Schneier on Security
A blog covering security and security technology.
« Sixth Annual Movie-Plot Threat Contest Semifinalists |
| Blowback from the NSA Surveillance »
June 14, 2013
Friday Squid Blogging: Sperm Consumption in the Southern Bottletail Squid
It's a novel behavior.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Posted on June 14, 2013 at 4:53 PM
• 32 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Resources, are resources.
Most of the outrage about the NSA seems to me misdirected. We all kind of knew that they were tapping into our Gmail and FB accounts, didn't we?
What I find much more disturbing is that there seems to be an exchange of secrets between software vendors and the NSA. Once anybody discovers an exploit (and makes it available under "responsible" disclosure), they are the first to know, so theoretically they can hack into all our computers.
This is a huge trust issue. To me, open source and full disclosure seem to be the only options available to run software I trust on my PC. What do you guys think?
Oh and doesn't this week's news make VPN providers, esp those based in US-UK-AUS-WE untrustworthy by default?
PRISM et al: Interview with William Binney, a former NSA agent, about the state of surveillance. He thinks only some telephone calls are being recorded, and only some of those are transcribed. He describes the planned Utah data center as a place to store an enormous pile of stuff they can't really analyze yet, in the hope that someone will come up with some better tools someday.
Also a couple new program names: "Ragtime" and "Ragtime P".
My Fictional Tale (no of the events are real and all actor portrayals are
based on fictional characters).
Understanding the fourth amendment of the Bill of Rights under the
constitution and how the Supreme court got it wrong.
In two decisions that have been used to establish business records
(information held by third parties) as part of the third party doctrine, the
Supreme court abandoned the spirit of the law, not necessarily the letter.
Given the context under which the framers operated (thank you James Madison,
you rock), the fourth amendment was drafted largely to prevent the federal
government from using information held or produced by you (letters and
envelopes for example). It was understood at the time, as a precursor to the
revolutionary war of 1776, that the British were engaged in a number or
tyrannical methods to overtly repress the colonies, denying them of local
rule (like assemblies-why do you think the first amendment mentions it). For
example, King George wished to rob the colonies of any self-governance in
order to establish repressive tax regimes...what better way to enrich the
crown than to make slaves of the colonies. And you thought only slaves came
from boats originating from Africa. Silly person.
To tie these themes together, King George used a number of nefarious tactics
to establish this cruel form of indentured servitude (taxing colonist into
debt-taking their possessions-disestablishing local authority including
police). It is surprising how little we remember of these times, but how
familiar contemporary U.S. government and politics looks when wearing some
spectacles (thanks Benjamin). Ask representative Dengil (sp?), Wyden, Udall,
etc.. Your government, and sad to say mine as well, has for the last 30 to
40 years resembled the government that Thomas Paine described. But, there is
more. Before I go on, I will conclude by stating that the fallacy in the
Supreme courts argument is understanding the reasoning behind the fourth
amendment. Since envelopes and letters contained information about not only
the subject, but the participants in a conversation, the British could route
the dissidents by seizing their letters. They could establish the chain
between those that were speaking out, many of them that were using legal
means of appeal (taking trips to England to address parliament and the
King). Thus, by understanding who you were talking to (the metadata) the
British could round up these dissidents and burn their homes to the ground,
kill their wives and children, and in general make it very difficult for
the colonists not to bend to the will of the King.
YOUR BETTER WAKE THE HELL UP PEOPLE.
If anyone wants to understand what is really going on I have a few
suggestions and the order in which your research should be done.
1. Read Thomas Paine (Common Sense)-and read all if it
2. Read The Constitution (all of it).
3. Read the Federalist Papers (again, all if it)
4. The Joint Forces Doctrine, including the MARO
5. Read PPD 20 (Presidential Policy Directive), both the summary and
6. Joint Publication 1, Doctrine for the Armed Forces of the United
7. PSD 10, Joint Publication JP 3-07.3 MARO
8. DoDDI 3025.21
9. AFI 14-02
10. CSR R42106
11. DoDD 5111.1
Get back to me on this one...
Saudi Arabia bans encrypted messaging apps, skype may be next. Because they can't listen to the traffic.
I don't get these totalitarian regimes and their desire to censor & spy on their people.
Oh, wait, I forgot. The US does this, too.
@AC2 - what are you referring to?
@AC2 - sorry, I mean what are you referring to regarding VPN providers?
@Simon - that id all ISPs,cloud, email and search providers hand over all your details without a word - then so do VPNs.
