You and Your Phone are Huge Threats to the Net

you and your phone are
a huge threat to the net
@alecmuffett
www.alecmuffett.com

green lane security
www.greenlanesecurity.com

@alecmuffett www.greenlanesecurity.com

...but not in the way you may think


1: You


knowledge & memory


example: you & phone numbers


nowadays your phone helps you
remember phone numbers
so you can ignore the phonebook


example: you & IP addresses


your computer is not yet
bypassing DNS for you


2: Your Phone


(my phone)


samsung galaxy S2


(I used to sysadmin for universities
which had less CPU power)


networking


GPRS, 3G, HSDPA/+, Wifi


Mon Jan 9 21:40:05 82.xx.xx.xx Vigor
[4294967295] <Info>: DoS smurf Block
31.106.0.240 -> 82.xx.xx.xx PR icmp len 20
84 icmp 0/8

Mon Jan 9 21:40:11 82.xx.xx.xx Vigor
[4294967295] <Info>: DoS smurf Block
31.106.0.240 -> 82.xx.xx.xx PR icmp len 20
84 icmp 0/8


Your phone is...


powerful enough to be a server


thoroughly connected


but underutilised.


So what?


threat 1: censorship


domain filtering


UAE, Saudi, Ireland...


DNS domain seizure


newzbin2, dajaz1, ...


threat 2: network isolation


“divided we stand”


restricted ingress & egress
= easier control
= simpler censorship


direct communication
= disintermediation
= harder to block


so why is your phone NAT’ed?


not security,
else you need to avoid wifi


your phone is NAT’ed and firewalled
instead for another reason:


“because it’s what people
currently expect”


summary


in three sentences:


“why can’t I ping your phone?”


“you’d do more with full connectivity...”


network access is not the same as
network connectivity


until this changes,
you and your phone are promoting
inferior methods of network connectivity


ie: you are part of the problem


solutions?


technologies
• IPv6
• no more scarcity of addresses
• no more argument for NAT
• NAT is not a security mechanism
• NAT is not a firewall


“a /48 is big enough for anyone?”
*281,474,976,710,656 devices in your home?


technologies
• Alternatives to DNS
• several out there
• “.p2p” domain project
• also better DNS (i.e. DNSSEC)
• Unloved by censors
• SOPA would forbid


technologies
• Tor
• ignores DNS internally
• “.onion” domain


but the real solution


demand change.


(fin)


You and Your Phone are Huge Threats to the Net

Recommended

Recommended

More Related Content

Similar to You and Your Phone are Huge Threats to the Net

Similar to You and Your Phone are Huge Threats to the Net (20)

Recently uploaded

Recently uploaded (20)

You and Your Phone are Huge Threats to the Net