Tor & Configuration Management

Presented at Still Hacking Anyway (SHA2017), Aug. 6, 2017, 6 p.m. (45 minutes).

This presentation will explain in detail how the tor network can grow with a minimum of effort. It will also zoom in on the problem of centralisation and how we can evade it and still make the network grow even larger. I'll try to explain to you how you can do this with configuration management. Even the smallest of organisations can use this way to expand the network and to allow us to browse the internet more securely. #NetworkSecurity <p>The world today shows us that there is an increased need for more secure networks than the internet. Many adversaries are trying to tie into your communications on the internet and try to intercept every bit of data you are sending over the undersea's cables and around the world. The tor network is strong but it's not as strong as it can be. This presentation will explain in detail how the tor network can grow with a minimum of effort. It will also zoom in on the problem of centralisation and how we can evade it and still make the network grow even larger. I'll try to explain to you how you can do this with configuration management. Even the smallest of organisations can use this way to expand the network and to allow us to browse the internet more securely. </p> <p>Some of the advantages:</p> <ul> <li>Diversity</li> <li>Wider audience of system administrators</li> <li>Easier management of your tor relays/bridges/hidden services</li> <li>Smaller step to your first tor relay</li> <li>Less overhead during installation</li> </ul> <p>Some of the concerns:</p> <ul> <li>Too easy to get in control of a hive of relays</li> <li>Three letter agencies can deploy an entire cluster in an instant</li> <li>Centralisation (Too much centralisation can be an indication for a SPOF)</li> <li>...</li> </ul>

Presenters:

  • Sebastiaan Provost
    I am a Linux system engineer with a keen interest in development and (cyber)security. I enjoy traveling, photography, soccer, reading and gaming. I'd love to have a hand in the preservation of our historical heritage so that the next generation can enjoy the beautiful works of our ancestors. I've been working as a linux system engineer for the last 3 years. I used to manage a larger IRC network where people could communicate without being censored. I have been interested in security and the welfare of people from since I was able to touch a computer and I would like to give something back to the community with this talk since they have been quite good to me. This community feels like my second home and I hope I can call it that for a long time. I'm currently working on another, security-minded, project as well. More specifically a tool that will allow you to verify and sign PDF files without too much hassle.

Links:

Similar Presentations: