I'm just a bit disappointed as I really expected 'super-duper' crypto, rather than off the shelf.
In the first article in this two-parter on building your own crypto toolbox I covered older tools that have been around for a relatively long time now: Truecrypt and OpenPGP. Here, I will go in a different direction and look at ways of protecting instant messaging, general web-browsing, and how to trust the operating system …
I'm just a bit disappointed as I really expected 'super-duper' crypto, rather than off the shelf.
When it comes to crypto you want it to be open, tried, and tested, and based on known standards.
> When it comes to crypto you want it to be open, tried, and tested, and based on known standards.
And effective! :-)
E.g., a permutation cypher would match all your criteria, but it'd still be disastrous choice.
Also you need it to be (mostly) easy to use - otherwise you won't.
Really good tools are the ones you forget are there - they just silently, reliably and continuously do what they are supposed to do.
I use OTR for various things, the article mentioned the Pidgin plugin, but there's also a useful app for Android - chatSecure - exact same basis but for your phone.
If you're after Tor on your phone - Orbot and Orweb (the former connects to Tor, the second is a browser). If you're rooted, Orbot can redirect all traffic over Tor, if not then it just opens a Socks proxy.
TAILS is pretty popular, but IMHO Liberte Linux is a better bet as it's also got i2p baked in. Same procedure for running: boot off a liveCD.
I2p is a nice concept, but has suffered from too many zero-days to be regarded as a serious tool.
As the first poster said this ain't 'super-duper' but the bare minimum required, I'd advise someone talking this seriously to go MUCH further. A minium 1st stage would be to isolate the wan from your terminal physically, by using a setup similar to whonix in it's two node configuration or qubesos with an isolated nic.
I've tweaked the headline to be more specific – it's about anonymity, after all, and an introduction to it. I, personally, would love to do a QubeOS et al review, but it's finding the time to do it properly. Maybe someone can set aside the time.
FWIW if your life really really depends on it, consider using physical separation a la PORTAL of Pi.
Liberte Linux is also systemd infected...
With reports of nodes being taken over is it possible that entry nodes as well as exit nodes could be suspect? If an attacker has control of entry and exit nodes it would be possible to correlate the traffic between the two and work out who's talking to who.
But cannot one control which entry nodes they use? They can then use IP geolocation to roughly pick an entry point outside territory accessible to the west. Even if the entry point is accessible to another power, odds are they won't talk to each other and put two and two together.
TOR analytic slide it would appear one has to be a terrorist to use it. I can guess which side of the argument over privacy rights this slide is addressing. Propaganda can be subtle.
And the terrorist looks suspiciously like David Blunkett.
We do know that TOR's development was largely funded by terrorists.
If the "exit node" you are using (the point where your traffic exits the Tor process and emerges on to the normal internet) is unscrupulous, evil, or just hacked, (or, run by GCHQ) it has the ability to intercept the contents of your communications.
GCHQ [or any Intelligence Service Sysadmin for that matter] could learn more than just a lot about many vital virtual and virile viral bits of the exploding enlightening enigmatic puzzle which confronts and/or taunts and/or daunts them with Remote Anonymous Cyberspace Command and Control if they were running with Registering expertise, which is so easily transparently shared across a truly global base of seriously smarter than average thin clients. Such however would then be someone and something other than government puppets running Intelligence in..... well, Offices of Cyber Security are surely responsible for all failings in the running of things today, are they not?
An inconvenient truth indeed, and one which grows stronger and more powerful the more often its notions and shared emotions and novel passions are denied and/or ignored. A sticky sweet irony in deed, indeed, and titanic opportunity exploiting vulnerabilities with zerodays, right, left and centre, i.e. everywhere and anywhere that is nowhere.
Something else to consider is that emitting encrypted traffic makes you stand out
Is this possible? That every packet that enters TOR is encrypted in a way that interceptors will see a fuzzy fluff ball?
Once this becomes a common way of hiding traffic the "intelligence" agencies will need to analyze every pretty kitty photo and video for hidden meanings.
Not as much as it used to and hopefully soon to be "not so much".
The answer to that is ubiquitous use of encryption then...
I absolutely agree, Cipher. The problem with that is that as things stand right now proper cryptography and secure comms are
1) A pain in the arse to set up properly
2) Requires someone else on the other end equally skilled, who is also prepared to put in the time and effort who also...
3) Is using encryption kit that yours can talk to.
