Re: Big Brotherish Laws
At 12:45 AM 12/18/2002 +, Adam Back wrote: If I recall some time ago (years ago) there was some discussion on list of using non-US drivers licenses or out-of-state drivers licenses I think to get around this problem. I thought it was Duncan Frissell or Black Unicorn who offered some opinions on this. An International Drivers' License and a real license from another country is almost always good enough to let you drive in a state you don't live in, and almost never enough to officially drive in a state you officially live in, for definitions of officially live in that are more or less flexible depending on who's asking, and what the address of your car registration is, and whether you're registered to vote there, whether you carry a passport and have a foreign accent, and whether you own a house (which is a rather visible activity) or rent (which is less visible), and whether you've got somewhere else that you appear to live, and whether your out-of-state car keeps getting parking tickets in the same city for months, and things like that. I have heard of one case where somebody was stopped in Nevada, and instead of presenting his California driver's license, if any, he presented his somewhere-in-the-Caribbean non-photo license and an international driver's license, and that was just fine for Nevada. It wouldn't have been fine if he was a Nevada resident, but he wasn't. I forget if this person was driving a company car or his own. A surprising number of people I used to know worked for corporations in Nevada and drove company cars, and seemed to have business in the Bay Area a lot, and their Nevada credit cards seemed to work just fine here. (Nevada's taxes are much lower.) But it's much tougher to do that if you're a married couple and have kids in public school. California, like many states, doesn't take a full fingerprint set, but they do take a thumbprint using a digital reader. Rubber cement is rumoured to be helpful. I don't know about Washington, but I doubt you'll have much better luck unless you want to work hard at it, at least in Seattle, at least if you're an employee who gets a salary that's reported. If you're living in Vancouver WA (across the river from Portland OR), then it's easier for you to happen to be in the other state a lot and park your car across the border every other weekend.
Re: Forget VOA -- new exec order creating Global Communications Office
At 10:45 PM 01/22/2003 +, Peter Fairbrother wrote: W H Robinson wrote: [...] with greater clarity [...] disseminate truthful, accurate, and effective messages about the American people and their government. [...] convey a few simple but powerful messages. Shouldn't Saatchi Saatchi be doing this kind of thing? Nah. Smith and Wesson. Leno Letterman. (And Dallas, and Jerry Springer, etc.) VoA has spent the last N decades alternating between being the official US propaganda arm, and officially NOT being a US propaganda arm, just an organization we fund to make sure there's objective news reporting receivable in Communist countries (ok, ok, being the official US less-official propaganda arm)
RE: Deniable Thumbdrive?
-- From: Tyler Durden[SMTP:[EMAIL PROTECTED]] Sent: Friday, January 24, 2003 9:52 AM To: [EMAIL PROTECTED] Subject: Deniable Thumbdrive? I got a hold of a little gadget recently that is very nearly perfect for certain forms of data storage. It's called a Thumbdrive and I bought it online somewhere (64Meg for about $179 or so). The cool thing about this drive (small enough that it has holes for use as a keychain) is that it's got a Public area and a private area, and the private area is accessible (if one desires) only via the little fingerprint reader on the top of the drive. (It's also USB based, and on Windows2000 and beyond you don't need any software drivers--just plug it in to a USB port and it appears as a drive). ANyway, I was wondering. I'd really like a nice software mod of this thing so that, depending on which finger I use for verification, a different private area on the drive will open (right now several users can be assigned access by the master user to use their fingerprint for access to the single private area). Of course, there should be no indication that there even IS more than one private area. So...anyone heard of such a hack/mod, or is there a straightforward way to go about doing it oneself? -TD Try contacting Trek and see if you can suggest it. What's you're threat model? If it's your wife or kid sister, this might work. If it's a major corporation or a government, forget it - they'll bitcopy the whole flash rom, and look at it with ease. Based on what I've seen, the fingerprint simply acts as a access control. The data on the chip is not encrypted. There are cheaper thumbdrives which use passwords which therefore don't leave any evidence binding a specific drive to a specific person - you said you wanted deniability, so leaving your thumbprint in the device is not desirable. That said, these are really neat gadgets. Our FSEs use them to carry around software tools and utilities - much easier than a box of floppies or CDs. Peter
Deniable Thumbdrive?
