Principal Consultant at SecureWorks
Discovering and Triangulating Rogue Cell Towers
The number of IMSI-catchers (rogue cell towers) has been steadily increasing in use by hackers and governments around the world. Rogue cell towers, which can be as small as your home router, pose a large security risk to anyone with a phone. If in range, your phone will automatically connect to the rogue tower with no indication to you that anything has happened. At that point, your information passes through the rogue tower and can leak sensitive information about you and your device. Currently, there are no easy ways to protect your phone from connecting to a rogue tower (aside from some Android apps which are phone specific and require root access). In this talk I'll demonstrate how you can create a rogue cell tower detector using generic hardware available from Amazon. The detector can identify rogue towers and triangulate their location. This device is able to fingerprint each cell tower and determine the signal strength of each tower relative to the detector. With a handful of these detectors working together, you can identify when a rogue cell tower enters your airspace, as well as identify the signal strength relative to each detector. This makes it possible to triangulate the source of the new rogue cell tower.
Bio: Eric Escobar is a Principal Consultant at SecureWorks. His projects generally include a mixture of Raspberry Pis, 3D printing, wireless tech and maybe even a rocket or two. Before he started chasing shells, Eric procured a Bachelor’s and Master’s degree in Civil Engineering. He now enjoys all things wireless, from WiFi, to SDR and Ham Radio. His team consecutively won first place at DEF CON 23, 24 and 25’s Wireless CTF, snagging a black badge along the way.
Heinz Werner Distinguished University Professor of Psychology at the University of Michigan
Developing Digital Privacy: Children's Moral Judgments Concerning Mobile GPS Devices
Digital privacy is of growing concern, given the increasing use of technological devices that track object locations, revealing personal information regarding an individual's movements and activities. Although many children make use of this technology, for example with cell phones that track their location throughout the day, and sharing photos that are tagged with time and location stamps, little is known regarding how children of different ages evaluate digital tracking, and whether they are sensitive to violations of privacy. I report a set of experiments examining how children (4-10 years of age) and adults evaluate the hypothetical situation of someone using a mobile GPS device to track items such as a backpack or a pet that they either do or do not own. Results indicated striking age differences. Adults were consistently negative about someone tracking items that the tracker did not own. They identified possible negative consequences (such as stealing or stalking), moral principles ("It's an invasion of privacy"; "Without permission it's wrong"), and a vague sense of unease (e.g., "It's weird"; "He has no business to know where [my] dog is"). In contrast, children 4-10 years of age overall did not express such negativity. The youngest children (4-7 years) were actually quite positive about someone tracking others' possessions. These findings raise questions regarding children's digital safety and security. Without the skepticism displayed by adults, children may be vulnerable to those who might exploit their digital footprint to track their location or obtain private information. An urgent question for the future is thus how best to protect children, perhaps by educating children about potential dangers and providing clear guidelines and limits for how and when their phones and accounts should be shared.
Bio: Susan A. Gelman is the Heinz Werner Distinguished University Professor of Psychology at the University of Michigan. She received her B.A. in Psychology and Classical Greek from Oberlin College, and her Ph.D. in Psychology from Stanford University. Susan studies concepts and language in young children. She is the author of over 200 scholarly publications, including a prize-winning monograph, The Essential Child (Oxford University Press, 2003). She is a member of the National Academy of Sciences and the American Academy of Arts and Sciences, and a fellow of the Association for Psychological Science, the American Psychological Association (Division 7), and the Cognitive Science Society. She has served as President of the Cognitive Development Society, review panelist for NIH, NSF, and the Ford Foundation, and board member of several scientific societies. Her honors include a J. S. Guggenheim Fellowship, the American Psychological Association Distinguished Scientific Award for Early Career Contribution to Psychology, the Developmental Psychology Mentor Award of the American Psychological Association, and the American Psychological Association 2016 G. Stanley Hall Award for Distinguished Contribution to Developmental Psychology (Division 7).
Associate Professor in Computer Science, Boston University
Surveillance without Borders: The “Traffic Shaping” Loophole and Why It Matters
Surveillance law was designed to place a short leash on Internet data collection inside the United States, and a long one on Internet data collection abroad. That is, surveillance on U.S. soil is subject to statutory and judicial restrictions that do not apply abroad. Because the modern Internet is agnostic to national borders, purely domestic communications can pass through foreign countries—where they are sometimes “incidentally” collected by the NSA. Furthermore, the NSA has the technical capacity to deliberately reroute Internet traffic to a location that is better suited, operationally, to surveillance. This method, known as “traffic shaping,” could also be used to divert U.S. traffic abroad, in order to evade the stricter legal restrictions that apply on U.S. soil. In this talk, I discuss how this leads to a loophole that could be exploited to evade legal restrictions on domestic surveillance, and how Congress has an upcoming opportunity to eliminate this loophole by eliminating the statutory distinctions between collection abroad and collection on U.S. soil.