Unless something happens (and it is starting to, slowly) where a lot of people choose software that happens to also have good encryption (but right here and right now good encryption alone doesn't seem to be reason enough...loads of people still use Skype, for example); then people using proper encryption stand out like a beacon. Of that small percentage of total users, you have your hobbyists; corporations shunting proprietary data; and people with something to hide. So at least one of those groups (and two, if the reports of industrial espionage on the spook's part are correct) merit a closer investigation.
So, yes, I believe encryption will make you stand out; quite possibly deem you worthy of a closer look. You're also potentially annoying people who are in a position to rain perpetual shit into your life because you're making them work harder.
I encrypt email for privacy from those I consider are likelier than the local SIGINT agency to want to do me harm. And I live just over 21 miles from the NSA Bluffdale, UT data center.
All valid, sadly, points...
I simultaneously see glimmers of hope and despair at the scope of the problem. Recently on a favorite IRC channel a fellow made a point to get several people to install Thunderbird, and setup GPG, sign keys and send test messages.
I was amazed at the trouble a group of tech 1 percenters had with this, folks who run linux, test distros on spare machines routinely and compile source to install software with ease. They all got it done but the level of hand holding was mind boggling considering the skill set of the group...
Nothing to do but keep on keeping on I suppose...
I don't think teaching will help with the subject - for universal takeup, encryption needs to be baked into all the software we use; either transparently or with very, very easy use. Otherwise people simply won't bother. Getting people to use vaguely secure passwords is difficult enough. And that's with a new large corporation in the news everyday for being pwned.
The software has to handle it for the UK in particular; otherwise police can simply trump up some charge or other and demand your keys...thus rendering the whole effort pointless.
The landscape is changing, slowly, with everybody changing to things like SFTP and TLS and similar as the defaults; but all comms software needs to come with baked-in point-to-point encryption (and local storage) as well. The problem there is it's extra expense for the software company for little visible result and -even if executed perfectly- they will be met with cries of "Oh great, another bloody password"
Nothing to read here.
Didn't soemone once disguise the military data of a Austo-Hungarian installation as a butterfly?
If it worked once they will never expect it to work again. And if they never expect butterflies to work again, the chances are 1 in 10 that they will.
And 9 in 10 they will never suspect kittens instead.
If they begin to suspect kittens, think of all the Snowden moled private companies they would have to employ to search the tubes for stray kittens. I LIKE IT. Big time!
I very much doubt internet users in Venezuela will be doing much to protect themselves. Especially since most will be using outdated mobile phones. Unfortunately they have already sorted out who are on the lists that the CIA make for future dictators to round up and torture/murder when the next coup takes effect there.
Thing is, ease of use runs SMACK into the security problem. Making something TOO easy ALSO makes it easy to break. It's like with a lock. Sure, making it turnkey easy helps people to use it, but the lock then becomes a point of failure.
Which now puts you in a bind because you have two conflicting forces pulling against you. On one hand, you can't make things too hard or people won't use it, but you can't make it so easy you introduce points of weakness. And the worst part is, many times it reaches the point that the two pass each other: IOW, the hardest people want it is also beyond the point where it's too easy to break, people are sick and tired of learning, and you face a determined adversary and legal requirements where tough security is the bare minimum acceptable.
Its not that they are two conflicting forces. Security and Accessibility are opposing forces, not ease of use. As we increase security, we need to give up a certain level of accessibility to gain that security, but there is absolutely no reason, that setting up that security can't be easier.
Here's the real crux, security is not sexy to the general populace, it's a matter of need, but it's implementation is largely done by people with knowledge. Look at something as common as TLS and the now defunct SSL. To a general user, this just "works", but have you actually ever setup a CA and pushed that out to more than 1 or systems? It's an effort.
You can't ask a person (even a "Power User") to just setup security, but there is no reason that we couldn't give a user a package that sets up a certain level of security and accessibility that was point an click. It's a matter of time, cost, price, and marketability for the general populace.
If VPN's were cool to use, like running your iPhone or Android, things would be different.
"Here's the real crux, security is not sexy to the general populace, it's a matter of need, but it's implementation is largely done by people with knowledge. Look at something as common as TLS and the now defunct SSL. To a general user, this just "works", but have you actually ever setup a CA and pushed that out to more than 1 or systems? It's an effort."
