TimDecember 17, 2014 8:10 AM

The article mentions multiple times how Tor is important because it's used by human rights workers, activists, journalists, and whistleblowers... but fails to mention that it's also used by normal people who wish to not have their traffic snooped. Given that you've argued that privacy is not about hiding things (, it surprises me that you would share an article that seems to accept that privacy is only about hiding.

JamesDecember 17, 2014 8:21 AM


I also find it repulsive when people say privacy of journalists and human rights workers are of great importance but normal people are fair game for snooping.

Bob TDecember 17, 2014 8:29 AM


The subject is how the FBI unmasked TOR users, not about hiding. What is more important, sharing this type of information which may allow someone like yourself to understand a vulnerability, or not referencing an informative article because it doesn't specifically mention that there are law abiding people who use it for privacy?

Bob S.December 17, 2014 8:58 AM

What I got from the article is the government is doing warrantless, illegal to civilians, hacking and cracking of TOR to gather evidence for the enemy du jour which would cause anyone else to get sent to prison for a long time.

As an aside, who would have known cracking TOR was as easy as using an open source probe app? Wow, the credibility of TOR developers sure seems in question then. (Or, maybe not.)

Well, since the Intelligence Authorization Act Passed allowing NSA et all to "collect it all" by act of Congress, we are all suspected enemies of the state so I guess we should just sit around until they come get us for some as yet un-promulgated crime. (Or, not)

Ray DillingerDecember 17, 2014 9:54 AM

The only point I want to make here is that agents of the law ARE NOT above the law in a democratic society.

Do I have the right to use a virus, hack my neighbor's computer, and snoop on my neighbor's privacy? No.

Does the FBI have that right? The constitution says they do with a warrant. Otherwise, they are subject to the same laws as me. So, no. When do we see people who broke the law going to jail?

bitstrongDecember 17, 2014 10:06 AM

Reminds me of arson investigators courts permitted to testify as expert witnesses, but they didn't know what the hell they were talking about.

renkeDecember 17, 2014 11:04 AM

@Ray Dillinger:

This reminds me of a former German minister of the interior who said (my own translation): "Officers [of the domestic intelligence service] cannot walk around all day long carrying a constitution under their arms." (a Hermann Höcherl in 1963, in response to one of the earlier wire-tapping scandals in the FRG)

The "above the law" aplomb has a _long_ history in security circles...

jggimiDecember 17, 2014 11:34 AM

@Bob S.

Wow, the credibility of TOR developers sure seems in question then. (Or, maybe not.)
Not. This was an attack against poorly configured clients - people who had installed Adobe Flash against the Project's explicit recommendations.

DanielDecember 17, 2014 1:06 PM

@ Tim, @Bob S.

I see both sides of this. The contrast the article sets up is between "pedophiles" on one hand and "human rights journalists" on the other hand. I agree with Tim that this is a false dichotomy and one that we all should be worried about; repeat an assumption long enough and people become conditioned to accepting it as true. However, I also agree with Bob S that the point of the article is about how the FBI exploits Tor and this too is worth people's attention.


Yes, but that isn't the real point of the article either. The real point is in the last paragraph. If one is a Tor user who needs Tor for high security purposes (regardless of whether those purposes are viewed as good or bad by society) the question then becomes whether or not one thinks he can win an arms race against the FBI or any other government security agency? Too many people get hung up on the whole "pedo" issue overlooking two critical facts: (1) if the FBI can do it any skilled organization can and (2) what they FBI can do to pedos they can do to anyone else they happen to dislike or want information from.

jggimiDecember 17, 2014 1:26 PM


Understood. I was making the point that this was an attack against the willfully ignorant, rather than a problem with the tool. Yes, there is an arms race, but this particular group drilled holes in their shields before going to battle.

And of course, this was my reason for posting in the first place.

d33tDecember 17, 2014 1:31 PM

"The decloaking demonstration eventually was rendered obsolete by a nearly idiot-proof version of the Tor client called the Tor Browser Bundle, which made security blunders more difficult."

Encapsulated, sandboxed blobs of privacy tools will be the wave of the future or (present). One of us has built drop in telephony blobs that require just an off the shelf host to operate using this stuff:

I remember reading somewhere that "Docker" was made out of Golang (maybe an inaccurate statement)... which is a nice language for rapid prototyping of lots of things.

Does anyone know if the FBI made good on their word and cashed in the BTC seized from the alleged Dread Pirate Roberts? Before they even convicted the guy, they were all set to spend his money. Agencies have been gun running, hacking, droning and nicking pirate booty for like 6 years now at least. That kind of stuff used to mostly happen in CIA-land. Although small town cops are wearing jackboots and body armor across the "free world" now too.

Bob S.December 17, 2014 2:46 PM


How could they get a search warrant if they didn't know who they were looking for?

Sure, after you get the evidence then you can get an arrest warrant, but if you don't know who you are looking for, you can't get a (legal) search warrant.

Regardless, the need for search warrants for any electronic data was eliminated by the Intelligence Authorization Act just signed. Everything electronic is now wide open for the military and the police. "Collect it all" is the law of the land.

And whether they use means illegal to "civilians" has also been decided apparently, if they do it, it's legal.

As for the developers, why didn't they simply say "IF YOU USE ADOBE FLASH YOU HAVE NO ANONYMITY?". And, why didn't they burn it right in the TOR code to ignore Flash??????

PeterDecember 17, 2014 3:03 PM

@ Bob S.

The vulnerability may have existed but there's another issue of parallel construction.

The general concern is how much of it is logical and court admissable? It won't matter who they were looking for because it is often about whoever arrived late to the honeypot show.

Some may simply see this as an update to law, because search warrant laws weren't scalable enough to cope with the change of times.

Will BartyDecember 17, 2014 5:21 PM

I wonder if the FBI simply destroyed all images deemed illegal if this problem would decrease?

GweihirDecember 17, 2014 5:58 PM

This shows two things

1) TOR still works and is very hard to compromise.

2) The user can always break security by doing stupid things, often things the user has been warned explicitly not to do. (For the 2013 attack, that was browsing with an old version.)

All in all, not a surprise. What is also not a surprise is that the FBI resorts to things than in any working legal system are reserved for intelligence agencies and are criminal to use for LEO except when they have a specific warrant for specific targets. One of the characteristics of a totalitarian system is that the law is applied only against citizens, but has become irrelevant for law enforcement. Is is then used not as a tool of "justice" (which it basically never was, but it is a nice cover story), but as a weapon against the population.

MrCDecember 17, 2014 6:00 PM

I actually find this article somewhat encouraging. The FBI, at least, does not have a general-purpose technique for deanonymizing TOR users. They had to rely on a flash exploit.

