bparodi/smash-the-firewall
1
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
smash-the-firewall/slides/intro.md
bparodi 470044ac8f all
2024-04-24 17:22:29 +02:00

3.3 KiB
Raw Blame History

Autodifesa
digitale

A big thanks to the
_TO hacklab
for the source of this presentation.

You can find the slides at [LEZZO.org/smash-the-firewall](https://lezzo.org/smash-the-firewall/)

CC BY-NC-SA 4.0

--

Goal

  • When you leave the squat, you should have a better idea of what it means to defend yourself when you have a digital presence.

- The slides are meant to be used as a web resource, so there is a lot of text. I'll try not to read ¯\_(ツ)_/¯ - Cyberattacks will be mentioned during the presentation. Feel free to ask for details.

--

Why

  • There is no such thing as 100% protection
  • There is no one size fits all solution
  • Cybersecurity means mitigating the potential dangers your online actions might create
  • Techniques that are beneficial in one situation might pose risks in another

--

Threat model

You can't protect yourself from what you're not aware of.

  • Who is my enemy? (my parents, my significant other, my employer, interpol, the freemasonry 𓁿)
  • What am I protecting? (my identity, my sexual preferences, my ideas, my spicy text ㆆ _ ㆆ)
  • How can I be attacked? i.e. my threat categories =͟͟͞͞(꒪ᗜ꒪‧̣̥̇)

--

Practical example

Selling pot in high school

Who is my enemy?

  • Law Enforcement
  • The school
  • My parents

What am I protecting?

  • My parents
  • My friends and buyers
  • My future

notes: proporre una riflessione collettiva su uno scenario

--

Threat categories

A framework to answer the question "how can I be attacked?"

--

Spoofing

The act to violate authenticity. Examples:

  • Forgery of documents
  • Web phishing
  • Email spoofing, the act to fake the sender

--

Tampering

The act to violate integrity of data. Examples:

  • Graffiti
  • Man in the middle attacks
  • Web defacing
  • Double spending w.r.t. blockchain networks

--

Information Disclosure

The act to violate confidentiality. Examples:

  • Whistleblowing
  • Revenge porn

--

Denial of Service

The act to violate availability. Examples:

  • Denial of service attacks
  • Ticket scalping

--

Elevation of privileges

The act to violate authorization. Examples:

  • Jailbreaking
  • Card cloning

--

Repudiation

The act of denying or disavowing responsibility for an incident or security breach.
In other words: claiming that you didn't do something or were not responsible. Examples:

  • Cooking the books
  • Deleting log entries