Schneier on Security

Clive Robinson • August 3, 2019 1:59 AM

@ Nick P.,

Long time no hear, I trust you are well?

With regards,

Every service that’s ad-driven is offered in a paid model at whatever they’re making per user in ads. That or with a small premium to cover privacy-oriented deployment.

What do you call a “small premium”?

They would need to set up a quite different infrastructure to that which they currently have. Thus they would be looking to recoup that “at a profit”. With banks claiming to regulators a 6-20USD / month cost of running accounts you can see how high the price aimed for could be.

But also you will see another trend. If Google / Facebook etc are making 130USD/person as some have claimed that is likely to be an inflated average. Even so some are going to be worth a lot more than others. Those that are worth more are more likely to use a privacy option if one existed, which means that they are going to have a disproportionate effect on the pricing model. As I was once told “It’s hard to sell a plum pudding if it’s known not to have plums in it”. Therefor the Silicon Valley Big-Corps are going to claim that those customers are going to be worth more than the inflated average, a lot more. Thus the asking price for such a service will be quite high, probably too high to be viable.

But with the changes to FCC regulation under this current administration comes more issues. It’s clear from the likes of previous “traffic tagging” experiments that large ISPs want in on a slice of the marketing pie that the Silicon Valley big corps have. Thus they are going to look long and hard to find ways to do the same. Thus any differentiation in customer type going into the Big-Corp systems will be used as a way to raise more revenue one way or another.

The big problem is that an artificial market has been created in user data, and it’s fairly clear it’s corrupt. That is when you look at the disparity in price on what enters the market from those buying advertising space to the sums payed out to those who run the sites users visit it’s clear that it’s virtually all going to “middle men”.

The problem with such artificial markets, is once made they don’t just go away again, they will fight to protect their revenue in what ever way they can. Which brings us around not just to the visable money used for lobbying but the so calked “black money”. Such artificial and corupt markets will buy votes to protect their markets. The Telco’s, Cable and Power companies are particularly adept at getting the legislation they want that makes them “rent seekers extraordinaire”…

Clive Robinson • August 3, 2019 11:08 AM

@ gordo,

Looks like this article got pulled, but the point remains.

The point is a bit broader than the “don’t trust closed source” the articles implied.

Even FOSS can have issues with the implementation of algorithms, protocols and standards.

I said long ago on this blog if I were the NSA, GCHQ, et al, I would not want to backdoor implementations but algorithms, protocols and standards. With standards being the most preferable because they would normally be not just around the logest but have to be certified in some way for compliance.

We then found out from the Dual Eliptic Curve DRNG issue that indeed that is what the NSA did. And I’ve always strongly suspected the NSA of rigging the AES contest such that the freely available code designed for speed and efficiency but not security would get put in the majority of implementations. So it turned out and the code was effectively riddled with time based covert channels leaking either key information, plain text or both.

Others have pointed the finger at IPSec with regards protocols but as far as I’m aware no real smoking gun has yet been found.

The point is though we have to look at Crypto in terms of “Asymetric Warfare”, the SigInt agencies whilst large are these days smaller than the academic community, but they have been at it for a lot longer. Also unlike an academic who has to publish papers preferably in new areas, SigInt researchers can spend a lot lot longer on a given problem thus go into it in more depth than current academics do.

Thus whilst the SigInt agencies are for various mundane reasons falling behind in many areas, they are still ahead in others and unlike academics do have large budjets to throw at problems.

Thus in some respects they have the upper hand because they can backdoor algorithms, protocols and standards in ways that few even in their own organisations would know about let alone recognise.

Thus you or I could look at a piece of Open Source code and claim it was compliant with all algorithms and protocols and there was no known flaws in it, and we would be wrong. Because they would have added something known only to them and not to the rest of the world.

Currently I know no way of reliably detecting such things, like all side channels there are more than you could find sticks to shake at the problem.

But there is a worse problem, as I’ve noted the “Smart Device” entire model is incapable of being made secure. There are some known and verified to work soloutions by which you can build secure systems over the top of them. But they are “Not Convenient” and “take effort” therefore the only people who will take those precautions are the very few who feel they have need to. By and large those who feel they have need to are those who society in general would consider undesirable.

Thus the bulk of people will aleays be insecure because they want “No effort convenience”.

This state is obviously highly desirable to certain “Police State” types who will take advantage of it to the maximum. Worse as the Facebook / Cambridge Analytica debacal showed, so will others to generate highly focused propaganda to ensure elections are more likely go the desired way of corporate sponsors etc.

Non of which is good for society or easy to catch or stop.