GrauhutDecember 17, 2014 6:02 PM

This "make some app dial home around the proxy" trick is as old as the web. Every admin learns some tricks to fight trolls. If you know how to fight trolls you can also use the same tricks for investigations...

In some cases it does not take more than forcing a client do a dns lookup (if you own the dns server). If an insecure app fetches additional content around a proxy after loading it your anonymity has gone in almost all cases.

Ole JuulDecember 17, 2014 6:03 PM

Bob S. "As for the developers, why didn't they simply say "IF YOU USE ADOBE FLASH YOU HAVE NO ANONYMITY?". And, why didn't they burn it right in the TOR code to ignore Flash??????"
I'm not sure where it doesn't say that. Almost everywhere you go on the net where security is mentioned, the suggestion that Flash is the source of more vulnerabilities than any other vector is mentioned. Surely someone installing Tor would check out a couple of internet web sites to learn more about what they're doing before they rely on it. Installing something without looking into the experience of other people is one way to fail. In short, what I'm saying is that the warnings not to use flash if security is a concern, are all over the web. Some warnings are even built into popular browsers.

HomerJDecember 17, 2014 7:07 PM

We all would prefer that the FBI or any other organization would not go out of their way to break anonymity for TOR users. If that is true does the TOR community need a way to push bad actors out of the TOR space? If we allow kiddie porn sites, drug traffickers and whoever else to maintain sites on the TOR network and don't swiftly cast them out, is there any way we could ever expect government agencies not to spend a lot of time effort and money trying to find these offenders? It won't do anything to stop TOR client access as a proxy to access conventional sites, but those at least are within the grasp of authorities on the server end. Is it possible to have an arrangement where the community will protect you unless you are clearly engaging in gross criminal conduct with no redeeming value?

JustinDecember 17, 2014 7:40 PM

Is it possible to have an arrangement where the community will protect you unless you are clearly engaging in gross criminal conduct with no redeeming value?

That's the arrangement that we are supposed to have under the Constitution, with freedom of speech, freedom from unreasonable searches and seizures, etc., but technology itself is just a tool, whether it's used for good or evil ...

"... for he maketh his sun to rise on the evil and on the good, and sendeth rain on the just and on the unjust." Matt. 5:45

WillyDecember 17, 2014 8:12 PM

@ HomerJ

If you hold tool creators accountable for actions of tool users, nobody would have the moral conscience to make those tools. Luckily, we don't live in such society.

Nick PDecember 17, 2014 8:40 PM

@ HomerJ

That's actually what I proposed. I had two different models. The centralized model meant you weren't anonymous to the service provider (eg Anonymizer). They just used strong mechanisms to make you anonymous to everyone else. If a warrant is provided, they give over the data. Their own activities and systems are independently audited by mutually suspicious parties. Any accesses also generate audit logs that can be checked later on.

I also proposed a decentralized model with features akin to a discussion board or stackoverflow. The content is hosted on something akin to hidden services with an identifier. The police can suggest they be deanonymized. The users, a number of appointed people, or some other such social structure can all vote on whether to deanonymize the link. If they vote, the protocol will do so. Otherwise, it won't. This is still pretty close to Tor, might even use most of its protocol, allows some lawful intercept, and reduces risk of censorship. It also discourages use of network for such content.

Honestly, I think the best thing would be for academics interested in anonymity schemes to put some effort into stuff like this. There's going to be a constant battle between authorities and privacy lovers over anonymity technology. It will be much easier to swing courts toward privacy by default if we have a believable way to ID and/or eject crooks. It's worth putting research into.

3c4n8r439c8nDecember 17, 2014 9:36 PM

Now we know how very-few hidden services were identified and users were 'de-cloaked' from 2006-2015.. Again

Yep quality informative literature that Kevin Poulsen has long been know for..

Ole JuulDecember 17, 2014 9:39 PM

@ HomerJ "... and whoever else to maintain sites on the TOR network ..."
What do you mean by that? Sites are accessible through a protocol. They are not "on" that protocol.

Do you think this site is on the TOR network? I can certainly use TOR to get here. In fact, I just did.

Nick PDecember 17, 2014 10:05 PM

@ Kevin Kershaw

And that proves what? That cops can be jerks? So, all police powers from search to arrest are henceforth suspended? Nope. Both the American people and courts disagree with you on that. They think cops should be allowed to do their jobs, conduct warranted searches, etc with us able to criminally charge or sue dirty cops. Fully anonymity doesn't allow that on either side. Absolute privacy is also illegal per US Constitution so even Founding Fathers didn't push such ideological nonsense.

The only solutions in anonymity and security that have a chance of surviving the political onslaught make the right tradeoffs for key players. The result in many democracies isn't so scary. In U.S., it's scarier. And the bad part is that most claiming to do end-to-end are either unimportant or compelled by NSA/FBI to backdoor + lie about it. I'd rather have strongly assured protocols with a de-anonymize capability than black boxes in a surveillance state promising they don't cooperate with the state. Snowden leaks indicate the latter approach failed across the board for major products and companies.

DanielDecember 17, 2014 11:17 PM

@Nick P

I hear where you are coming from and you write persuasively. However, I don't share your optimism.

You write, "I'd rather have strongly assured protocols with a de-anonymize capability than black boxes in a surveillance state promising they don't cooperate with the state."

This is a pipe dream because it misunderstands the nature of men. Lord Acton had it right about power. I don't believe that the likes of Alexander or Rumsfeld are or ever will be constrained by "strongly assured protocols". You view the matter as a difference between truth and lies but I see it as a choice between two sets of lies. One lie is that companies will protect us from the government when they won't. The other lie is that the government will be bound by civilized norms when it won't. The recent revelations about torture prove that. Justice Scalia thinks the same thing:

And terrorism is perpetual war.

JustinDecember 17, 2014 11:28 PM

@ Nick P

You seem to have a very strange agenda here... "Absolute" privacy is far from achievable at the present day, and even if it were, what makes it illegal under the Constitution? The Fourth Amendment prohibits unreasonable searches and seizures, but nowhere does it guarantee for law enforcement the means or the ability to carry out a warranted search and seizure in every circumstance. With your argument, hidden microphones and video cameras would be mounted in every house with the recordings to be accessible by police with a warrant.

And as far as "the right tradeoffs for key players," those have already been made for us for all practical purposes on pretty much all high-tech equipment. Look at all that proprietary baseband stuff that has to run on cell phones, for example. Look at how much the government pays for exploitable zero-days in common operating systems through agents like "the Grugq". And no lack of those, either. Money talks, and exploitable zero-days are worth more to some than the nebulous benefits of security against those zero-days are to others.

