RE: CDR: Re: Lions and Tigers and Backdoors, oh, my...
-- From: Ray Dillinger[SMTP:[EMAIL PROTECTED]] Sent: Wednesday, September 27, 2000 4:39 PM To: Trei, Peter Cc: [EMAIL PROTECTED] Subject: RE: CDR: Re: Lions and Tigers and Backdoors, oh, my... On Wed, 27 Sep 2000, Trei, Peter wrote: Can you document this claim of the existance of 'help fields' in Netscape? Not directly I can't, at least not without betraying someone. In retrospect, I should've used a nym to make the statement to keep him out of trouble. I don't accept this. You should be able to: generate traffic dumps pointing to the 'help field', and showing where it fits within the SSL specifications. This is hardly rocket science. There is no need to compromise anyone whatsoever. Put forward the evidence, so we can independently confirm it. This sort of thing happens every year or two on this list. Someone makes a claim which, if true, has interesting and/or important implications. However, the nature of the claim is one which is quite capable of verification. The onus is placed on the claiment to 'put up or shut up'. Usually, they shut up. Examples of such claims include: * PGP has a secret backdoor. (OK: Here's the source: Where is it?) * gcc is hacked to stick secret backdoors into PGP. (OK: Here's the source: Where is it?) * All gcc binaries will stick the PGP hacking code into gcc when compiling gcc. (Here's a dump: show us.) * Emily Dickinson hid her boyfriends initials in her poems. (Here's some statistical tests you need to run: Show us). So I call upon you: Put up or Shut up. I am (to put it mildly) astonished by this claim, and more than a little skeptical. I was aware of the Workfactor Reduction field in the export 'aka International' version of Lotus Notes (which this 'help field' seems identical to), but was not aware of it being included in any other application. Okay, let's forget what I know from people I don't want to drag into the fire and go through it from the "circumstantial" angle. What does it mean when Lotus Notes has to put a work reduction field in their product in order to get export approval status, and then doesn't talk about it? But lots of other companies who also don't talk about it, with stronger-seeming crypto get export approval status? you brought it up, you document it... Huh? "Doesn't talk about it"? It was announced with fanfare at the RSA Data Security conference a few years ago. There were press releases. It was widely discussed on this list. I invented the term 'espionage enabled' to describe this kind of application. Lotus got a lot of flack about it, but persisted. Some customers even bought it, noteably the Swedish government (See Risks Digest http://catless.ncl.ac.uk/Risks/19.52.html#subj1). What does it mean when banks refuse to work with earlier versions of Netscape claiming it's because the security certs are expired -- but when new security certs are downloaded and installed, they still refuse to work with earlier versions of netscape and refuse to tell you why? (This, btw, was what made me suspicious in the first place and why I started digging...) http://banking.wellsfargo.com/ Well, it could mean that they want to use Web features available in later versions but not in earlier ones. Or maybe there are known security holes in earlier editions. Wells Fargo has actually been ahead of the curve at times: they were one of the first sites to require 128 bit encryption. What does it mean when Lew Giles, even after the rules change to the BXA-controlled system, made a living going around convincing engineers working for american companies to compromise their products' security? With or without knowledge of the companies' execs? http://www.counterpane.com/crypto-gram-9902.html#backdoors Is it after BXA? Bruce notes that the stories are all at least two years old, which would place them in very early 1997 at latest. I can't remember when the switch took place. Of course, if LG was doing this (and I have no real doubt that the NSA might try), it's excreable, but what is the relevance to products today? He can no longer seriously threaten to hold up export. What does it mean when PGP has a "flaw" introduced into its Additional Decryption Keys at the same time NAI is seeking export approval for it? And NAI gets export approval, and then nobody notices the flaw for several years after, and then they go oops, it was just a mistake? in light of recent news, I don't figure I have to document this one What does it mean when a CEO who actually can and does review code, so subverted engineers can't seem to get one past him, in a meeting with NSA officials refuses to compromise -- and one of the spooks loses his cool and offers to run the guy over in the parking lot? I'll explain this one to you... it means that spook _HAD_NEVER_SEEN_ anyone
Re: CDR: Re: Lions and Tigers and Backdoors, oh, my...
At 4:45 PM -0700 9/26/00, Michael Motyka wrote: http://www.inet-one.com/cypherpunks/ Re: CDR: Re: Lions and Tigers and Backdoors, CH recommended: http://www.amazon.com/exec/obidos/ASIN/0684818620/cypherpunkshyper Buy This Book! http://www.amazon.com/exec/obidos/ASIN/0786889136/cypherpunkshyper Buy This Book! Keep this advertising shit off of the list. Fucking unbelievable. --Tim May -- -:-:-:-:-:-:-: Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, "Cyphernomicon" | black markets, collapse of governments.
