Re: vacuum-safe laptops ?
On Fri, 16 Jul 2004, Major Variola (ret) wrote: Um, even the small form factor PC on a board the size of your palm may still rely on caps in the power supply that don't handle 760 to 0 mm Hg/min so readily. However, if you use a low-power board, you have less current to filter the ripples from, so you need smaller caps, which offers you more options. You can also replace the caps in the power supply for vacuum-resistant types, for the price of some soldering. Otherwise, there are many small PCs on a card if you look into the embedded marketplace. Complete with solid state disks, etc. COTS. Do you know some worth of being refered to, if possible low-cost? The situation on the market is changing so fast it's difficult to keep track. perhaps anon actually wants to run M$ in a low pressure environ. Perhaps that's why he's anonymous :-) Maybe it's agent of Microsoft looking for expanding the market to space! (Blue sky instead of blue screen?) My guess is regular ole airplane takeoff, but its not quite 0 torr at 35Kfeet, and I *think* the cargo part is pressurized, lest Fido suffocate. Also, a lot of cargo can be susceptible to lower pressures. Eg, the mentioned capacitors could be popping. So some overpressure during the flight has to be maintained there. And while a SAM would be a great science fair project, you don't go above that limit. Perhaps anon will be a space tourist, wanting to take notes, on something heavier than a PDA+keyboard. In that case, I'd suggest to build it as a wearable computer, integrated into the space suit. I once TA'd at a UC, one advanced ugrad had a project for an atmospheric science prof building a board for the nose of a spyplane, to sample the air. (For ozone, not nucleotides. No, really.) He was interested in vibration problems; I told him to take his proto board on an offroad trip in his car to shake out the moths. Wise. :) Am not sure that epoxy cover makes a difference, the board manuf. go to lengths to avoid air pockets under traces, the ICs themselves fairly (albeit not guaranteed) encapsulated in an epoxy mix. Sealing the boards in resin, under lowered pressure, could possibly help; the pressure of the atmosphere would be replaced by the pressure of the resin. Another option could be mounting the device into a hermetically sealed case, filled with eg. silicone oil for easier heat transfer.
Re: vacuum-safe laptops ?
On Sat, 17 Jul 2004, Tyler Durden wrote: Sorry to need educating once again, but I had assumed can-shaped capacitors were gone from laptops in lieu of surface mount. Anyone know? (I don't own a laptop.) The can caps can be surface-mounted as well. The leads then look different, but the inside is still the same: a metal can with etched aluminum strips and an insulator soaked with electrolyte. The magic smoke they are filled with also has the same color and smell as their non-SMD predecessors. See also http://www.elna.co.jp/en/ct/c_al01.htm for brief description of liquid-electrolyte aluminum capacitors. There are also some more modern constructions, where the electrolyte is solid-state. (The tantalum capacitors, which are more common in SMD form than the aluminum ones, use MnO2 as electrolyte and Ta2O5 as insulator. The added advantage here is that during a breakdown, the MnO2 layer locally overheats and is converted to less conductive Mn2O3, which causes the breakdown to heal. Similar mechanism is used in capacitors with solid-state plastic electrolyte.) I suppose the solid-state caps could be much more reliable in the conditions of rapid pressure changes, if they won't have moisture or air trapped inside their construction.
Re: vacuum-safe laptops ?
At 05:15 PM 7/17/04 -0400, Tyler Durden wrote: Sorry to need educating once again, but I had assumed can-shaped capacitors were gone from laptops in lieu of surface mount. Anyone know? (I don't own a laptop.) -TD With apologies, you really seem a troll at times. The *power supply* may use can-caps, obviously the bottom of the CPU is littered with solid-state ceramic babies.
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, 18 Jul 2004, Eugen Leitl wrote: For those of you who have worked at major ISPs, can the fact that traffic is routed through a few customer boxes be hidden from employees? Speaking as someone who qualifies: no. However, the fact that you even asked the question begs another question, namely, what do you consider major? Savvis was, in my opinion, at the very lower end of major, operating in ~140 countries, although most of that was vpn and multicast. Lets guess that internet was considerably less, say ~15-20 countries directly. In short, the trouble with trying to stuff all this through a choke point (or even 10 choke points) is it's going to be either seen directly as a router hop (if at layer3), or seen indirectly at layer two. And the kind of detailed troubleshooting that goes on in the first through third level support groups just wouldn't be able to miss this - sooner or later someone whold see something, and then the whole place would know. Now, *mirroring* to a couple of choke points, sure, but then you ave transit and other associated costs (you gotta haul the data to all of the collectors). Just not feasible to do it quietly. Note, I said quietly. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one scares you more?
