email disguised as a legitimate email, often purporting to be from a trusted source. Asks for help, information verification, notify you that you've "won", scareware.
- Quid pro quo - offer help at random in exchange for information "verified".
- Tailgating - An attacker, seeking entry to a restricted area secured by unattended, electronic access control, e.g. by RFID card, simply walks in behind a person who has legitimate access.
- Places to learn more
With friends like these...
Art, Activism, and CCTV
To Infect and Protect +video
Social dark matter
Living offline without being tracked
- Osama Sehgol + Crystal Brusch
What’s in a name? +video
- Melanie + Leon
Security vs privacy and Trading security for convenience
- Skylar + Joy
Privacy salience and social networking sites and Privacy and control
The flawed psychology of government mass surveillance
You don’t want your privacy: Disney and the meat space data race
The Male Gazed, Kate Losse
- Yuan + Jen
When does surveillance art cross the line?
- Jamal + Izzy
The Anxieties of Big Data
- Zoe + Nicola + Rebecca