RE: CDR: Re: Lions and Tigers and Backdoors, oh, my...
Can you document this claim of the existance of 'help fields' in Netscape? I am (to put it mildly) astonished by this claim, and more than a little skeptical. I was aware of the Workfactor Reduction field in the export 'aka International' version of Lotus Notes (which this 'help field' seems identical to), but was not aware of it being included in any other application. If you can document this, I'm seriously interested in following up. Peter Trei Cryptoengineer RSA Security Inc. [EMAIL PROTECTED] -- From: Ray Dillinger[SMTP:[EMAIL PROTECTED]] Reply To: Ray Dillinger Sent: Tuesday, September 26, 2000 8:37 PM To: Michael Motyka Cc: [EMAIL PROTECTED] Subject: Re: CDR: Re: Lions and Tigers and Backdoors, oh, my... On Tue, 26 Sep 2000, Michael Motyka wrote: From the article... Until recently the US government strictly controlled the strength of cryptography in software exported to different countries, in order to protect the government's ability to access and monitor communications data. The regulations were relaxed after pressure from industry but Madison believes that this may have driven the NSA to find ways to carry out surveillance. "They're not going to give in over exporting strong cryptography without getting something in return," he says. I can't believe that they would voluntarily enter a period of weakend capabilities. My guess would be that he has the event ordering wrong. Nope, he's got it right. There used to be, officially, a 40-bit key length limit on exportable software. This made american software products with any crypto capacity ridiculously weak, to the point where anyone concerned about security would not use it -- the software industry was losing to foreign competition, and the quality of the intercepts was going down because everybody was wise to it and nobody who mattered to them was using it anymore. New policy: The BXA approves export licenses for people who put all but the last 40 bits of the key in the headers or trailers somewhere, encrypted under a key that the NSA doubtless knows. Not that this is noised about too much. Feature AOL saying "yes, we broke the encryption in Netscape starting after version 4.07..." not bloody likely. After a little security skirmish with my (now Ex)Bank, I discovered this about Netscape and Internet Explorer; both have "help fields" in their headers that facilitate cryptanalysis of SSL connections if you have the key to the help field. As far as I know, the same is true of all software that has BXA approval for downloadable status. At least (name deleted -- a friend who works at netscape) confirmed that they couldn't get BXA approval for export, OR get anyone at BXA to tell them why not, except for vague wailing about "security considerations" until someone finally offered to put in a "help field". Anyway; people concerned about security from ordinary theives can now be reassured because only the US gov't gets the juicy bits, and the Uber-theives at the US gov't are reassured because they are getting the juicy bits again now that most people think US products have "strong" crypto. Don't get me started on this; I get so mad I can't see straight. Keywords to search by: "Help field" (in quotes), PKI, NSA, "40 bits" "Netscape" -- It's out there, mostly in smarmy self-congratulatory tones about how "We are pleased to announce that Netscape is working with us and will be in compliance with the Public-Key Infrastructure" by (Date -- I forget the date, but it coincides with the release of Netscape 4.5). Ray
Re: CDR: Re: Lions and Tigers and Backdoors, oh, my...