Re: Secure telephones
On Sat, 17 Jul 2004, Steve Schear wrote: How about building a secure cell phone using GnuRadio as a core? That way you have maximum control afforded by the protocols. Several reasons valid at this moment (though I suppose (and hope) the situation will improve in next couple years). There is no available implementation for the low-level GSM protocols. Doing it from scratch looks like a royal bitch. The ADC/DAC chips for the required bandwidth are AWFULLY expensive. (I'd be happy if proven wrong here. (Well, I'd be happy if proven wrong in other two arguments too.)) The required processing power (and the related power (and cooling) consumption) is impractically high. But principially it is a very good idea, whose time will hopefully come soon.
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sat, Jul 17, 2004 at 02:06:40PM -0700, Bill Stewart wrote: On the other hand, 100,000 employees times two disk drives per desktop and a few departmental servers can get you that much capacity. I understand there is this thing called a black budget. The production rate limit of plain text is human fingers. If you want to keep it all online, your burn rate is a kilobuck/day for hardware. Filtering traffic to extract relevant parts is going to cost a bit more, especially if you're using centralized taps and not server clouds in the periphery. For those of you who have worked at major ISPs, can the fact that traffic is routed through a few customer boxes be hidden from employees? -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp8RNv4H8YKL.pgp Description: PGP signature
Re: Secure telephones
On Sun, 18 Jul 2004, Bill Stewart wrote: If you're trying to build a usable cellphone, you've got much more stringent design criteria than a deskphone. I am painfully aware of it. You've got packaging requirements that force you into serious industrial design if you want something pocket-sized with good battery life, plus you've got to implement all the cellular interface features. Or use the off-the-shelf modules for industrial applications that already do it, and add some glue logic. If you're willing to build a backpack-phone, that's a lot simpler, because you can use a laptop with a [pick-your-favorite-cellular-data-standard] card and either a wired headset or a Bluetooth frob for a BT headset. Check the Gumstix and the Enfora Enabler specs. The first is the equivalent of a grossly stripped-down laptop (80x20x6 mm, few mA sleep, 50 mA command-wait, 250mA full power w/o Bluetooth), the second one is the equivalent of a comm card (GSM/GPRS, 50x30x3 mm, tri-band 5mA standby). The laptop approach is good for prototyping, though. I'm not aware of any cellular data cards in PDA-usable format (unless you've got a PDA big enough for PCMCIA), but you could take a GSM etc. phone with a wired interface to a PDA. I'd try the Enfora module in that case. RS232 for data and control, and analog I/O for voice. The PDA approach definitely has its merit.
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, 18 Jul 2004, Eugen Leitl wrote: I was thinking about a box at each incoming/outgoing point with a NIC in passive mode. A NIC? You gotta realize that we're talking about mesh circuits here: OC3-OC48 trunks, OC192 backbones... This is no small job. A mom/pop or midsized regional maybe you could do this - you know, the guy with a half a dozen DS3s. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one scares you more?
Re: Secure telephones
At 11:45 AM 7/17/2004, Thomas Shaddack wrote: Pondering construction of a secure telephone. (Or at least a cellphone in general. The user interfaces and features available on virtually all the mass-market phones suck, to put it very very mildly, not even mentioning If you're trying to build a usable cellphone, you've got much more stringent design criteria than a deskphone. You've got packaging requirements that force you into serious industrial design if you want something pocket-sized with good battery life, plus you've got to implement all the cellular interface features. If you're willing to build a backpack-phone, that's a lot simpler, because you can use a laptop with a [pick-your-favorite-cellular-data-standard] card and either a wired headset or a Bluetooth frob for a BT headset. An intermediate design, which other people have done, is an 802.11 phone - take your favorite high-end multimedia PDA and an 802.11 card and write whatever UI you want. Again, you can either do a wire to your pocket or Bluetooth, or do what some of the early Compaq Ipaq phones did and just hold the thing up to your cheek. I'm not aware of any cellular data cards in PDA-usable format (unless you've got a PDA big enough for PCMCIA), but you could take a GSM etc. phone with a wired interface to a PDA. The fun UI to implement is an all-audio one, with speech recognition for commands. There's a lot of market space out there for that. Bluetooth headsets aren't necessarily a great match for it, because you're getting a low bit-rate signal from a cheap microphone, as opposed to 11kHz 16-bit audio sampling.
