Black Hat //Webcast 27
Privacy on the Internet
// Moxie Marlinspike & Christopher Soghoian
This webcast will be a conversation that covers the current trends in online tracking on the web, the methodologies that online tracking companies are currently leveraging, and some techniques for retaining your privacy in that environment. We'll also cover initiatives like Do Not Track and private browsing mode, as well as what's happening with SSL in the larger privacy narrative.
Moxie Marlinspike is a fellow at the Institute For Disruptive Studies with over thirteen years of experience in attacking networks. He recently published the null-prefix attacks on X.509, the session-denial attacks against OCSP, and is the author of both sslsniff and sslstrip -- the former of which was used by the MD5 Hash Collision team to deploy their rogue CA cert, and the latter of which continues to implement Moxie's deadly "stripping" technique for rendering communication insecure. His tools have been featured in many publications including Hacking Exposed, Forbes Magazine, The Wall Street Journal, the New York Times, and Security Focus as well as on international TV.
Christopher Soghoian, a Washington, DC based Graduate Fellow at the Center for Applied Cybersecurity Research, and a Ph.D. Candidate in the School of Informatics and Computing at Indiana University. His research is focused on the intersection of online privacy, law and public policy. He has used the Freedom of Information Act and several other investigative techniques to shed light on the scale of and the methods by which the US government spies on Internet communications and mobile telephones. This work has been cited by the 9th Circuit Court of Appeals, and featured on the Colbert Report. He was the first ever in-house privacy technologist at the Federal Trade Commission, and has worked at Berkman Center for Internet & Society at Harvard University, the American Civil Liberties Union (ACLU) of Northern California, NTT DoCoMo Euro Labs, Google, Apple and IBM Research Zurich.