In light of recent revelations of NSA activity (the US National Security Agency), there has been some insightful discussion on security related blogs and email lists of the state of security in computer software and on the Web.

The NSA has a multi-prong approach. They have connections into the Web able to capture and store much of the Web traffic. They have hooks into key software, key software companies, security certificate generators, router and other computer hardware and elsewhere. They have impeded widespread use of any encryption technology that they can't hack, and have made correct, unhackable implementations of key algorithms difficult to create.

Let me tell one story of how this affects us.


A few months ago, two members of the Avalon forum contacted me, wanting to exchange a document securely, and asking for my technical assistance. I use Linux, whereas they used one of the two major PC types - Mac or Windows (I'm being vague on details here, intentionally.) Initially, I couldn't help them much, because I could not recreate the exact user interface that I was recommending that they use. But then I figured out how to emulate their computer environment on my Linux box, using virtualbox (https://www.virtualbox.org/).

After several hours of effort, spread over a week or two I managed to get one of the two parties to the point that they could successfully use the encryption software ... that I had chosen for its security plus relative ease of use. However the other party has so far found the technical effort to be in excess of the value of the document transfer ... and to this day, so far as I know, the two parties have not yet transferred that document.

That my friends, is a key part of the problem.

The NSA and other such Three Letter Agencies (TLA's) have successfully made encryption that actually works (that they would actually have some difficulty decrypting) sufficiently cumbersome that almost no one uses it. The few who actually have some serious secrets worth transferring are not sufficient experts in the arcane technology to know how to use it, and the few nerds like myself who are familiar with the technology seldom have any secrets worth the effort to crack.

The security that is widely used and implemented so that the ordinary person actually uses it transparently (such as the SSL security behind https:// links to your bank) has deep compromises that present no challenge to the NSA. Https (SSL) links may keep out your friendly neighborhood burglar, but they don't keep out the NSA.

A good blog article on this: A Few Thoughts on Cryptographic Engineering (http://blog.cryptographyengineering.com/2013/09/on-nsa.html).

An excellent (but probably too long for most to read) email thread on this: [Cryptography] Opening Discussion: Speculation on "BULLRUN" (http://www.metzdowd.com/pipermail/cryptography/2013-September/thread.html#17099). ("BULLRUN" is the NSA code word for some of its efforts here.)

A key revelation in the New York Times from just three days ago: Secret Documents Reveal N.S.A. Campaign Against Encryption (http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?_r=0):



Documents show that the N.S.A. has been waging a war against encryption using a battery of methods that include working with industry to weaken encryption standards, making design changes to cryptographic software, and pushing international encryption standards it knows it can break.

Bruce Schneier (a long standing, trusted computer security expert) has a relatively readable article on this: NSA surveillance: A guide to staying secure (http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance).

Bruce Schneier's summary blog entry on this topic, from The NSA Is Breaking Most Encryption on the Internet (Sept 5, 2013) (https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html):




The NSA Is Breaking Most Encryption on the Internet

The new Snowden revelations are explosive. Basically, the NSA is able to decrypt most of the Internet. They're doing it primarily by cheating, not by mathematics.

It's joint reporting between the Guardian (http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security), the New York Times (http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html), and ProPublica (http://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption).

I have been working with Glenn Greenwald on the Snowden documents, and I have seen a lot of them. These are my two (http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance) essays (http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying) on today's revelations.

Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted.

EDITED TO ADD (9/6): Someone somewhere commented that the NSA's "groundbreaking cryptanalytic capabilities" could include a practical attack on RC4. I don't know one way or the other, but that's a good speculation.

EDITED TO ADD (9/6): Relevant Slashdot (http://yro.slashdot.org/story/13/09/06/0148201/schneier-the-us-government-has-betrayed-the-internet-we-need-to-take-it-back) and Reddit (http://www.reddit.com/r/netsec/comments/1lu6o2/the_nsa_is_breaking_most_encryption_on_the/) threads.