Bio: Sharon Goldberg is an associate professor in the Computer Science Department at Boston University. Her research uses tools from theory (cryptography, game-theory, algorithms), and networking (measurement, modeling, and simulation) to solve practical problems in network security. She received her Ph.D. from Princeton University in 2009, her B.A.Sc. from the University of Toronto in 2003, has worked as a researcher at IBM, Cisco, and Microsoft, as an engineer at Bell Canada and Hydro One Networks, and has served on working groups of the Federal Communications Commission (FCC) and the Internet Engineering Task Force (IETF). She was named an 2017 N2 Women Rising Star in Networking and Communications and has been awarded two IETF/IRTF Applied Networking Research Prizes, an NSF CAREER Award, award and a Sloan Research Fellowship.
Research Assistant Professor, Electrical Engineering and Computer Science, College of Engineering, University of Michigan
Censored Planet: Measuring Internet Censorship Globally and Continuously
Internet stakeholders such as ISPs and governments are increasingly interfering with users’ online activities, through behaviors that range from censorship and surveillance to content injection, traffic throttling, and violations of net neutrality. My research aims to safeguard users from adversarial network interference by building tools to measure, understand, and defend against it. In this talk, I will present Censored Planet, a system for continuously monitoring global Internet censorship. Censored Planet uses novel measurement techniques that remotely detect instances of interference almost anywhere on the Internet. Compared to previous approaches—which relied on having volunteers in censored regions deploy special hardware or software—this results in significantly better coverage, lower costs, and reduced ethical risk. This system allows us to continuously monitor the deployment of network interference technologies, track policy changes in censoring nations, and better understand the targets of interference. Making opaque censorship practices more transparent at a global scale could help counter the proliferation of these growing restrictions to online freedom.
Bio: Professor Roya Ensafi is a faculty member in computer science and engineering at the University of Michigan, where her research focuses on computer networking and security. She designs techniques and systems to safeguard users in the face of increasingly hostile networks. She pioneered the use of side-channels to remotely measure adversarial manipulation of Internet traffic, such as attempts to censor, tamper with, and monitor users’ online activities. Her work on studying how the Great Firewall of China discovers hidden circumvention servers received an IRTF Applied Networking Research Prize (ANRP) in 2016. Prior to joining Michigan, she was a postdoc and fellow at Princeton University’s Center for Information Technology Policy (CITP).
Assistant Professor, Electrical, Computer and Energy Engineering (ECEE) and Computer Science, University of Colorado, Boulder
Deploying Anticensorship in the Network
Many governments censor their Internet using sophisticated network firewalls. While some tools attempt to circumvent these firewalls using point-to-point proxies, censors can easily block access. Previously, researchers developed a new kind of proxy technique---called refraction networking—that is significantly more difficult to block. By placing proxies in friendly Internet Service Providers (ISPs) located outside the censoring country, users in censored regions can communicate with these proxies using connections that pass through the friendly ISP on their way to unblocked reachable websites. To the censor, it looks like users are simply talking directly to these reachable websites. However, while blocking this style of proxy is more expensive for censors (compared with traditional techniques), it is also significantly more difficult to deploy.
Over the past several years, we have worked to make refraction networking proxies more deployable and have made significant strides toward that goal. Earlier this year, we completed the first trial deployment in two at-scale ISPs. During our trial, we provided uncensored Internet access to over 50,000 users in censored countries, while processing up to 100 Gbps of network traffic across our deployment. In this talk, we'll describe the engineering behind these and other recent advances in this space, and discuss future directions for censorship and circumvention technology.
Bio: Eric’s work focuses on building (and attacking!) secure systems that users rely on for privacy and autonomy. Users face many threats online today, from 'Big Data'-mining companies that wish to collect and model our online behaviors, to organized criminals that seek financial gain, to even state-level actors and governments that want to control or surveil the communication of their citizens. While there are many tools built to address parts of these and other threats, the game is not over: evolving technologies and increasingly connected devices present new opportunities for attackers to exploit. By studying existing tools and new systems as they emerge, we can help protect users from these threats.