To respond to Ray's original message: I'm also intrigued, but skeptical. Ray wrote: Keywords to search by: "Help field" (in quotes), PKI, NSA, "40 bits" "Netscape" -- It's out there, mostly in smarmy self-congratulatory I've done the searches and come up with nothing. What URL should I be looking at? I'm quite interested in exposing any wrongdoing here, both personally and professionally. Check out my back articles (http://www.wired.com/news/print/0,1294,21810,00.html) for stuff I've written that's relevant here. My PGP key is on the servers; Wired's phone number is in the Washington DC phone book. -Declan Wired News On Wed, Sep 27, 2000 at 09:27:07AM -0400, Trei, Peter wrote: Can you document this claim of the existance of 'help fields' in Netscape? I am (to put it mildly) astonished by this claim, and more than a little skeptical. I was aware of the Workfactor Reduction field in the export 'aka International' version of Lotus Notes (which this 'help field' seems identical to), but was not aware of it being included in any other application. If you can document this, I'm seriously interested in following up. Peter Trei Cryptoengineer RSA Security Inc. [EMAIL PROTECTED] -- From: Ray Dillinger[SMTP:[EMAIL PROTECTED]] Reply To: Ray Dillinger Sent: Tuesday, September 26, 2000 8:37 PM To: Michael Motyka Cc: [EMAIL PROTECTED] Subject: Re: CDR: Re: Lions and Tigers and Backdoors, oh, my... On Tue, 26 Sep 2000, Michael Motyka wrote: From the article... Until recently the US government strictly controlled the strength of cryptography in software exported to different countries, in order to protect the government's ability to access and monitor communications data. The regulations were relaxed after pressure from industry but Madison believes that this may have driven the NSA to find ways to carry out surveillance. "They're not going to give in over exporting strong cryptography without getting something in return," he says. I can't believe that they would voluntarily enter a period of weakend capabilities. My guess would be that he has the event ordering wrong. Nope, he's got it right. There used to be, officially, a 40-bit key length limit on exportable software. This made american software products with any crypto capacity ridiculously weak, to the point where anyone concerned about security would not use it -- the software industry was losing to foreign competition, and the quality of the intercepts was going down because everybody was wise to it and nobody who mattered to them was using it anymore. New policy: The BXA approves export licenses for people who put all but the last 40 bits of the key in the headers or trailers somewhere, encrypted under a key that the NSA doubtless knows. Not that this is noised about too much. Feature AOL saying "yes, we broke the encryption in Netscape starting after version 4.07..." not bloody likely. After a little security skirmish with my (now Ex)Bank, I discovered this about Netscape and Internet Explorer; both have "help fields" in their headers that facilitate cryptanalysis of SSL connections if you have the key to the help field. As far as I know, the same is true of all software that has BXA approval for downloadable status. At least (name deleted -- a friend who works at netscape) confirmed that they couldn't get BXA approval for export, OR get anyone at BXA to tell them why not, except for vague wailing about "security considerations" until someone finally offered to put in a "help field". Anyway; people concerned about security from ordinary theives can now be reassured because only the US gov't gets the juicy bits, and the Uber-theives at the US gov't are reassured because they are getting the juicy bits again now that most people think US products have "strong" crypto. Don't get me started on this; I get so mad I can't see straight. Keywords to search by: "Help field" (in quotes), PKI, NSA, "40 bits" "Netscape" -- It's out there, mostly in smarmy self-congratulatory tones about how "We are pleased to announce that Netscape is working with us and will be in compliance with the Public-Key Infrastructure" by (Date -- I forget the date, but it coincides with the release of Netscape 4.5). Ray
Re: CDR: Re: Lions and Tigers and Backdoors, oh, my...
I'm still waiting for RIP-USA to rear its ugly mug. I think, if they do that, they kill internet commerce. How so? Our communications and financial systems are already pretty transparent and yet commerce of all sorts is going full steam. States and municipalities are eager to have tracking SW installed at vendors who sell into their states. It will happen eventually : the Big Bro tax tracker and business license manager thread will be required. And businesses will not stop operating over the phone, through catalogs and on the internet. The part of RIP that I'm expecting to surface soon is the LEA access to plaintext for both communications and stored data. THEY ( the black helicopter, cattle slashing, alien dissecting, door crashing, head-stomping, universal snooper folks ) need that to protect our children from Osama Bin-NAMBLA. And to collect taxes. Don't they? Mike Title: Re: CDR: Re: Lions and Tigers and Backdoors, oh, my... All things FREE!Home&[EMAIL PROTECTED]FreeShop EntertainmentFreeShop.com - New Offers[EMAIL PROTECTED] [Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index] [Author Index] [Subject Index] Re: CDR: Re: Lions and Tigers and Backdoors, oh, my... To: Michael Motyka [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: CDR: Re: Lions and Tigers and Backdoors, oh, my... From: "R. A. Hettinga" [EMAIL PROTECTED] Date: Tue, 26 Sep 2000 18:50:26 -0400 In-Reply-To: [EMAIL PROTECTED] References: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] At 3:46 PM -0700 on 9/26/00, Michael Motyka wrote: I'm still waiting for RIP-USA to rear its ugly mug. I think, if they do that, they kill internet commerce. Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' References: CDR: Re: Lions and Tigers and Backdoors, oh, my... From: Michael Motyka [EMAIL PROTECTED] Prev by Date: CDR: Re: Lions and Tigers and Backdoors, oh, my... Prev by thread: CDR: Re: Lions and Tigers and Backdoors, oh, my... Index(es): Date Thread Author Subject CH recommended: Buy This Book!Buy This Book!
Re: CDR: Re: Lions and Tigers and Backdoors, oh, my...
At 3:46 PM -0700 on 9/26/00, Michael Motyka wrote: I'm still waiting for RIP-USA to rear its ugly mug. I think, if they do that, they kill internet commerce. Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'