safe browsing in 2016

44
SAFE BROWSING IN 2016 SECURITY & PRIVACY

Upload: gabor-szathmari

Post on 16-Jan-2017

446 views

Category:

Technology


0 download

TRANSCRIPT

SAFE BROWSING IN 2016SECURITY & PRIVACY

SAFE BROWSING IN 2016

me_irl• Gabor Szathmari • Information Security

Professional Hacker Freelancer

• Privacy Advocate

SAFE BROWSING IN 2016

I WILL BE TALKING ABOUT• Web browsing

‣Privately

‣Securely

THE SMALL PRINT

SAFE BROWSING IN 2016

THIS GUIDE IS NOT FOR YOU, IF…• Targeted surveillance • Whistleblower protection • Browsing the web anonymously

SAFE BROWSING IN 2016

YOU NEED INSTEAD …• Tor browser • Tails OS, Qubes OS • PGP, Signal, WhatsApp, Ricochet • SecureDrop, GlobaLeaks

KNOW YOUR ADVERSARY

SAFE BROWSING IN 2016

CYBER CRIMINALS•Ransomware

‣ Your files for Bitcoins

• Info stealing malware

‣ Passwords

‣ Bank and credit card details

SAFE BROWSING IN 2016

THE GOVERNMENTMetadata law1 excludes2:

•URLs

•Web Page Content

•DNS requests

•Destination IPs and Ports[1]: Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 [2]: https://www.ag.gov.au/NationalSecurity/DataRetention/Documents/DataRetentionIndustryFAQS.pdf

SAFE BROWSING IN 2016

THE GOVERNMENTISPs must retain1:

• Assigned IP and Port

• Date and Duration

• Data Volume

• Subscriber Data[1]: https://www.ag.gov.au/NationalSecurity/DataRetention/Documents/DataRetentionIndustryFAQS.pdf

SAFE BROWSING IN 2016

THE GOVERNMENTISPs must retain1:

• Assigned IP and Port

• Date and Duration

• Data Volume

• Subscriber Data

Service Providers have:

• Connecting IP and Port

• Date and Duration

• Data Volume

• Content[1]: https://www.ag.gov.au/NationalSecurity/DataRetention/Documents/DataRetentionIndustryFAQS.pdf

On Request

SAFE BROWSING IN 2016

DATA CORRELATION• Hello Google, give us

all the IP addressessearching for “whistleblowing” in January 2016

SAFE BROWSING IN 2016

DATA CORRELATION• Hey Facebook, tell us

the URL of all websites that this IP address visitedwith your ‘Like button’ on the page1

[1]: http://arstechnica.com/tech-policy/2015/03/report-facebook-tracks-all-visitors-even-if-youre-not-a-user-and-opted-out/

SAFE BROWSING IN 2016

SAFE BROWSING IS• Protection from

ransomware and info stealing malware

• De-linking data between the ISP and Service Providers

OPERATING SYSTEM HYGIENE

SAFE BROWSING IN 2016

HOW MALWARE GETS IN?• File downloads • Browser and add-on exploits ‣ Adobe Flash ‣ Java ‣ PDF

SAFE BROWSING IN 2016

WHAT CAN PROTECT ME?

• Anti-virus software • Anti-exploit kit

SAFE BROWSING IN 2016

ANTI-VIRUS SOFTWAREModern AV protects from: • Known and unknown malware • Loading malicious URLs • Ransomware • Keystroke logging

SAFE BROWSING IN 2016

ANTI-EXPLOIT KIT

Protects from: • Browser exploits • Browser add-on exploits

SAFE BROWSING IN 2016

OPERATING SYSTEM HYGIENEAnti-malware1: ‣ Kaspersky Internet

Security ‣ Norton Security

Anti-exploit kit2: ‣ MalwareBytes

Anti-Exploit ‣ HitmanPro.Alert

[1]: https://www.mrg-effitas.com/wp-content/uploads/2016/05/MRG-Effitas-360-Assessment-Q1-2016.pdf [2]: https://www.mrg-effitas.com/wp-content/uploads/2015/04/MRG_Effitas_Real_world_exploit_prevention_test.pdf

SEARCH ENGINE

SAFE BROWSING IN 2016

DATA CORRELATION

• Hello Google, give us all the IP addressessearching for “whistleblowing” in January 2016

SAFE BROWSING IN 2016

SAFE BROWSING IS

• Protection from ransomware and malware

• De-linking data between theISP and Service Providers

SAFE BROWSING IN 2016

CHOOSING THE SEARCH ENGINE• Doesn't keep logs • Nothing to hand over

SAFE BROWSING IN 2016

CHOOSING THE SEARCH ENGINE• startpage.com • search.disconnect.me • duckduckgo.com