The real trouble is when people with money can purchase the power to take away my rights and my privacy. And you sound like one of those people not only willing, but actively trying to trade off MY rights to line YOUR pocket.

ohgodnoDecember 18, 2014 12:14 AM

I like how this article is pushed for doing something it doesn't.. Reveal even in vague detail how the 2014 take-downs were technically done..

None of the last targets were on fake hosts and most targeted clients were on recent TOR bundle.. Mixed content would of only mattered for MITM which would prove TOR is broken(which it is actually they give you an API that allows full re-sequencing and data queries inside chain sessions but all the experts simply refuse to acknowledge they have an API cause they're not actually skilled)

It's actually possible there are people reading these comments that are younger than the details on "Project Torpedo".

This reminds me of why people use to call Kevin Poulsen "poodle" and "ub3r namedrop"

Vesselin BontchevDecember 18, 2014 3:46 AM

The attack described in the article unmasks Tor users (clients). It doesn't explain how multiple hidden services (i.e., servers) were unmasked recently.

Clive RobinsonDecember 18, 2014 4:04 AM

@ Justin,

The Fourth Amendment prohibits unreasonable searches and seizures, but nowhere does it guarantee for law enforcement the means or the ability to carry out a warranted search and seizure in every circumstance.

Whilst that is true, it's actually just one visable effect of a much deeper tenent of life.

It has been known for atleast as long as written records and thus probably a great deal longer that those who wield power cannot be trusted to use it fairly. This is because the basic essence of being a head of state is the ability to use power to subdue dissenters who might oppose you, with sufficient power any opposition even by other heads of state and their nations can be quelled. Hence the more moden statment about absolute power corrups absolutely.

The founding fathers of the US were very well aware of this as many were either lawyers / politicians or had experienced what they had considered oppression.

Those of the legal proffession are well aware that power can be used to destroy an individuals ability to defend themselves, just ask them about "striping of rights", a process time honoured process charecterised by it's nastyness especialy in the mental torment it creates in the state chosen victim. It's why during their training they get to talk about "equity of arms" and how you ensure some degree of fairness in the legal process.

The over riding principle should be justice is seen to be not just fair but not corruptible by those with power, such that the citizens will trust the process. From this it is generaly accepted that "no man should be wrongly convicted" and thus the "burden of proof" the prosecution has to clear with the tribunal of truth (jury) is "beyond reasonable doubt". As a consiquence as no system is perfect it is accepted that the occasional guilty person should walk free.

However especialy in the US it is seen by those with political ambitions that no criminal should go free and thus they "rig the game" in both directions. That is firstly by making it as difficult as possible for those ordinary citizens who have had the finger pointed at them to do anything other than rot for eternity in jail. And secondly to ensure that those who point the finger be able to do so without let or hinderence, including turning a blind eye to wrong doing by them. Such tyranny only moderated by the limited resources available, thus such things as plee barganing where you can reduce the time you rot in exchange for not fighting for your rights which the state finds the cost of fighting burdensome...

Thus politicians will use any excuse to "be tough on crime" and will use "think of the children" and other tactics to strip as many "inconvenient" rights away from the citizans as they can.

Whilst this might be seen by some as laudable as it reduces the number of guilty who walk free, they ignore the very real problem of the number of innocent who have their lives destroyed, who far far out number the number of guilty who walk free.

They also ignore the very real possability that people will be accused because --as in times past-- they are inconvenient to those in power.

As long as more innocent will be forced into guilt than guilty walk free then society is failing, not just them, but everyone who is not privileged in some way, because the unprivileged will be living in fear of those in power, and thus not free.

LarryDecember 18, 2014 7:01 AM

@ Clive

Thanks for the comments. Is it as bad in UK as it is in US ?

I would not give up hope on US. In an attempt to put the puzzle together, one can look beyond borders at the world which is in a great deal of turmoil at this very moment.

I feel like there is much more going on now compared to ten years ago, perhaps because I'm a little older and more understanding now, or it's just that information are comparatively flowing more freely and accessible.

That's a good sign, atleast in my view.

BoppingAroundDecember 18, 2014 9:44 AM


His 'agenda' (if I understand him correctly) is that as soon as any viable absolute privacy/anonymity solution surfaces, it would be banned outright by governments worldwide (or something like that); he thinks therefore to achieve at least *some* privacy or security you have to give a bone to LEAs. Simply put, a pathway for LEAs to conduct warranted searches. For that he proposes to lace this 'bone' with high assurance technologies and methods so it (purportedly) cannot be abused.

Apologies if this is a misinterpretation of your position Nick P.

I know there was a broader discussion on his 'agenda' somewhere here recently. A month ago; two months max.

Nick PDecember 18, 2014 10:31 AM

@ Daniel

" You view the matter as a difference between truth and lies but I see it as a choice between two sets of lies."

I totally agree with that statement. I'd have to fight with them for my customers' rights either way. If it gets vicious, the debate *might* swing in my favor given I at least allow warranted search. I might not win but I bet existing backdoors are far more permissible. I have a very real concern for their use to plant evidence, for instance. The GCHQ toolset has things that require that ability including manipulating votes online. Building a limited L.I. to avoid prison and protecting customers from other threats is the next principled option.

@ Justin

"You seem to have a very strange agenda here..."
" And you sound like one of those people not only willing, but actively trying to trade off MY rights to line YOUR pocket."

You have an agenda. I'm just trying to get high assurance systems to market in a country with police state apparatus demanding backdoors and imprisoning/destroying the uncooperative. I come up with a compromise, people show up to accuse me of selling out. Those same people used deliberately weakened systems and backdoored Internet to do it. (rolls eyes) They then provide no alternative solution: only reiterate why mine are unacceptable. They demand their own selves are protected online by others risking imprisonment and financial ruin, then accuse those others of selfishness if they don't go for that. (Lol)

Had I wanted to line my pocket, I'd have just made secure tech with the most obscure backdoor imaginable. My amplifying shielded cable concept ended up in TAO catalog so I'm clearly at the NSA level of stealthy backdoors. I know others that are better who I could've paid. Instead, I live in near poverty, work outside INFOSEC on purpose, no longer have references for INFOSEC work, and give trade secrets + patentable inventions away for free online for public good. Exactly what a capitalist in INFOSEC would do! Good call, Justin!

Meanwhile, those of us living in *reality* have to think of something that improves the situation without getting shutdown or fully subverted. I mean, it would be great if my traffic and machine weren't wide open. Market hasn't produced crap and NSA/FBI is forcing the few good ones to backdoor. So, my options in this surveillance state for a non-sell-out type company are simple:

1. Provide a L.I. capability (preferably limited) for U.S. HSA's while blocking all foreign and domestic criminal ones. Make money on market. Deliver more solutions to customers. Things gradually get safer.

