Feeds

back to article DIME for your TOP SECRET thoughts? Son of Snowden's crypto-chatter client here soon

Lavabit founder Ladar Levison will within six months carve out a military-grade email service from the ashes of Ed Snowden's favourite email client. As many of you will remember, Levison killed the service to prevent his clients' information from getting into the clutches of the Federal Bureau of Investigations. The popular …

Silver badge
Stop

One Tip...

...change the bloody name!

Dark Mail...ooo evil baddies, kiddie porrn, drugs, terrorist.

Freedom Mail (or something more fluffy)... Ooo good, freedom, patriotic, peace and goodwill to all man etc.

26
0
Silver badge

Re: One Tip...

> Dark Mail...ooo evil baddies, kiddie porrn, drugs, terrorist.

Yes, you're right. It's far too close to Daily Mail with which no self-respecting ... well .... anyone would wish to be associated.

As it is, I still feel that "secure" email is missing a trick.

We already know that a degree of intelligence can be obtained simply by knowing that there is a message being sent (and who the sender + recipients are). High-level secure comms have long used the technique of keeping the channel full at all times, whether or not it's sending anything that decrypts successfully. (And a decent encryption system would be indistinguishable from random noise.)

So a secure email system would send each subscriber the same amount of "stuff" each day (note: to each recipient oin the users "circle" - they wouldn't know who anyone else was) and require each user to send it the same amount of traffic, too . Sometimes it would decrypt as "this is not an email" and sometimes it would decrypt as "they're coming to take you away (ha ha!)". Either way, the baddies who wished to eavesdrop would not know whether the content was signal or noise until after they'd spent some significant resource cracking the message. Multiple that up by (say) a million users and the surveillance soon becomes too onerous and too costly.

Further refinements are possible, but the basic concept has been best practice for a long, long time and should be included in any modern secure comms methodology.

5
2

Re: One Tip...

That is a very good point...To much like the 'Dark Net' the media and politicians are getting het-up about.

Safe Mail! Protecting you and your loveone's emails from peophiles and terrorists.

Sure win.

4
0
Bronze badge

Re: One Tip...

Kittun Mail.

3
0
Silver badge
Facepalm

Re: Pete 2 Re: One Tip...

".....We already know that a degree of intelligence can be obtained simply by knowing that there is a message being sent (and who the sender + recipients are)....." That is metadata, which is what the NSA and chums already collect, so if you're stupidly paranoid (or criminal) enough to think the NSA are already watching you then you have gained nothing by using this service other than a false sense of security. Once the sender and/or recipient are identified they can simply move to either a warranted search or a hack of their computer, where the unencrypted messages will be sitting. One little backdoor later and they will be reading all your coms after/before you decrypt/encrypt them. For the real nasties there might also be an involuntary holiday flight to a black site followed by a bit of decryption by waterboard.

".....Multiple that up by (say) a million users and the surveillance soon becomes too onerous and too costly......" Even if there were that many paranoids in the World, as soon as the authorities identify the service, if they get bored they can either monitor or block it. Useful idiots that sign up to 'stick it to The Man' may then find out that The Man has plenty if legal options for dealing with those attempting to waste police time, including conspiracy charges in the States.

0
15
Silver badge
Happy

Re: One Tip...

I think the "Freedom" went out with the chips.

0
1
Bronze badge

Re: Pete 2 One Tip...

>Once the sender and/or recipient are identified they can simply move to either a warranted search

I have no problems with Spook's executing warranted searches with proper oversight (like a judge). It is the wide scale untargetted fishing expeditions that grossly invade the privacy of everyone where I disagree. If we are going to start (continue?) to track everything about everyone then we put in place the key infrastructure needed by a police state. You had better make sure that the risks and substantial costs are worth it...

2
1
Silver badge

Re: keeping the channel full at all times

Good God, my dear sir, have you the slightest idea what that would do to Verizon's network speed ?

