Comments

ramriot February 3, 2017 10:57 AM

But then an accidental back-door does not hurt their needs, which is why they have a technical forensic unit.

More importantly their unit would probably not report such issues to the manufacturer as would a more open research unit, which is bad news for us all because likely they would not be the only ones to know of its existence.

buckaroo February 3, 2017 11:13 AM

I wonder if Schneier’s opinion would change if a guy kidnapped his little girl and was then arrested without her, boasting that he buried her underground with only enough air to last 24 hours or so, with his encrypted phone holding photos, maps, and other details sufficient to find her.

Piper February 3, 2017 11:29 AM

If you’re going to try to argue far-fetched movie plot threats, at least choose one that wasn’t already used in an actual movie.

phred14 February 3, 2017 11:31 AM

@buckaroo – Gee, that sounds like a great Movie Plot, Maybe when this year’s contest comes around…

Only slightly more seriously, has ANYONE ever heard of this sort of situation existing in reality, or any other other similar “justify-abhorrent-practices” threats?

Hello February 3, 2017 11:39 AM

The problem with technical expertise is that it does not scale well, is costly, and is ultimately uncertain (there is always a risk the other person is smarter than you). Backdoors scale well, have a minimal technological cost, and are ultimately certain (the other person’s main option is to avoid the technology that is backdoored). Given these realities it is no surprise that that government actors prefer backdoors. This is especially true because government actors have to be responsible both for criminals caught and for money spent.

buckaroo February 3, 2017 11:48 AM

@Piper, phred14

If you search on “kidnapped girl found dead,” you will find a plethora of potential cases. An article from the NY Daily News, “Girl, 17, found dead in Germany after being kidnapped and held for $1.1 million ransom,” would have been essentially the same scenario if one of the kidnappers had been caught before, as the article stated, “negotiations with the kidnappers broke down over the weekend.”

I don’t watch many movies, but apparently you two do.

And there is no right to be anonymous on a public network.

Clive Robinson February 3, 2017 12:04 PM

@ Hello,

Backdoors scale well, have a minimal technological cost, and are ultimately certain (the other person’s main option is to avoid the technology that is backdoored).

A couple of things to note,

1, This is a false argument, as it’s easily disproved.

2, You’ve not been around this blog much as we’ve discussed the work around a few times, fairly recently.

The point is backdoors are only effective against the general population not those who can read and think a little and put things into practice. Thus the slightly smarter criminals and other undesirables will not be effected by back doors.

Thus they fail the first hurdle of their stated aim, and as I can not believe the national signals agencies and IC are not aware of this as are the seniors in the LEOs. So the question becomes “Why do they want to surveill the generak population so baddly, and store it indefinitely?”[1].

[1] The reason I say indefinitely is because of a little loop hole in the regulations/legislation. They are allowed to keep encrypted traffic indefinitely but not plaintext which is time limited. We know that they have been able to get SSL keys by various means. Thus if they store both the encrypted network traffic and the key they can keep it indefinitely and only have a time limit on when it becomes plaintext that has been “read” sufficiently to recognise it as plaintext…

Dirk Praet February 3, 2017 12:12 PM

@ Hello

Backdoors scale well, have a minimal technological cost, and are ultimately certain …

Now, now, Kellyanne. Hasn’t it been enough for one day ? 😎

Ross Snider February 3, 2017 12:15 PM

@Hello

You are getting a lot of hate. I will say I actually agree with you. Backdoors are cheap, easy and effective.

I think the reason not to do them is that the social cost overwhelms the monetary costs. Namely, it isn’t efficacy and affordability that motivate my recommendation to backdoor civilian infrastructure.

Clive Robinson February 3, 2017 12:24 PM

At the end of the CSM piece is this,

    “A cheaper phone that might be less popular, it seems like it’d be easier for the vendors to get into it,” says Darnell of the Secret Service phone lab. “But it’s actually quite the opposite.”

That final “actually quite the opposite” is only true in some but not all cases, further a lot of “no name” phones use stock software in binary and similar blobs from the chip manufactures. Which is why a little while ago a whole bunch of cheap phones were found to “be doing an ET” and calling up a site that had been set up to collect all the user data much like CarrierIQ did a few years ago that actually managed to get a US politico to wake up and demand answers.