Clive Robinson • August 3, 2019 7:23 PM

@ tz,

How do you KNOW your Huawei hardware (with their software) do not contain Chinese (government, but businesses are so deeply linked) backdoors that would allow massive surveillence well beyond the NSA.

It is extreamly unlikely that China is even remotely close to the known level of international surveillance / espionage carried out by the NSA on it’s own let alone with the help of the extended Five-Eyes.

Historically from public information the attacks against Huawei and ZTE started after China told the US that enough was enough with NSA making attacks against China. The US ignored the warning and the Chinese produced laws stopping businesses importing or using equipment and software known to have been modified by the NSA for surveillance purposes.

As for 5G, it’s becoming clear that the US Gov is determined for the parts most likely to be used for spying, to be made by US Corps some of which are so close to the US SigInt and IC agencies and Government that any one outside the US should have considerable cause for concern.

Especially when you look at the real infrastructure of the Internet. China is off to one side as is Russia, but the US is at the center and the extended Five-Eyes straddle all the “choke points” where any kind of international traffic flows. Thus whilst the signals arising from China spying via 5G would be obvious as they went through the choke points, none of the traffic arising from the US or Extended Five-Eyes would be visable, except to other members of the Five-Eyes Club and they are unlikely to talk.

As for who you trust or don’t trust that is upto you, personally I’d rather examine the information we have, and currently that says the NSA is very very bad news and almost without any doubt the major spying agency in the world by a very very long way.

It’s why Russia, China, France and many other countries want the UN ITU to not just take control of the Internet away from the US and put it in international hands, but also to put in place considerable measures to remove the US and Exyrnded Five-Eyes from Internet dominance.

The side effect of the current ham fisted US Gov policy is that the rest of the world is going to start thinking in terms of not using US equipment or designs. Not just because of the espionage risk, but primarily in terms of National Security within their own boarders. History shows how much damage a “Water Rights War” can achive, the only way to prevent it is by ‘diversification of supply’. You can be sure that a lot of people in a lot of countries will now be focussing on this rather more than before.

But at the end of the day the consumer does not need 5G, 4G-LTE is what they need, which is what they will probably get for the next decade anyway as 5G will fall back to it in all but a very few very tiny areas. Also the way things currentky are “roaming” and “international use” is not going to happen with 5G thus 3G/4G will be carrying that for quite some time to come. But there is also another issue which is legacy 2G there is a very large amount of infrastructure related equipment that uses 2G and won’t get teplaced for 20-30years… The mobile phone service suppliers will be held to supporting it for that period if not longer, even the latest equipment being installed is barely 4G most is earlier thus 3G/4G is going to be hanging around for some time as well…

Clive Robinson • August 4, 2019 5:29 PM

@ Bruce,

the notion of compensation is an interesting one

You still have a right of free speech, and for any kind of compensation to be due, they would have to show that they suffered harm at your hands.

The fact thst Facebook have not done anything in their official capacity, suggests that they do not beleive that there has been any harm, or if there has been harm it is very minor or inconsequential.

Further it could be argued thst in fact you have done the opposite of harm to Facebook. It’s the reason there is the old saw of PR/Marketing of “There is no bad publicity only publicity”.

But lets take a step or two back, you mentioned a story published in what is regarded by sufficient people as a “reputable” magazine. The story was based on another story that had also been published without question. Likewise it was based on reporting from a conference, which again when published had not drawn any critizism.

I’m not sure how far back you are supposed to personally go to verify a story that you are not actually publishing or particularly taking a position on but are discussing issues (content moderation as a backdoor) brought up by the story as issues rather than the alleged player (Facebook).

The simple fact is the idea of “content moderation” is one getting pushed by all sorts of people who have realy not thought it out and I realy mean thst they have not thought about it. Their reasoning is at best “knee jerk” based on dubious edge cases and quite a bit of faux “fake news” whipped up into an emotionaly driven echo chamber.

Any argument that says that people should lose basic freedoms such as the right to disagree because of what is a fake fear, should realy be resisted. Not just because it’s wrong but it’s actually deeply insulting, and signs of disengagment from reality by those making it. In essence they are saying that every one is stupid because they don’t agree with their emotive and unfound argument. That is they are taking the view point that almost an entire nation is to infantile to be alowed responsability to think and reason, whilst they the self appointed should be “guardians”…

Now I can not say how these people came to their view point but it’s clear it was not by rational examination of the effects on society.

Personaly I do not want my life to be dictated by irrational and ill informed people. Especially when I’ve been warning about the downsides of the current implementation of technology that makes such ill advised policy possible.