RE: FIPS chassis/linux security engineer?
Hmm. Looking at the amazing number of unread messages in this folder, the list sure has picked up again. Eric wrote: Does anyone know of a manufacturer of FIPS 140 certified or certifiable 1u/2u rack mount chassis? Eric, There is a lot more to FIPS 140-2 than the case. It's what's inside the aluminum case that matters. In principle, any solid case with 6 sides could be the basis for a FIPS certified device. --Lucky Green This message could have been secured by PGP Universal. To secure future messages from this sender, please click this link: https://keys.cypherpunks.to/b/[EMAIL PROTECTED]
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, Jul 18, 2004 at 06:13:49AM -0500, J.A. Terranson wrote: A NIC? You gotta realize that we're talking about mesh circuits here: OC3-OC48 trunks, OC192 backbones... This is no small job. A mom/pop or At times of 10 GBit Ethernet, OC192 data rate doesn't seem all that intimidating. A standard 1U Dell should have enough crunch to just filter out the plain text packets of a 1 GBps Ethernet line. midsized regional maybe you could do this - you know, the guy with a half a dozen DS3s. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgphUuwrbnENi.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, Jul 18, 2004 at 07:50:16AM -0500, J.A. Terranson wrote: I have seen a passive tap on a gig line used for IDS, true, but that's pretty close to the state of the art right now. There's an issue with There are dedicated network processors, though, and one can outsorce the filter bottlenecks into an FPGA board. This is still reasonably small and cheap. getting the interfaces for the 1U Dell, and then you have the secondary issues of just how much encapsulated crap do you need to strip off, and how fast. Remeber, you only get 1 shot, and you *can't* ask for more time - if your buffer runneth over, you be screwed. It's not as easy as it feels. I think it would be far easier if WAN protocols were plain GBit Ethernet. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpLxqSDx89Aj.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, 18 Jul 2004, Eugen Leitl wrote: On Sun, Jul 18, 2004 at 06:13:49AM -0500, J.A. Terranson wrote: A NIC? You gotta realize that we're talking about mesh circuits here: OC3-OC48 trunks, OC192 backbones... This is no small job. A mom/pop or At times of 10 GBit Ethernet, OC192 data rate doesn't seem all that intimidating. A standard 1U Dell should have enough crunch to just filter out the plain text packets of a 1 GBps Ethernet line. I have seen a passive tap on a gig line used for IDS, true, but that's pretty close to the state of the art right now. There's an issue with getting the interfaces for the 1U Dell, and then you have the secondary issues of just how much encapsulated crap do you need to strip off, and how fast. Remeber, you only get 1 shot, and you *can't* ask for more time - if your buffer runneth over, you be screwed. It's not as easy as it feels. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one scares you more?
Re: Secure telephones
At 11:45 AM 7/17/2004, Thomas Shaddack wrote: Pondering construction of a secure telephone. (Or at least a cellphone in general. The user interfaces and features available on virtually all the mass-market phones suck, to put it very very mildly, not even mentioning that there's no access to their firmware (so no chance of audit), poor or no support for SSL (while running HTTP through the operator's proxy), and typically no possibility to run more than one Java applet (or other program) at the same time. A combination of a GSM/GPRS module with a suitable embedded Linux-running computer could be the right solution.) How about building a secure cell phone using GnuRadio as a core? That way you have maximum control afforded by the protocols. steve
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, Jul 18, 2004 at 05:55:02AM -0500, J.A. Terranson wrote: Now, *mirroring* to a couple of choke points, sure, but then you ave transit and other associated costs (you gotta haul the data to all of the collectors). I was thinking about a box at each incoming/outgoing point with a NIC in passive mode. Filtered traffic is a tiny fraction of total, and should be easy to send to a central location (I presume because it's feasible to process and store world's entire relevant text traffic in a pretty small central facility, no one is going to bother with true distributed processing; though filtering at the periphery already qualifies as such). Otoh, presence of a number of such boxes is goign to need a gag order, and a really major ISP. Small shops are too informal to be able to hide something like that. Just not feasible to do it quietly. Note, I said quietly. Hardware required for tapping major arteries is going to need modified high-end routers (filtering of cloned traffic), no? I don't see how this is going to be a limit on organization of the size of NSA consorts. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpGH8RQ41qnT.pgp Description: PGP signature
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
At times of 10 GBit Ethernet, OC192 data rate doesn't seem all that intimidating. Well, as it turns out the 10GbE standard has a few flavors, and one of them uses a 'lite' version of OC-192 framing. So for all intents and purposes, consider them the same data rate. -TD From: Eugen Leitl [EMAIL PROTECTED] To: J.A. Terranson [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Email tapping by ISPs, forwarder addresses, and crypto proxies Date: Sun, 18 Jul 2004 14:46:10 +0200 On Sun, Jul 18, 2004 at 06:13:49AM -0500, J.A. Terranson wrote: A NIC? You gotta realize that we're talking about mesh circuits here: OC3-OC48 trunks, OC192 backbones... This is no small job. A mom/pop or At times of 10 GBit Ethernet, OC192 data rate doesn't seem all that intimidating. A standard 1U Dell should have enough crunch to just filter out the plain text packets of a 1 GBps Ethernet line. midsized regional maybe you could do this - you know, the guy with a half a dozen DS3s. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net attach3 _ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Magic Smoke?