Egon Spengler February 3, 2017 12:27 PM

@buckaroo What would happen if Gozer the Traveler came in one of the pre-chosen forms? During the rectification of the Vuldrini, the traveler came as a large and moving Torg! Then, during the third reconciliation of the last of the McKetrick supplicants, they chose a new form for him: that of a giant Slor! Many Shuvs and Zuuls knew what it was to be roasted in the depths of the Slor that day, I can tell you!

Clive Robinson February 3, 2017 12:48 PM

@ Bruce,

I said it before and I’ll say it again: the FBI needs technical expertise, not back doors.

Whilst true, neither is actually going to work against someone who puts a little thought and planning into how they do things.

The plaintext starts where the security end point stops. If the end point is on the phone then the plaintext is never going to be secure from “end run” attacks by the likes of “test software” or I/O device “shims”, or software updates etc.

Thus a thoughtfull person knowing this will “move the security end point” off the phone.

It would not be difficult to design a pocket device (say an old phone with the RF permanently disabled) that had a camera and display that could read a 2D bar code like a QR code via the camera and display a QR code on it’s LCD.

The 2D bar / QR code would be encrypted data only. The pocket device would decrypt and display (but not store) the plaintext from a code it saw displayed on the phone. Likewise it would take a plaintext input typed in by the user then display the encrypted code on it’s LCD so that the phone camera could capture the image and send it across the Internet via broadband or WiFi or across the phone network. If the phone also had a clean mix net client it could send the image to aanonymously to a hidden server.

Such a setup need only be a crowdfund and three to six months work to produce a product…

If people look back on this blog and on the Cambridge University LightBlueTouchPaper blog they will find a prototype system using a grid of coloured dots was talked about and I pointed out some potential covert channels. However if they can be eliminated then the idea is reasonably sound, provided strong authentication is included as well.

Hello February 3, 2017 12:57 PM

@Clive Robinson:

The point is backdoors are only effective against the general population not those who can read and think a little and put things into practice. Thus the slightly smarter criminals and other undesirables will not be effected by back doors.

So what? It’s not a binary choice between expertise OR backdoors. It’s expertise AND backdoors. Moreover, America is filled with criminals who call 911 to report that someone stole their illegal drugs.

http://wric.com/2017/01/19/man-calls-911-to-report-ounce-of-weed-stolen/

Backdoors work excellent against that level of idiocy and there are a lot of idiocy out there.

Clive Robinson February 3, 2017 12:58 PM

@ Ross Snider, Dirk Praet,

You are getting a lot of hate.

I realy don’t think so, which brings your judgment into question from the get go.

Further as I’ve pointed out,

Backdoors are cheap, easy and effective.

Is not true as far as “effective” is concerned. Others will no doubt tell you why “easy” is highly problematic thus not true in a secure backdoor. As “easy” is not true “cheap” is not true either unless you think putting a gun or worse to someones head and compelling them to do it free gratis is acceptable…

If you think what I’ve said is “hate” not what is technicaly obvious the please feal free to reply, But… Make sure it stays within the constraints of what you do not think is hate…

Dirk Praet February 3, 2017 1:19 PM

@ Hello

Backdoors work excellent against that level of idiocy and there are a lot of idiocy out there.

In the same way carpet bombing the entire town is effective against the local meth lab.

funkyj February 3, 2017 1:25 PM

<>

@hello fixed that for you.

I look forward to your next post in which you link to a paper about a backdoor that only the good guys can use …

Andrew February 3, 2017 1:35 PM

“During a warranted search, investigators confiscated several mobile devices that may have contained valuable information in the case.”

At this point they obtained some encrypted devices. Just like in other FBI cases, its pretty difficult to break in. If the persons were under surveillance, maybe they used backdoors or some social engineering decoys.

Plus Secret Service may not have great technical capabilities, at least not like others. If you have a backdoor you don’t share it 18 secret services. At least not by now.

Dr. I. Needtob Athe February 3, 2017 1:36 PM

Buckaroo’s scenario comes from the movie Dirty Harry, but in that context it was meant as an argument against the Bill of Rights, specifically illegal search and seizure, and also against laws prohibiting police officers like Dirty Harry from torturing people for information.

I wonder if Buckaroo is against those things too.

MarkH February 3, 2017 1:56 PM

@buckaroo:

I suggest that the relevant domain of real-world cases are those kidnappings in which both

a) at least one victim died in the course of the crime (that is, before being recovered)

and

b) at least one kidnapper was apprehended before said victim died.

