 Let's keep the boring part. Okay, those are the rules. That's my name and that's the backward side and so on. Okay, this is the outline. The first part is the state of the app. If you follow the presentation this morning about mobile security, you probably already know everything which is written in this part. Then we go on talking about mobile phone and other strange devices. As we are a bit late, the first part will go out very fast. Okay, the main problem with phones is that mobile phones right now are really powerful devices. They are almost like computer. They got a lot of computational power, high speed data network access and they are running on a real operating system. The other problem is that phones are personal. Raise your hand please. If anyone in this room doesn't own a phone, I don't think that, oh, you are my hero. You are cool. The other problem is that phones are personal and we keep them everywhere we go. And usually we go out and we never leave the house without them. Phones are critical because there are catalogs, address book entries, e-mail, SMS. You know, if you were there, if you were here at Christian presentation about the Android root kit, he dumped the content of his address book and his SMS database and so on. The other problem is that when we are talking about phones and mobile phones, operator and so on, there's too much trust involved in the connection. Because I as a user, I trust my phone because I use the phone to make phone calls. The phones have to trust the operator which is the entity which gives them access to the network and operator have to trust themselves to route calls around the globe. So what happens? That the user have to trust the operator as well. Why operators are using so much trust between them? Because they want the things to go out smooth. Because if the calls, if texting, if anything won't go out smooth, the user will be pretty angry. The other problem is that there's too much heterogeneity. I mean, usually it's not a big problem but you know, when you have to work with different communication, close communication protocol or different kind of network or different hardware landscape, you get problem when you try to stick them together and secure the environment. The other issue are, well, phones are really powerful as I said before but they were burned for making calls and sending SMS. So the operating system adapted to this behavior. And in the screen shot, it's my phone. I was trying to access my Gmail address. And as you can see from the keyboard, I can only input letters. There are even numbers or let's not talk about special symbols. I need to push that button over there and I need to change the cable. So what does it mean? The difficult password are difficult to enter and the user will usually choose an easier password. The other problem is the screen size. I'm trying, in the screen shot, I was trying to connect to a site with a self-signed certificate. And I have no idea what the certificate would be because I have no way to check that. I know it's not true. The other thing is that we usually think that we have bought the device so we are usually owning it. But it's not true because on top of the food chain, there's the manufacturer. I'm reporting here some headlines from past news. CBS reported that Apple, the foreign banner for minister in France, I think, can remember. Android developer forum which talked about the keys which they implemented and so on. The carrier operator update which was spyware. And the black at DC talk about iPhone privacy and so on and so on and so on. Another problem is data. Usually that is turning clear text. Right now, blackberry and Nokia have some sort of encryption. The problem is that access usually is over-netting. You can access the data, you can access all data. What I'd like to see in the future is fine tuning of application permissions. If you switch to the communication side, well, it's not going to be easy as well. GSM has been broken. UMTS, almost. SMS, well, it has been abused. Easily spoofable. If you can remember, Charlie Miller and Colin Mulliner brought unexploited with MMS for I think it was iPhone. Bluetooth. Everybody knows about Bluetooth. And Wi-Fi and so on. That's pretty. That's interesting. This one was discovered by Colin Mulliner. There are mobile phone operators which are injecting custom HTTP headers in the request your mobile phone browser make. Something like, you know, the IM, EI, IM, SI. So I think it's not really important. So just to recap, this part I was pretty speeding through. Which are the problem? Mobile phones are everywhere. They are designed for call and text messages, not for going out on the internet or using security protocols. Story data cannot be easily protected and communication need to be secured. I won't address a solution for all this problem but for this last one, which is Tor. We can get some degree of privacy and protection using Tor on our devices. Anybody here who doesn't know at all how Tor works? Okay, cool. That was our crash course. This