[cryptography] Compromised Sys Admin Hunters and Tor
Sys admins catch you hunting them and arrange compromises to fit your demands so you can crow about how skilled you are. Then you hire them after being duped as you duped to be hired. The lead Tor designer reportedly (via Washington Post) had a session with NSA to brief on how to compromise it, although compromise was not used nor is the word used by gov-com-org-edu. http://cryptome.org/2013/10/nsa-tor-dingledine.htm Not many honest comsec wizards nowadays are promising more than compromised comsec, and the compromise is gradually increasing as Snowden material is dribbled out to convince the public and wizards not a hell of a lot can be done about it except believe in and buy more compromised comsec. Not news here and in comsec wizard-land, to be sure, but compromised comsec is the industry standard, as the industry and its wizards in and out of government enjoy the boom and bust in comsec tools generated by precursors of Snowden, Snowden and his successors. Compromisability is assumed by the comsec industry to be a fundamental feature in all nations, no need to advertise it, much better to advertise how great comsec is and now much it is needed. Crypto-wizards have a long history of compromising believers who hire them and who suffer their promises of highly trusted protection. Trusted comsec is necessary to get persons to pack their comms with compromisable information. The greater the trust the greater the revelations of just what is desired. So what if laws are aleays jiggered to allow access to the revelations under legal pressure and FISC orders. That has been a fundamental feature of crypto and comsec wizardry. At 06:04 AM 3/21/2014, you wrote: Hi there, As I am running a local cryptoparty and do a lot of basic encryption/privacy talks and workshops, I am often recommending Tor as one of the means of protecting one's privacy and yes, even security (for example, by running a hidden service and making it possible for users not to leave the darknet). Of course it's far from being enough, and I make that very clear. But lately I got to wonder if using Tor does more harm than good? If the NSA can impersonate any IP on the planet, they can impersonate any Tor node; tis has two important consequences: 1. they know when you're using Tor, and can flag you accordingly, and (for example) deliver some nastiness when (not if!) they get the chance, because when you have something to hide... 2. they can guess with high probability whom are you communicating with; they don't have to break encryption, it's enough they listen-in and see that a Tor packet from your IP to Node A is x bytes; a packet from Node A to Node B is x-( header + Tor encryption layer size ) bytes, and so on. So, is using Tor today doing more harm than good? Would ordinary Joe Schmoes be far better of not using Tor? How about more high-profile targets, like activists/hacktivists, etc? -- Pozdr rysiek ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] Dynasty of Compromised Comsec and Legal Protection
The marriage of flexible legal protections and malleable comsec is a venerable dynasty of compromise. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] Using some crypto to make gov't dataset identifiers better
So this is a little different from the usual fare here, but my colleague Tom Lee at the Sunlight Foundation has been thinking about using basic cryptographic concepts to convince governments to publish more unique identifiers in their datasets -- even when the identifiers they have in their *databases* is sensitive (like SSNs). The problem of anonymizing unique data is in some senses easier than others here, because in some gov't contexts, making things personally identifiable isn't the problem -- the *intent* is to publish personally identifiable, connect-able information, like for campaign donors and lobbyists. So the Mosaic Effect (de-anonymizing Netflix data) is less of a concern. Depends on the problem, though. After talking about it on a couplehttps://groups.google.com/forum/#!topic/sunlightlabs/CdCdB_0TCgcof listshttps://mailman.stanford.edu/pipermail/liberationtech/2014-February/012834.html, Tom blogged it up: http://sunlightfoundation.com/blog/2014/03/20/a-little-math-could-make-identifiers-a-whole-lot-better/ Your feedback would be very welcome, either here or in public fora. Of course, convincing government agencies to actually do this sort of thing might be a challenge, but there's a lot of levels and branches of government out there - you never know who might lead the way. -- Eric -- konklone.com | @konklone https://twitter.com/konklone ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Compromised Sys Admin Hunters and Tor
