DeepSec 2010: Mobile privacy: Tor on the iPhone and other unusual devices

ok welcome everybody my privacy torrent I comment on our usual devices first thing first Who am I my name is Marvin ft I’m working as a security consultant got away and i’m also a tour user researcher at this networking of project development here miami my website my teacher account my soup account which is very prepared and so which is the outline on this choke wiki I’ll give a brief overview of mobile phone in security security order and we start then without talking how tour runs and now you can insulate on mobile phones and other devices ok so this is this is just state of the art is not indent cause you know this conference there are many many good talks about in that security for several for networks and stuff like that what we had seen in the past years that that there had been a grow a continuous growth of mobile phone but in computational power we had access to high-speed data network and mobile phones now are sporting a real operating system I mean something which which is similar to turn operating system which is a running on on your computer another thing that forms our personal I always write this time zone resent if in this room does someone which is not only a mobile phone support I just found one person who was saying that he didn’t know when my phone good you know mobile phones are our everyday are with us we take time I where we go and when you’re relieved and without that as you know phones our critical piece earlier because they contain lots of useful information unfortunately there’s even too much trust involved in the usage of mobile phones but you know we have a lot of sensitive information on there and we as a user we we trust our phone and our phone trust the operator they are currently attached to the operator which makes possible to to start a porous even any phone call and operator I’ve to trust men Selby’s to root cause around the globe and well you follow this chain it means that user had to draw a separator as well and why there’s so much trust because this is the typical user when something is going wrong with with a phone so another other problems which have addressed when talking about phone security or by phone security is that there’s too much it everything I like irritated because different things will we sprint the growth of Technology and and not focusing on a single vendor or something like that we would already rise the competition but you know we have close communication protocol we have different type of networks tones of different harder models and many more different operating system so things are really getting out of hand I’ll another issue you can encounter when thinking about security and mobile phone our architectural issues you know this is a screenshot of me trying to Regina in gmail and as you can see here the the scripture that have been taken while the password field at the focus and the keyboard for input the password is only presenting me alphabetical characters no numbers no symbol nothing just charters if I have to write a complex password I have to keep pressing different keys in order to show up different key person

and so on another example web app to say that in this case things are getting better this one was a known software version of my phone and you know I was visiting a website with the south side insert and I had no way to distinguish the certificate which was presented to me i have only choice to accept the certificate without knowing which certificate there was a setting or just cancel the denomination another problem which we have to keep in mind we have to address is who really on the device you know you think you’re the end user so you say okay i bought the device I’m owning it well it’s not the true because it’s it’s like a food chain on the top of it are the manufacturer or the vendor and i’m reporting years and title from articles which shows up in the past you know there was some time ago I think it was French government I can recall really would say a poly foam environment for instance then does the carrier operator you know in 2009 and the Middle East the world danger is the software update delivered to blackberry user I thought for black NBC doesn’t end which was called on privacy the guy over there presented a really cool application which was able to dig through your phone and harvest many main mini data and in the end area if we take a look instead at at the data how is it ended what the dictionary is it is not already a bit set because most of the time that on your phone or on your device is storing clear text look very nokia lo some sort of encryption but the problem is that most of the time you as the user have the power to give all or nothing that access to an application or to a service sometimes you really want to do what you want to do is have some fine-tuning communication security this is the author field right now gsm has been broken there was a total couple years ago about messing with gsm tomorrow is plenty of torque on this topic which are really cool you know young intense is mostly really well SMS last year was a couple of wonderful talk erm sec talking about how you can mess up with SMS another degree of research in down for nms you know this column mulliner which is doing your reading great stuff industry and well this is this is just you know when non-stop you know Blizzard’s is dangerous you know there was that affair with Tara season and these forms new creature with bluetooth with everybody knows that Wi-Fi could land a really nice attack near field communication I think that it’s it was or it’s going to be researched year Jenna not wrong and again you know operatory injection of HTTP headers to disguise your a day they were really good so this is just to recap what I was blubbering right now mobile phones are everywhere mobile phones were designed to do cause phone calls and sending text messages they were not designed to to be used to access all modern networks and data stored on these devices cannot be protected and communication it to be secure I’m not going to address all of these issues I’m just going to others a little bit part of the last issues and what is that we will talk about tora tora mobile phones and other strange and Men user devices so I’m assuming that everybody here know what Tories and how it worked if anyone here have any doubts it doesn’t know what this picture is ok