Understanding that the relative timing of death and arrest may be inexact, I think it reasonable to include cases in which, on evidence, death more likely than not followed arrest.

Perhaps not an easy search, but you seem to feel strongly about the matter … why not give it a go? Do you feel lucky today?

If you post your results here, we will study them with interest!

Ross Snider February 3, 2017 2:06 PM

@Clive Robinson

Having build backdoors (not for government) I can testify that they have all been cheap, easy and effective.

Now the backdoors I’ve seen in crypto standards (DRGB and TPM attestation here being better NOBUS than the old method of merely restricting key size) probably aren’t cheap or easy – you need some PhDs – but only if you look at absolute cost rather than relative cost. If you look at backdoors put in place at Outlook and Gmail for the FBI to access American’s emails, the engineering there was pretty cheap and easy.

In both cases the access enabled (mass surveillance) was very effective.

So it seems we disagree on this subject (I see your comments and know we agree on many things). I hope we can keep the comments from being hostile.

In any case, I think that the reason not to pursue mass surveillance is the social cost. It’s like torture: you hear people saying not to use torture because it doesn’t work. It does work. It works very well. It’s worked well for thousands of years. The reason not to torture doesn’t have to do with its efficacy.

If you bring an argument to NSA not to backdoor US companies and international standards because it’s not effective enough they are going to laugh you out the door.

Clive Robinson February 3, 2017 2:29 PM

@ Hello,

So what?

Because these are the people that politicos and other self interested people in Government claim that backdoors are needed for.

Thus if the clearly are not going to work against those they claim they need the backdoors for then the backdoors are not going to be needed as they will not do as claimed.

Now you might claim that the politicos / government emoloyees braying like ravening wolves are misguided or deluded. I don’t personaly think so, I think it’s yet another “Think of the Children” cynical piece of propergander put out to cover the real intent that the voting public would not agree with in the slightest because it turns them into the targeted enemy with cross hairs on their backs.

Further if backdoors were mandated then criminals of all but the moronic opportunist type would evolve beyond them just as they have with the likes of CCTV.

So all the effort of making backdoors mandated would not only have been a compleate waste of time, worse it would have also stop what results the current technical measures are getting, so would be counter productive.

It’s just one of the reasons why Bruce and so many others are against backdoors.

Now I can not see why those crying out for backdoors in Government could not be aware that backdoors would be counter productive. Which begs the question as to the real reason the likes of Comey are so outspoken about the issue, and I think it is something you should take the time to consider because the chances are you are one of those who the cross hairs will be on…

Aaron February 3, 2017 4:49 PM

I wonder if Schneier’s opinion would change if a guy kidnapped his little girl and was then arrested without her, boasting that he buried her underground with only enough air to last 24 hours or so, with his encrypted phone holding photos, maps, and other details sufficient to find her.

I guess the solution is a backdoor in all phones, or better yet let’s force a body camera on every person and have it dump to the NSA for analysis. Won’t somebody please think of the children!

r February 3, 2017 5:04 PM

Yeah no, after the bs the FBI just pulled with the new man behind the wheel I’m not trusting them with my toothpaste or toothbrush. It’s bad enough they’ve been implicated in multiple instances of systematic fabrication but now we reasonably have proof that the FSB works with the US? I’m willing to bet it works the other way and they FBI works for the Russian’s at this point lol.

Trust is NP hard, you’re not winning me over if the Secret Service does just fine without crying and whining – and they’re already fumblers just like the FBI and DEA just pick up a paper and read about them v Columbia or Hookers.

r February 3, 2017 5:13 PM

<

blockquote>The problem with technical expertise is that it does not scale well, is costly, and is ultimately uncertain (there is always a risk the other person is smarter than you). Backdoors scale well, have a minimal technological cost, and are ultimately certain (the other person’s main option is to avoid the technology that is backdoored). Given these realities it is no surprise that that government actors prefer backdoors. This is especially true because government actors have to be responsible both for criminals caught and for money spent.

<

blockquote>

Ah, there lies the definition of the problem. When was the last time one of the 500,000 rules on the book were repealed? How about you take a good long look at the situation at hand before you start to embrace new technology to fill your gulags with, you wouldn’t want the political sands to change and start locking up you and yours now would you?

There’s only so many people you can kidnap or blackbag or simply just blackball before you start having to explain your actions.

If you’re using backdoors they should be evidentiary tools not wholesale snares sold to you/us/them at a bulk rate.