Such a move would turn every second of the day into peak time, and people would use up their monthly quota of "unlimited" GBs in a day.

On the other hand, the chaos generated would hopefully lay the foundation of a law-backed definition of "unlimited" that would finally resemble something realistic.

One can always dream...

0
0

Re: keeping the channel full at all times

It wouldnt necessarily flood an individuals broadband. It depends on the underlying infrastructure.

If a P2P structure were adopted you could simply have a bunch of distributed "broadcast" nodes. These nodes could be used to generate random encrypted "junk" from your initial message and bounce it everywhere. Kinda like a DNS amplification attack. You could handle this traffic by introducing a home grown crypto currency, utilising the hashing power of ASICs for facilitating the email transactions. People that run these nodes get rewarded with whatever you decide to call the currency. Quite a few alt coins do this for various reasons...like namecoin and I think datacoin.

The currency could be used to pay for services on the network or exchanged for other currencies on somewhere like MintPal.

Email can be stored in the blockchain in fixed size chunks to make it harder to differentiate between currency and messages and allows it to be anonymous since you'd only need your private key to access it and it would be decentralised so nobody can kick a door in and take the network down.

Obviously having to have a private key is a weak spot since you can be rubber hosed to hand it over...however, keys and wallet IDs can be discarded as quickly as they are generated. So you could use IDs and keys for a short period of time then scrap them.

ASICs can do an extreme amount of hashing which would create far too much noise for anyone to attempt to crack as you'd have the random spam AND the currency transactions, especially if you encourage micro transactions. I.e. require that a very small amount of currency be spent to pay for messages being sent. So rather than pay x per month, you pay x per message. This applies a value to the currency as you either have to mone it to pay for your email or you have to buy it on an exchange using BTC or the like.

I could go on, but im out of time. Id like to hear other peoples thoughts.

I reckon an open source plan should be placed somewhere that can be refined over time to solve this problem, then once refined...built.

Anyone fancy it?

0
0
Silver badge
Facepalm

Re: CaptainBanjax Re: keeping the channel full at all times

"If a P2P structure were adopted you could simply have a bunch of distributed "broadcast" nodes. These nodes could be used to generate random encrypted "junk" from your initial message and bounce it everywhere......" You would have to be very careful where you 'bounced' your junk messages as they could be legally perceived as a DDoS if they hit servers outside the network. If you limit your junk to only members of the network then it is not only trivial to map out all the users, but easy to degrade the network by simply adding nodes and turning up the production of junk to DDoS levels, at which point the users are swamped with junk messages. A more sneaky attack would be to add nodes to the network until you control 50+% of the nodes, then you effectively own the network, just as has been demonstrated with TOR.

0
1

Re: CaptainBanjax keeping the channel full at all times

Mapping out would be made a lot more difficult if you adopt practices utilised in currency mining. Mechanisms such as proof of work. You could also precalculate a saturation point so that the network only produces the quantity of fluff required to offset the transactions that occur...similar to the shifting difficulty system on a crypto coin network...not enough fluff? Lower the diff, too much fluff? Increase the diff.

The technology and methodologies exist, the implementation doesnt.

As long as the protocol is self regulating it should remain outside any specific influence.

Ironically this is one of the factors affecting bitcoin adoption...its not perfectly anonymous, but its anonymous enough to give governments the chills.

The Tor situation is interesting but that has a weakness that a crypto currency doesnt. The kind of traffic that moves through tor requires persistence due to TCP and HTTP etc...sending a message does not. Also, the messages would be stored in the block chain, not on your own kit...so sending a message isnt going from A to B. You're literally just adding it to a decentralised block chain that everyone has a copy of. Owning a large chunk of the network in this case is no more useful than owning none of it.

Granted the powers that be could go at the block chain and try to decrypt it but if each new bit of fluff has its own associated keys that nobody ever knows, they will spend the rest of time decrypting it.

