Comments

JoeApril 2, 2015 3:31 PM

Frankly, I am not sure our government does not read first class mail. Why wouldn't they...it's all legal, right?

But, OK, clearly obfuscated communication is coming to the USA and western world without doubt. If you want it private, don't do it electronically.

Already many people are adapting to our nosy, sneaky big brother. Apparently we can forget about getting our liberties back, so-called national security trumps everything.

BUT!

Life did and does go on in the Ukraine. People wise up. Stuff gets done. Words get said. I guess the important thing is to appropriately adjust to the threat level presented. Some will, some won't. That's life.

How did this happen to us in such a short time? The veneer of democracy is certainly paper thin.

Joe #2April 2, 2015 4:20 PM

Bruce, how does one conduct counter-surveillance? Iff we can't backdoor NSA/government so there's actually some tiny bit of citizen oversight, then how do we continuue to know the extent of the surveillancce and their power? As it is, I believe it's likely that the extent of the damage to civil liberties that has been inflicted is significantly worse than what Snowden has shown us. It's just going to be another 5-10 years before we find out. How do I kknow if my devices have been pwnnd other than eliciting a responsse by writing really illegal things with my devices (baad idea)? We need to think about this one. We need more aggressive methods to fight back against warrantless surveillance.

SasparillaApril 2, 2015 5:48 PM

@Joe

A couple of years after 9/11, legislation was passed that required all postal mail and packages were photographed (address side I believe) & presumably details pulled out & stored for future reference. I'm sure this is tied into the massive searchable DB's the NSA & FBI have.

Reading the mail would be a transgression the country was founded on to get rid of with the British - that said after all we've found out, I wouldn't surprised to learn the FBI/CIA/NSA wasn't actually reading and storing the contents of mail at this point.

Clive RobinsonApril 2, 2015 6:46 PM

There are advantages and disadvantages with paper and pen or typewriter, and photographing them.

Much as the authorities might like to copy all letters in all light spectra the resources required are quite excessive and people will get secrets through with care.

Back in the 70's there were rather more companies making pencils than there are currently and some had formulations for the "lead" that probably would not be alowed these days.

One manufacturer in what would now be considered eastern europe used a mixture that genuinely contained "lead" in the "lead mix". Also back then shoe shops also had those X-Ray machines so parents could see "little johnies toes" were not squashed in his new shoes.

An East Germany friend told me it was not unknown amongst her acquaintances for people to write with a real lead pencil, rub it out and write over with a graphite lead pencil. If done with care (write on glass etc) it was possible to get a few words hidden in a letter that could not be seen with the eye, even tipping it against the light. However they could be read by poping them into the shoe shop X-Ray machine with the anode current turned down.

Obviously people who have time to think with care will think up new ways to do what ever is required to get the message through.

It was also pointed out to me that you don't need to "write in milk" to use it to pass secret messages just small dots can be used to mark words etc.

But it's also known that the Russian officials amongst others used to photograph documents, fix but not develop the film and send that instead with the filmstock marked in secret ways to stop interceptors developing the film, and copying it to new fixed but undeveloped film.

Looking back it feals almost strange to realise that both the oppressors and the oppressed used similar secretive techniques to protect their communications from third party scrutiny.

65535April 2, 2015 7:24 PM

A person can run his/her own email server with little trouble… Ask Hillary Clinton. It can be done.

@ Clive

You may be on to something.

“…people to write with a real lead pencil, rub it out and write over with a graphite lead pencil. If done with care (write on glass etc) it was possible to get a few words hidden in a letter that could not be seen with the eye, even tipping it against the light… Looking back it [feels] almost strange to realize that both the oppressors and the oppressed used similar secretive techniques to protect their communications from third party scrutiny.”

There probably are complex mixtures of invisible ink that can be used to send “private messages.” A good chemist could probably do it.

Finally, the article above is chilling. It is a look into our future – if we don’t act quickly.

65535April 2, 2015 8:36 PM

@ Joe

“Frankly, I am not sure our government does not read first class mail.”

Theoretically, they could do it but it would be troublesome. I think the so-called “meta-data” is what they want [to and from address].

Talking about that, maybe leaving off the “from” or return address would be a good idea.

“People wise up. Stuff gets done. Words get said. I guess the important thing is to appropriately adjust to the threat level presented. Some will, some won't. That's life.” – Joe

That is what is happening now – but it is aggravating to think the government has used our money against us.

A person can run his/her own email server with little trouble… Ask Hillary Clinton. It can be done.