We actually have previous experience of just how easy such “end run” attacks are on this ill designed technology before. The CarrierIQ debacle should still be within the majority of this blogs readers minds, after all it was back in early Nov 2011 that Trevor Eckhart published his report that pointed out the capavilities were effectively spy-ware (AT&T bought CarrierIQ up in 2015 which might help answer your earlier question). But the same sort of thing has happened with RIM Blackberry phones and unsavoury / oppressive governments getting master key access. Then there is the compulsory telemetery put in not just by phone manufacturers (many not in China) but US OS suppliers.

My view based on history and it appears to be agreed with by increasing numbers who care to think about it, is that “A lack of privacy and free association is very harmfull for society”. Just one symptom of which is it encorages extreamist groups to florish that in turn pull in what would be normally considered social misfits and those lacking a moral compass. This almost always leads to polarisation, violence, significant social break down and often a tail spin downwards into Marital Law or civil war, which I suspect the majority would consider harmfull to a free and equitable society.

Thus I personally think any reasoned discussion about the likes of unrestricted “plain text access” is long over due. As is a discussion about why we alowed technology that has been designed to enable such “plain text access” for unrestricted access not just under lawfull oversight but wihout restriction and hidden from sight by corporate agenda.

Thus even though the story might be currently wrong (and Facebook have done nothing to say it is not wrong) the conversation needs to be had and those bringing knee jerk edge cases such as many current politicians should be outed and shown for what they are, such that people in general can make rational choices based on reasoned and informed discussion.

Clive Robinson • August 4, 2019 7:24 PM

@ Sancho_P, Name.Witheld…,

CALEA is, as the tape recorder was, is meant as access from now on into the future.

You need to go back long before even then.

English legal theory was based on the notion of “Equity in arms” or if you prefere the old “Trial by combat”. Nothing was ment to be hidden and no dishonest behaviour allowed by either party.

The idea behind “warrants” is a little more subtle than most realise.

Firstly they gave oversight to the process ensuring some kind of probable cause existed such that no honest man be impuned or his good name sullied without just cause.

Secondly and more importantly they had to be served on the named individual, and describe the items sort. Which importantly gave the accused due notice not only were they under investigation, but also that they could challenge the “probable cause” thus stop the invasion of their privacy. Likewise they could challenge the scope to stop illegal “fishing expiditions”.

Thirdly those who had obtained a warrant were then put on a clock, they had to produce a case to court in a sensible time frame or be challenged and have to withdraw their investigation.

Forthly was the notion of equiry in arms, that is the resources investigators had available were not just finite but highly limited such that investigations would be kept in check.

The problem with the ability to record communications is at best only the “probable cause” was left as a protection and gone was your ability to challenge it.

Thus “endless investigation” or just plain endless surveillance came in with recording phone calls. Which was inpart, why originally, there was only the chart recorder “pen and trace” of pulse dialed numbers recorded not “audio”. This was based on the notion of letters, where the address on an envelope was not private knowledge but the contents of a sealed envelop most definately were.

There never was the intended idea that a third party “fly on the wall” evesdropper would exist on personal communications in criminal investigations (treason and other high crimes of state were treated entirely differently originally under the monarch’s prerogative).

Thus not only does “collect it all” in effect give the authorities a “time machine” the very small cost per person of doing so means the “equity in arms” is gone and the hidden nature of “collect it all” gives the authorities as much time as they wish to build a case whilst robbing the defendant of equivalent time to defend themselves.

All in all the use of technology in this way is very dishonest behaviour and most certainly not envisaged in an equitable justice system.

Clive Robinson • August 5, 2019 6:34 AM

@ Name.witheld, @Sancho_P,

As before, since the Telecommunications Reform Act and 1996 and various barfings held at justice and the FCC, we can expect this pony to die a horrible death…

It’s not just that pony that’s “en flambé”…

As some of us know the Plain Old Telephone Service (POTS) or “land line” was analog, which ment you could use the 300hz-3.5KHz bandwidth as you pleased. Which is why we ended up with some eye wateringly fast analog modems towards the end of the “dialup era” at the turn of the century.

Not so the the cellular networks that use speech compression which effectively alienates any other usage of the available bandwidth for anything other than speech.

Back in the old “dialup days” of the 1990’s when 486’s running at 50MHz where the hight of computing power for the home user. I and some associates developed our own “private speech” software, that used the line in on the PC to digitize the audio (with LCP10), then encrypt that (with Modified DES) and then send the data down to the modem.

Whilst it worked it had delay and other problems that made “ordinary speech” harder than most would like (much like the old long distance calls via satellite). But it was fine for anyone who was used to using “radio comms”.

