Schneier on Security

Clive Robinson • December 13, 2019 7:38 AM

@ Phaete, ALL,

A glint of hope can come from the fact that most of the people who understand and have to implement the backdoor are against it, and almost all who want it don’t have the skill to program it correctly.

Actually two “glints” one of hope one of certainty, you’ve given the hope, so now for the certainty that will also bolster the hope 😉

Irrespective of if backdoors can be implemented, thoughtfull crypto can only be stopped if communications are stopped.

Why? Because unlike “Crypto-Wars I” we have progressed to the point that those who most demand backdoors have way too much to loose by stopping communications[1].

All they can do is throw up strawmen to try to stop people thinking and desperatly hope that technology they can use will appear… But for various reasons it won’t, and even that which does won’t be effective, even though it migh “chill free speech” by most citizens.

Thus the big lie by those on the Hill is it will stop the four horsemen… In actual fact it won’t and either they are very deliberately lying or in the worst form of self delusion.

To see why backdoors etc will not work, you need to realise that nearly everything the majority of US citizens need to survive is controled by communications. Communications that are inordinately complex and will become increasingly more complex not just with time but more importantly the size of the population and interdependent systems.

The increasing complexity issue is a problem that gives nightmares to engineers and others who have to maintain the communications infrastructure. Not least because they know “Communications needs power, and mostly power starts to fail when communications fail” it’s an interdependency from hell of human making, that there is in the “short term free market world” “no money” available to sort out (something New Zeland had to find out the hard way and US PG&E customers are starting to realise).

But importantly as complexity rises the number of side channels available rises faster. Thus the opportunity to get around controls increases. Realistically communications in the US is beyond “central control” to the level required for even a half harted attempt at censorship. It’s a problem that is not lost on those who benifit from section 230 of the Communications Decency Act to actually remain in business.

But you don’t even need to use the many side channels that spring up with complexity to beat backdoors or censorship, they just add to the possibilities. Because at the end of the day natural language contains very high amounts of redundancy.

Where there is redundancy, there is entropy, and where there is entropy information can be transmitted between two parties covertly, without a monitoring third party being able to say let alone prove there is two let alone more channels of dirrect communications.

So with a little carefull thought two parties can communicate privately even though all their communications are monitored.

Whilst this was known back in WWII and earlier, Gustavus Simmons put it on a more formal footing with his “Prisoner’s Problem”[2] and what was termed “subliminal channels” back in 1984.

However for various reasons a practical system needs three channels,

1, The overt channel.
2, The covert channel.
3, The authentication channel.

These are “nested” like “Russian Dolls” and sent down the communications channel which is assumed to be not only “public” but “monitored” as well.

That is the overt channel has entropy within it which is used to carry the covert channel which in turn has entropy that carries a message authentication system.

I’ve mentioned how to do this in a “practical for human use” way in the past. As well as showing that it can be implemented as securely as a One Time Pad system.

There are very many ways you can implement such systems and there are other techniques that can be added to not just increase reliability but detect active attacks and countermeasures.

Thus the question of censorship falls to being “detected” in all methods of communication. Obviously there are not enough human censors and even if there were few could understand complex communications systems let alone spot side, covert, or subliminal channels.

Thus the CDA230 problem arises of, “Can AI understand content”, if it can not and currently that appears to be the case, then it can not reliably censor either.

But there is a way that “Standards designers” “Protocol Developers” and those that “build implementations” can help. Which is to add redundancy in many planes such that the number of in channel side channels is large. In a way the likes of plain HTML, XML and others do this as a necessity to suppprt the richness of features that only high levels of entropy can give you.

[1] So for those up on the hill who think “killing communications” is an option think back to why we nolonger hear about the, “Presidential OFF switch”. It was a “non starter” before it was even suggested, and it would be even worse now[3]. Even if the US government started tightening down on communications now, the economic harm the US would suffer very quickly would fairly soon become not just apparent but intolerable not just to the citizens but the politicians themselves.

[2] https://link.springer.com/chapter/10.1007%2F978-1-4684-4730-9_5

[3] By the “best estimates” of scientists an EMP burst over the US will technologically take the people in the US back to 1800 or there abouts… Remember the current US population is north of 1/3billion people currently and back in 1800 was a little over 5.3million so ~63 times as large today. Back in 1800 most US citizens were importantly effectively “continuously self sufficient” in water, food, sanitation, and energy and almost entirely unreliant on communications. The number of US citizens in that state today is probably considerably less than 1% of the population and effectively zero in the cities, towns and suburbs where most live (even in rural areas). If the communications “OFF switch” or equivalent is thrown, then water, food, energy, sanitation stops relatively quickly within a matter of an hour or two things such as fresh food orders on “JIT ordering” will go wrong, payments etc stop, in three or four days shop shelves will be empty not just of food but other essentials and OnLine shoping won’t be possible. We don’t need to realy ask what will happen when things do effectively stop, because we saw what happened with Hurricane Katrina. The reality back then as now is there is little individuals can do to survive even for short periods of time. But even in a less dire situation we’ve more recently seen those living in California having to come to terms with PG&E power shutdowns[4]. They have been a bit of a wake up call with spikes in petrol consumption and theft. Oh and people discovering with freezer foods spoiled they realy don’t like the foods they have in their store cupboards and panteries and with their local shops and fast food outlets closed, having to drive 30mile round trips to get cheese burgers and the like and stand for an hour or so in the que…