Ah yes. Are you referring to the smoke that powers telecom gear? (ie, the gear works until you see smoke pouring out of the top.) I had imagined this to be distributed throughout the NE... As for trolling, well, ahem. I've NEVER done that before... -TD From: Thomas Shaddack [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: vacuum-safe laptops ? Date: Sun, 18 Jul 2004 01:13:13 +0200 (CEST) On Sat, 17 Jul 2004, Tyler Durden wrote: Sorry to need educating once again, but I had assumed can-shaped capacitors were gone from laptops in lieu of surface mount. Anyone know? (I don't own a laptop.) The can caps can be surface-mounted as well. The leads then look different, but the inside is still the same: a metal can with etched aluminum strips and an insulator soaked with electrolyte. The magic smoke they are filled with also has the same color and smell as their non-SMD predecessors. See also http://www.elna.co.jp/en/ct/c_al01.htm for brief description of liquid-electrolyte aluminum capacitors. There are also some more modern constructions, where the electrolyte is solid-state. (The tantalum capacitors, which are more common in SMD form than the aluminum ones, use MnO2 as electrolyte and Ta2O5 as insulator. The added advantage here is that during a breakdown, the MnO2 layer locally overheats and is converted to less conductive Mn2O3, which causes the breakdown to heal. Similar mechanism is used in capacitors with solid-state plastic electrolyte.) I suppose the solid-state caps could be much more reliable in the conditions of rapid pressure changes, if they won't have moisture or air trapped inside their construction. _ Discover the best of the best at MSN Luxury Living. http://lexus.msn.com/
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, 18 Jul 2004, Tyler Durden wrote: I think it would be far easier if WAN protocols were plain GBit Ethernet. WAN won't be 1GbE, but it will probably be 10GbE with SONET framing, or else OC-192c POS (ie, PPP-encapsulated HDLC-framed MPLS). In either case, I suspect it will be far cheaper in the long run to monitor a big fat pipe than to try to break out a zillion lil' tiny DS1s. -TD OK, so Tyler [apparently] works in the business :-) Let me fill in what he left out. Yes, the industry is moving towards MPLS over POS. That's not where it is now though. At least not for most interfaces. Right now the industry is chock full of lagacy gear, mostly old fashioned ATM. You think you can just casually reassemble this crap in transit? Let's see it! Besides that old fashioned transport diversity, we have the original problem: even if you could do it (maybe in three to five years), what are you going to do with the data you've snarfed? Backhaul it? Shove it into TB cassettes? Better keep a guy on staff to change the tray!! None of the many obstacles curretly in the way will allow this to be done on the QT. Semi-openly would be another story, as would the scenario of a smaller, say regional, ISP. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one scares you more?