As others have found trying to make external “voice encryption” for mobile phones is very difficult at best. So far it’s proved well neigh impossible for “consumer” pricing[1] and the major stumbling block when people have tried is due to the speech compression used[2].

Likewise you would not want to do speech encryption on a vanilla mobile phone for various reasons not least because of the expense of getting type approval (I know of people who tried to do this but the market was not there at the time in the mid 2000’s).

But doing it on smart phones is also very unwise, not just because the security end points are in the wrong place but for another perhaps more shocking reason.

With most mobile phones the sending and receiving of data carries on even when you are placing a phone call. But people forget that due to “Health and Safety” arguments the “operator” can place a “silent break in” call to a phone at any time. The consequence of this is, as there is only one microphone in a phone, what you are saying into the microphone to go into your voice encryption app and thence onwards as data also can be sent down the ordinary “Operator assist” silent break in… Thus an audio based end run attack is fairly trivial[3] in smart phones.

But that silent break in issue also works if you are using an extetnal voice encryption device that generates say USB data, and will pick up any audio in the room…

There are ways around this issue with a soldering iron but only the geekiest of geeks are going to do that, and the resulting “cludge” they are unlikely to want to use in public or try crossing a border with due to the attention such a cludge would bring the user…

So the pony of “secure speech for the masses” has gone beyond en flambé and has been well and truly barbequed.

[1] Something potential “crowd source” funders should remember. Anyone else remember “jackpair” from 2014? They still have a web site quoting @Bruce but as for product…

[2] It’s interesting to note that the voice compression used in mobile phones (CELP) was originally developed by the NSA. Who very supprisingly at the time made it available for use around the world,

https://www.nsa.gov/Portals/70/documents/about/cryptologic-heritage/historical-figures-publications/publications/wwii/sigsaly_history.pdf

[3] As far as attacks go, “End Run Attacks”[4] are realy the biggest enemy of privacy and security especially audio end run attacks. They are fairly trivial to set up and the physical constants in the likes of keyboards means even key strokes can be worked out. With signal processing each individual mechanical key click can be identified, then it is the equivalent of breaking a simple substitution cipher to recover what is being typed. Whilst it would be harder with “virtual keyboards” using touch screens you have to remember the basic process by which touch screens work to see there are interesting possabilities for the curious to investigate be they a student or spook.

[4] For those outside the US “End Run” is a sporting term, where an attacker outflanks the defensive line,

https://www.lexico.com/en/definition/end_run

Clive Robinson • August 5, 2019 6:06 PM

@ SpaceLifeForm, Moderator,

Did this site change certs or upgrade ciphers today?

That’s a question best answered by the moderator.

The problem I’ve been having in the UK is with Vodafone who are one of the world’s larget Mobile ISPs and has had issues for the past week or so… Not that their tech support staff know “jack” (or will admit it).

Chasing other sources of information indicates apparently they are telling certain people it’s an upgrade as part of 5G preperations… The reality is that there is no real reason to touch the systems (DNS, Nanny Wall, etc) that have been visably effected…

What it appears they have been doing is adjusting their “nanny wall”[1] tables that are used to block sites (you can tell by the response time you get). Many security sites and electronics and physics sites have as a result “been disappeared” for no real reason (thus most likely an automatic system running into the “Scunthorp” problem[2] with technical terms and the like that AI just totaly SNAFU’s).

[1] The “nanny wall” is the idea of ex UK Prime Minister Theresa May. Like her moronic “snoopers charter” it was a political publicity stunt. Essentially she demanded that all ISPs filter content to customers and “think of the children”. A totaly pointless idea because the main damage is the big Silicon Valley corps creating addiction, depression and suicide in vulnerable people in order to supposadly sell more advertising (the real reason is way more dark and is stalkerish profiling). Likewise the big corps provide avenues for cyber bullying, gaslighting and a lot worse none of which content filters can catch. Likewise even children know or can easily find out how to use free VPN’s to get around it. Oh and it’s cristened “nanny” because the usual mantra from Theresa May’s party is their opponents (plural) want to expand the “nanny state”.

[2] Scunthorp is a busy town and local council in the UK. The story is that they fitted a new “profanity filter” which then stopped all incoming mail (see 2nd to 5th charecters in their name). Other words often get caught in other filters such as those dealing with imprisonment (penal servitude), for astronomy (black holes, and older terms such as heavenly bodies and libido). Engineering especially older mechanical engineering is full of them… As anyone who has ever read the small adds and been told the alternative meanings of “French Polishing” and similar, can see that even humans miss a good deal of the “naughty” that such “think of the children” idiots demand be stopped. It’s actually a task of Sisyphus as humans are more diverse than AI will ever be thus will out evolve it in such word games.