[liberationtech] Defending Dissidents from Targeted Digital Surveillance

[Andrés Pacheco]

How about "The Land of the Free?" Why go to the Middle East?

Regards | Saludos,

Andrés Leopoldo Pacheco Sanfuentes
<alps at acm.org>

> On Dec 1, 2016, at 2:23 PM, Yosem Companys <companys at stanford.edu> wrote:
> 
> From: Bill Marczak <wrm at cs.berkeley.edu>
> 
> Title: Defending Dissidents from Targeted Digital Surveillance
> Speaker: William R. Marczak
> Advisor: Prof. Vern Paxson
> 
> Date: Friday, Dec 09, 2016
> Time: 12PM - 1PM
> Location: 205 South Hall, UC Berkeley
> Food: Light lunch
> RSVP requested: https://docs.google.com/forms/d/e/1FAIpQLSfSeROEo6bOTvNzZw6KTf--Lgr5-yP5TFcpT0qY66x9foyHtg/viewform
> 
> Abstract:
> Computer security research devotes extensive efforts to protecting individuals against indiscriminate, large-scale attacks such as those used by cybercriminals, and protecting institutions against targeted cyber attacks conducted by nation-states (so-called “Advanced Persistent Threats'').  Where these two problem domains intersect, however---targeted cyber attacks by nation-states against individuals---has received considerably less study.
> 
> In this talk, I will first detail my efforts to characterize this space, based on analysis of an extensive collection of suspicious files and links targeting activists, opposition members, and nongovernmental organizations in the Middle East over a period of several years.  I will present attack campaigns involving a variety of commercial “lawful intercept” and off-the-shelf tools, and explain Internet scanning techniques I used to map out the potential broader scope of such activity.  Based on these first efforts, I will present the results of my IRB-approved research study involving in-depth interviews with 30 potential targets of abusive surveillance in four countries.  The results give insight into potential targets’ perceptions of the risks associated with their online activity, and their security posture.  Based on my study results, I will propose Himaya, a defensive approach I developed that readily integrates with targets’ workflow to provide near real-time scanning of a subject’s email messages to check for threats.  I will explain Himaya’s architecture and provide preliminary data from its beta deployment.
> 
> -- 
> Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20161201/507ef545/attachment.html>