Runa Sandvik | |
---|---|
Born | 1987 (age 35–36) Oslo, Norway |
Occupation(s) | Computer security expert, founder |
Spouse | Michael Auger |
Runa Sandvik is a Norwegian-American [1] computer security expert and founder of Granitt. [2] She is noted for her extensive work in protecting at-risk civil society groups, including human rights defenders, lawyers, and journalists. [3] Sandvik was previously the Senior Director of Information Security at The New York Times, helping launch the company’s confidential tips page in December 2016. [4]
Sandvik was an early developer of the Tor anonymity network, a cooperative facility that helps individuals obfuscate the Internet Protocol information they are using to access the Internet. [5] Sandvik is a technical advisor to the Freedom of the Press Foundation and serves on the review board of Black Hat Europe. [5] Sandvik interviewed Edward Snowden in May 2014. [6] In February 2015 Sandvik documented her efforts to retrieve information about herself through Freedom of Information Act requests. [7] Sandvik led efforts to make The New York Times a Tor Onion service, allowing Times employees and readers to access the newspaper's site in ways that impede intrusive government monitoring. [8]
Sandvik, and her husband, Michael Auger, demonstrated how smart rifles with remote access can be remotely hacked. [9] The $13,000 TrackingPoint sniper rifle is equipped with an embedded linux computer. [10] According to Wired magazine , when used according to its specifications, the aiming computer can enable a novice to hit remote targets that would otherwise require a skilled marksman. However the manufacturers designed the aiming computer with WiFi capabilities, so the shooter could upload video of their shots. Sandvik and Auger found they could initiate a Unix shell command line interpreter, and use it to alter parameters the aiming computer relies on, so that it will always miss its targets. They found that a knowledgeable hacker could use the shell to acquire root access. Acquiring root access allowed an interloper to erase all the aiming computer's software—"bricking" the aiming computer.
She acquired her first computer when she was fifteen years old. [11] She studied computer science at the Norwegian University of Science and Technology. [6] In 2014 Sandvik married Michael Auger, and the pair made their home in Washington, D.C. [12]
A cypherpunk is any individual advocating widespread use of strong cryptography and privacy-enhancing technologies as a route to social and political change. Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since at least the late 1980s.
Matt Blaze is an American researcher who focuses on the areas of secure systems, cryptography, and trust management. He is currently the McDevitt Chair of Computer Science and Law at Georgetown University, and is on the board of directors of the Tor Project.
A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network. Hackers may be motivated by a multitude of reasons, such as profit, protest, information gathering, challenge, recreation, or evaluation of a system weaknesses to assist in formulating defenses against potential hackers.
.onion is a special-use top level domain name designating an anonymous onion service, which was formerly known as a "hidden service", reachable via the Tor network. Such addresses are not actual DNS names, and the .onion TLD is not in the Internet DNS root, but with the appropriate proxy software installed, Internet programs such as web browsers can access sites with .onion addresses by sending the request through the Tor network.
Jacob Appelbaum is an American independent journalist, computer security researcher, artist, and hacker.
Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It directs Internet traffic via a free, worldwide, volunteer overlay network that consists of more than seven thousand relays.
Tails, or "The Amnesic Incognito Live System," is a security-focused Debian-based Linux distribution aimed at preserving privacy and anonymity. It connects to the Internet exclusively through the anonymity network Tor. The system is designed to be booted as a live DVD or live USB and never writes to the hard drive or SSD, leaving no digital footprint on the machine unless explicitly told to do so. It can also be run as a virtual machine, with some additional security risks. The Tor Project provided financial support for its development in the beginnings of the project, and continues to do so alongside numerous corporate and anonymous sponsors.
Freedom of the Press Foundation (FPF) is a non-profit organization founded in 2012 to fund and support free speech and freedom of the press. The organization originally managed crowd-funding campaigns for independent journalistic organizations, but now pursues technical projects to support journalists' digital security and conducts legal advocacy for journalists.
TrackingPoint is an applied technology company based in Austin, Texas. In 2011, it created a long-range rifle system that was the first precision guided firearm.
The Guardian Project is a global collective of software developers, designers, advocates, activists, and trainers who develop open-source mobile security software and operating system enhancements. They also create customized mobile devices to help individuals communicate more freely and protect themselves from intrusion and monitoring. The effort specifically focuses on users who live or work in high-risk situations and who often face constant surveillance and intrusion attempts into their mobile devices and communication streams.