[4] Entirely to blaim on short term free market thinking by those in charge. They viewed maintanence as an “unnecessary expense on the balance sheet” so for “shareholder value” they effectively stopped doing it. The result was their poorly maintained equipment and it’s environs caused many fires. Which in turn caused law suits and effective bankruptcy. Thus to stop the potential for more fires, they turn their systems off if it looks like the wind is going to blow… Under current conditions this problem is going to get worse as other infrastructure goes the same way.

Clive Robinson • December 14, 2019 4:31 AM

@ SpaceLifeForm,

Spot on. You have been reading my mind.

There are many things I can do, but “Mystic Mog” abilities are not on my C.V. yet 😉

The reality is that two minds do think alike when seeing similar data from similar view points. Academia has seen this happen sufficiently often that we know it’s not coincidence.

The real trick is to come up with simple ideas nobody has before, and hear them say “that’s bl33ding obvious why did I not see that”. Sometimes you realy know it yourself because your gut kicks you hard enough to make you draw breath and switch into high gear.

Back last century a friend had bought a lovely little cottage in Godalming, it was built around oak timbers and older than the Mayflower. Unfortunately he was getting woken in the night by “the knock knock knock of the death watch beatle”. We were chating about it on the phone just after work one evening and he was telling me just how expensive it was to get sorted out due to the labour involved. I jokingly said he needed a “death ray”. And he said what wood oak that could stop bullets be transparent to but grubs not, and without thinking as I’d built a few “radomes” when younger for satellite tracking I said “microwaves”. At which point we both got the kick from our guts, and I said “Yeh Nuke the 13astards” and joked it would only take him five minutes to take the front off the microwave oven. When I got home an hour later, my then partner was quite puzzled when she saw me start cutting up bits of wood and cutting groves in the face then putting bits of frozen mince (ground beef) in and putting them together with electricians tape befote putting them in the microwave. She was even more surprised when I told her why, and she was even more surprised when in the first test the microwave not only cooked the mince right through in a few seconds but the wood hardly got warm…

The following morning I phoned my friend up to tell him the idea worked a treat, and he said he knew, and told me that he had run a series of searches on the Intetnet but unfortunately somebody had beat me to the idea by only a few months with a new product and had applied for a US patent…

Some you win some you don’t quite get to the tape, but a good idea is still a good idea.

Clive Robinson • December 16, 2019 7:07 AM

@ Giving back doors to your enemies,

The author of the TechDirt article Mike Masnick says,

Separately, he [Hayden] points out that backdooring encryption won’t even help law enforcement do what it thinks it wants to do with backdoors:

If you read down the following quote of Michael Haydon you find, firstly the open statement of

“Proposals that law-enforcement agencies be given backdoor access to encrypted data are unlikely to achieve their goals”

Which is a point a number of people have been making for a very long time, with some of us pointing out supporting history that goes back a century and realy should be more publically known.

But Michael Hayden goes on and qualifies the statment with a few examples. Of which is this one,

“it will have no impact on encryption technologies offered by foreign companies or the open-source community.”

Bares more consideration and amplification.

Firstly he is saying what many have yet to pick up on, which is,

You can only backdoor what you can reach and own.

The US mandate on backdoors stops where the communications end point is that is in modern parlance “on your smart device”. Because they “can not reach and own” beyond that point without some kind of usable connection.

That is it does not matter if the world and his dog can see the ciphertext generated by anything off the communications device and beyond the security end point, as long as the security end point is issolated from the communications end point, safely out of reach via any on device malware / backdoor. This point has been known for more than a century, and has at one point or another had proofs made with respect to it. Designing and producing equipment based on this used to be a function of the NSA before some US politicos for ostensibly political reasons said that they had to stop the “bespoke” and go for the “COTS” approach. Or more accurately go from secure, hardend and reliable to cheap insecure and unreliabe.

Secondly most forget what “Open Source” realy means. All to often people limit their thinking to “computer code” which is a mistake. Because it does not apply only to computer code but all written words that have transferable meaning.

Thus any “work” that transfers information that the producer of the work has decided to remove the implicit copyright limitations on is “Open Source”. But even if the producer has not removed copyright “fair use” alowes you to make your own “work” provided it follows certain rules, and there is nothing to stop you making your “work” “Open Source”.