More than that. It's a matter of TRUST. SSL and TLS both depend on certificates, which in the general use case have to rely on Certificate Authorities. Which means essentially Alice and Bob have to trust Trent. Thing is, sometimes Trent is really Mallory (or more often Gene), so you're back into DTA mode.
Making SSL/TLS "just work" requires a level of trust that in today's world could be considered ill-placed. And people are getting sick and tired of all the hoop-jumping. Go back to the front door. A burglar can just kick the door down, but trying to guard against it is too much hassle for the ordinary person to deal with. Yet people complain about break-ins at the same time, which means customers are demanding the impossible: something that's too easy to break and yet too tough to go through everyday.
Or in a nutshell, "Not Enough is Too Much."
If VPNs were cool to use and easy to set up, the major telcos/ISPs would just try even harder to prevent people using them properly. for financial and 'oversight' reasons.
Not saying it would be a bad idea for Joe Public to get involved more with this stuff (it probably wouldn't), but there are greater forces at work. Dark forces, who would rule our planet ((c) TKM, 198x)
Happy New Year.
> Something else to consider is that emitting encrypted traffic makes you stand out
Only if nobody else is doing it.
Why do you think every single one of my posts here, no matter how innocuous, are as AC?
> for universal takeup, encryption needs to be baked into all the software we use
Not quite there, but recent versions of Enigmail (a Thunderbird PGP plugin) have been encrypting by default anything that could be encrypted. It's a start.
Which is why you need to get all your buddies to also emit encrypted traffic.
Wait a week or two, and see if a substitute key hit the news.
With regards to the echo cancellation, you can use a professional echo cancellation like SoliCall Pro. This software is shareware but once the timeout expire you can reinstall it to extend the evaluation period.
Or you could just use headphones.
"we might easily trigger a vice-random decision when it comes to natural desire for things, but at this point, we haven.t even perfected any way to make the AI really desire something" - something's changed since the time it was written. It's appeared to be eager of processing through a stream.
Isn't it MMAD to run TOR nodes if you are a security agency?
Farms of nodes matched by The Other SideS will make TOR more effective, won't it?
It's a gamble. You want to be the one that has the exit node for the ReallyInterestingStuff (TM). The more nodes you have and the more spread out they appear to be, the more you up your odds...
than part 1 but still languishing in the pre-snowden era of thought before we realised the true extent of the data collection that 5eyes were actually doing.
This article has done nothing to address the metadata problem which when combined with actual tradecraft makes these countermeasures less useful
Frankly, that horse left the stable a long time ago. Anything a company does becomes their business (literally). It's one of the costs of "doing business" with someone. And the governments are on the spot because no one wants 9/11 Part Two (which no one may survive when it occurs), so what can they do? Any answer short of "We're working on it" won't be acceptable to the public, and the public isn't ready to accept the idea that, "If they wanna destroy the world, they'll do it in spite of God, Man, or the Devil" because the enemy is too small, paranoid, or evil to penetrate.
The once vaunted Skype is no longer secure in any meaningful sense of the word.
And once again we have a Reg "security tips" article from someone who doesn't know what "security" means, and doesn't understand things like threat models. I know, it'd be a burden to have to spend an hour or two reading up on the subject.
Ah well, I suppose advice from amateurs with some experience in IT-security technology is better than nothing. Probably. But it's just this sort of thing that's left far too many organizations with foolish, non-productive security policies like password lifetimes, instituted cargo-cult fashion by managers and administrators who read a bunch of security tips but not any of the research or theory behind them.
Depends who you want to be secure against.
The PI your ex hired to try to prove adultery? It's perfectly fine for that.
Your Boss trying to spy on your personal calls over the office wifi? It's as secure as the device you use it on.
Government surveilance, or a megacorp involved in industrial espionage? Well, it'll slow them down for half an hour.
Just curious - are there concerns about newer machines being compromised at the hardware level?
Maybe rolling out the factory pre-compromised, ready for NSA access?
Or just simply a hint that older hardware will serve nicely in this role, thereby saving it from the rubbish heap?
Or maybe that's what the NSA WANT you to believe since they've probably been secretly compromising hardware chips since the 8008.
I'm guessing TAILS is vulnerable to a BIOS hack?
All of these, (ok, most of them,) will one day be cracked.
And they won't be announcing it, so unless you can guess, you've had it.
There's a law of natural selection which says the prey and the predator continually evolve to outdo the other. This is all this is.
Biting the hand that feeds IT © 1998–2017