going nuclear - usenix.org · – technically 58.5129% out of ~400 million visitors. u.s. customs...
TRANSCRIPT
Going NuclearProgrammatic Protections Against Extreme Vetting, Social Pressures, and Coercion
Cara Marie & Andy Grant Enigma 2018
DISCLAIMER #1All thoughts and opinions expressed are our own and are not endorsed by,
nor do they represent the thoughts and opinions of our employers.
U.S. Customs And Border ProtectionCBP Directive No. 3340-049A
Subject: Border Search of Electronic Devices
What’s in an Encrypted Backup?
● Keychain Database○ Application Passwords○ Session Tokens
● Application Data○ Social Media Account Data○ Banking Data○ Images/Videos
● Location Data● Phone Data
○ Contacts○ Voicemails○ Text (& Sext!) Messages
Cellebrite Extraction Report Excerpt
Network Access Is Disabled
1. Prevents MDM and other recovery solutions from remote wipe
2. Doesn’t prevent future cloud access (cause backups)
Misleading...
Applications Cache Data
Previously downloaded data is still accessible even when
network access has been disabled
5.1.3 Basic Search. Any border search of an electronic device that is not an advanced search, as described below, may be referred to as a basic search. In the course of a basic search, with or without suspicion, an Officer may examine an electronic device and may review and analyze information encountered at the border, subject to the requirements and limitations provided herein and applicable law.
CBP Directive No. 3340-049A
5.1.4 Advanced Search. An advanced search is any search in which an Officer connects external equipment...to review, copy, and/or analyze its contents. In instances in which there is reasonable suspicion...or in which there is a national security concern...an Officer may perform an advanced search of an electronic device.
Upload images to
the cloud
Download images and
reimage devices
(optional)
Revert device to factory
settings and install only
what’s needed for travel
1
2
3
Clean Device 101
DISCLAIMER #2We are not legal experts, but did consult lawyers during the creation of each PoC.
While these solutions and PoCs can be applied elsewhere, we caution the audience to do their own research (and consult your own legal experts) prior to using these solutions and PoCs to
cross a border or oppose law enforcement.
We structure them as individual solutions since that’s the best way we found to demonstrate them, but these should ideally be implemented by OEMs and service providers.
Dead Man’s Switch
● Programmatic wipe of device○ NOT an MDM solution○ Does not rely on a network solution
(entirely local to the device)● Automatically wipes device if connected while
unlocked (when enabled)● Password protected functionality
CAUTION! EXTREME MEASURE
B-PR (Beyond Password Reset)
Text one-time
password
Change passwords to randomly
generated passwords
Passwords are then
stored, encrypted,
on cloud storage
Enduser has no access
to decrypt at that time
Resourceshttps://github.com/nccgroup/escalating-measures
[email protected]@bones_codes
[email protected]@andywgrant
Resources
● Digital Privacy at the U.S. Border: Protecting the Data On Your Devices and In the Cloud
● Protecting Data at the Border Act● 34C3: Protecting Your Privacy at the
Border
Tools
● 1Password● Apple Configurator 2● Dead Man’s Switch● usbkill ● B-PR
Android
● How to enable multiple user accounts on an Android smartphone
● How to Hide Apps from Android’s App Drawer with Nova Launcher
iOS
● Personal International Infosec● Counter-Forensics: Pair-Lock Your Device
with Apple’s Configurator● Reduced Annoyances and Increased
Security on iOS 9: A Win Win!