The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997, but was not named or structured as TAO until "the last days of 2000," according to General Michael Hayden.
Freedom Hosting is a defunct Tor specialist web hosting service that was established in 2008. At its height in August 2013, it was the largest Tor web host.
Bullrun is a clandestine, highly classified program to crack encryption of online communications and data, which is run by the United States National Security Agency (NSA). The British Government Communications Headquarters (GCHQ) has a similar program codenamed Edgehill. According to the Bullrun classification guide published by The Guardian, the program uses multiple methods including computer network exploitation, interdiction, industry relationships, collaboration with other intelligence community entities, and advanced mathematical techniques.
Ongoing news reports in the international media have revealed operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly emanate from a cache of top secret documents leaked by ex-NSA contractor Edward Snowden, which he obtained whilst working for Booz Allen Hamilton, one of the largest contractors for defense and intelligence in the United States. In addition to a trove of U.S. federal documents, Snowden's cache reportedly contains thousands of Australian, British, Canadian and New Zealand intelligence files that he had accessed via the exclusive "Five Eyes" network. In June 2013, the first of Snowden's documents were published simultaneously by The Washington Post and The Guardian, attracting considerable public attention. The disclosure continued throughout 2013, and a small portion of the estimated full cache of documents was later published by other media outlets worldwide, most notably The New York Times, the Canadian Broadcasting Corporation, the Australian Broadcasting Corporation, Der Spiegel (Germany), O Globo (Brazil), Le Monde (France), L'espresso (Italy), NRC Handelsblad, Dagbladet (Norway), El País (Spain), and Sveriges Television (Sweden).
Alec David Edward Muffett is an Anglo-American internet security expert and software engineer. His work includes Crack, the original password cracker for Unix, and for the CrackLib password-integrity testing library. He is active in the open-source software community.
The ANT catalog is a classified product catalog by the U.S. National Security Agency (NSA) of which the version written in 2008–2009 was published by German news magazine Der Spiegel in December 2013. Forty-nine catalog pages with pictures, diagrams and descriptions of espionage devices and spying software were published. The items are available to the Tailored Access Operations unit and are mostly targeted at products from US companies such as Apple, Cisco and Dell. The source is believed to be someone different than Edward Snowden, who is largely responsible for the global surveillance disclosures since 2013. Companies whose products could be compromised have denied any collaboration with the NSA in developing these capabilities. In 2014, a project was started to implement the capabilities from the ANT catalog as open-source hardware and software.
The Calyx Institute is a New York-based 501(c)(3) research and education nonprofit organization formed to make privacy and digital security more accessible. It was founded in 2010 by Nicholas Merrill, Micah Anderson, and Kobi Snitz.
Deep Lab is a women's collective group composed of artists, researchers, writers, engineers, and cultural producers. These women are involved in critical assessments of contemporary digital culture and, together, work to exploit the potential for creative inquiry lying dormant in the deep web. Outside of Deep Lab, the members engage in activities that range from magazine editing, journalism, various forms of activism, and teaching. The collective's research spans a variety of topics including privacy, code, surveillance, art, social hacking, capitalism, race, anonymity, 21st century infrastructures, and practical skills for real-world applications. Deep Lab draws influence from Experiments in Art and Technology (E.A.T.), Cypherpunks, Guerrilla Girls, Free Art and Technology Lab (F.A.T.), Chaos Computer Club, and Radical Software.
{{cite web}}
: External link in |title=
(help)She is a former developer with The Tor Project, a technical advisor to the Freedom of the Press Foundation and a member of the review board for Black Hat Europe.
In response to a Freedom of Information Act request I filed in November 2014, the Department of Homeland Security released a document containing information collected about me under this program over the last four years.
Sandvik has helped the Times launch a new series of tip-lines, where potential sources can leak documents or information securely. The Times now has a public-facing Signal and WhatsApp number, as well as a SecureDrop instance.
The married hacker couple have developed a set of techniques that could allow an attacker to compromise the rifle via its Wi-Fi connection and exploit vulnerabilities in its software.
Outside The Times, she is well regarded in the information security community, Mr. McKinley said. She frequently attends conferences, speaks at events and hosts CryptoParties, or events that aim to educate people about digital security in an accessible way (two weeks ago, she co-hosted a Times-sponsored CryptoParty). Her friends see her as a tough stalwart of a male-dominated industry.