And since anyone using a VPN is automatically suspicous the VPN operators were probably the first to get the NSA phone call
@NobodySpecial - OK thanks. I think the problem with VPNs is that if the network IS compromised, everyone on it is. NSA fears however just flies in the face of claims VPN providers are making. In one article I read - the umpteenth advertising disguised as reporting column in a big name magazine - went on and on how a VPN was the holy grail of privacy.
Inside the United States | GlobalPost -- [GlobalPost goes inside the United States to uncover the regime’s dramatic descent into authoritarian rule and how the opposition plans to fight back.]
This is satire. Although the news is real, very little actual reporting was done for this story and the quotes are imagined. It is the first installment of an ongoing series that examines the language journalists use to cover foreign countries. What if we wrote that way about the United States?
Can someone explain how Skype relates to "freedom"?
Seriously - how can a product produced by Microsoft, that is known to be insecure, that has a version customised for the Chinese government, have anything to do with uncensored communications?
For that matter - what possible, useful, effect would using Tor (and other methods) to achieve "online" anonymity have in a world where your email accounts, "social network", banking, operating system, computer hardware, and applications are untrustable?
The elephant in the room is not;
whether total surveillance technology is legal
(for the doormats) whether we knew or guessed of it's existence previously
(for the truly gullible) whether it's just metadata being gathered
whether it's necessary or not
it's that at some point everyone
became suspects to be investigated, for ever.
A VPN (not based on L2TP :-) could be the holy grail if you truly control the server and clients and there is no public internet connectivity at any node. This naturally is quite limiting but works in some cases...
What is so funny (ironic) about all this is that the US continues to spout off about other countries montioring their citizens activites on the Internet, etc. The only difference seems to be that in the US its citizens vote on which despot they want ruling over them, while in the other countries the US spouts off about the citizenry just gets whomnever has the most might...
Buried in Edward Snowden's Q&A on the Guardian yesterday was this little gem:
"Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it. "
So let's get to work...
@ Phil Karn,
The important weasle words in the statment are,
And of course the "end point" issue, I and one or two others on this blog have talked about this fairly often.
And I again repeate my advise of having entirely seperate and fully disconnected (crypto) computers for encryption and decryption you keep in a safe when not using and "sneaker net" the ciphertext files over to a connected (comms) computer for onwards transmission.
The problem is ensuring the full "disconnection" and effective "issolation" of the crypto computer. For instance most laptops come with WiFi chips but not floppy disk drives which means problematic use of USB thumb drives that could carry malware back to the crypto computer from the comms computer. The malware could then activate the WiFi chipset in an unusuall manner to a nearby listening post.
Even if you manage to solve that issue there is then the problem of EmSec issues and in room bugging devices. Setting up an effective "crypto cell" in your house or office is going to be difficult. The simple fact that you've gone to such trouble is probably sufficient evidence in many places to get you convicted...
One way to make your crypto computer EmSec proof is to actually build it into an appropriate safe, I've done this a number of times (and included thermite anti tamper) and it's not hard to do but the devil is very much in the details.
For instance only connecting by appropriately filtered power and serial lines is a pain, as is remembering to close and lock the door when you put a new floppy in and properly de-gauss it after transmission and before re-use.
Then there is the issue of the OS the crypto computer is to use and ensuring it can not be tampered with, before, during and after use. But prior to that is how to ensure the OS is not "backdoored" in some way. One way is to write it yourself, although that is easier to say than do (most "old school" embedded systems engineers can do it without to much difficulty), but how do you trust the "tool chain" few people know how to write a high level language from scratch, even a basic shell and interpreter is pushing many programers these days, especialy as it will have to be done in assembler and then "hand checked".
Then there is the thorny issuse of hardware. 1980's computers were made of parts where full data sheets were available and you would hand craft your own device drivers etc. Even Byte magazine produced it's own PC design on a multilayer PCB you could buy and populate with components you could source from a myriad of places. You could even design and build your own secure hardware (which I've done a number of times). Not so today, most System on Chip (SoC) and high integration PC support chips are unavailable to you, and even if you can get them they are not by any means fully documented. Thus you need to look at low end chips such as the Microchip PIC range or other "embeded system" micro controler such as a limited number of ARM core chips or equivalent. In more recent times I've "rolled my own" CPU using FPGA's I don't recomend it but the results can be quite interesting and you can find VHDL code to download of the net for basic 8bit micros that are not hard to extend likewise basic video controlers etc. Access to old ccts and ROM code for 1980's home computers like the Jupiter Ace can likewise give you a leg up and assembler code for Forth running on Z80 and otther 8 bit micros can be found via the FIG Forth web site. You can also get TCL code in K&R pre ANSI C from books likewise the Small C compiler code depending on how far back you want to go to prevent "tool chain contamination". If you want to be a little more modern then finding Borland C++ Builder 3 floppy disks and MS Dos etc floppy disks can be done.