Yikes... peripheral intelligence gathering used to be an aspect of all-out war, now it's a part of everyday life!

Thank you for covering this very vital topic!!

Sorry if this sounds stupid: what about snail mail?

Sorry if this sounds stupid: what about snail mail?

To be honest, I don't know how secure that is. My (rather wild) guess would be that they track what gets sent to whom from where, and that they can read inside envelopes as they choose, but (even wilder guess) they don't read inside envelopes except in targeted situations.

Unfortunately, of course, it is rather likely that at least a few members of Avalon might qualify for such a "targeted situation."

Question: at some point in the encryption/decryption process, doesn't the person doing the encryption have to give a "key" to the person who will decrypt the document? If yes, then how can the key be securely transmitted? I can see that if two colleagues live closely enough, they could physically meet and share the key, but how to transmit a key you want hidden to a colleague on the other side of the world?

Dennis

Dennis,

you are correct. The challenge of sharing secret documents is all about key management.

Key management is the weak link. Say you encode a document stick it on a (clean) USB key and send it to me, then its safe - even I don't know the key. Also, you ensure that the document is never exposed in an unencrypted format (probably easier to hack your PC and steal the original than break certain encryption).

Now you need to tell me the key - otherwise the document is useless to me :)

So, smart people invented key exchange protocols that, if done properly, enable the secure transfer of a key.

Keys are usually shorter than the messages they encode, so extra effort (computationally speaking) is acceptable.

The problem is getting it right eludes most people, much to the benefit of people like the NSA.

It most certainly can be done though - its just too hard for most people.

Question: at some point in the encryption/decryption process, doesn't the person doing the encryption have to give a "key" to the person who will decrypt the document? If yes, then how can the key be securely transmitted? I can see that if two colleagues live closely enough, they could physically meet and share the key, but how to transmit a key you want hidden to a colleague on the other side of the world?

Dennis
There are fundamentally two forms of encryption.

In the classic form, there is one secret key, which both the sender and receiver need to know. The sender encrypts with the key, and the receiver decrypts with the same key. In that classic case, finding a secure method to transmit the secret key is often a signifcant problem, for the very reasons you note.

The more recent form, called public-private key encryption, solves this problem. In this form, one encrypts something using the Public (widely known, freely distributed) key of the intended recipient. Once you encrypt something with a Public key, then -only- the holder of the associated Private key can decrypt it. You only need to get the right Public key.

For example, my Public key is at http://thepythoniccow.us/Paul_Avalon_PGP_Public_Key.html. Anyone in the world is welcome to send me an encrypted message using that key. So long as no one steals or gains access to the disk drive on which I have the associated Private key, no one else will be able to decrypt that message.

So long as you are sure that it really is me who provided you with that Public key, you can be assured that your message will be readable by the intended receiver, and no one else (not even yourself.)

Thanks, John and Paul (hey, where's George and Ringo?) for the explanations.

Paul, how does that 'public key' get created and assigned? And, the bigger question, does NSA have that (and all other) public keys? (so the encryption is useful against any and all prying eyes, except NSA's?)

Dennis

Sorry if this sounds stupid: what about snail mail?

To be honest, I don't know how secure that is. My (rather wild) guess would be that they track what gets sent to whom from where, and that they can read inside envelopes as they choose, but (even wilder guess) they don't read inside envelopes except in targeted situations.

Unfortunately, of course, it is rather likely that at least a few members of Avalon might qualify for such a "targeted situation."
Well, I can send an unmarked letter anonymously from any post office I like, containing an unmarked or falsely marked CD Rom or DVD. They would have to check out every item of mail to find that.

Thanks, John and Paul (hey, where's George and Ringo?) for the explanations.

Paul, how does that 'public key' get created and assigned? And, the bigger question, does NSA have that (and all other) public keys? (so the encryption is useful against any and all prying eyes, except NSA's?)