I CNN anybody look just for the guy over there and this is a crash course on tour you know there’s addiction olay allies which is going to contact bob and you know in a usual communication you will see a red bottom line between allies and Bob but Alice is using so allies ask day the IP address of the computer is he here with green crosses these are two routers nodes of the Tor network and then add ice builds a free out chain from herself to Bob and then it can easily contact Bob without disclosing her own origin it exit the node on the on the right which is contacting both okay it was really quick and not enough really specific just planning okay this is the story of Torah strange and unusual devices the first strange port of Tours has been built in December 2007 and it was my phone two years later on the champion this year we got an explosion of tour during the devices iphone again no can’t android more on leaf double port later so when you are going to put not touring in the specific case but a program to another platform well here’s some problem to address the the first problem is available out there I mean in the past there were people which were trying to instil tour on you know converter and stuff like that feeling because tori is a bit memory hungry and you know sometimes reuters have only four megabytes of RAM or something like that just for the fun of it i tried to load for such brutal and whether it kept rebooting because it was a the program was eating all the right then you have to take a look at the hosting operating system and maybe you have to rewrite both of the program to to blend the project to add the program run into the variant system then there are you know user issues but dress like how you can insert a program such devices and if you are going to provide a user interface to control that the problem that device the first strange boat i’m going to talk about it turn on the charm p 1 n e1e and one year does not know what a chunky ones okay someone over there it’s an alarm clock and not jerking okay here it is it’s a great alarm clock its sporting a linux new operating system inside that alarm clock running on higher ram cpu and 64 megabytes of ram this port was was built by Bonnie of Bonnie Studios Bannister’s calm and Jacob Appelbaum and you know this this is this is really interesting as poor because they had to address that the problem was certain that the main problem was talking before which is they they really have a small amount of RAM to work with 64 mega more little more than four megabyte not they are just the bare minimum requirement for top so this is the hard way to install Torrance’s device you have to combine the rest of the Cross toolchain to be a program for your alarm clock you have to check out the sources of the port yet won’t make in that source string then you have a zip with your beard you just unzip that build online USB key you reboot the alarm clock with us speaking searcher than you are running at all obviously those are the easy way which is just you just but being provided by that side of a Franklin you have done what this port was interesting well because it wasn’t her own plot obviously but those because they addressed some architectural problems first thing they the installer

is creating a swap file for for your operating system which is running on the device then they choose to configure that the random tour not as a great listening on the HTTPS port doing this day they saw the two issues the first one is that this way the the node the program running on on the clock is is consuming less resources than running a full tour in order and well the use for HTTPS portal hello an easier usage or four for cleansing in difficult country where traffic is strictly filtered unfortunately there’s no online upgrade mechanism or easier to be a magnum I mean sometimes happens that you have to upgrade your version of tour because it can sub salute or dangerous or whatever and the director authorities we are be known if you are not familiar with or are the known which regulates the network and they describe which version are allowed to run which we are not not allowed to run maybe they are going to catch you up so you have to upgrade your your program and right now there’s no easy solution unless you have a freshly peeled and you plug the USB and reroute your top oh and the interesting point is that some month later when they present this sport bunny all bunny studios brought another course which which see that inside the departing system of the alarm clock there’s an official support for 3g dongles which are in school it’s good so to recap we are the human for this portal they achieved to rent our limited resources and they provided an easy instumental the second port storm Nemo in the nokia n900 this was easy I mean the Nokia as a powerful arms if you lots around and what it was is because tour was already in the minimum community so the program itself was not hard to distribute what they did is right this simple graphical user interface and well install this this program is even easier because you just open up your phone you enable that cell level repository okay there will be a pop-up saying okay it’s dangerous be aware okay you just look for tour inside your package manager and and you’re done this is how you rant or on your Nokia phone you just pull up the pull out the menu and push the onion router logo and you can enable and disable in on the screen you can enable and disable it this part is not interesting in itself because as I said before Thor was already available but they did some improvement I mean it’s the first mechanism I am aware of of an easy really easy install method of tour on these devices and it’s easily upgradeable to because if it’s for the note is running a package management system like you know um p.m. and so on and what this is also the first graphical controller application for handle devices i’m aware next port its orbit tour on android so far this is the best part you can ever have altura mobile devices okay everybody knows what android is i think just to recap linux-based operating system many many different other models and support and orbit has been built by the Guardian project guys were they are providing loss of interesting stuff not only tour but also secure browser brothers and messaging systems and lots of good stuff how you can insult or Android well if just to scan that QR code I didn’t check it out but I think that if you try it