On Fri, Mar 21, 2014 at 5:01 AM, John Young j...@pipeline.com wrote: Sys admins catch you hunting them and arrange compromises to fit your demands so you can crow about how skilled you are. Then you hire them after being duped as you duped to be hired. everything old is new again, betrayals for lucre, for lust, for fame, for fear, ... this is why some technology consumers demand independent validation[0] to confirm to their own eyes if design matches intent; if operation matches assurance. how can you even trust the word of a third party verifying integrity if you can't determine integrity yourself? caution: this line of reasoning leads to long dependencies... ;) The lead Tor designer reportedly (via Washington Post) had a session with NSA to brief on how to compromise it, although compromise was not used nor is the word used by gov-com-org-edu. http://cryptome.org/2013/10/nsa-tor-dingledine.htm the beauty of privacy, like freedom, is that it floats all boats. [ i may not agree with what you do with free, uncensored communication, yet i code and toil for your ability to communicate regardless. ] in all seriousness, what you describe at the root of things: systems that are inherently and fundamentally compromising, if you have the right adversary, if you have the right resources, is absolutely true! in industry speak this is characterized in terms of risk management. in military, aimed at a higher common denominator, yet fundamentally just as vulnerable (built to a more competent attacker. a larger resource stream.) there are defeatists a plenty, having looked around the state of things, and fall to nothing but despair. i think it is reasonable to demand complete transparency and utmost correctness and reliability in these technologies we depend on. that's a radically different future than what we have now or can think of in terms of current engineering capabilities. never the less, a future worth aiming toward! finally, to your mention of the meeting with NSA, this is interesting from a reversing the adversary's perspective. [since presumably Roger does not hold clearance of course, this is all treating Roger as hostile witness!] let's review it: --- Roger Dingledine at NSA NOV 2007 ... Contents 1 (U) Talk by Roger Dingledine at NSA, 11/01/2007 at RE (Sponsored by NSA RT) o 1.1 (U) Who are TOR Customers? o 1.2 (U) Anonymity System Concepts o 1.3 (U) TOR Issues the usual culprits. (U) Talk by Roger Dingledine at NSA, 11/01/2007 at RE (Sponsored by NSA RT) next time ask for them to sponsor bridges, obfuscated proxies, and fast exits? :) [only half in jest, as QUANTUMSQUIRREL would also make a great single, large exit for entire Tor network as has been mentioned in the past! constantly changing set of address space would avoid censorship and blocking into and out of the network. (though i would _only_ use NSANet as a obfuscated proxy first hop to hidden services or as last hop exit relay to clearnet where they occurr no where else along my circuit.)] (U) Roger Dingledine, now of Torproject.org, was one of the principle inventors or TOR. Current usage statistics quoted are 200K users and 1K servers. When asked about trends, he had no concrete data - Being a non-profit open-source effort, the collector of statistics has not been active recently. now there are metrics :) https://metrics.torproject.org/ (U) The obligatory Anonymity is not equal to Cryptography and Anonymity is not equal to Steganography admonishments were given early on. (U) Who are TOR Customers? (U) Mr. Dingledine mentioned that the way TOR is spun is dependent on who the spinee is. Using the typical (in the cryptography world), Alice and Bob as communicants, he described several Alices: (U) 1. Blogger Alice, who wants to be able to write to a blog in an anonymous way. (U) 2. 8 yr. old Alice, who wants to be able to post to sites for children in a way insuring her true name and location are not discovered. (U) 3. Sick Alice, who want to research information on her illness on the Internet while not enabling anyone to determine her true name and location. (U) 4. Consumer Alice, who wants to research possible purchases without having a database of her marketing habits being built without (or with her weak) consent. (U) 5. Oppressed Alice, who lives in a repressive country (no or limited free speech) and wants to talk about things contrary to her governments positions. The countries he used as examples were France, Germany (prohibitions on fascist writings?) and the US (not sure what he meant here?). (U) 6. Turning to Business Alice, we had examples of companies not wanting to give up their business secrets to competitors via their Internet usage patterns. An anecdote was given of some business getting a different HTML page displayed when the same URL was accessed with and without TOR. (U) 7. Law Enforcement Alice was concerned with
Re: [cryptography] Compromised Sys Admin Hunters and Tor
At this point, one can but humbly remember John 8:7, ...He that is without sin among you, let him first cast a stone... --dan ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] Compromised Sys Admin Hunters and Tor
On Fri, Mar 21, 2014 at 7:01 AM, John Young j...@pipeline.com wrote: Sys admins catch you hunting them and arrange compromises to fit your demands so you can crow about how skilled you are. Insiders are always your biggest threat. Then you hire them after being duped as you duped to be hired. The lead Tor designer reportedly (via Washington Post) had a session with NSA to brief on how to compromise it, although compromise was not used nor is the word used by gov-com-org-edu. Er, so? The NSA could just... read the public docs and source anyways. I'd personally love to be able to sit down with NSA cryptonerds and chat -- if they talked at all I'd learn something. As long as there was no coercion anyways. Nico -- ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