Thus telling you how to make and use the likes of One Time Codes / Phrases by hand is covered by “Open Source”. Likewise a work covering the OpSec asspects that tell you how to securely use them away from you mobile phone (air gapped) then take the ciphertext to the phone and send the ciphertext via SMS or Email etc from it is also “Open Source”.

Thus such “Open Source” works tells you how getting around any backdoor or malware the US Gov can mandate can be done. This basic knowledge can then be expanded to take in more technical solutions such as “Tin Foil Chat” which is both “Open Source” software and hardware designs.

Once you realise that bypassing mandated backdoors can be that easy and the information on how to do it is in hundreds of books and thousands of web sites you come to a conclusion of,

Backdoors can not work against the informed.

Which then leads to thoughts about what the LEO’s etc are realy upto. That is the backdoor issue is but one small step on a longer journy they are making, the problem is we can only guess at where else their route will go and what if any is their final destination… The only thing we truley know about LEA’s is that they want,

1, More Power,
2, More Money,
3, To grow ever larger.

That is they have a parasitic relationship to society as do all “Guard Labour” and like “weeds in the garden” they very regularly need cutting back to avoid causing harm.

Clive Robinson • December 16, 2019 11:14 PM

@ JonKnowsNothing, Giving back doors to your enemies

Probably the most feared item in any closed system is “knowledge”.

Actually in nearly all hierarchical systems as well. Because “Knowledge is power” especially where people behave dishonestly (which is true for almost all people in power).

Two examples are,

1, The Roman religions fell to Christianity, because Christianity offered “life after death”. Whilst no proof of life after death was ever offered, or could be, belief in it was sufficient to make it an unstoppable force taking away the fear of death thus building in defiance against the way authority was exerted on those in the various classes of society (later variations when Christianity was the authority were excommunication, being buried dismembered, buried in non consecrated ground or threat of disinturning people from their graves).

2, Nearly all polititions lie in one way or another to gain position thus power. Most often it’s by pretending to fit in with the mores of the more conservative vies of society (ask yourself how many atheists there are in those who stand to be representatives compared to the general population, likewise “family values” and faithfullness to their spouses etc).

The simple fact is those in power are usually their because of their underlying Antisocial Personaliry Disorders (ASPD -socio/psychopathic) traits, or other aberrant mental processes (Narcissistic Personality Disorder etc).

Oddly perhaps in reflection we find that most societies rather than deal with the issues, instead prefere to pander to those who have such abberant behaviours. And have tried in the past to make such deviations and their harms normalised via labels such as “paternalism” etc. Like most forms of abusive process it will not stop unless those who are being abused confront those with the abberent behaviours and either they genuinely change –if they can– or are excluded from such positions or society it’s self.

The problem is of course the oft said “80% of successfull people have ASPD traits”. Thus the problem may well be how society sees and rewards what is perceived in society as “success”. The simple fact is most people with ASPD etc fail and fail hard due to their inability to see beyond their own needs. We might call it “risk seeking” behaviours but the reality is whilst most fail and hurt those around them, probability tends to limit their “success” by just “risk seeking”. Therefor other ASPD traits help carry them forward usually by manipulation of others. Thus they take the rewards for their risk seeking whilst others suffer the consequences of the failures.

This sort of behaviour can only work when information is controled or more correctly hidden from the society concerned, be it voting citizens or shareholders.

Thus for a given society to be healty it has to recognise it has to deal with how it is being abused. This is addressed by first realising it is being abused, then confront it, none of which will happen untill society stops deluding it’s self about “success” and calls not just for greater transparancy but acts on it. This means “being responsible” which 60-70% of the adults in a given society do not wish to be.

Thus as the old saying has it,

We reap what we sow.

Whilst Christianity has pushed this message (often as a method of control) the basic idea is far older and can be found in most societies. It’s actually a lesson in “being responsible” “thinking ahead” and most importantly looking more at the downside and addressing that more than making unfounded projections.

Think of it this way you can look up how much “seed” you need for any given “area of ground”, and you can project from this your potential harvest and profit… That is the upside view and is an unfounded projection. When you examin what can go wrong, you are looking at the downside and thus can see where things can and will go wrong if not correctly addressed. Being responsible means looking not just at the upside but the downside, evaluating it and working out how to mitigate the downsides and the resources needed and their costs.

Most people do not want to do this if there is another what they see as an “easier” option. That is they want the rewards / profit without being responsible, thus as a consequence do not examin the risk / downside.

Unfortunately this trait is what underlies all manipulation of people as the old saw has it,

You can not con an honest man.

But whilst you can fool less than honest or lazy people, it’s harder with others. Thus this is usually achieved by “hidden knowledge”, lack of transparency enables this, it’s why there is no such thing as a “free market” and many of the ills of society can be easily traced back to “hiddrn knowledge”.