R. J. BrownApril 2, 2015 9:53 PM

Back in the 90's, I became friends with a missionary who was operating undercover in a country that did not allow missionaries. He had been using similar methods to exchange information with the headquaters of his denomination, replete with obscuro-speak. I wrote a simple stegonagraphic tool for him to use to cover his tracks so he could speak more openly, and so the real message would not get seen among the cover message. Because he had to make it work both on the internet and over POTS phone lines, I used a fax raster to hold the message. That way, he could send the "fax transmission" over teh internet as an email attachment, or he could send it from a fax modem directly over long distance phone lines. The plaintext was first compressed, then encrypted using pgp, and then a fax machine was used to send cover message pages to the fax modem on his PC. Then the stego tool was used to embed the compressed and encrypted message into the fax raster. The now out of date C++ code for the stego part is available at http://www.elilabs.com/~rj/stegafax/

WmApril 3, 2015 7:10 AM

@Ed

"Modern remailers are a bit behind these days."

The remailer system is alive and well. I am running two of them. the main component, mixmaster, was upgraded last year from 1024 to 4096 key length. There are now two (actually more) main mixmaster executables that use the new 4096 key, one for Linux and another for Windows. Not all remailers are running the new 4096 key, but enough to make the messages even more secure. A Windows program that makes it easier to send remailer messages is continuously updated.

Here are some links that pertain to remailers:

Windows remailer client:
https://www.quicksilvermail.net/qslite/

Mixmaster executables:
http://inwtx.net/mixmaster.html
https://quicksilvermail.net/remailers/mixmaster/

Anonymous system (hsub):
http://mixnym.net/

New pinger list:
https://allpingers.net/

Remailer Linux install instructions:
http://inwtx.net/guide.html

Remailer basic usage instructions:
http://wjlanders.users.sourceforge.net/mixprimer.html

Jillian EnglandApril 3, 2015 7:34 AM

It occurred to me just now that there is no requirement to keep user Names or passwords in any email system. The people sending the email know who they are sending to. The people receiving the mail know who they are. A one way hash function is all that's needed and no body else needs know who is sending or receiving.

In fact why are user names in the clear in password files? Why does anyone need a plaintext user name file?

Óvinur óvinur minn er líka óvinur minn.


FBI NSA ISIS 9/11 BOMBApril 3, 2015 12:26 PM

Not related but maybe someone could comment. My thoughts about when and why the one time pad could be cracked:

– Even with a perfectly random key with maximum entropy for the sequential arrangement and key length/size, you have seriously decreased the entropy in the ciphertext by adding to it a sequence that is far from random.

– If the format of the plaintext is known or can be guessed, then you have some information to work from. For example, if you know to look for a fixed HTML, MIME, pdf, doc, (etc) header, that could give you somewhere to start (what the format of the document is and where the actual message might start).

– If you know the plaintext is english, that gives you a lot of frequency information. The longer the message, the easier it would be to do a frequency analysis attack. To do this, you’d need:

– – sufficient sequential information (e.g., the cipher text is a simple
string resulting from adding the key to the plaintext and is not further
encrypted and/or obfuscated)

– – digit information (e.g., use of mod 26 rather than binary, or knowing
or being able to guess where the actual message starts)

– – know essentially all phrases or words (e.g. english language) that might
be used in the plaintext

In conclusion, it may be easier to crack a very long message than a fairly short one because of frequency information, but a short message is easier to brute force.

Brute forcing short messages IS IMPORTANT because while one message alone means nothing as you don't know which decrypt to choose, a collection of messages could be used together to interpret what you're sending messages about by finding overlap in the possible decrypts, assuming they follow some pattern (they almost definitely do, just think about it!).

Improvements could be made by:

- avoiding all headers and predictable sequences/phrases

- pre-encrypting the message and use of a non-standard format (not plain english or recognizable code)

- obfuscating the message with additional filler text that is essentially indistinguishable from the message itself (using a new, forward-secret way to indicate the start of the message every time)

- manipulating the sequence of digits and the base of the digits themselves to decrease the frequency information available in the cipher text (using binary and obfuscating or encrypting the sequential information - rearrange the digits somehow, or making the start of the message impossible to determine without external knowledge, or increasing the base of the digits to a very large number)

- randomize the subject of your messages

- constantly send consistent spoof messages to random recipients (lol, spam) but somehow get the useful messages to your intended recipient without giving away the recipient's identity

