Crypto-Gram Is Moving

If you subscribe to my monthly e-mail newsletter, Crypto-Gram, you need to read this.

Sometime between now and the August issue, the Crypto-Gram mailing list will be moving to a new host. When the move happens, you'll get an e-mail asking you to confirm your subscription. In the e-mail will be a link that you will have to click in order to join the new list. The link will go to dreamhost.com -- that's the new host -- not to schneier.com. It's just the one click, and you won't be asked for any additional information.

(Yes, I am asking you all to click on a link you've received in e-mail. The fact that I'm writing about this in Crypto-Gram and posting about it on this blog is the best confirmation I can provide.)

If for any reason you don't want to receive Crypto-Gram anymore, just don't click the confirmation link, and you'll automatically drop off the list.

I'll post updates on the status of the move on the main list page.

Posted on July 15, 2015 at 2:15 AM • 23 Comments

Comments

DanielJuly 15, 2015 3:18 AM

Couldn't anyone try to beat you to sending a link (that looks like it's going) to the site mentioned in the post?

How about pgp-signing the message containing the link? Well, as I write this, I already see that it might be a problem to sign a lot of automatically generated different messages with Bruce Schneier's key. But what about a key he signed and that will expire shortly after it has fulfilled it's purpose?

Bruce SchneierJuly 15, 2015 5:10 AM

"How about pgp-signing the message containing the link?"

Everyone will be getting a unique message with a unique link.

AlanJuly 15, 2015 6:07 AM

Dreamhost is also been my favorite hosting service.
There is no security without skilled system support.

ScottJuly 15, 2015 7:06 AM

@Daniel

As long as Dreamhost supports outbound DKIM signing and (if being sent from 'schneier.com') the DMARC and SPF policies are configured correctly then this should provide a sufficient level of assurance.

ThomasJuly 15, 2015 7:28 AM

@Daniel

Yes, there might be a fancy solution involving cryptomagic (and someone like Bruce should be able to implement it)

No, it's not guaranteed to be the best solution (and someone like Bruce will recognise that :-)

If you're worried then ignore the email and just sign up again.

MeJuly 15, 2015 10:43 AM

Seems to me if you simply click the link in a browser that doesn't support running javascript/flash on random sites you can't get too infected just by going to the site.

Do people that read cryptogram use browsers that run arbitrary code from arbitrary sites?

RyanJuly 15, 2015 11:44 PM

riseup.net offers mailing lists. While it is technically free, I suggest paying them the same amount you would be paying dreamhosts.

And you would be supporting a stronger internet to boot.

LornJuly 16, 2015 4:30 AM

riseup.net demands that you agree with their political agenda. It is easy to see them deleting any mailing list that doesn't fit their specific political views.

AJuly 16, 2015 7:04 AM

@Lorn

Open Whisper Systems has a quite similar 'political agenda' so maybe you shouldn't use their amazing apps either. Surprise, people who are passionate about non-backdoored encryption often have big problems with the state. It's not all about protecting your dick pics, as John Oliver says.

BoppingAroundJuly 16, 2015 9:01 AM

Lorn,
What is their agenda? I've just scrolled through their site. Nothing overly suspicious on the first glance.

RspBDsJuly 16, 2015 9:13 AM

@Lorn, I wouldn't exactly call those political views specific, or an agenda

https://help.riseup.net/en/about-us/politics

they vet the activists, who can remain anonymous, based on what they say they want to do. Pro tip: don't say you want to stamp out democracy, justice, peace and security.

LornJuly 16, 2015 9:37 AM

Obviously riseup.net changed their pages recently as they used to say that you have to agree with certain views in a much more restrictive way compared to what they say now.

RspBDsJuly 16, 2015 9:55 AM

The original principles occasioned a brief Trotsky! Stalin! Trotsky! Stalin! rhubarb but it seemed to originate in a misunderstanding over the collective's prediliction for bottom-up-ery over top-down-ery.

PatrickJuly 16, 2015 10:00 AM

@Daniel & @Thomas,

I must say I'm confused as to why it is being done this way (Probably because I over-think things, as do many people with interests in security).

I agree with Thomas' solution of just signing up afterwards, but I also agree with Daniel as his solution would have worked perfectly well, and while Bruce's reply to Thomas provides a mechanism for Bruce to audit exactly who is actually reading his blog by logging the clicks to his uniquely provided links, it doesn't actually offer the reader security.

When all is said an done, it's only a blog and Bruce is not likely to have nefarious reasons for the change.

From an IT point of view, I would have tried to achieve the result invisibly - dreamhost are perfectly capable of hosting a mailing list, website, database, wiki-site or tor node all while using schneier.com dns mappings.

I just enjoy Bruce's point of view, so I'll be sticking around - somehow.

LyleJuly 16, 2015 10:19 AM

It may be that Dreamhost has a strict opt-in policy for mailing lists to prevent them hosting a list with members who did not sign up voluntarily. The only way to enforce such a policy is to have everybody on the existing list opt in to the new system.

JBJuly 16, 2015 3:52 PM

So far so good ... only thing I don't like so much is that with all people moving their stuff to few ever growing providers those providers sooner or later get in a position where they can see how a person accesses different services over time ... and start profiling people. As long as everybody has his own domain, own eMail server etc. profiling is not so easy. But everybody runs to put content in a few big places and people have to get it from there, like Facebook etc. ... For that simple reason I would have prefered things to remain on a "personal" server like schneider.com. Yes, schneider.com also uses a provider somehow, but it's not the same. We need a complete peer-2-peer Google/Facebook/... etc. so that tracking and profiling people becomes harder. Am I being paranoid againg ;-) ???

MRJuly 20, 2015 9:45 AM

Just like Internet was before commercializing - even now most/every Open OS has smtp server in base ...

ling noi kiduJuly 24, 2015 5:05 AM

By giving warning of the dodgy looking email you're giving spear-phishers a chance to target likely Schneier.com readers with fraudulent mail from dreamhost (or impersonating it). Mailing list subscribers are now primed to click the bait.

It would've been better to have a two step: Ask readers to visit a known, trusted domain (ie. schneier.com) and enter the token they received, to then receive the confirmation URL from the new host.

Chuck PetersAugust 2, 2015 1:48 AM

In addition to DKIM and SPF, please make sure the sending host supports opportunistic encryption and DANE!

I just checked my most recent delivery of the Crypto-Gram and it was delivered using a reasonably modern cipher: TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256 I wish I could tell if your server checked for the signed certificate, or attempted to use DANE...

NameAugust 4, 2015 3:25 PM

@Ronnie - Fun, sure, but if it caught on with a lot of people it could infest this and other comments threads with crypticisms that dilute human-readable content too much.

On the other hand, if a lot of people did it, it would screw with the heads of the boffins at the NSA quite charmingly. And it's always good to be charming.

Solution: only do it in non-crypto sites' threads. You're diluting crap, and crap can never be too diluted. Look for a website with mounds of crap, to reduce total damage percentage-wise.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.