is the story of Tor on unusual devices. Yeah. The first time Tor got on the iPhone was December 2007. Then we got a Chambi one on 2009. iPhone again on 2010. Nokia 900 and Android. When you're trying to port Tor to mobile platform or other platform that, you know, high sex, windows. You got some address, some problem to address like, you know, the available hardware or the hosting operating system, how easy is to write or to port the program on that operating system. The installation process is very important and the presence or not of a graphical user interface. This one is quite interesting. This port has been done by Jacob Applebone and Bunny Studios. You probably know what that is. Chambi one an alarm clock. Which has an ARM CPU and 64 megabyte of RAM. And it's wonderful. This port is not easy to install as you need the Chambi one. You need to install the one-cross-tool chain. You need to check out the sources. You need to enter the folder and type make. Then you have to unzip the build on a USB K and rebooting the alarm clock with the K inserted. And, well, there's always the easy way, which is just unzip a provided build on the USB K and you are free to go. This port is quite interesting because, you know, the Chambi one has very limited resources to run TOR. So they needed a swap file and this is very clever. They configured TOR as a bridge. Listening on the 4.4.3 T.C.P. port. Why do they do this? Why do they do this? Because TOR is very, very easy to run. You have to run as a bridge. Will not be so hang about resources as a full blown relay. Unfortunately, there's no easy upgrade in machine is. You need, I mean, you need to build another version of the program, put it on USB zip and reboot the device. But this is very interesting. Banni found out that there is an official support for FreeZ for cellular data net or in those alarm clock. So these are the achievements running TOR. Very limited resources and an easy install method. TOR MIMO and Nokia 9 and 900. What's that phone? It's powerful IRMCQ. And it's plenty of RAM to run TOR. And, well, this was a bit easy because TOR is already in the MIMO community repository. How could you install TOR on such device? Well, just enable the repository extras double. Okay. There's a big, ugly warning telling you that it's dangerous. But, you know, okay. You just look for TOR in the package manager and you are done. How could you eventually run it? Just toggle it. That was wonderful. You open up the control panel. You tap on the on your router and here you are. You are running TOR on your Nokia. What does this port achieve? Well, it was easy installed. You know, repository are wonderful. You can install software with just one click. Better than the Chambi one, you can even upgrade your program. And, well, this was the first graphical controller application for TOR mobile devices. Then we got TOR Bot or TOR on Android. Okay, everybody knows what Android is. Linux-based operating system. Many different devices available. This port has been built by The Guardian Project. How could you install it? Well, just scan that QR code. If you are running Android, you can just take a picture of the slide of the presentation and you will be about to install TOR in a minute. Unfortunately, it's not yet on the Android market. How could you run TOR on Android device? Is it a neighbor? Toggle it. Another interesting feature about TOR on Android is that finally it's fully configurable. You know, this is the screen shot of the configuration program and it will offer you all of the options that Vidalia offers you when you are trying to run TOR on a full-blown computer. And there's a bonus. If you are running a rooted TOR device, TOR can do transparent proxy. So you don't have to set a proxy for each application or you can use applications which are not designed to go through a proxy. So the achievement is installation, highly configurable and transparent proxy. And finally, TOR on mobile TOR. Okay, when I talk about iPhones, I'm really talking about iPod Touch, iPad and so on. What we got here, we got Darwin, which is the iPhone OS, powerful CPU and plenty of RAM. And before going on, I want to thank the EFF for what they did. And I also want to thank, yeah. Thanks. And also all of the jailbreaking community for the artwork they are putting into this stuff. Yeah. The main problem right now is that my port of TOR for iPod devices is that you have to have a jailbroken device. That's just because it's easier for me to develop. I'm doing all my develop from Linux using the open tool chain. So I don't own an Intel Mac. So I had to go that way. Okay, if you remember, I said that TOR on the iPhone was already available in December 2007. Yes, but there was a problem. The original port was made by CJR1. It was built for iPhone OS version 1. He or she patched the sources to overcome firmware limitation. The firmware at the time wasn't able to handle all the connection TOR opens while it's working. And shipped that program with a copy of Privaxi and a graphical controller