right now you can it will point you to the latest to the latest version or go robot for for android they are not yet in the droid market the know I’d also not yet they’re working on it okay so Mike what wonderful I have to operate my slides thanks how could you rent or well this is a natural of the controlling application just totally like under ankhiya as you can see this application or both let you do more more interesting stuff you can you can configure the the behavior of your or your application with the naughty you can it was just a none of the region and as a sign note note yeah if you root your android device you can run tourist transcribe processing so you don’t have to bother with the applying proxy setting to all of your application which is really cool so yeah the human his application huggle configurable and transparent proxy on four devices at the end we are here on mobile store which is tour for idevices so what our devices you’re pretty confident with Tammy I hope there are devices which are running on Darwin or when that version of Darwin called iOS they are running on powerful irn severe and they got lot of run to use from 128 megabytes la soggy ok you can record maybe this this slide there was a port for tour on iphone 2007 and does my port in 2010 why well because the original or most bit was made by this hand of the side Jacobite white it was built for iOS one that one that one and it was really difficult to every try me there were a lot of patches to be applied to overcome fear and limitation like you know the veeram wasn’t allowing more than fixed number of connection otherwise the phone with will crash and he or she shipped with the tour court with a copy of privacy and also ship the program’s with a copy of I tore the tab which was a graphical controller application unfortunately see Jack Irwin literally disappeared from the minion list and from the way I thought that have disappeared with it soto and the only thing that remained where the third the patches he applied to the to the tour sorcery because they were they were mounted into the official tree so when I i bought my first iphone i decided to bring back this project i started the open source open source tool chain at the time at the beginning of this year was targeting iOS 8 of 10 jun and it was cross compiling from slacker my port is built following jay freeman convention if you don’t know what who Jay Freeman is is soured the guy behind in the city on the app store for jailbroken phone I’m volume is conventions my sources for this sport are another way for tennis court engine that is for your injuries it just the name of the salty unique software distribution which is the core of obsidia and you can find more information on the tactics it’s really easy if you want to visit or yourself you just have to instantly the tool change open source to chain you just check out some resources and you just come back my sources on top of it so it’s completely method together if so the Newport what way okay what mean by me as I said before it was before I was three two one of two latest version where we’re targeting freedom to the true because I was targeting goes to the ipad you really I’m not using any graphical user interface company so that doesn’t really matter what if it was getting rid of the old patches because they were no longer needed I’m shipping with a copy of Pollock wings instead of