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
I think it would be far easier if WAN protocols were plain GBit Ethernet. WAN won't be 1GbE, but it will probably be 10GbE with SONET framing, or else OC-192c POS (ie, PPP-encapsulated HDLC-framed MPLS). In either case, I suspect it will be far cheaper in the long run to monitor a big fat pipe than to try to break out a zillion lil' tiny DS1s. -TD From: Eugen Leitl [EMAIL PROTECTED] To: J.A. Terranson [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Email tapping by ISPs, forwarder addresses, and crypto proxies Date: Sun, 18 Jul 2004 15:34:18 +0200 On Sun, Jul 18, 2004 at 07:50:16AM -0500, J.A. Terranson wrote: I have seen a passive tap on a gig line used for IDS, true, but that's pretty close to the state of the art right now. There's an issue with There are dedicated network processors, though, and one can outsorce the filter bottlenecks into an FPGA board. This is still reasonably small and cheap. getting the interfaces for the 1U Dell, and then you have the secondary issues of just how much encapsulated crap do you need to strip off, and how fast. Remeber, you only get 1 shot, and you *can't* ask for more time - if your buffer runneth over, you be screwed. It's not as easy as it feels. I think it would be far easier if WAN protocols were plain GBit Ethernet. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net attach3 _ Discover the best of the best at MSN Luxury Living. http://lexus.msn.com/
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
JA, ya' gotta good point here. Or at least, this sheds a lot of doubt on things. But then again, the purpose of GIG-BE may be precisely to move an optical copy (use a $100 splitter) back to processing centers where the traffic is stored. In this case, they won't even be trying to break it down to circuits prior to storage...they may instead dump the raw OC-Ns directly onto some kind of fast storage medium and then sift through it later. The idea of duplicating all optical traffic seems a little farfetched, though, but I bet everything from the cable landings may soon get swallowed whole, if it isn't already. I'm still thinking they must do some kind of grooming prior to mass backhauls of traffic. There are just too many fibers and too many transmission systems out there for them to duplicate all of it. Perhaps at the routers they sniff, and then CALEA whatever circuit that conversation came out of. -TD From: J.A. Terranson [EMAIL PROTECTED] To: Tyler Durden [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: Email tapping by ISPs, forwarder addresses, and crypto proxies Date: Sun, 18 Jul 2004 13:07:10 -0500 (CDT) On Sun, 18 Jul 2004, Tyler Durden wrote: I think it would be far easier if WAN protocols were plain GBit Ethernet. WAN won't be 1GbE, but it will probably be 10GbE with SONET framing, or else OC-192c POS (ie, PPP-encapsulated HDLC-framed MPLS). In either case, I suspect it will be far cheaper in the long run to monitor a big fat pipe than to try to break out a zillion lil' tiny DS1s. -TD OK, so Tyler [apparently] works in the business :-) Let me fill in what he left out. Yes, the industry is moving towards MPLS over POS. That's not where it is now though. At least not for most interfaces. Right now the industry is chock full of lagacy gear, mostly old fashioned ATM. You think you can just casually reassemble this crap in transit? Let's see it! Besides that old fashioned transport diversity, we have the original problem: even if you could do it (maybe in three to five years), what are you going to do with the data you've snarfed? Backhaul it? Shove it into TB cassettes? Better keep a guy on staff to change the tray!! None of the many obstacles curretly in the way will allow this to be done on the QT. Semi-openly would be another story, as would the scenario of a smaller, say regional, ISP. -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one scares you more? _ Discover the best of the best at MSN Luxury Living. http://lexus.msn.com/
Re: Secure telephones
On Sun, Jul 18, 2004 at 08:53:35PM +0100, Dave Howe wrote: That may have just been an artifact of a bad implementation, though. DTLS might be a better pick for securing VoIP. There's also SRTP. The strength of a pure VPN solution is that you aren't limited to *just* VoIP - you can transfer files, use whiteboarding, run videoconferencing, support text channels. even play games :) Well, nothing stopping you from treating your datagram-based VPN (ie, DTLS) as an IP tunnel, and doing TCP-like stuff on top of it to handle the IM and file transfer. Actually I'm working on something rather like that now, which may or not get finished soon. -Jack
Re: Secure telephones
Thomas Shaddack wrote: The easiest way is probably a hybrid of telephone/modem, doing normal calls in analog voice mode and secure calls in digital modem-to-modem connection. The digital layer may be done best over IP protocol, assigning IP addresses to the phones and making them talk over TCP and UDP over the direct dialup. (We cannot reliably use GPRS, as the quality of service is not assured, so we have to use direct dialup. But we can implement real IP later, when the available technology reaches that stage.) IIRC, PGPfone (http://www.pgpi.org/products/pgpfone/) did something similar, with a verbal handshake protocol that relied on you being able to recognise the remote party's voice over the phone while speaking a list of words always seemed both unreliable and odd in something with PGP in the name, but Once we have the phones talking over IP with each other, we can proceed with the handshake. I'd suggest using OpenSSL for this purpose, as it offers all we need for certificates and secure transfer of the key. Then use UDP for the voice itself, using eg. stripped-down SpeakFreely as the engine. So during the call, two connections will be open over the IP channel: the command one (SSL-wrapped TCP, for key and protocol handshake, ensuring the identity of the caller, etc.), and the data one (a bidirectional UDP stream). As the command connection should be silent for most of the time, a 14k4 modem should offer us enough bandwidth for 9k6 GSM codec, even with the UDP/IP overhead. Raw data streams would be fine over a point to point modem link - but I can see an advantage to compartmentalization - you can break your secure phone problem down into two distinct subproblems a) establishing a secure IP VPN between two nodes b) optimizing VoIP for low bandwidth links I would add a third - a modem protocol based on something like CSMA/CD to allow conference calls to be used as carrier media for secure conversations, but that is too hairy for me :) Something like OpenVPN (http://openvpn.sourceforge.net/) seems ideal for the secure VPN part of the problem, but requires an underlying IP network the VoIP part of the problem has a embarrassment of riches; H323 used to come as standard with windows, in the form of Netmeeting (complete with videoconferencing and whiteboarding) and SIP is now part of Windows XP (a not-particuarly-well-documented) feature of windows messager. There are many, many more, and Asterix (sadly not particularly well known, and unix only) is a complete, open source PBX which is conventional telephony, SIP and H323 aware. OpenVPN is of course built on SSL, and can use either X509 certificates or a preshared key for authentication. Sadly, there is no convenient way to use DNS-SEC key records for OpenVPN.