2. Don't provide L.I. capability. Make no money. Customers use existing COTS or GOTS products. Prison.

You push very hard for me to do No 2. Many of you do. I just don't see how our country's situation improves as I sit in prison and my company's products collect digital dust at You might have just thought it out so far ahead of me. Did you want me to GPL it over BitTorrent just before I get convicted of their parallel construction? Did you solve the hardware subversion problem that I'd have to fight at enormous cost ($2-30mil) to prevent sneaky crap there? Do you have a stunning legal argument that someone trying No. 2 could give a federal judge in a closed hearing to stay free and on market? Did you come up with a way for me to leave America and push this business without extradition, CIA rendition, or bounty hunters picking me up?

You have no solutions to the very serious problems your proposal contains. I recommend all of you pushing No 2 come up with some instead of promoting suicide commitments from businesses. Right now, no sane person is going to prison so a tiny minority of customers can have a good system or software for one interation [before seizure/prison]. Closest thing was Levison and his ass proved my point: Lavabit doesn't exist anymore. Customers with critical data in their inbox were reminded of another security property that only my solution would've ensured: Availability. If it ain't available, it does nothing for anyone.

On top of that, it will help if you all get past this fiction that you have privacy rights for online data in the United States. I've seen no evidence for that from any branch of government. I've closely watched the American people's response to the leaks and saw little to no evidence they cared. This is legally the same situation in the rest of the Five Eye's countries far as I can tell. Any solution must start with reality and the reality here is that they're getting the data if the product is to succeed. Otherwise, most IT systems stay maximally insecure *to ALL attackers/snoops* because your current providers are way less trustworthy or principled than me.


@ BoppingAround
(saw your post just before Submit haha)

You're right on the money. There's either no security from many immediate threats or strong security with a few, mandated threats. A bullshit choice but I didn't define them: that was Congress, President, courts, voters, etc. I tried to convince them otherwise and of middle grounds. I swear I talked to *thousands* of people and less than 20 would've taken action. Out of thousands I've evangelized at since 2002. And here we are in this legal situation. Just f***ing great...

I will add one thing to your post. I don't want backdoors in products, although I see their arguments about L.I. needs. I previously argued it's too great a risk to democracy. Then, democracy gave up their rights without a fight and now backdoors are mandatory plus done/enforced secretly. My designs would include one or more strong backdoors with a warrant-based escrow. I'll probably also delay activating or putting in a backdoor until they show up with FISA order. But, if the law changes, I pull the backdoor(s) out immediately and destroy the escrow system in a way that it's non-recoverable. The precondition is that American lawmakers or citizens get their heads out of their asses long enough to abolish the surveillance and police state powers.

Meanwhile, a backdoor goes in if mandated and stays in until mandate is removed. Any other approach is illegal. Status quo is everything backdoored in practice by bad design and/or subversion. My offering would be safer in measurable ways and more private.

Soo-Eeeee, PiggypiggyDecember 18, 2014 12:20 PM

@Nick P, We understand your position. You think the right to encryption affirmed by CALEA is crap. You think state and federal common law is crap. You hold the law in contempt because... resistance is futile, or something. That constitution/founding fathers stuff is just gobbledygook, so knock yourself out with it. You're selling surveillance technology for criminal cops and secret police, So naturally, this is what you're going to say. Just stop putting words in the American people's mouth. The upper 75% of the bell curve would actually be giggling to see you Fight the Power!! with ubiquitous surveillance technology. Cops are stupid enough to fall for that nonsense, but not normal people.

Nick PDecember 18, 2014 1:32 PM

@ Piggypiggy

You're building a nice strawman there. I'm so pro-Consitutionalist I left the market to avoid backdooring things and warned as many as I could. I give away security designs, not sell them. And resisting FBI + court orders while intending to stay in business is indeed futile: plenty of shutdowns, seizures, and arrests to show it.

If you think otherwise, go start a business and build bulletproof stufc using what Ive shown you here. Then ignore FBI and NSA. I'll just watch them tear you apart while you shout in vain.

DanielDecember 18, 2014 2:05 PM

@Nick P

You write, "Building a limited L.I. to avoid prison and protecting customers from other threats is the next principled option." But this that true? Let's look at what Rowling has to say on the issue.

“He-he was taking over everywhere!” gasped Pettigrew. “Wh- what was there to be gained by refusing him?”
“What was there to be gained by fighting the most evil wizard who has ever existed?” said Black, with a terrible fury in his face. “Only innocent lives, Peter!”
“You don’t understand!” whined Pettigrew. “He would have killed me, Sirius!”

I'm not saying that your wrong, Nick. One can accuse Rowling of the starry-eyed idealism that is good for children's literature but not much use in adult life. What I will say is that Rowling does articulate another principled option.

Soo-EeeDecember 18, 2014 3:49 PM

Let me get this straight. You refuse to make backdoors but you advocate them in accordance with law. When you know this state wipes its ass with law. And the awesome power of the state can force you to put in backdoors, but it can't force you to preserve your backdoors once you've meekly put them in. Stand back, the cognitive dissonance of all that inconsistency might get brains all over my shirt.

As for the practical aspects, no need for me to hang up a shingle, we can see how they're tearing i2p/Freenet/etc. apart, oh wait. Gasp, then it must be riddled with backdoors. Oh, wait. If they could poke it full of holes or just destroy it, why bother parking all those bots in darknets? Of course the Feds will snipe at it, they're criminal saboteurs. But there's a whole wide world out there that's not in US jurisdiction. That outside world grows stronger as the US regime pisses away its vestigial influence and standing. To think otherwise is provincial and parochial as only Americans can be.

AnuraDecember 18, 2014 4:03 PM

Idealistically, I'd love to see strong privacy, I just don't see that happening without political changes, rather than technical ones. Too much corporate and political power is vested in keeping the internet weak, and the standards are developed by groups that are heavily influenced by government and corporations that beenefit from many of the flaws in the protocols.

The idealistic view of the internet as this utopian, free, anonymous way to share information has never really existed; for it to exist, it's going to take significant changes to the way we do things, which is something that the requires the cooperation of overnment or the big corporations. Right now, in most Western countries the lines between big corporations and government is blury at best, nonexistant in the US. So the only option is to find a way to restore democracy while minimizing the influence of those corporations. Unless we can convince the masses to abandon parties that support the status quo, I don't see that happening.

Anyway, this whole conversation reminds me of this quote from Futurama:

Fry: Since when is the internet about robbing people of their privacy?
Bender: August 6, 1991

Nick PDecember 18, 2014 5:29 PM

@ Daniel

In another context, that might be another principled option. Remember that my goal, which hasn't changed overtime, is to drive the assurance way of everything we use way up to protect us from as many threats as possible. There are a ton of immediate threats to my friends and I ranging from trolls leaking/destroying their data for fun to hackers running criminal activity through their boxes to nation states coming after their I.P. (or lives for some). That was the initial context that my previous efforts centered on. Backdoors weren't an option except in the sense of remote administration tools that I was asked to provide and couldn't access.