Drag the waters some more.

Pete Pfeiffer February 3, 2017 5:29 PM

The “hidden” message here is we have silos in all levels of our government. It seems to me that the “elite” divisions (NSA, Secret Service, FBI, US Marshall Service, etc, etc, etc) should be able to assist one another and have the requisite knowledge of which group has the expertise. This would have avoided all the kerfluffle with Apple & FBI.

Wael February 3, 2017 5:56 PM

@Ross Snider,

Having build backdoors

I don’t mean to be rude, but… ummm, were they intentional backdoors or were they sniffle nasty bugs that you came to know about from say… A press release? 🙂

Ross Snider February 3, 2017 6:19 PM

@Wael

Hahah. No insult taken. 🙂

Was talking about intentional backdoors. I figure a lot of people on Schneier’s blog are security professionals that dabbled and experimented with computer security growing up. Seems like a large portion have all written viruses, hacked, etc. Am I wrong?

Wael February 3, 2017 6:38 PM

@Ross Snider,

Seems like a large portion have all written viruses, hacked, etc. Am I wrong?

Written viruses? Probably not. Hacked? Very likely.

Nick P February 3, 2017 6:47 PM

@ Ross Snider

“Seems like a large portion have all written viruses, hacked, etc. Am I wrong?”

Prevented, created, and destroyed both.

Unsigned February 3, 2017 6:54 PM

@Nick P,

I was thinking Sun Tzu there, I’m still drawing a complete lack of formal references as to what&|where he would be drawing the prior from but when you split hairs creation != distribution. Whereas the latter is pretty much outright trespass.

So, cognitive bias wins again. Who do you vilify really?

The researcher or the skid?

Tõnis February 3, 2017 7:16 PM

“The stipulation [is that] if you have nothing to hide, you have nothing to fear. What this is encouraging is to live a life in a vulnerable state. To expose yourself to the depredations of an outside group to scrutinize how you live, what you think, what your ideas are as long as what you do is okay by them,” said Snowden. “This misunderstands what rights are about and what privacy is about. Privacy isn’t about something to hide, it’s about something to protect.” [Snowden]

Snowden also said something to the effect of, “Saying you don’t care about the right to privacy because you have nothing to hide is like saying you don’t care about the right to free speech because you have nothing to say.”

Those points reiterated, I couldn’t care less about “law enforcement” or it’s needs.

Nick P February 3, 2017 8:20 PM

@ Unsigned

No prior art and I accept all for what they are even if we have to combat some. The three come from attack and defense where one does each if on all sides in many specialties. Only thing that stands above the rest are elite attacks and defense (i.e. high-assurance security).

Clive Robinson February 3, 2017 10:49 PM

@ Ross Snider,

Having buil[t] backdoors (not for government) I can testify that they have all been cheap, easy and effective.

Yes, it’s something I’ve done myself and mentioned it here quite a while ago along with sufficient information for someone to do the same.

My reason was a petty one, in that I wanted to make a point about just how usless a “code review process” was against insider attacks. Especially when the CRP was done by those who were not the brightest and best coders in the organisation.

Essentialy I put a slightly modified version of what we would now call a “NOBUS backdoor” using kleptography into a BBS-RBG by making one of the primes easily deducible. I then used the pq pair as a Public Key certificate, that I kept hidden in the heap by using a fairly well known and published fault in malloc. The NOBUS backdoor had also been published in a book by Adam Young and Moti Yung back in 2004 called “Malicious Cryptography: Exposing Cryptovirology” which pretty much describes the usefulness of whats in the book[1].

Adam Young got a bit dishartened about the Cryptovirology side due to critisism and thus went on to look at what they named “kleptography”. Anyway read Moti Yung talking about it,

http://privacy-pc.com/articles/moti-yung-and-adam-young-on-kleptography-and-cryptovirology-5-skeptical-experts-and-smart-attackers.html

Put simply the problem with Public Key systems is that is way way to much redundancy. And there are quite easy ways to exploit the redundancy to make a NOBUS backdoor.

The thing is that whilst you can do as I did hide it in plain sight in the source code and get it through a CRP with a couple of tricks it’s presence can be easily spotted in use if you do not use it correctly, and this is where people can go wrong and knowledge of the NOBUS backdoor leaks out.