application. Unfortunately, CJR1 totally disappeared. I told the TAP disappeared with the author. The only thing which remains were the patches because they were included in the official source tree. So what I did, I did it. When I was trying to bring back TOR on the iPhone, I just installed the open source tool chain. Right now I'm targeting iPhone OS 3.1.2. That's just because it's the version of the operating system which is shipping with the phone at the time I bought it. And I'm cross compiling from Slackware. I'm building the program following J3 my convention. If you don't know who J3 my name is, he's the guy at the Ansidia. My sources are an overlay to his sources. So you can just check out J3 my souric sources. Check out my sources. You just copy my sources over. The checkout of the Telespheria Tangelo. And you can just use this build system to build my package. And that's the address if you want to take a look at the sources and the repository and so on. So the new part is made by me. Built for a newer version of the operating system. It should work with version 4 and so on. No problem at all. The old patches were no longer needed because right now the firmware is able to handle that many connections. When you install the mobile tour package from CD after writing my repository, you also get a copy of Polypo instead of Privacy. And you get an SB settings plugin so you can easily toggle it on or off. And the plugin will start both tour itself and Polypo. That's a screenshot of the application. You just see the steps on the button and you are free to go. What happens when you run your iPhone? Well, you can get client functionality, obviously. You can be a relay. You can run it in services. It's working. It's fully working. The interesting thing is that obviously you can run it over the wireless or over the cellular data network without problem. And another cool feature of the operating system is that it's doing the transparent proxy thing. So you didn't have to care about proxy applications. There are some limitations, unfortunately. The operating system doesn't support SOX proxies. That's no problem. We can run Polypo in front of it. There's still no, there isn't still an easy way to set up a proxy while you are surfing through the cellular data network. I'm trying to discover a way to do it. There's a VPN trick you can set up an easy crackable VPN. And at the time when iPhone recognizes that the VPN is running, it lets you choose a proxy. So you can do that. Another problem is that there isn't yet a tour secure browser, meaning a tour, a browser which respect all the, which protect you from the privacy threats that browsing through the internet pose to your privacy. Other limitations are that it's cryptographically intense. So it's a bit heavy on butter and drain. And at least in Italy, cellular data networks are very far friend because you got rapidly changing IP address and spot coverage. It's not that funny, but it works. How's the development going? Well, there's a bit too much fiddling with the common line interface. I try to reduce all these steps. But for instance, for installing the repository to copy and paste a command into your SSH connection to your phone, many users according to the data I receive are unable to do that. There's a really a strong need for a graphical controller application like Fidalia and what doesn't need for a secure browser too. Some of the future crazy ideas, IRM is working. If you don't know what IRM is, it's the anonymity relay monitor. It was one of the first Google summary code projects sponsored by Tor Project. It's a Python application to monitor your Tor-related screen shot to the right here. I got planned to port on your cat to this platform. I'm doing also some work on TTDNSD. Right now the main problem is that this oxy, it's a bit tricky to be able to have it run. And well, it would be nice to also try out this port on all devices. I got positive feedback of Tor running on iPod touches and iPad, but it would be nice to have other feedback. I was going to show you how to toggle it, but I had to do that on the DEF CON open network, so I just used this backup movie. I had to do that on the phone. Okay. Sorry for the quality. I was recording a VNC connection to my phone. This is the mobile Safari. I just fire it up. Go to check.project.erg and okay, I'm not using Tor. I'm closing the web browser. I'm opening the settings, the SB settings application. I'm just tapping on the Tor icon. Okay, it's running. Both Tor and Polypo are running. Okay, closing it, opening the system settings application. You just go to your Wi-Fi. You choose your Wi-Fi network you are currently connected to. You scroll down. Okay. HTTP proxy, manual. Server is localhost. Localhost. And port, well, it's the default port for, it was the privacy port, but, well, okay. Now if you, if we go back to mobile Safari and we hit the refresh button, okay, it's the address. Go. The network was low. Tick, tock, tock, tock. Congratulations. We are running Tor. Woo! Okay. That's it.