I'd still be saying and doing the same things if the U.S. didn't ban it. The current laws, passed by Congress & tolerated by voters, mandate I add a backdoor of some kind that NSA/FBI can access. Further, I find my friends and I have been using products and services under NSA surveillance for a long time. Everyone involved, many companies, are also supposed to lie and say there's no backdoor. I can't protect my friends from all the threats I listed if I don't build and deploy high assurance systems. If I do build them, I can at least tell them I did L.I. and they can make a personal choice if they want to take the risk of Fed's getting a warrant. Further, they can also choose what data they want to put on it to reduce risk against federal agencies.

So, I think the example you gave doesn't apply here because my friends and I get attacked (maybe destroyed) by the enemies either way. Without my scheme, there's a ridiculous number of damaging enemies coming after us plus NSA/FBI getting our data through what we use. With my scheme, most of the damaging enemies are blocked to some degree with the NSA/FBI getting our data and maybe less of it. So, until I have a legal alternative, I can leave my friends alone to face armies of often damaging people + local snoops or block off armies of damaging people while ignoring the snoops. Which is more compatible with Rowling?

@ Soo-Eee

I refused to make backdoors, stayed out of business, promoted high assurance methods to industry, published free ones online, and warned of likely NSA abuse for over a decade. It's 2014, the Snowden leaks showed NSA's BS, and the majority of voters griped at best. Now, with everyone still massively vulnerable, I get to choose to leave them that way or reduce their vulnerability with legal offerings. Being on the NSA and FBI shitlist, I also know I'm going to be hit with whatever they got despite the headaches I can cause them.

So, I'm at least considering producing a highly assured backdoor for highly assured products here. I'm also looking carefully at the laws of various countries to see what jurisdictions are best to operate a service in without a backdoor or with less likely abuse of it. This is one option of many.

@ Anura

Nice quote. I doubt the changes will occur. No abuse leaked to the public in over a decade has gotten traction. Their media tactics were highly effective. At least some big businesses are publicly battling them. A slim chance of that going somewhere. In the cypherpunk days, we envisioned technology as a way to create new opportunities for liberty. Instead, it's proven to be the most effective tool of tyranny. That is the case for the U.S. with few exceptions. It's sickening to see how well their schemes have worked.

AnuraDecember 18, 2014 6:11 PM

@Nick P

I'm gradually watching society in the US erode for this last decade. From income inequality to poor economic growth to dissatisfaction with government from all sides. Government has shown they refuse to adopt economic policies that benefit the masses, they have shown that the government does not respond to the public. We have a Congress with a 10%-15% approval rating. You have people on the left and the right that are feeling oppressed.

In the coming decades, we will see vast improvements in automation that will greatly increase productivity. Given recent history, this no longer translates into higher income for the entirety of the population and strong economic growth like it did in the 1950s and 1960s. Within 20-30 years, we will see a depression that will likely be just as bad or worse than what we saw in the 1920s.

This is going to be a breaking point, causing a sort of revolution in the United States. There are a handful of ways this can end, good or bad. I think the three most likely scenarios are the following:

1) The corporate controlled politicians and media will tighten their grip, convincing the majority that it's the fault of foreigners, criminals, welfare state, etc. and we will see a nationalist/authoritarian government with a sharp rise in prison population that is used to crush all dissidents in the United States. This could continue for decades and will likely eventually end in a violent uprising.

2) The politicians being ousted with a huge left-libertarian shift. People will abandon the Democrat and Republican parties in favor of a populist party that is willing to do a complete overhaul of the government, prosecute those who are corrupt, and bring democracy and social justice to the United States.

3) The Democrat/Republican divide will stay as strong as ever and, with the collapse of the economy, riots will turn to civil war as both sides blame each other for our political problems. One of the previous scenarios will likely be the end result of this civil war.

If option 2 is the end result, you will see reform that will allow us to actually reinvent the internet to allow us to realize a free, open, and anonymous internet where security and privacy are placed above authority and profits.

AnuraDecember 18, 2014 6:14 PM

I decided I am happier if I convince myself that the left-libertarian solution will be the end result of our socioeconomic collapse.

Now, if you'll excuse me, I have to finish drawing up plans for our new government and economic structures.

JustinDecember 18, 2014 6:26 PM

@ Nick P

The current laws, passed by Congress & tolerated by voters, mandate I add a backdoor of some kind that NSA/FBI can access.

What about the following provision in CALEA? 47 U.S. Code § 1002 (b) (3)

Encryption: A telecommunications carrier shall not be responsible for decrypting, or ensuring the government’s ability to decrypt, any communication encrypted by a subscriber or customer, unless the encryption was provided by the carrier and the carrier possesses the information necessary to decrypt your customers' communication.

So do what Apple and Google did and make sure that you do not possess the information necessary to decrypt the communication. The NSA/FBI don't have to like it; it just has to be legal.

LarryDecember 18, 2014 6:55 PM

@ Nick P, All
"Everyone involved, many companies, are also supposed to lie and say there's no backdoor."

I've been reading this blog for a while. Enough to believe that Nick P has been sincere in his thrive for the good. If he had wanted to "line his pocket" he would not be posting here at all, he'd be out there doing just that. The fact he's giving away free advise and knowledge in a very humble manner is admirable.

The only problem I see in this design is distrust.

The corporate customers, who are buyers of these products, will not trust it to only the things mandated. The intel agencies may treat this as known "bare minimum" to which they may continue to secretively subvert with other methods not known by mandate. The law enforcement get exactly what they need to do their jobs plus the brunt of public backslash.

Unless we learn to trust each other better, I just don't see this happening, but I agree this is what we need.

Nick PDecember 18, 2014 7:01 PM

@ Anura

Good analysis. I've always dreamed of a rarely discussed option where the elites fight government in a way that benefits us as a side effect. Elites concerned about their privacy and power could short-circuit at least the military-industrial complex part of things by using their wealth and power against the key politicians. The right kind of pressure could force them to stop doing mass domestic collection. The elites have a lot to risk if those tools are turned on them. I wasn't surprised that the American people weren't worried about it. I am surprised that the elites are letting the power get that centralized, although some are dissenting.

One explanation for this is that the elites are supporting it thinking of it as another tool of economic stability and control of the masses. Their vision, often labeled new world order, is an elite dominated globe with limited democracy. They might think they're benefiting from it and be too cocky to see it being used on them. For some reason, they're not acting and I'd really like to know why. Come to think of it, one lives nearby. Maybe I should pay him a visit to get his viewpoint.

