[aklug] Re: ACS Google Gateway

On 10/17/13 5:27 AM, Royce Williams wrote:
> On Wed, Oct 16, 2013 at 11:01 PM, Christopher Brown <cbrown@woods.net> wrote:
>>
>> Wow, out of touch for a few days any everyone has started buying their
>> tin foil in bulk.
>
> This may be partially due to the fact that the collection and
> correlation is happening in bulk.
>
> Chris, if you're not wearing your tin-foil hat, you're not paying attention.

I don't need a tin-foil hat to see and acknowledge the threats, I do
think that the focus should be on the actual threat, not aquatic fauna
that happen to be reflecting the longer visible wavelengths.

Yes, bulk data collection and correlation is a serious issue.

Yes, an intercept system, be it for collection or in the form of a
forced proxy is a serious issue.

However, these CDN content engines are not intercept based and do not
collect any more or less information based on where they are located.

If a CDN engine wanted us to shunt traffic _through it_ in order to work
you know I would be at the front of the "HELL NO!" queue. There is no
sane justification for that, but that is a fundamentally different thing
than what is actually going on here, any these things cannot magically
suck in 3rd party traffic based on proximity.

If you want to worry about data collection systems and minimize your
footprint, than do so. (A good idea IMHO)

If you want to be concerned about intercept systems, good...you should be.

As it happens, the content engines being discussed _are not_ intercept
type systems and do not have any more/less access to your info or
traffic being located locally.

The issue of how much info google/netflix/etc can collect on you when
you use their systems is a _separate_ and much more valid issue.

> You know how you read about a clever digital break-in technique, and
> think "Wow, I never thought of that, but from now on, we'd better do X
> to protect this kind of system"? The "tin-foil hat" reaction is being
> triggered because we don't know where the data-correlation
> vulnerabilities lie, so we're scrambling to minimize all exposure.
>
> This is actually a valid technique in the hardening world. Known
> vulnerabilities in the past with SUID binaries? Strip the setuid bit
> from *all* binaries that don't absolutely require it.
>
> Some folks are trying to do the data-leakage version of that. And for
> good reason.
>
> And unlike Google and the digital experts, we don't have time to
> deeply grok each system that we connect to. So we ask questions --
> just like Greg did. I totally support his approach. Just because we
> can't think of a reason that it could be exploited doesn't mean that
> there isn't one -- one that an army of PhDs outfitted with football
> fields full of computers could figure out.
>
>> When you talk to anything in the Internet, they can collect a truly
>> ridiculous amount of information.
>
> And if by "they", you mean that single powerful entities or single
> attackers can collect information about all of your online (and
> indirectly, offline) activity across all Internet services, then yes.
>
>> If you "use their services" (as in have an account with them) they can
>> collect even more.
>
> Greg's concern is about reducing the attack surface by minimizing what
> is exposed, which I think is very, very reasonable given the
> circumstances.
>
>> All in all, it is far more than any reasonable person should be
>> comfortable with.
>>
>> But, it is no different than shopping at the local grocery or bulk store
>> with a CC, or with a CC and membership card.
>
> This is incorrect, because search engines (especially Google, due to
> its market share) are de-facto single-source providers of information
> to users, and acquirers of information about users.
>
> Even just Google knows more about us than has been possible in human
> history without hiring a PI to tail you 24/7, and having someone break
> into your house.
>
> Location services know where you are, down to a [value less than
> 100-foot] radius, 24/7.
>
> Google knows that you have the flu before you do:
>
> http://www.google.org/flutrends/us/
>
> Target knows you're pregnant before you do:
>
> http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/
>
> If you put your friend's unlisted phone number in your phone, anyone
> who can access your address book knows their number:
>
> https://www.schneier.com/blog/archives/2013/10/nsa_harvesting.html
>
> This is a ridiculously truncated list of what's actually happening
> that is public knowledge. And that list is very likely a ridiculously
> small subset of what's happening that we don't know about.
>
> All of this information is available to your government (regardless of
> regime), or to any attacker who can breach the companies (or the
> devices).
>
> If big companies or big governments have millions of cores to throw at
> neural networks to brute-force scour through their Big Data caches,
> looking for new ways to correlate data ... well, individual users are
> completely outclassed. By orders of magnitude.
>
> And the data aggregators then become juicy targets:
>
> http://krebsonsecurity.com/2013/09/data-broker-giants-hacked-by-id-theft-service/
>
> I know that NSA has a legitimate mission. We geeks need to figure out
> how to create technology that will support good political decisions
> and lawmaking, and allow for lawful intercept while at the same time
> protecting privacy and minimizing the chances of abuse.
>
> But I assert that minimizing your data-leakage surface is not
> tin-foil-hat. Rather, failing to recognize the validity of that
> approach is sticking your head in the sand.
>
> Royce
> ---------

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Thu Oct 17 23:01:10 2013