That is you need a way to hide the information you are leaking via the NOBUS backdoor in the expected traffic. To do this you need redundancy you can exploit in the sent cryptotext. Finding “easy redundancy” of this sort is “not easy” it’s actually a not much thought about “academically” research area in it’s own right.

I cheated for my NOBUS backdoor and used a stream cipher (ARC4) with the addition that it “apparently” randomly encrypted the “normally zero eighth bit in a byte holding seven bit ASCII”. Using the faux excuse that this was “known plain text” that could be exploited by an attacker. Which you can get past managment and the like by demonstrating such an attack on a LFSR based stream cipher[2].

To make it work as a proper NOBUS backdoor, what you need in essence is a redundancy that is transparent through the encryption process. Something that is generaly designed out in encryption algorithms.

Thus one way is to find covert channels in the implementation such as “timing jitter”. However if you have access to the source code either directly or indirectly by reverse engineering the code doing the timing jitter can be very hard to make both hard to find and reliable.

It’s this covert side channel aspect of a NOBUS backdoor that is generaly assumed to be a hard problem and the academic research into it is slim at best.

One reason for this is one of the “Secret TEMPEST” techniques. Unless you design a system to stop it, most systems are transparent to time based covert channels due to “efficiency”. If however you are aware of this “oh so secret” technique then designing it out by either “reclocking” or “store then forward” is relatively trivial.

That is it’s assumed that covert side channels are at best “fragile”. But this is an “assumption” it may not be true, because as far as an academic paper search goes it appears nobody has proved if the assumption is valid or not.

What we do know is that time based covert side channels are very difficult to see, if you use say Spread Spectrum techniques to modulate the time based channel. That is you employ one or more “Low Probability of Intercept” (LPI) techniques that were at one time popular in military communications systems to “code the channel”.

The covert communications people have since moved on to MIMO LPI techniques. What I’ve not seen is any “public” research as to the applicability of such techniques to making side channels not just covert but robust to existing anti-TEMPEST techniques. My own thoughts on the matter is that it will prove to be promising …

[1] There is a Cryptovirology web site,

http://www.cryptovirology.com/

[2] There is a good reason why we do not use Linear Feedback Shift Registers as Key Stream generators, they are way to easy to predict the next bit on previous bits. In text books you get told that that there is a known attack if you can get a length of key stream bits atleast twice the length of the shift register. Many people make the mistake of thinking that it’s adjacent bits you need. That is you often don’t get told that it’s the number of bits that is important not that they all be adjacent to each other. There is a not so well known issue with LFSRs that if you sample the bits at regular intervals you can use those to get the original LFSR output. Thus you can make a software demonstration of a working attack against byte wide seven bit ASCII you can scare people with. The point you hide from managment is that it’s a weakness of the LFSR that such plaintext patterns can be exploited, and that the issue should not exist with CS-PRBG stream generators.

Bilbo Baggins February 4, 2017 1:15 AM

Checkout FireEye’s communications monitoring systems, and the software they supply to police and military for mapping civilian social interaction within communities.They have a nice walk through on their website. With a handy bunch of GUI based data visualisation and analysis tools, you will know who talks to who and how regularly, local people of influence, central pillars of social groups and motivating individuals.

A complete package comes with adapters for a wide range of older and current model devices, which can be fitted to existing patrol cars for quick cloning of an unlocked phones ROM and internal/external memory.

Stop firefox telemetry and file download monitoring

https://gist.github.com/MrYar/751e0e5f3f1430db7ec5a8c8aa237b72

Some basic FF browser tweaks. Cryptography hardening – (avoid disabling the SSL ones that are still used by IMDB and other security monoliths, if you want backwards compatibility with these old sights or it will break them)

https://gist.github.com/haasn/69e19fc2fe0e25f3cff5

Leave empty fields in Google Safe Browsing Firefox entries and disable FireFox from sending your downloaded file information to Google.In FireFox ver 50 there are 2 reporting addresses. Look for these two:
browser.safebrowsing.provider.google.reportURL
browser.safebrowsing.provider.google4.reportURL

http://www.ghacks.net/2014/07/23/prevent-firefox-sending-download-information-google/

Pete February 4, 2017 5:04 AM

When I worked in software development, we had contracts which required ZERO back doors be included. It was policy for all those clients. Simple. If we didn’t remove any back doors, we’d never make the sale.