@ Justin

The ECI leaks show they have three methods of forcing SIGINT enabling: FBI "compels" it somehow; INSCOM's clandestine black bag teams; CIA's clandestine and covert black bag teams. Two of those can legally do quite criminal things in support of their mission, with one (CIA) able to go extremely far while putting up smokescreens. These programs have high secrecy and the organizations criminal immunity. One can only wonder about the specifics. One document mentioned HUMINT: infiltration, sabotage, blackmail, extortion, etc. They could also throw costly investigations with asset freezes/seizures by FBI/IRS at them. They've done this before. Finally, blocking government contracts or exports would be a large blow to many firms.

Outside that, the Lavabit situation showed the federal judge would order a private key be delivered as part of a search and possibly jail someone for not doing it. I was following the case as it was a good test of whatever they're actually doing. Then he shutdown so no way to know. Not being a lawyer, I can't say too much on the subject except to say whatever they're doing is working and I'm assuming that have something stronger than CALEA. And I bet it would work very well against a startup I do or someone like me that's not going to win in the media.

We also don't know if Google and Apple are tricking us. Those backdooring systems are supposed to lie about it. Lavabit was told they could lie to their users. Apple, for instance, was vulnerable for years to NSA and FBI. FBI and other agencies publicly talked about how difficult eg crypto was to break. Snowden leaks show NSA could break it, shared data with FBI/DEA, and they used parallel construction. So, I'm still not trusting any major U.S. firm (esp with govt sales) to not backdoor their products while U.S. govt has secret methods to force it and their victims have to (and often do) lie.

At least there's some good news. Trend against bulk collection is getting more Congressional activity than I thought. Hope it goes somewhere as it might eliminate the need for conversations like this.

Nick PDecember 18, 2014 7:23 PM

@ Larry

I appreciate the character reference. The problem you mentioned is the reason I keep posting variations (aside from peer review): test of people's reaction to it. I also run it by lay people. I haven't gotten to talk to as many board room or product acquisition types. That would be critical research.

My original concept called for independent review by a number of companies or governments. My system development lifecycle might stay under constant review, maybe even surveillance. The backdoor or backdoors would be specified thoroughly, implemented in a straightforward manner, shown to have zero known defects, shown to have certain properties, and even installation (at factory) would be monitored. I also considered making a chart-like comparison between L.I. in common market place and my method, highlighting vast safety difference.

Essentially, the subversion-resistant development process built on mutual distrust I've previously posted. Tweaked to ensure countries that won't cooperate on a subversion are in the review process.

So what you think of that? Still too weak for the distrust in the market? Or might get somewhere?

Note that I don't need 100% uptake. Even a 100 customers total paying a significant licensing fee might let me support at least one offering of continuously improving security and features. A thousand or more would let me keep adding product lines to cover other features. I'm thinking a secure proxy/VPN with perfect forward secrecy that you can run about anything through, a secure thin client, a Truecrypt replacement, and secure network/application/web services server & stack. These at a minimum can be leveraged for all kinds of things with a lot less work than I put into building them. Also lets me stay in a niche market.

LarryDecember 18, 2014 7:49 PM

@ Anura
"The idealistic view of the internet as this utopian, free, anonymous way to share information has never really existed;"

It exists in the mind of those who fall into a false sense of security. Maybe that's all it matters? who knows...

Soo-EeeeeeeDecember 18, 2014 8:14 PM

@Nick P., jurisdiction-shopping, capital! Now there's an idea we can all get behind without cavil. Beltway security parasites are stupidly creating an enormous opportunity for regulatory arbitrage in the market for private correspondence and personal business. Here's to you exploiting NSA stupidity to become rich beyond the dreams of avarice so you can thwart them and waggle your dick at them like Kim Dotcom.

amowDecember 18, 2014 8:29 PM

@Clive re: "...then society is failing"

In such a situation as you describe, some practical improvement in freedom can be had by moving to the country from the city.

To capitalize on this trend, a person could sell city property and buy an equal dollar amount of country property.

ThothDecember 18, 2014 8:55 PM

The currently most assured computing methodology without backdoors would be ... the Chinese abacus. Yes ... the good old calculator from China. Albeit it's slow speed (if you are a beginner), it still is the easiest to build from DIY hardware using a saw and some wooden dowels, frames and beads. You got to learn algorithms to use the abacus which can be a steep learning curve.

Modular separation between your personal encryptor input and the Tx/Rx machine (which may have it's own ciphering as well) would be the next highest assurance after an abacus. You disconnect a data diode protected encryptor and key in the stuff you want to encrypt and flip the mechanism of the personal encryptor to transmit-only mode and plug into the Tx/Rx machine to transmit.

Keyloading would be very manual (read encrypted bytes from a paper and key into the encryptor's keyboard) and use a password to decrypt the keys for use. After all the procedure, a clear state switch would simply wipe the encryptor (encryptor should have no NVRAM or perma-storage except for the firmware). A forgetful encryptor is a good encryptor.

Any physical machine fallen to the enemies hands are considered compromised. If the encryptor's taken for inspection, it's about time to dump it and use another one. A cheaply replaceable encryptor would be the best. Some form of encryptor that can be inspected as well and easily discarded and save no data. Manual encryptors would force you to be careful with the management of your crypto keys.

High assurance have it's high learning curves so the user must be willing to learn to be careful of their OPSEC.

If you suspect your encrypted network is of dubious status, you simply add your own stuff on top of it.

CALEA does not mean you have to use a rigid set of tools to get things done :) .

Nick PDecember 18, 2014 10:00 PM

@ Soo-eeee

Thought someone might like that. Yeah, I put about a few hours into the backdoor concept. I've been thinking on the jurisdiction schemes for a lot longer. There are tricks to it, some people don't think about.

1. The overt legal system must be able to protect the data, either mandatory or by contract.

2. The intelligence agencies must not be a threat or be less of a threat than Five Eyes.

3. The country must be independent enough to not cave to U.S. govt on these issues.

4. The country must not participate in secret U.S. govt programs such as extraordinary rendition.

5. The country must not extradite former U.S. citizens or their own citizens when U.S. feds make claims. They will certainly pull charges out of their ass.

6. The country ideally will have a culture where people are less likely to subvert their employers systems or processes.

7. Obviously, the country needs low crime, financial stability, low environmental risks, favorable international trade agreements, and so on. Good to do business in.

8. The country might need to be willing to leverage diplomatic or military transport for extra legal & physical protection of hardware shipments from foreign factories. The personnel should be ideological and well-paid.

9. Optionally the country should have both solid copyright and trade secret law. Software is protected by copyright. Hardware by trade secret. I'd prefer no patents except for self-defense.

10. The country's patent system will ideally have as low risk of costly infringement judgments as possible. This is how NSA + private sector partnership will try to block sales. A few of my designs leverages only 20+ year old tech for that reason.