privacy in just a matter of choices it’s not really a problem if you want privacy around privacy that doesn’t any problem with it and I’m shooting motion SB setting plugin if you don’t know what SP setting is it’s you know this stuff oops okay this one is just be setting if you drop your phone you can have this kind of console which where you can turn on and off programming and utilities how could you run car on such devices well you can yep just to a higher than I requisite around the website there are the instruction which are pretty simple you just have to to copy adapt identified CJ use the same text format as debian and ubuntu in a folder and you have to reboot your phone and then yet my repository added to your device you just look for the program called tour toggle and once you have added it to a specific just push this icon and it will be turned on and off so does it work yes it does it work as a it works as a relay you can be the hidden services with it because I really didn’t have to do anything that just cross compiling it because i’m using the original sources for futur the interesting but that it’s running both we are wireless and cellular data network and other interesting part is that iOS should do the transparent proxy I said should do because you know if you are familiar with iOS you have to go to the wireless tap settings yep to look for the sed you are currently attached to and you can set a proxy for the testing you set the proxy only in one place and you hope that all the application will use it if not always throw I think that made up as the mail reader as some problem with it but mobile safari uses it and that doesn’t have shot I was on check out da project or which is a simple test pages page for checking if you are using or not there are limitation ok I us does not support socks proxy tour is a socks proxy there’s a there’s a workaround we run point 0 which is an HTTP proxy in front of it so we can add can use the nodal there are no HTTP proxy if you are running on Silverado networks you can send you can set HTTP proxy in such cases there are some tricks or some work around like if you enable a VPN like even an insecure one like the one naughty desire of what pdtv even an insecure bpn will allow you to set up Roxy them and does know what on the meaning list of the Tor project is CorSec your browser mean meaning a browser which will not leak your personal information or your browsing session better if you were here last last year I gave talked about how to broke try trying to broker denim my tour user using html5 features there aren’t only limitation on the ims side there are even limitation for power unfortunately the program is cryptographically intense ease its own ssl which is running here so the battery the battery draining is a bit keeping and several dozen Ethel’s garden I’m a really poor friend because you know you get roughly changing IP address at least in theory yet spot cartilage it’s it’s not a good situation to too easy round a node future ideas for the port well right now I reduced the use of the command line interface at a minimum I mean you can insert the program without using the command line but if you are going to use configuration which is not

the standard for browsing but you want to do something more girl to use a comment line this the need for a graphic and controller application something like the idea or something like robot which you can use to configure your program I really can program objectives is typical for me and so I’m stuck and well this is something which i’m not even addressing the still at me for a second browser because mobile safari is not enough you want to be if you want to use tor in a safer way there are even some other ideas I mean I RM which is the anonymity a relay monitor it’s the cool python program to monitor the status of your note it’s working you have to install a terminal or access your device through ssh but it’s worth it wasn’t actually onion cat is really something which it’s worth a look even start working anybody it something it could be could be used and I did some work on TV en SD which is brother for DNS queries but it’s not working there well because the operating system the program is using library for loading and the operating system is it’s not it’s not not kind enough to to let me do the work without harassing me and I don’t know it there probably are more idea put it could work on if you have an Indian feel free to share for or hear any questions any okay res end of order hey no you went racing around ok thanks yeah yeah yeahs ipad i bought apple TV they are all running iOS so you can rent or own all of these devices okay the title of the presentation was store on the iphone but really add 2 to change it to ok to tour for I the boxes in this bar because you know when I start working on it there was on the iphone and ipod and then they they came out iPad and Apple TV yeah they’re all sharing the same operating system so you can run the program all of the with with no problem yeah I just wanted to ask since your chalk line works only on dre pro I found if there are any plans like to cooperate with Apple to get it in the official app store so it works on devices without a jailbreak ok the first decision was the first ok I didn’t say that maybe not Korean you have to jailbreak your device to run talk on it in case of my port the first piece is this was also the first question i received when I presented the power to the tour developer community and the problem was back at a better word shoe problems I’m not owning an intel mac ok although my development is it’s truly not okay which is not a supported operating system for the app store if you want to submit anything to the absurd Adam to download the SDK which is only for intel mac and also to pay license blah blah blah blah so it was easier for me because I’m not owning an Internet I’m only only Linux machines so developing within the open touching was a force solution the second part the second problem was that back at the time februari there were many many many limitation on application which could be accepted into the App Store such

limitation cannot be easily integrated into tour one of them is the ability to throttle the bandwidth used by your application when we are not on Wi-Fi this is this is a a great problem because if you throttle the bandwidth the bandwidth of your node you are more interested so it defeats of rhyming Torah such devices in using something from the app store not to mention that right now tour is working as a demon it’s instant or on your devices like the same thing of Islamic terror on a UNIX machine it’s a system demon you start and stop it abates its assistant in demand and you can do that in the app store it could it could be done it could be done but it involves an amazing amount of work you have to the roadmap the political roadmap you would be dead up splitting the sources of after and having something like lipitor okay not a single problem single demon but a library for doing on your routine after you’re done so you can integrate the collaborative various kind of client but if it’s something that tour developers are not addressing and are not interesting in interested in doing right now so it’s not easy to add touring in the absurd not not at all okay thanks