Dennis

Private/Public keys are privately computed, by the individual, using software such as GnuPG (http://www.gnupg.org/).

Well, I can send an unmarked letter anonymously from any post office I like, containing an unmarked or falsely marked CD Rom or DVD. They would have to check out every item of mail to find that.
That should work ... and it's rather difficult to read a CD through an envelope :).

@ Paul

hQEMA9u8i9Po9RXlAQgAsQDORmqzm72PZgd/aOm+LePF9zH95gVJpQRLwf9TLaC+
Yhn99sRCWKGLjdEWw6Kt5p7pymX1LCbLTLgciBZmdpdNPXebaf+VHkiFMTEYdwc6
tIK2qlY9+r1Ad/saLqz0OoJbTgkfBH4xZtAsAZghlJo51zlnK6pd2KTGOQumU98J
SmdpBX/Ekn2yCBbyZ9PyPb/i2n8ZZMuaPzK/UCV0F/Re7dRQefkgN5mXoc7Z4UDf
Nhn500PCsoHh1ImjvXoimkL1lQExCQrYy/5yAFPR4CQsxnehymxKzOzNX6PqbBvH
9ihncclJBCzptBtn57XundBO9rftUTgV/2jDFNSR2skwovfAoIbyu6b+4aC+5Q6G
TEL23W6o9PdaPml+LOeR78y5ka0hCY9D7oUMDdvcxi6f
=NKtz

Question: at some point in the encryption/decryption process, doesn't the person doing the encryption have to give a "key" to the person who will decrypt the document? If yes, then how can the key be securely transmitted? I can see that if two colleagues live closely enough, they could physically meet and share the key, but how to transmit a key you want hidden to a colleague on the other side of the world?

Dennis

In less technical words:

1. If you would send a box to a friend with valuable contents you send it with chains and a lock around it (you keep the key !).
2. Your friend locks the box too with his owns chains and lock and sends it back to you (he also keeps his key).
3. You remove your chains and lock and send it agian.
4. Now finally the recipient can remove his chains and lock to open the box ... !

In the above scenario there is no exchange of keys. Everyone only use his/her own local key.

@ Paul

hQEMA9u8i9Po9RXlAQgAsQDORmqzm72PZgd/aOm+LePF9zH95gVJpQRLwf9TLaC+
Yhn99sRCWKGLjdEWw6Kt5p7pymX1LCbLTLgciBZmdpdNPXebaf+VHkiFMTEYdwc6
tIK2qlY9+r1Ad/saLqz0OoJbTgkfBH4xZtAsAZghlJo51zlnK6pd2KTGOQumU98J
SmdpBX/Ekn2yCBbyZ9PyPb/i2n8ZZMuaPzK/UCV0F/Re7dRQefkgN5mXoc7Z4UDf
Nhn500PCsoHh1ImjvXoimkL1lQExCQrYy/5yAFPR4CQsxnehymxKzOzNX6PqbBvH
9ihncclJBCzptBtn57XundBO9rftUTgV/2jDFNSR2skwovfAoIbyu6b+4aC+5Q6G
TEL23W6o9PdaPml+LOeR78y5ka0hCY9D7oUMDdvcxi6f
=NKtz

Cristian is awesome too (once I removed the spurious space in the second line.)

"Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted." Bruce Schneier.

Paul, can you help with the definition of agency in this sentence?
Not sure what that means, and therefore not sure how it has been subverted.

jf

"Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted." Bruce Schneier.

Paul, can you help with the definition of agency in this sentence?
Not sure what that means, and therefore not sure how it has been subverted.

jf


I took Bruce's statement to mean, roughly, that the math is a conceptual framework, a theory, that stands on its own, but that the code (lines of software) is the product of various individuals, institutitions, governments and corporations (various agents), and as such, can be, and in this case has been, corrupted and subverted to the overriding purposes of those agents.