11. The country's economy should be able to significantly benefit from more robust or secure INFOSEC technology.

Could be others I can't recall at the moment. This is a start for the criteria, though. Source can be open or closed so long as it's reviewed by qualified teams in mutually suspicious jurisdictions and comes with a sysgen utility. The System Generation requirement in Orange Book A1 systems created the site instance right from the vetted source, which was then installed and configured with vetted instructions. If closed source, the user gets binaries with a variety of signatures, a sysgen tool included in that, and instructions to turn that into a usable system. Either way, there's strong reviews of a system developed in a subversion-resistant way in a country not involved in NSA-like activities.

So, that's what I was thinking about. What could happen and what people will buy might be different entirely. Often was in the past. Post-Snowden, who knows. I think they'll call it too expensive if it's per product. So, I'm working on getting an alternative business model financed regardless of product or location specifics. It focuses on licensing or subscription with the products sold at cost. Keeps a steady income to fund all the expenses of SAP-style security (often 30% of organizational cost)

Nick PDecember 18, 2014 10:17 PM

@ Thoth

Funny stuff. However, the abacus has potential weaknesses for sophisticated adversaries.

1. Remote code injection attacks via special purpose projectiles.

2. Side channel attack based on the sound of its parts moving.

3. Interdiction to replace parts with fakes containing low power, piezoelectric transmitters of system activity.

So, TFC on an abacus isn't safe unless precautions are taken.

ThothDecember 18, 2014 11:31 PM

@Nick P
That's why I said make your own abacus. If you are a highly skill abacus user, we have a technique called mental abacus. No sounds, no eletricity, lesser surface of attack. Mental abacus includes using no tools other than visualizing one in the mind's eye to do the maths or for a lower skilled user, print out a piece of abacus on a paper and use your hands to simulate it (can be bypassed by using video cam or someone sneaks over shoulders).

If you build yoour own abacus, you would have full control over the process so it shouldn't be too big of an attack surface except for the beads moving on the guide rods.

Clive RobinsonDecember 19, 2014 12:33 AM

@ Justin,

The first thing you need to think about with respect to CALEA is how far it reaches, that is what is it's maximum scope.

Most people think it applies to "exchange equipment" and the like, either not knowing or forgetting that a phone that can put a call on hold while taking another call is regarded as "exchange equipment".

Thus it can be argued legaly that CALEA applies to the baseband part of every phone that can switch calls, so all mobiles and quite a few other phones are technically within CALEA scope.

This then raises the question of how much further the legal oiks in the DoJ and various intel agencies will push the scope. It is quite likely that they will bamboozle / convince a judge that CALEA scope goes all the way to the "customers" lips and fingers...

If such a viewpoint is accepted in the US --and as it has been in the UK via RIPA and other legislation it's a real possibilities-- then the CALEA scope includes all technology supplied by the carrier... thus with a little further legal argument the exemption you quote never comes into play due to the second part of it,

... unless the encryption was provided by the carrier and the carrier possesses the information necessary to decrypt your customers communication.

Thus you would need to consider legaly where you stood as a supplier of encryption equipment. If it's built into the phone then you are "probably within CALEA scope" if you supply it as a piece of equipment with connectors on then you "may be in CALEA scope", if however it comes with an 'acoustic coupler' then you are "probably outside of CALEA scope". However as we know there are ways of activating the microphone on a mobile phone such that it becomes a bug, which makes the use of external encryption equipment with connectors problematic from a security perspective.

Thus the problem you have as a US manufacturer is if you manufactured on the assumption you are "outside of CALEA scope" and a judge decided otherwise you at the very least have to find some way of becoming compliant before you can sell another unit, and that could be ruinously expensive.

You can be sure that the likes of Apple are either holding their breath on this one or have a mitigation plan in place already, such as via software updates. It's already been indicated by some that to get Apple updates you have to be registered with their iCloud back door (not being an Apple iPhone user I don't know if that is true or not).

Thus it would actually be better to put a CALEA etc "back door" into the equipment and clearly detail all that it can do in the user manual. That way a user can see what the limits are and take precautions accordingly. That just leaves the scope of the CALEA etc backdoor and it's perceived sufficiency and argument in court.

As has been pointed out in the past you can be compliant with legislation without it being practicaly usable in some cases LEAs might wish for. For instance if the only access to the CALEA interface is via a physical connector on the equipment, then, yes it's there, yes it's usable by LEAs if they wish, but it's not covert. Which is fine if it's equipment in an exchange or other Telco premises a customer cannot see...

JustinDecember 19, 2014 1:57 AM

@ Clive Robinson

What I see is an unwritten law that entirely bans practically secure end-to-end encryption of any kind of communication.

ThothDecember 19, 2014 3:26 AM

That's exactly what everyone is worried about and all the cries for more privacy and more control on the individual level. Laws are usually ambiguous and are always passed in a rubber-stamp manner. There are laws that slide under the radar while some upheaval is going on in the news media and at the 11th hour, the revelation of another really nasty law wakes everyone up but it's too late.

It has all the taste and smell of just human greed, fear and ignorance laced in it. The powerful would always seek to retain power and the poor would always try to blame some form of fate or power. Communication capabilities is what make us human.The ability to communicate and organise oursevles makes us unique and advanced in the animal kingdom. Whoever controls communications controls the ability to organise and express. The repression of expression and organisation that is deemed dangerous to the selected elites have always been their priorities and excuses since the first day they ascend their thrones.

There are some roads to success. Blend in with the powerful and sneak something in (Nick P style) or to simply continue bashing at the gates of the powerful and be the poor knight trying to rescue a princess at the risk that the dragons gathered in the lairs would chomp the poor knight to pieces but he dies "honorably" or in some sense foolishly. The other way is to be the roadside recluse in a way where you sell something bordering a grey area. You can sell some high assurance chips but label it as some fast and correct chipset without giving merits to it's high assurance capabilities until it has already gotten into everyone's hands and the roadside recluse uplifts and moves from town to town (but you must be able to make a profit unless you are really really a recluse). Once the powers that be catches wind of your unmarked high assurance chipset sold in the disguised as a normal fast chip alternative, they might simply just put the crosshairs on but let's hope you have already gotten far enough or changed your persona so much they wouldn't figure out much.

The reason why the usual convincing of others to take up action against these elites is due to their influence. They have mostly controlled almost every other form of communication channels and it's their privilege (as they see) to ensure continuity of their rules. Distracting mechanisms like national hobbies and events or some other scandals would allow a smokescreen effect.

The best approach for the security community now is to equip everyone who is really interested and willing to sacrifice something to be on almost equal footing to retain the power base and interest of the small group before attempting to move out into the wild world and try to convince every other person next door to adopt certain security practices. Helping those who are interested is much easier than those not.