WEB BROWSER

SAFE BROWSING IN 2016

HOW MALWARE GETS IN?• File downloads • Browser and add-on exploits ‣ Adobe Flash ‣ Java ‣ PDF

SAFE BROWSING IN 2016

A MODERN WEB BROWSER• Warns if something

bad is going to happen

• Stops bad things from happening

SAFE BROWSING IN 2016

BROWSER SECURITY

File / URL Reputation

Yes Yes Yes Yes

Sandboxing Yes Yes Yes

Sandboxed Flash Yes Yes Yes

Sandboxed PDF Yes Yes Yes

Certificate Transparency

Yes

Token Binding Yes

SAFE BROWSING IN 2016

CHROME, BECAUSE …

• Implements state of the art security technologies

• Privacy and security extensions

SAFE BROWSING IN 2016

BEFORE YOU BEGIN…• Don’t log in with a Google account • Fine-tune its privacy settings1

• Read the Chrome Privacy Whitepaper2

[1]: http://www.dummies.com/how-to/content/how-to-use-google-chrome-privacy-settings.html [2]: https://www.google.com/chrome/browser/privacy/whitepaper.html

BROWSER EXTENSIONS

SAFE BROWSING IN 2016

DATA CORRELATION• Hey Facebook, tell us

the URL of all websites that this IP address visitedwith your ‘Like button’ on the page1

[1]: http://arstechnica.com/tech-policy/2015/03/report-facebook-tracks-all-visitors-even-if-youre-not-a-user-and-opted-out/

SAFE BROWSING IN 2016

SAFE BROWSING IS

• Protection from ransomware and malware

• De-linking data between theISP and Service Providers

SAFE BROWSING IN 2016

EXTENSIONS: PRIVACY• Disable tracking pixels

‣ Disconnect -or-

‣ Privacy Badger

• Enforce encryption

‣ HTTPS Everywhere

• Prevent leaks

‣ Referer Control

‣ WebRTC Leak Prevent

• Prevent fingerprinting

‣ CanvasFingerprintBlock

‣ User-Agent Switcher

SAFE BROWSING IN 2016

HOW MALWARE GETS IN?• File downloads • Browser and add-on exploits ‣ Adobe Flash ‣ Java ‣ PDF

SAFE BROWSING IN 2016

EXTENSIONS: SECURITY• Click to Flash ‣ Flashcontrol

• Control third-party code ‣ uBlock Origin ‣ ScriptSafe

• Browser and add-on health check ‣ Qualys BrowserCheck

• URL Reputation ‣ WOT: Web of Trust

SAFE BROWSING IN 2016

WHAT’S YOUR FAVOURITE EXTENSION?• https://chrome.google.com/webstore/detail/disconnect/jeoacafpbcihiomhlakheieifhpjdfeo

• https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp

• https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp

• https://chrome.google.com/webstore/detail/referer-control/hnkcfpcejkafcihlgbojoidoihckciin

• https://chrome.google.com/webstore/detail/canvasfingerprintblock/ipmjngkmngdcdpmgmiebdmfbkcecdndc

• https://chrome.google.com/webstore/detail/webrtc-leak-prevent/eiadekoaikejlgdbkbdfeijglgfdalml

• https://chrome.google.com/webstore/detail/user-agent-switcher-for-g/ffhkkpnppgnfaobgihpdblnhmmbodake

• https://chrome.google.com/webstore/detail/flashcontrol/mfidmkgnfgnkihnjeklbekckimkipmoe

• https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm

• https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf

• https://chrome.google.com/webstore/detail/qualys-browsercheck-for-w/ejhnkognlohdkpjkjongioociddgoibk

• https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp

SUMMARY

SAFE BROWSING IN 2016

SUMMARY• Cyber criminals, The Government • Anti-malware, anti-exploit • Search engine • Secure web browser • Browser extensions

SAFE BROWSING IN 2016

THANK YOU• @gszathmari

• PGP: keybase.io/gszathmari

• Threema: PRN7228A

SAFE BROWSING IN 2016

PHOTOS• https://americangallery.files.wordpress.com/2012/06/sheep-in-wolfs-clothing.jpg

• http://dropsafe.crypticide.com/wp-content/uploads/2013/08/Secure-Beneath-Watchful-Eyes.png

• https://uploads.skyhighnetworks.com/2014/12/blog-banner-dr-evil.png

• https://twitter.com/malware_traffic/status/738801324955832321