So, we simply told them about all the different ways to gain access to the systems we were selling. That complied with the “no back door” policy, but also provided any hackers with a clear guide for how to attack our systems. There were easier ways to gain access to all the information inside our system (really inside the DB) than to hack our software. It didn’t run over the internet (well, nobody deployed it that way) and the DBs weren’t encrypted, so direct access to the raw data was always available, except that putting data stored in 1400 tables together into something useful for a human is non-trivial, hence the reason why we charged $M for the software.

If our law enforcement agencies hadn’t overstepped the US Constitution so many times, we’d be much more inclined to believe them when they say “trust us.” As it stands today, the abuses of their massive data gathering programs without specific warrants for specific people in specific situations has convinced me to encrypt everything, to make it just a little harder.

After all, if these agencies didn’t have anything to hide, then why don’t they admit to having and deploying tools which can break existing system to gather data the average person believes is secure?

“If they don’t have anything to hide?”

Andrew February 4, 2017 5:14 AM

@Bilbo Baggins
Thanks for sharing, I used to change some of them myself but the whole file makes Firefox faster, particularly on javascript overloaded pages.

r February 4, 2017 6:55 AM

@Pete,

Bravo, but we find ourselves in competition against each other as capabilities and awareness expand in the face of technology and programming.

With the whole ‘morality’ graph being a nearly horizontal line these days it’s relatively easy to find people willing to violate other’s errspace.

Grab your gun, get your phishing pole – it’s open season on us all.

We have an industry and institution to support and protect.

“Blah blah blah mr. high and mighty troll (me)”

z_edian February 4, 2017 7:53 AM

@buckaroo: Yeh, because that happens so often in real life that it makes total sense to put this question forward – it does not.

It is for the same reason that laws and reguations shall always be passed a priori and not in a state of tension or emotion.

Deliberate backdoors and non-sharing of vulnerabilities have the potential to create a staggering level of information insecurity and in turn affect then lives of many people (think: critical infrastructures, undercover LEA, foreign service personell, HRDs ..).

Wael February 4, 2017 8:01 AM

@r,

competition against each other as capabilities and awareness expand in the face of technology and programming.

Many solution providers sit on a pool of stupid and asseninie ideas. They’ve got to deliver something… think of it as an election exercise.

Then you have armies of top notch developers that eat, drink, and breath the only known productive design pattern: The Code-Cutting design pattern. They’re still [1] in denial, don’t expect things to get better anytime soon until the Code-Cutting pool is depleted and replaced with better quality code. And the developer pool is enhanced with better quality DNA. Sit tight: anytime, now! According to evolutionists, we’re looking at a few billion years before the next beneficial mutation takes effect.

[1]
We had a programer with a slight stutter
Who’s code had an overflow in the buffer
He saw some code on the ‘net
And copied some of’et
But claimed he ain’t no code cu-cu-cu-cutter

  • What are you doing up at this hour of the day? Rowdy Friday night?

"fbi" news February 4, 2017 9:16 AM

https://theintercept.com/2017/02/04/the-fbi-is-building-a-national-watchlist-that-gives-companies-real-time-updates-on-employees/
https://theintercept.com/series/the-fbis-secret-rules/
http://motherboard.vice.com/read/department-of-justice-official-tells-hundred-federal-judges-to-use-tor
search: https://www.washingtonpost.com/local/public-safety/if-a-best-buy-technician-is-a-paid-fbi-informant-are-his-computer-searches-legal
https://www.schneier.com/blog/archives/2017/01/friday_squid_bl_562.html#c6744812
https://www.schneier.com/blog/archives/2017/01/friday_squid_bl_562.html#c6744898

My Info February 4, 2017 11:08 AM

I said it before and I’ll say it again: the FBI needs technical expertise, not back doors.

Not only the FBI, but the DEA, CIA, SEC, ATF, FDA, FDIC, NCUA, AFIC, etc., etc.

Currently all the aforementioned agencies are pwned by the FSB, which is probably the most active of all in pushing for backdoors.

The root of the problem is a social and H.R. issue: as long as we continue to conflate the reputation of technical expertise (“hacker”) with that of a criminal mindset (“cracker”), we will have problems hiring and retaining honest and qualified technical experts.

The multitude of vendor-specific technical certifications and degrees offered online is a distraction and does not improve the situation, either.