Remember...each "wallet" has its own pub/priv key. If people use keys for short periods of time thats an awful lot of keys to attempt to crack.

To send a secure message you dont need an end to end connection. To somewhere to hide it and somewhere to retrieve it.

The only reason they can snoop is because traditional protocols require a persistent connection.

Tech like bitcoin does not. If I uninstall my BTC wallet software my coins dont vanish. It all remains on the block chain. As long as I have my public and private keys I can retrieve them. No persistent connection to the network required.

The only real threat (unless the crypto is weak) is countries outlawing it. Thats no different to anything though, you know you have something solid if it gets banned. Blackberry Messenger had this problem.

0
1
Silver badge
Stop

Re: CaptainBanjax keeping the channel full at all times

And for those still preaching the 'invulnerability' of Bitcoins, you really need to do a lot more reading. Start with a Yahoogle of Ittay Eyal and Emin Gun Sirer, then bear in mind that the US Gov has the resources to completely swamp and own any Bitcoin-like network at the drop of an hat.

0
1
Silver badge
Facepalm

Re: CaptainBanjax keeping the channel full at all times

".....You could also precalculate a saturation point so that the network only produces the quantity of fluff required to offset the transactions that occur...." Yes, because any agency with an interest in stopping the network is bound to play by the rules, right? They would never think to introduce doctored nodes that would not have the safeguards enabled. Gosh no, those secret squirrel types are far too dumb to think of that! So, which agency in the US employs more maths grads than all the rest put together?

".....The technology and methodologies exist....." Good thing they exist but are hidden from the study of those TLAs, right? I'm sure that, as long as The Man can be kept from reading about those technologies and methodologies on - oh, I don't know, some tech like the Internet they produced - then all will be just peachie.

".....It all remains on the block chain...." Good thing there would be no way to introduce a doctored block chain then!

/OK, maybe I do need to add sarc tags for some of the posters.

0
0
Bronze badge
Go

second tip...

if passwords are weakness, have users provide "the salt", and generate and store generated ones.

After all, strong crypto needs good random numbers anyway...

Just like a good steak, user provides a bit of salt ;-)

P.

2
0
Bronze badge
Headmaster

Re: second tip...

And/or two factor authentication would help, it won't help you much to know that my email password is Pass123! if you don't have my Yubikey.

0
0
Bronze badge

Point of Order

"The new service was hoped to be ready in time for the Chaos Communications Congress in Germany held days before New Year's Eve"

In other words during the FSM Festival of Blobbing.

Which I have just now invented.

0
0
Bronze badge

4 point type

I thought that legal entities LOVED small print; I see it in most contracts I am expected to sign

1
0
Bronze badge

Re: 4 point type

4-point type is a doddle.

The magnifying glass version of the Oxford English Dictionary is printed in 2-point type.

0
0
Bronze badge

Re: 4 point type

New York State has a supposed "Plain English" contract law. If it's got obfuscatory language, it's not a contract. (Too bad it doesn't apply to our lawmakers).

I say that goes for fonts too!

Ban anything under 12 point in size permanently. Anything smaller is proof of a conspiracy between optometrists and puplishers.

0
0
Anonymous Coward

Re: 4 point type

I mean, if the 4 pt font wasn't illegible, clearly he just needed a better printer.

0
0
Silver badge

Re: 4 point type

What was the problem? ctrl+scroll works fine!

Oh, wait...

0
0

This post has been deleted by its author

Bronze badge

Questions

Is the proposed service demonstrably superior to PGP (with the actual subject embedded in the message body) in either security or usability? Do any points of superiority matter a great deal?

Does the apparently greater complexity (e. g., to PGP) enlarge the attack surface and possibly lead to additional vulnerabilities?

Is it safe from local system compromises by hardware or software implants?

Can it be used to transmit malware?

1
0
Trollface

Re: Questions

And what about Naomi?

0
0
Anonymous Coward

Re: Questions

Naomi is "I moan" spelled backwards.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon