Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Defending Dissidents from Targeted Digital Surveillance

Yosem Companys companys at
Thu Dec 1 14:23:30 PST 2016

From: Bill Marczak <wrm at>

*Title:* Defending Dissidents from Targeted Digital Surveillance
*Speaker:* William R. Marczak
*Advisor:* Prof. Vern Paxson

*Date:* Friday, Dec 09, 2016
*Time:* 12PM - 1PM
*Location:* 205 South Hall, UC Berkeley
*Food:* Light lunch
*RSVP requested:*


Computer security research devotes extensive efforts to protecting
individuals against indiscriminate, large-scale attacks such as those used
by cybercriminals, and protecting institutions against targeted cyber
attacks conducted by nation-states (so-called “Advanced Persistent
Threats'').  Where these two problem domains intersect, however---targeted
cyber attacks by nation-states against individuals---has received
considerably less study.

In this talk, I will first detail my efforts to characterize this space,
based on analysis of an extensive collection of suspicious files and links
targeting activists, opposition members, and nongovernmental organizations
in the Middle East over a period of several years.  I will present attack
campaigns involving a variety of commercial “lawful intercept” and
off-the-shelf tools, and explain Internet scanning techniques I used to map
out the potential broader scope of such activity.  Based on these first
efforts, I will present the results of my IRB-approved research study
involving in-depth interviews with 30 potential targets of abusive
surveillance in four countries.  The results give insight into potential
targets’ perceptions of the risks associated with their online activity,
and their security posture.  Based on my study results, I will propose
Himaya, a defensive approach I developed that readily integrates with
targets’ workflow to provide near real-time scanning of a subject’s email
messages to check for threats.  I will explain Himaya’s architecture and
provide preliminary data from its beta deployment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the liberationtech mailing list