Neither does the covert hatred and prejudice exhibited within the culture of federal government employee unions especially toward lesbian, gay, bisexual, and transgender persons, e.g. Alan Turing. Such persons are discouraged from applying to work for any government agency with so much back-stabbing and black-listing potential when they cannot trust their own co-workers. Others who do not wish to participate in the government employee unions’ anti-LGBT holocaust culture are likewise discouraged. This is not a partisan issue with any particular presidential administration. The problem grew out of control when the civil rights advances of the 1960s and ’70s, already crippled by the Red Scare and the Vietnam War, gave way to the Cold War and the war on drugs. It continued to grow with the resentfulness and recruitment activity of white supremacist groups within government employee unions under the Obama administration.

The problem will require much more extended and drawn-out investigation than a quick-and-easy Chainsaw Meg-style mass layoff.

Who? February 4, 2017 11:10 AM

@Ross Snider

Having build backdoors (not for government) I can testify that they have all been cheap, easy and effective.

Backdoors are neither cheap, easy or effective. Backdoors in commercial products are not cheap. Just think what will happen to industry if someone proves that Apple, Microsoft[1], Google or Intel[2] have backdoors on their products. A backdoor designed to last and not being exploited by “other agents” is not easy to build either and, as Clive Robinson has noted on this thread, backdoors are only effective as a mean to mass surveillance. Clever people knows how blocking backdoors or choose using alternative technologies.

[1] the existence of a backdoor on Windows was demonstrated by Microsoft a few years ago when this corporation used “a feature” in Internet Explorer to remove a patch that locked the ability of XP to continue receiving updates. Sadly this fact was mostly unnoticed by people that greatly welcome the ability of Microsoft to remove the wrong patch (and while here anything they want) from Windows PCs.

[2] yes I know about Intel vPro, AMT and ME, but I think it has not been proved it is a backdoor [yet] even if most of us believe this technology is a big one. By now I am blocking ports 16992 up to 16995 (both TCP and UDP) on my firewalls while listening to unusual network traces on my networks and reading news in specialized forums like this one. This backdoor will be incredibly expensive not only to Intel but also to all computer manufacturers if proved.

Wael February 4, 2017 1:35 PM

@buckaroo,

I wonder if Schneier’s opinion would change if a guy kidnapped his little girl and was then arrested without her, boasting that he buried her underground with only enough air to last 24 hours or so, with his encrypted phone holding photos, maps, and other details sufficient to find her.

I’m not putting words in @Bruce’s mouth. But generally speaking, you’d think the answer is obvious. Not so fast! Read about Al Soumaoal — if you have problems with translations, then consult @Ratio as he offers free services 😉

To save you time, he was an Arab Jew poet (at the time of the incident, I believe.) He is the example of loyalty in Arab literature, until today.

r February 4, 2017 5:26 PM

@Who?, All,

He mentions AMD, Intel, Apple, Google and Microsoft but is his eye on the prize?

Cisco, Huawei, Realtek, Broadcom, etc.

The early targets weren’t the high ground, they were the low ground and veilley’s that all the water of life flew through.

The things connected to your DMA, hardwired into the back of your neck.

r February 4, 2017 9:24 PM

@Wael,

Sitting tight wont happen until the next population crunch, we’re over saturated with old cold currently both online and off. I forget what’s it’s called but it’s effectively genetic stagnation and the human race can’t and wont advance until evolution is both forced and allowed.

All we’re doing right now is recreating the face of our maker.

Smart, is only now becoming ‘sexy’ with the Millenial’s and unfortunately it’s their kind-of smart and not mine, but! Who am I to judge I presuppose?

r February 4, 2017 9:25 PM

old code*

@Clive, yes I know the “sitting tight” clause is ill-formed too. 😉 Thank you ahead of time.

Wael February 4, 2017 9:44 PM

@r,

we’re over saturated

Someone sent me a really funny video on Whatsapp. Do you know how I can share it here? It’s not easy to find it on YouTube!

Wouldn’t it be nice if we can send whatsapp messages and videos to blogs like this? It’s secure, they say!

Wael February 4, 2017 10:36 PM

@r,

You could also gibs us teh passw0rd 2 ur account.

It’s test1234

Now go guess my username (or user phrase) I have a different style, dawg! My password is public, but my username is complex. Tell me the difference in security posture 😉

Shifty??!!

ab praeceptis February 4, 2017 10:49 PM

Wael

!!! WARNING !!!

test1234 is not a good password!

I strongly suggest to either user a longer one (“test12345”) or to confuse evil attackers by inverting the numbers (“test4321”)!

