Presented at DEF CON 20 (2012)
July 27, 2012, 11 a.m.
I don't wear hats. But if I did, even though I'm in an underground bunker in the dark, it would be kind of "off-whitish-grey." Like many, many of us in this industry I don't do anything "bad" even though I can. That's because I choose not to. I think "Freedom" is doing what you want to do - as a corollary, I think "Liberty" is the degree of *choice* one has in exercising their Freedom. This is the basis of my "grey" affinity. Though my actions are "white" by choice, I get very, very concerned when I see governmental/legislative/enforcement effort encroach upon my liberties even though it doesn't affect me personally. For instance, I'm totally fine with DRM and copyright laws. If you don't like the way the vendor produces their product, don't buy it. However, when legislation like SOPA comes along, it provides a mechanism for the government to dictate what private, non-affiliated companies must do in order to protect property belonging to another private company on their behalf. Thought I buy my music and software (really) I'm vehemently opposed to such legislation, particularly when all we have to do is edit a hosts file to bypass it. As such, I assert than any legislator who supported/supports SOPA or similar laws is an ignorant fucking slag.
I feel the same way about communications as it relates to monitoring, intercepting, collection and storage outside of my control. That's why I wrote TGP - so people could use cloud-based resources to encrypt their communications in a way that no-one can decrypt (presumably). But I always look for ways around encryption, and more importantly around *detection* of any method by which I choose to communicate in a manner to ensure it isn't intercepted, detected, or otherwise divulged to anyone.
And this finally leads us to what this talk is about. When thinking like a "bad guy" with the goal of distributing any number of covert communications to any number of recipients, there are a number of critical attributes which should be present. The message should:
- Be portable and "self-sustaining.
- Be able to be propagated without the originator actually having to *own* the message or carry it on him.
- Have the ability to control which recipients receive/can read the message.
- Have the messages backed up and managed by a 3rd party in perpetuity.
- Be free
- Be able to be received without any privileged access to equipment or require specialized equipment to receive.
- Be detection resistant, or even detection PROOF.
This session will be about how to go about just that. ALL of these attributes will be satisfied, and I will illustrate how you can literally have a "detection-proof" covert communication. I don't think I've ever said that before, and just writing the words "detection-proof" makes me cringe just a bit. But I've racked my brain on a way to detect what I'll show you and I can't find a way to do it.
That will be the other cool part of this talk - we'll all brainstorm at the end on a way to detect this. I bet you can't. :) To me, this is the epitome of what DEF CON is about, and I hope you'll join me at this talk. Besides, my super-hot wife will be there. Get hammered at Hammer of God!!!
Thor (Hammer of God)
- Chief Deity, Hammer of God
Timothy Mullen is a Principal Security Architect for a worldwide, multibillion-dollar commerce platform, and is rumored to operate somewhere in the vicinity of Seattle, Washington.
Also known as "Thor," he is the founder of the "Hammer of God" security co-op group. He is a member of American Mensa, a Microsoft Certified Trainer, has Microsoft Engineer certifications in all remotely recent operating systems, and has been awarded Microsoft's "Most Valuable Professional" (MVP) award in Windows Enterprise Security four years running.
Mullen has spoken at security conferences world-wide, and has recently published Thor's Microsoft Security Bible, his latest of many books. He has delivered by-invitation presentations to organizations such as Microsoft, the US Federal Court system, the Hong Kong Police and the Geneva School of Engineering. Mullen has also been named a Distinguished Speaker by the NSA and The United States Cyber Command.