Re: Secure telephones
Jack Lloyd wrote: How well is VoIP going to work over SSL/TLS (ie, TCP) though? you can do SSL over UDP if you like - I think most VPN software is UDP only, while OpenVPN has a fallback TCP mode for cases where you can't use UDP (and TBH there aren't many) I've never used any VoIP-over-TCP software before, but some people I know who have say it sucks (terrible latency, sometimes as bad as 5-10 seconds). PGPfone had that problem, even over landlines (no IP involved) - however, I think that was more do to with the compression codecs and the crypto than any external problems, as switching to half-duplex usually cleared the problems up. That may have just been an artifact of a bad implementation, though. DTLS might be a better pick for securing VoIP. There's also SRTP. The strength of a pure VPN solution is that you aren't limited to *just* VoIP - you can transfer files, use whiteboarding, run videoconferencing, support text channels. even play games :)
Re: Secure telephones
On Sun, Jul 18, 2004 at 07:31:59PM +0100, Dave Howe wrote: OpenVPN is of course built on SSL, and can use either X509 certificates or a preshared key for authentication. Sadly, there is no convenient way to use DNS-SEC key records for OpenVPN. How well is VoIP going to work over SSL/TLS (ie, TCP) though? I've never used any VoIP-over-TCP software before, but some people I know who have say it sucks (terrible latency, sometimes as bad as 5-10 seconds). That may have just been an artifact of a bad implementation, though. DTLS might be a better pick for securing VoIP. There's also SRTP.
Re: Email tapping by ISPs, forwarder addresses, and crypto proxies
On Sun, 18 Jul 2004, Tyler Durden wrote: JA, ya' gotta good point here. Or at least, this sheds a lot of doubt on things. But then again, the purpose of GIG-BE may be precisely to move an optical copy (use a $100 splitter) back to processing centers where the traffic is stored. In this case, they won't even be trying to break it down to circuits prior to storage...they may instead dump the raw OC-Ns directly onto some kind of fast storage medium and then sift through it later. The idea of duplicating all optical traffic seems a little farfetched, though, but I bet everything from the cable landings may soon get swallowed whole, if it isn't already. Note that this is totally not the scenario we had under discussion (i.e., the intercepts being done at the ISP level). If you were to ask me if Mr. Fed. was currently capable of (a) intercepting offshore, say 3-4mi off the formal landings, (b) splice into transatlantic fibers and send the copy down their own fibers, all of it underwater, well, that would be a different discussion entirely. One we seriously discussed just after a pair of buildings became a pair of dust factories. I *firmly* believe this is possible, if not probable, at least on a large scale (although probably not on a complete scale). When the towers came down and the feds were asking everyone to volunteer to host carnivores, we all thought they gave up *way* too easily when turned away (at least the were turned away where I worked - my understanding is that this was not universal). Subsequently, we discussed, mostly as an academic excersize, whether we believed this was possible - and the consensus was a resounding yes. To listen offshore, just prior to making land, is *doable*. Completely. Now, three years and hundreds of hours of federal agencies interaction later, I'd be surprised if this wasn't at least part of the problem that NSA has with data saturation: Are we deaf, or is the volume too loud? Yes. -TD -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF ...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them. Osama Bin Laden - - - There aught to be limits to freedom!George Bush - - - Which one scares you more?