Wael February 4, 2017 11:01 PM

@ab praeceptis,

I strongly suggest to either user a longer one

It’s information like this that saved my day. I wouldn’t know what to do without you guys! But it’s friggin’ public @ab Praeceptis. Public! My username is 2700 characters long. Actually most of the time I don’t need to type in my password, because my username causes a buffer overflow. It also gets me into other accounts!

One more thing: I obtained this password from a random number generator! Why is that hard to believe? This happens to be a nebulous question, by the way 😉

Nick P February 4, 2017 11:56 PM

@ Wael

“but my username is complex”

But cut n paste, text fields, and Google are simple things. What could possibly go wrong.

ab praeceptis February 5, 2017 9:48 AM

Wael

Always glad to help.

As you, however, correctly recognized, those password are now somewhat tainted by having been published.

Therefore I suggest the following: Let us find a new password but this time we’ll be smart and tricky. Let us talk “scrambled”! Let us use capitalize the small letters and vice versa and let us add 1 to numbers used.

So, rather than “test4321” let us write “TEST5432” so as to fool the evil guys like the fsb hacker armies and all the chinese hackers, hehe.

As for your user name I suggest to shorten it somewhat, say to 1023 bytes. The reason for my suggestion is that I’ve read on Symersky’s super-security experts blog that buffer overflows (what ever that may be but I presume that good computers have large steel buffers and hence those overflows concern mostly cheap systems with small plastic buffers) can harm windows security!

If I may ask: What do you mean by random generator? Certain politicians? Your beloved wife? The lottery system?

Steve February 5, 2017 11:37 AM

“I said it before and I’ll say it again: the FBI needs technical expertise, not back doors.”

At what point do we say there’s no difference between the two?

Just askin’

Clive Robinson February 5, 2017 1:54 PM

@ Steve,

At what point do we say there’s no difference between the two?

From what point of view?

Bearing in mind technology is agnostic to use, “backdoor” is more a statment of a human not technical view point and thus the directing/controling minds intent.

Thus a “backdoor” is very much an intentional choice, where as a technical exploit of a failure in design is not.

Thus arguably they are never going to be the same due to the intentional / unintentional devide.

However this brings up the more practical question of how to differentiate between an unintentional attack vector and an intentional flaw made to look like like an unintentional attack vector.

Obviously there is no doubt with a legislative backdoor as it’s mandated, but a covert backdoor can be perhaps recognised from it’s usage. Because the intent of a backdoor is not just to make Communications traffic available but all User Data available. Thus communications traffic would logically be a subset of all user data thus simple instrumentation of communications links would show a size disparity, that could be seen.

It’s why the likes of Microsoft Win10 and Office364 are pure poison from a user perspective. Because they like Google and Apple do almost whatever they can to force all user data into communications traffic or give the ability to hide it under the weight of “telemetry data” which has sufficient redundancy to have very many covert channels hidden.

Matteo February 6, 2017 6:39 AM

Bacldoors are not the solution:
-you can’t de-invent something that exists, this is true for crypto weapons, and any other technology.
it is too late, crypto that works has been invented, it’s on books and you can do NOTHING to undo it.
-@buckaroo “a criminal with map, photo and other details on phone” really? and maybe a selfie with the victim come on… if you are a criminal you just don’t use a phone.
-every technology helps good and bad guys:
cars, you can use them to move easily everywere or you can use to escape the police but noone is telling “backdoor the cars because they can be used for evil purposes”
-just because there is a password it doesn’t mean that it’s “uncrackable” lot of things can go wrong:
-police can install an hidden camera
-sieze the device while unlocked
-use forensics like DMA attacks to extract passwords and data…
if they don’t know such things they should learn them not ask “pls backdoor everything because we are lazy and don’t want to learn new things”
-backdoors help only mass surveillance
-whats app is end to end encrypted:
number of good guys helped: almost anyone
number bad guys helped: a few
how to bypass e2e encryption for the bad guys:
-get the chat backup that is not encrypted
-intercept sms and login on other phone
problem/good thing: it doesn’t work for mass surveillance

Matteo February 6, 2017 6:47 AM

@buckaroo in europe phone network providers must store phone data for at least 6 month and max 4 years.
so the location is CONSTANTLY STORED.
again,, no need a backdoor. your example could be solved even without having in the hands the bad guy phone!

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.