privacy Archives | Forensic Blogs

December 16, 2020 by LCDI

The Vermont Privacy Project

As the internet ties in more and more with our daily lives, internet privacy has become a big concern. The Vermont Privacy Breach project at the Leahy Center is a team of students working with a Champlain student supervisor and a Leahy Center Fellow Judy Boyd to try and tackle this growing issue. Our goal is to reduce the number of privacy incidents on residents of the State of Vermont. We plan to accomplish this by providing simple resources. Small businesses, local governments, and nonprofits can then use these to make themselves more secure.

What We Have Accomplished?

Over the course of the semester, the team has been hard at work researching privacy breaches and other data. The plan is to use this data to create simple presentations that can be given to businesses and people alike. Our team extensively researched what a data privacy breach is, who it affects, and how to prevent them. We all put our research into a shared Google Drive folder and refined the scope of the project. We focused on teaching and presenting to others what privacy breaches were and how to prevent them. Phase One of this project encompassed common risks, the impact of breaches on individuals and organizations, and measures to prevent or mitigate risk. At this point, we are currently in the process of creating an initial presentation outlining Phase One of this project.

What is a Data Breach? A laptop with a skull and crossbones over it

A data breach is any unauthorized access into a business, state agency, or individual’s digital systems. These attacks can come in a large variety of ways, and each come with their own challenges. For example, phishing attacks will look like messages sent from a company but trick you into putting in your info so the attacker can use it themselves. Ransomware and malware are other forms of attacks. These are programs that are downloaded onto the machine that can read files, edit them, or even lock out the entire computer. Then there are attacks that try to overload your connection to the internet, called DDoS attacks, which flood your connection with junk information.

These are all incredibly dangerous and serious issues for anybody with a computer, and as technology advances, we’re finding those computers in everyday objects. If you have any sort of wireless surveillance in your home, that could become a risk. But, by limiting who has access to your devices and watching what you download, you bring that risk down considerably. The steps to better computer safety are simple, anybody can do them, it’s just a matter of spreading that information. Therefore, we’re excited to have the opportunity to work on that goal and help those in our community and elsewhere.

What’s Next?

The next steps of our project are to finalize and practice our Phase One Presentation and prepare for our first presentation. We are really looking forward to collaborating with the Burlington Sunrise Rotary Club. It’s exciting to see the progress we have made with this project and we hope to see a glimpse of what may come next. For Phase Two of this project, we will be looking at privacy risks related to Local Government agencies, non-profits, and small businesses. For example, we’re interested in how we can bring this to more people.

Stay up to date with the Leahy Center by following us on LinkedIn, Twitter, Instagram, and Facebook!

The post The Vermont Privacy Project appeared first on The Leahy Center for Digital Forensics & Cybersecurity.

September 20, 2019 by LCDI

Virtual Currency Investigations: Fear Not the Blockchains

At the Magnet User Summit this year, I listened to a presentation by Eric Huber, Vice President of National White Collar Crime Center (NW3C). With a broad background in digital forensic investigations, he spoke about the changing field in cryptocurrencies and blockchain analysis. He gave a brief overview on different types of cryptocurrencies and how to use them. Then he dove into how cryptocurrencies are evolving and how digital forensics needs to catch up to the changes.

Cryptocurrencies

Cryptocurrencies are a little bit more complicated than just currencies that solely run on the internet or through the cyberspace. Currencies like Ethereum and Bitcoin are purchased and are traded in cyberspace to purchase goods and services just like fiscal currencies, but because of the push back against government control, these currencies can be used to purchase illegal goods and services without being tracked easily. Cryptocurrencies are on the rise and are becoming more popular than ever. With ATMS popping up all over the world, they are becoming even more accessible.

Blockchains

Blockchains are the ledgers of cryptocurrencies. Unlike most banks and budgets, blockchains never list the total cryptocurrency that someone might have. Instead, they list who exchanged it and how much. Cryptocurrency mining is figuring out the hashes or the specific string of characters and numbers to figure out the transaction and post it directly on the ledger. After claiming that position, not only would the miner claim some cryptocurrency, but every time that section of the ledger is referenced to calculate how much an individual has of that cryptocurrency, the miner earns more cryptocurrency.

Public vs Private

Different types of cryptocurrencies have different types of blockchains. The public can openly access public blockchains, like what Ethereum and Bitcoin. Law enforcement can also subpoena them to learn who performed the possibly illegal transaction. However, there can always be more privacy. The more privacy achieved, the more complicated arresting and subpoenas become. Private blockchains involve each individual block becoming private and not available to the public. Not only is the ledger inaccessible, but law enforcement is unable to subpoena individual miners. They would only have parts of the ledger anyways.

With a developing field, digital forensics and incident response is developing blockchain analysis to track backwards after figuring out specific blocks of ledgers to figure out the specifics of transactions and more. This is the changing part of cryptocurrencies and how digital forensics needs to evolve to adapt to accommodate these changes since cryptocurrencies are not fading away anytime soon.

Blog written by Champlain College’s Nurit Elber.

Be sure to check us out on Twitter @ChampForensics, Instagram @ChampForensics, and Facebook @Champlainforensics to see other important information pertaining to our project!

The post Virtual Currency Investigations: Fear Not the Blockchains appeared first on The Leahy Center for Digital Forensics & Cybersecurity.

October 24, 2017 by LCDI

VPN/Proxy Chain Update 1

Introduction

With each passing day, privacy is growing into a larger public concern. The goal of this project is to experiment with ways to combine the usage of a Virtual Private Network (VPN) with chained proxies to create a more private internet connection. Our team is exploring possible configurations and implementations.

VPN vs. Proxy

The first step is understanding the difference between VPNs and proxies.

A VPN is a network connection that creates an encrypted connection to a VPN server. This makes it appear to whoever is watching that your traffic is coming from the VPN’s IP address. All internet traffic from your computer uses the VPN encrypted tunnel. This prevents anyone from sneaking a look at your data on the trip between you and the VPN server.

A proxy is very similar. It creates a secure connection between your computer and the proxy server. But, proxies weren’t designed to encrypt all traffic. They usually only do one application at a time. The proxy is usually configured for each application individually. and often passes the original IP address along. In a chain, proxies can provide a degree of anonymity.

Project Goals

Our project is combining these two methods of security. Why would someone want to do this? Well, if a proxy goes bad, or is somehow traced back to the original IP address, the eavesdropper will see the VPN’s IP rather than your own. By creating layers of privacy and security, it is less likely for a single point of failure to lead to exposure.

Method

To test various configurations, our team is using the Raspberry Pi 3.

These micro-computers allow us to simulate having many servers to host our VPN and proxy services. All without involving expensive external hosting for testing.

So far, we’ve experimented with different configurations and tools. Two Raspberry Pi 3s are dedicated proxy servers, hosting the SOCKS proxy server, Dante. On the client end, the Linux client utilizes proxychains to connect to the proxy servers. The Windows client utilizes Proxifier to access the proxy network.

One Raspberry Pi 3 is the dedicated VPN server, running an OpenVPN server. We used PiVPN, a set of scripts designed to make the OpenVPN install a smoother process.

Conclusion

We’re moving forward with this configuration and troubleshooting the connections on a local level. Once we have a setup that works, the next step is investigating commercial cloud options to shift out servers to.

Like the Leahy Center for Digital Investigation (LCDI) on Facebook and follow us on Twitter to get notified of more project updates.

The post VPN/Proxy Chain Update 1 appeared first on The Leahy Center for Digital Investigation.