The real question is "Can you be paranoid enough to have a chance of being secure against the US intel agencies if they want to bug you?"
Does anyone else find it amusing that the security cert is expired?
Mike: Yes, I was just going to comment on that. Thanks to the plugin HTTPS Everywhere I also noticed that. :)
Schneier (and/or the admin), you're already working on updating the cert, right? ^^
The real question is "Can you be paranoid enough to have a chance of being secure against the US intel agencies if they want to bug you?"
--The end of your comment has double meaning; and the answer is not really. If you do and succeed after being pummeled again and again from all directions and way more people than you can employ you will have reduced your life to a near hermit crab. B/c that is their job, if someone paid me decent and gave me legal immunity; the job wouldn't be that hard. Plus your little rant on young engineers, is it really that surprising when I see electronics stores go out of business (and workers there can't even answer basic questions about the tiny section of components) and become one big one which has a bigger video game section than electrical components, while there can't be enough "fashion" malls put in?
Android malware that communicates by *SURPRISE* bluetooth.
Re Clive Robinson's post
" In more recent times I've "rolled my own" CPU using FPGA's I don't recomend it but the results can be quite interesting and you can find VHDL code to download of the net for basic 8bit micros that are not hard to extend likewise basic video controlers etc. "
Sites like OpenCores will give you that and much more. The link below connects to the OpenRISC project which is a 32-bit processor and DSP. I've also seen DMA, video, audio, ethernet and other critical components on these kind of sites. Don't even really need an IOMMU if you control the operation of the hardware.
The VAMP, a DLX/MIPS variant, was subjected to formal analysis as part of Verisoft which produced a full stack I think. There are others in academic publications that are (1) nonstandard, (2) simple, (3) robust or (4) secure. These might be licensed by an enterprising individual wanting to boost their system security.
I used to post projects like these. I've recently updated my paper list of current high assurance or security-enhancing pieces of research. There were quite a few interesting ones, including some solving practical problems. I might make another list to post in a squid thread if anyone is interested in seeing what's cutting edge.
I might make another list to post in a squid thread if anyone is interested in seeing what's cutting edge.
Someone is interested :)
I'm more interested in this supposed "lost knowledge" of the past than the "cutting edge". B/c scientists of the past made their devices where they could physically see what's happening and maybe it inspired some of the magic that our ancestors discovered.
OFF Topic :
In the news an item, that could --by some of our more sensationalist journalists-- be titled and led in with,
Pepper Pig gets Canned after Spam treatment.
In shock horror news children using the Internet were severly traumertised by what evil hackers had done to their much loved site. This cruel and debased behaviour was carried out shortly after the UK Government took major Internet companies to task over child and other pornography.
And if you think I'm "going Politico"  have a look at this site and it's reporting from their lead political reporter...
The comments that follow this article are a hoot.
And for some reason --could be silly season is on us already-- this "lame Facebook crack" has made it into the top of the hour news break on a national radio station...
 A term an "old school" IT Journalist I know uses more and more frequently after a pint or three. For those who haven't guessed it's based on the US term "Going Postal" and is about mainly US politicians going on about the "Four Internet Horsemen of the Appocolypse" --Terrorism, Pornography, Drugs and whistle blowing / political dissent-- as a form of self promotion spin or "security theater".
The end of your comment has double meaning
Yes it does :-)
And as you correctly reasond it's not the technical issues but the human/political issues you have to deal with.
One of the privelidges of power is delegation to a myriad of underlings, who can and will do your basic biding in more inventive ways than you can imagine. The danger as an English King discovered is that sometimes your wish gets granted when it should not. We all have our "will someone rid me of this pest" moments, they usually pass fairly quickly, but sometimes others do our unintended bidding and then the trouble realy starts.
The trick when dealing with the powerful is to be less trouble alive well and free, than captive unwell or dead.
There are ways to arange this but it usually requires you to plan your own demise to be effective as a viable deterant to the powerfull and it's what underlies MAD and Doomsday devices (see tzar-bomb and 1Giga tonne ship the Russian scientists came up with but their politicos rightly decided were a step to far).
Another solution if you can manage it is the advice I give my son fairly regularly "The best way to deal with trouble is to be somewhere else". And if you think about it there are ways to achieve this that are simpler than MAD.
If people are not looking for you, you have little reason to hide, and people tend not to try and find those that are dead, as the dead cannot be harmed. Staying dead though can be hard, if first you have not lived in anothers shoes, long enough to be comfortable and not need your own habitual life.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.