Suggested Topics to be interested:
- Key Management and Key Lifecycles
- Modularisation of Security Components
- Maths rigid languages and OS
- Secure developement lifecycles
- Jurisdictions and Laws
- Psychology and Sociology of Power and the People (includes Nationalism)

Others may add to the suggested topics of reading for those who are interested to increase their knowledge of security.

JustinDecember 19, 2014 3:43 PM

It looks like I've misquoted the law above. There is actually a whole subsection on limitations of the reach of CALEA. I'll just link to the relevant section on "Assistance capability requirements" rather than trying to quote it again.

CALEA only reaches so far. The NSA/FBI can't "require any specific design" or "prohibit the adoption of any equipment, facility, service, or feature". Under (b)(3) of that section it looks like it should be possible at least in principle for the customer to use encryption without a back door. Even if the encryption is provided by the carrier, as long as the system is designed in such a way that the carrier does not possess the information necessary to decrypt the communication, there is no back door for encryption required under CALEA.

There may be political pressure, "black-bag jobs," subversion, and other methods for the intelligence agencies to get a back door in, but at present there is no statutory legal requirement.

01December 20, 2014 4:36 AM

Okay, "that guy" reporting for duty again.

I think there are numerous questions here, interleaved in a particularly uncomfortable manner.

First, Nick P, your position is reasonable and laudable, so there's that.

However, I think that the system would remain vulnerable to rogue (and unauthorized, that is, warrantless) state agents of various kinds (I am not claiming that LEAs are that corrupt in the USA, but I come from a place that is probably in top-20 most corrupt governments on this planet, so I happen to have some personal experience* with how bad things may potentially get)

Even if you have this legally acceptable, perfectly auditable system where intercept capabilities are only activated with proper authorization, there will still be LEAs and TLAs that would like to sidestep the formal process.

Where I come from, cops would just pay a skiddie to try and hack the email/social media/whatever accounts of the "suspect", grab everything they can, and then try and build a convincing fascimile of having acquired the evidence through legal channel (parralel construction FTW, though we didn't even know the term back then)

Yes, this particular scenario would not be a risk for your proposed system (since an angry cop only has enough to hire a measly script kiddie) but as we know, attacks only get better and this one does have some "good" potential (for definitions of "good" that are actually evil :) ) even against very well-engineered systems.

A milfed TLA that could not get a "formal" authorization for intercept would still have immense analytical/programming/pentesting capability to go and hunt for exploits against your system, and frankly, with all due respect, I think that it is a little hubristic to believe that a "perfectly compromise-proof" system can be designed

A milfed TLA also would not find it below them to go and outright bribe or blackmail someone on the dev team (we already know CIA and NSA are not willing to be constrained by trite matters such as "US Laws" or even "existing scientific consensus regarding effectiveness of torture"), at which point it would become an "Underhanded $languagename contest".

So while your system would be a good solution for limited state-approved and state-supported privacy solution, it would be about as good as good old TOR with regards to resisting a determined high-resource scofflaw like the ones that seem to be of most concern here.

The second issue is that of whether TOR is inherently backdoored. I would say that the fact that FBI has to resort to 0-day exploits against the browser and/or exploitation of classic plugin vulnerabilities suggests otherwise.
Of course, there remains the possibility that somewhere in an NSA silo, there is a document detailing "strong" TOR backdoors that are only to be used at the moment of utmost, most dire need and not to be wasted on trivial affairs like helping out the feds.

The third, and in my opinion, most damning issue, is whether an IP should be enough to charge and convict.
Because in some cases, all the FBI has is the allegedly pedophile IPs that their honeypot collected.
Is that alone a good enough identifier to actually send people to jail for acts that are associated with "their" IP?
I doubt that.

Nick PDecember 20, 2014 5:11 PM

@ 01

"First, Nick P, your position is reasonable and laudable, so there's that."

I appreciate it.

"Yes, this particular scenario would not be a risk for your proposed system (since an angry cop only has enough to hire a measly script kiddie) but as we know, attacks only get better and this one does have some "good" potential (for definitions of "good" that are actually evil :) ) even against very well-engineered systems."

I understand your risk and worry about the same thing. It's why I wanted to use high assurance development as much as possible to reduce that risk. Most attacks in my scheme would be detectable. The main risks against the system are: authorized, overreaching warrants; fake warrants by third parties; subversion of its gear; malicious insiders (intentional or coerced); the various in person attacks. There's mitigating strategies for each.

The TLA's might produce a remote attack on it. The trick is to design the device, whether hardware or software, where it can only do what it's intended to do. There have been systems designed that way that NSA and private pentesters couldn't beat. Unsurprisingly, they're mostly sold to defense sector. ;) Even those systems didn't use the strongest assurance methods due to complexity. A basic backdoor with authentication system and limited internal state could use even better methods. So, seeing what those prior creations accomplished in the field I think my backdoor can do that or better if done with similar methods.

Note: Tor isn't comparable because it's a medium assurance implementation of a constantly changing protocol based on constantly changing anonymity theories and with dangerous low latency requirements. The constant failures naturally followed from this. There will be more for it or any anonymity scheme. A backdoor, by comparison, performs just a few functions using very well understood methods and theory. It's more comparable to SSL/TLS, which have worked out much of the do's and dont's for me already.

I agree on the IP issue. I doubt it would come to that with my services as my users are known to me. They'd likely target an account. I'd keep accounts isolated and as much of their traffic out of my network as possible to reduce odds of warrant looking across users. I'm sure there are FISA warrants for that sort of thing. If not, there will be soon so it should be difficult by design. My stuff would only be for the search. They still have to find something a prosecutor would buy into from there.

Bruce PerryDecember 25, 2014 8:36 PM

When my Trisquel was hacked the other day, I was going to install Tor, although I gave up on using it as it seemed to cause more problems that

Bruce PerryDecember 25, 2014 8:48 PM keyboard suddenly quit. Oh well, probably related to the Dell system test I'm running, if not, well, I see Microsoft did what I asked and is monitoring this computer with a special connection so either way I'm going to forget that for now. At any rate, I do use EFF's https everywhere so I clicked it but noticed that some one mapped my computer electronicall, I forget the word they used, but I don't think Tor does that. So if anyone sees a Hewlett Packard with Trisquel which had somehow showed up on Tor for a few minutes, before I restarted the oomputer and that nasty script kicked in and couldn't find sr0 or my DVD drive, so the computer went kaput. see if you find out what that was about. I know the script was a hack to replace the swap file with one that was going to be unencrypted and connected probably to that DVD drive. Which I just disconnected on this Windows machine although my keyboard quits typing quite a bit here - perhaps those nasty Dell test this is a fresh install.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.