To someone with Bruce's understanding of the mathematics behind cryptography, this is likely a fairly obvious statement. He knows the math, and the math is good. He's seen some of the code and some of the ways by which the code is produced, and so far as the code realizing the mathematics, the code is subverted crap.

"Remember this: The math is good, but math has no agency. Code has agency, and the code has been subverted." Bruce Schneier.

Paul, can you help with the definition of agency in this sentence?
Not sure what that means, and therefore not sure how it has been subverted.

jf


I took Bruce's statement to mean, roughly, that the math is a conceptual framework, a theory, that stands on its own, but that the code (lines of software) is the product of various individuals, institutitions, governments and corporations (various agents), and as such, can be, and in this case has been, corrupted and subverted to the overriding purposes of those agents.

To someone with Bruce's understanding of the mathematics behind cryptography, this is likely a fairly obvious statement. He knows the math, and the math is good. He's seen some of the code and some of the ways by which the code is produced, and so far as the code realizing the mathematics, the code is subverted crap.

I am assuming that it is along the lines of making people think they are safe, when there are TLA bacdoors?
Another Question, have people found backdoors in the Selinux code?
It sounds like a lot of people are assuming it is there ,but I haven't seen anything that says it's found them.

jf

Yikes... peripheral intelligence gathering used to be an aspect of all-out war, now it's a part of everyday life!

Thank you for covering this very vital topic!!

We can take this as an indication of ongoing war.

if two people want to keep something secret, create your own system, maybe a book that both of you have and use numbers of pages and numbers of lines and completely code the whole thing in numbers from that book that only the two of you have ... or something simular ... creating a way to talk without them knowing what you are saying would be a good finger in the NSA's eye ... sadly if we talk on the phone or Email, or skype , any electronic footprint the NSA can look at it anytime ... there is no privacy anymore , they killed freedom ...

Thanks, Paul...
I've been having a real go round with my city officials on the idiocy of the smart meters they are forcing upon the entire city population..both on our homes for electricity metering, and on our water supply at each residence and business, etc....
I show them the statistics...on the rf radiation effects on living things..to no avail...but this week I brought up the fact that any good hacker will now be able to interrupt our power and water supplies at will...and there won't be a thing they can do about it...and I do think that got their attention...however I don't believe it will change anything.
Thanks for your post...and keeping us informed.Blessings.
end of line.

This is a German article from the very famous HEISE Verlag which states that the NSA uses quatum computers to decrypt and that no known method can withstand it (except quantum encryption itself)

http://www.heise.de/newsticker/meldung/NSA-und-GCHQ-Grossangriff-auf-Verschluesselung-im-Internet-1950935.html

Bloomberg Businessweek having a rant at the NSA

"Dear NSA, Thanks for Making Us All Insecure"



....
One must possess a Panglossian view on things to assume that Edward Snowden was the first person out of the many thousands in his position to make away with such material. He brought it to the public, and without that move there’s a good chance you wouldn’t have even known he took it. So who else has it? Bet you have no idea. So well done; you’ve probably put your own citizens at risk.

But let’s ignore that distinct likelihood for a moment, and concentrate on the aftermath of Snowden’s revelations.

If the first tranche of those revelations will hit the U.S. Web services and cloud economy hard—estimates vary as to how hard, and only time will tell—then the crypto scandal is going to do the same to the U.S. security industry. In fact, it’s probably going to hurt more. Most people have too much invested in American Web services to pull out on short notice; it’s relatively trivial in many cases to switch security services.

Of course, the implications aren’t only glum for U.S. firms. There are enough hints in your leaked documents to suggest that you got to some foreign firms, too. And as you seem to have influenced the standards-setting process (sometimes cackhandedly) the global security industry must now think about starting from scratch.