- send messages from random locations / setups to obfuscate your own identity

- realizing that maybe some of what I wrote is correct

TL;DR: NSA BOMB ISIS FBI CIA 9/11 UNITED STATES PLANE ALLAHU AKBAR C4 RDX BLACK POWDER AK47 M16 AR15 RPG7 M1 ABRAMS TANK DU ROUNDS MORTAR ARTILLERY MI6 MI5 IED SUICIDE VEST BOMB BOMB BOMB IRAQ AFGHANISTAN IRAN ISRAEL SAUDIA ARABIA PAKISTAN BROTHERS IN JANNAH 72 VIRGIN MEN WITH RAGING BONERS FOR YOUR ASS DRUGS HOW TO NOT GET CAUGHT SILKROAD MARKET OPIUM NARCS DEA OBAMA BUSH CYBER ATTACK NUCLEAR BOMB NUCLEAR MATERIALS ACQUIRE NUCLEAR MATERIALS DIRTY BOMB SOURCE BUY CENTRIFUGES REFINE ENRICH LASER MILITARY FIREWALL DARPA DOD INSIDER MOLE WAR ATTACK BOMB BITCOIN TOR TAILS ANONYMOUS DATE OF ACTION 4/20/15 WEED LOTS OF WEED MANY TONS POUNDS OF WEED MILLIONS OF US DOLLARS HOW TO JOIN ISIS OSAMA BIN LADEN IP MASK PROXY SPOOFER ASSASSINATION ASSASSINATE SNIPER RIFLE KILL TARGET BOOM HEADSHOT SOCKS VPN MAC SPOOFER PUBLIC WIFI NO HARDRIVE SNOWDEN LEAK WHERE TO GET BOMB BUY BOMB ACQUIRE MATERIALS THINGS VERY VAGUE THINGS PROJECTS ACTIONS ITEMS DEVICES IN PLACE MORE LOW GRADE ENCRYPTION DESTROY BUILDINGS SHOCK TERRORIZE FOOTAGE TV RADIO AIR MEDIA REACTION GAP COMPUTER DARKNET HACK MILITARY ATTACK IMMINENT GOOGLE MICROSOFT APPLE LINUX SQL INJECTION FUCK WHOEVER IS THE ASSHOLE ANALYST READING THIS AND HIS FIREWALL TOO INFECT BOT NETWORK INFILTRATE DOD PAYBACK REVENGE MAKE FASCISTS BUTTHURT SAVE CONSTITUTION SOVEREIGN CITIZEN MILITIA SLEEPER CELL NETWORK ACTIVATE DOOMSDAY DEVICE GOLDEN GATE BRIDGE CODE RED RICIN ANTHRAX BIOWEAPONS FACILITY GOD IS GREAT

OBJECTIVE CONFUSPAM NSA

Clive RobinsonApril 3, 2015 1:10 PM

@ FBI NSA ISIS 9/11 BOMB,

The strength of the OTP is based not on the ability to get plaintext, but that ALL messages are equiprobable.

So what ever message you get is just as probable as any other.

This breaks down under two basic assumptions,

1, The key stream or parts of it are used more than once.
2, The method of generating the key stream becomes predictable.

The assumption of equiprobable plaintext is reliant on point two not becoming true. If it does then it is nolonger a OTP but a stream cipher.

Your assumption of,

Even with a perfectly random key with maximum entropy for the sequential arrangement and key length/size, you have seriously decreased the entropy in the ciphertext by adding to it a sequence that is far from random.

Is incorrect, to see why simply use an all zeros plaintext. The result is the original key stream which obviously has the same entropy it did prior to adding/xoring with all zeros. Likewise use an all ones plaintext the entropy is the same even though the bits are all inverted. Now split the key stream into two equal parts use all zeros on one half and all ones on the other what entropy have you got in each half? Does that change by appending one half onto the other? Now take take two key streams and add/xor them together, what is the entropy?...

EdApril 3, 2015 2:11 PM

@Wm

Thanks for the resources, but I still believe there are areas where the remailer system could improve a lot. Back in the day people would use JBN or QS and had a pretty extensive list of options available. These days the privacy conscious people have shifted to Linux and there isn't a similar frontend for them. Certainly you can run QS in Wine or a VM, but it's not ideal and not a native Linux solution.

I believe that this is what keeps the remailer system from taking off in terms of usage, especially in this post Snowden area. A native graphical client with good Tor integration and support for nyms would bring new users to the system and this would improve resistance to statistical analysis as well. Even a simple step installation like a debian or redhat package would improve user base a lot, or integration into Tails.

Ken ShawnApril 4, 2015 5:13 PM

@Ed

The Linux OS runs on less than 2% of all desktop computers. I don't think that's the proportion of privacy conscious people, which is why it doesn't have to be the area to focus remailer software activity on. Windows is where it's all!

And meanwhile remailer frontend development has gone far beyond the simple Quicksilver mail client. With OmniMix we already have a packaged GUI solution integrating Tor, GnuPG and great nym support for everyone who needs an anonymous reply channel. And its concept of being an SMTP/POP3/NNTP proxy server, which forwards all kinds of messages coming from standard mail&news clients to the most secure Mixmaster anonymous remailer network, makes it also interesting for Linux, OS X and smartphone users, provided they also run a network attached Windows box. By contacting the OmniMix server through its Tor hidden service ordinary client programs prepared for SOCKS connections can take an active part in a system of completely hidden anonymous communication from throughout the Internet.

Expanding normal mail workflow by automatic anonymous remailing is a breakthrough. It only lacks attention by the media.

EdApril 4, 2015 9:44 PM

Thanks for the detailed answer, I will have to take a good look at OmniMix.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.