Termin:Chaotic-Congress-Cinema Nr. 17

Needs to be there, but does not need to be seen by a visitor Yes Wir schauen uns die Aufzeichnung von Congress Vorträgen an. Du bist herzlich eingeladen, in den Clubräumen im Mexikoring 21 aufzutauchen und mit uns die Talks anzuschauen und zu diskutieren. Es wird Getränke und Knabberkram zu moderaten Preisen geben. Falls Du kein CCC-, CCCHH- oder Attraktor e.V.-Mitglied bist, macht das überhaupt nichts: Alle Gäste sind gern gesehen. :-)

Weitere Informationen unter Chaotic Congress Cinema.

Secure communications below the hearing threshold

Improved approaches for auditive steganography

Auditive steganography allows for various usage scenarios. In our project we focused on hidden communications in VoIP and GSM in which voice data is typically compressed and transmitted in realtime. A framework has been developed to meet these requirements, providing interfaces for robust steganographic algorithms.

The need for steganography has arisen from scenarios that forbid the application of cryptographic algorithms for secure communications. Countries that made secret message exchange a delict are an example for such scenarios. The LSB algorithm used by many open- and closed- source projects is insecure, as its application can be statistically detected. Therefore, we focused on alternate approaches which are more robust against operations on the bit-level, such as compression, D/A-, A/D-conversion and channel idiosyncrasies, such as spread spectrum steganography in time and frequency domain.

Secure and hidden communications demand more than an embedding algorithm. Involved elements include:

+ protocols for data flow handling, + various embedding algorithms and + support for different I/O-interfaces.

For correct interaction of these elements, arranging them in a layered model is a reasonable approach for the distribution of the required tasks such as frame and packet building, checksumming, transmission, etc. From this model we derived our software architecture which is portable to common platforms (Linux/Unix, Windows, ...) and various architectures (x86 *32, x86*64, mips).

This talk gives an introduction to the topic and describes the development and implementation of our framework based on a novel layered model for auditive steganography including a live demonstration.

http://events.ccc.de/congress/2010/Fahrplan/events/4138.en.html

http://ftp.ccc.de/congress/27C3/mp4-h264-HQ/27c3-4138-en-secure_communications_below_the_hearing_threshold.mp4

Contemporary Profiling of Web Users

On Using Anonymizers and Still Get Fucked

This talk will provide a summary of recently discovered methods which allow to break the Internet's privacy and anonymity.

We will show, amongst others:

+ ways of distinguishing bots from humans. We use this technique to

 provide crawlers with false data or lure them into tar pits.

Other than CAPTCHAs we introduce methods that profile the holistic behaviour within a single web session to distinguish users or bots within a longer timeframe based on subtle charactistics in most bots' implementations.

+ breaking filtering of JavaScript in web-based proxies.

While next to all web proxies advertise the capability of filtering JavaScript, the ubiqity of XSS and CSRF attacks have proven that correct filtering of arbitrary HTML is extremly difficult.

+ track and re-identifying users based upon their web-profile.

We show how a third-party observer (e. g. proxy server or DNS server) can create a long-term profile of roaming web users using only statistical patterns mined from their web traffic. These patterns are used to track users by linking multiple surfing sessions. Our attack does not rely on cookies or other unique identifiers, but exploits chatacteristic patterns of frequently accessed hosts. We demonstrate that such statistical attacks are practicable and we will also look into basic defense strategies.

+ traffic analysis and fingerprinting attacks on users of anonymizing

 networks.

Even if anonymizeres like Tor are used, a local adversary can measure the volume of transfered data and timing characteristics to e. g. determine the retrieved websites. We will shortly sketch the current state of the art in traffic analysis, which has been improved significantly within the last year.

http://events.ccc.de/congress/2010/Fahrplan/events/4140.en.html

http://ftp.ccc.de/congress/27C3/mp4-h264-HQ/27c3-4140-en-contemporary_profiling_of_web_users.mp4