Sadly for you, this time round your influence will be vastly diminished: It’s going to be much harder to insert your demands into the finished product. As far as the rest of the world is concerned, the forum provided by the U.S. National Institute of Standards and Technology will now carry less weight. And because the security industry will now shift to open source—there is no other option if the new standards are to be trusted—installing hidden backdoors will be nearly impossible.

http://www.businessweek.com/articles/2013-09-06/dear-nsa-thanks-for-making-us-all-insecure

The last bit is interesting:


Just because the U.S. invented the Internet doesn’t mean it gets to maintain the level of control it now exercises forever. Particularly when you’ve now forced everyone to think about reengineering it.

Oh, and by the way, whether or not you do succeed in cracking the encryption protecting 4G communications by the end of this financial year, as you have predicted, you can probably expect U.S. influence in international telecommunications standards-setting to take a knock, too.

So in summary, you’ve blown it—and not just for yourselves. Good luck readjusting in the coming years!

Inside the Effort to Crowdfund NSA-Proof Email and Chat Services

http://motherboard.vice.com/blog/inside-the-effort-to-crowdfund-nsa-proof-email-and-chat-services


Back in 1999, Seattle-based activists formed the communication collective Riseup.net. The site's email and chat services, among other tools, soon offered dissidents a means of encrypted communication essential to their work. Fourteen years later, Riseup is still going strong. In fact, they've been fighting the US state surveillance apparatus longer than most people have been aware of the NSA's shenanigans. Now, the collective is hoping to expand, given the gross privacy transgressions of the NSA and US government as a whole.

"What surveillance really is, at its root, is a highly effective form of social control," reads an August Riseup newsletter. "The knowledge of always being watched changes our behavior and stifles dissent. The inability to associate secretly means there is no longer any possibility for free association. The inability to whisper means there is no longer any speech that is truly free of coercion, real or implied. Most profoundly, pervasive surveillance threatens to eliminate the most vital element of both democracy and social movements: the mental space for people to form dissenting and unpopular views."

The impetus behind the project is Riseup's struggle to keep up with new user demand for an email service that doesn't log IP addresses, sell data to third parties, or hand data over to the NSA. Riseup will also be able to expand its considerable anonymous emailing lists, which features nearly 6 million subscribers spread across 14,000 lists. Their Virtual Private Network (VPN), which allows users to securely connect to the internet as a whole, will also be made more robust. What Riseup can't do is offer its users an anonymous browsing experience, but that's not their aim.

To offer Riseup to more users, Free Press's Joshua Levy, Elizabeth Stark (an open internet advocate who has taught at Stanford and Yale), as well as others at the StopWatching.Us campaign (backed by Mozilla) recently launched an Indiegogo crowd-funding effort on behalf of the group. They hope to raise $10,000 in order to provide Riseup—which is run by volunteers—with a new server, hardware, and software capabilities. In short, they want to expand their reach so that internet users have another alternative to email services such as Gmail, Yahoo, and Hotmail.

To get a clearer picture of what StopWatching.Us and Riseup are doing, I spoke with Levy, Stark, and an anonymous Riseup collective member. We talked about how the crowdfunding money will be spent; how Riseup helps users avoid NSA, as well as state and local repression; and why, contrary to reports, the Tor Browser bundle is still the best option for anonymous, encrypted browsing. (As of today, the crowdfunding campaign reached it's $10,000 goal, but the organizers are hoping to exceed that total by a good margin.)

The article continues with a Q&A with one of the members.

Worth a read if you are interested in this sort of thing.

James Lyne: Cybercrime -- and you

17 minute video presents information from which you may benefit.

Some data provided (as of February 2013):

~8 new internet users each second.
250,000 (250.000) new pieces of malware produced every day.
30,000 (30.000) new infected websites each day – of which more than 80%
are small businesses.

Gives examples of web sites focused entirely on helping cyber criminals.
Describes how easy it is to find your location and lots of information about you.
Says that current, young IT professionals know how to use the technology, but have no knowledge of how it works “under the covers”; in Britain there is a 60% reduction in A-level IT talent since 2003.

Source: http://www.ted.com/talks/james_lyne_everyday_cybercrime_and_what_you_can_do_about_it.htm