I got a hold of a little gadget recently that is very nearly perfect for certain forms of data storage. It's called a Thumbdrive and I bought it online somewhere (64Meg for about $179 or so). The cool thing about this drive (small enough that it has holes for use as a keychain) is that it's got a Public area and a private area, and the private area is accessible (if one desires) only via the little fingerprint reader on the top of the drive. (It's also USB based, and on Windows2000 and beyond you don't need any software drivers--just plug it in to a USB port and it appears as a drive). ANyway, I was wondering. I'd really like a nice software mod of this thing so that, depending on which finger I use for verification, a different private area on the drive will open (right now several users can be assigned access by the master user to use their fingerprint for access to the single private area). Of course, there should be no indication that there even IS more than one private area. So...anyone heard of such a hack/mod, or is there a straightforward way to go about doing it oneself? -TD _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail
[IP] Open Source TCPA driver and white papers (fwd)
-- Forwarded message -- Date: Fri, 24 Jan 2003 02:29:27 -0500 From: Dave Farber [EMAIL PROTECTED] To: ip [EMAIL PROTECTED] Subject: [IP] Open Source TCPA driver and white papers -- Forwarded Message From: David Safford [EMAIL PROTECTED] Date: Tue, 21 Jan 2003 12:05:39 -0500 To: [EMAIL PROTECTED] Subject: [open-source] Open Source TCPA driver and white papers IBM has released a Linux device driver under GPL for its TCPA chip (TPM). The driver is available at http://www.research.ibm.com/gsal/tcpa/ This page also has links to two papers, one presenting positive uses of the chip, and the second rebutting misinformation about the chip. These papers, combined with the Linux driver and the TCPA specification at http://www.trustedcomputing.org, give everyone the ability to test an actual chip (such as in the Thinkpad T30), to see for themselves what it can, and cannot do. Note: the papers and driver do not discuss Palladium. Palladium and TCPA are two separate topics. dave safford [EMAIL PROTECTED] -- End of Forwarded Message - You are subscribed as [EMAIL PROTECTED] To unsubscribe or update your address, click http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Re: [IP] Open Source TCPA driver and white papers (fwd)
On Fri, 24 Jan 2003, Eugen Leitl wrote: -- Forwarded message -- Date: Fri, 24 Jan 2003 02:29:27 -0500 From: Dave Farber [EMAIL PROTECTED] To: ip [EMAIL PROTECTED] Subject: [IP] Open Source TCPA driver and white papers -- Forwarded Message From: David Safford [EMAIL PROTECTED] Date: Tue, 21 Jan 2003 12:05:39 -0500 To: [EMAIL PROTECTED] Subject: [open-source] Open Source TCPA driver and white papers IBM has released a Linux device driver under GPL for its TCPA chip (TPM). The driver is available at http://www.research.ibm.com/gsal/tcpa/ This page also has links to two papers, one presenting positive uses of the chip, and the second rebutting misinformation about the chip. Thanks Eugen, It looks like the IBM TPM chip is only a key store read/write device. It has no code space for the kind of security discussed in the TCPA. The user still controls the machine and can still monitor who reads/writes the chip (using a pci bus logger for example). There is a lot of emphasis on TPM != Palladium, and TPM != DRM. TPM can not control the machine, and for DRM to work the way RIAA wants, TPM won't meet their needs. TPM looks pretty useful as it sits for real practical security tho, so I can see why IBM wants those !='s to be loud and clear. Patience, persistence, truth, Dr. mike
Re: [IP] Open Source TCPA driver and white papers (fwd)
at Friday, January 24, 2003 4:53 PM, Mike Rosing [EMAIL PROTECTED] was seen to say: Thanks Eugen, It looks like the IBM TPM chip is only a key store read/write device. It has no code space for the kind of security discussed in the TCPA. The user still controls the machine and can still monitor who reads/writes the chip (using a pci bus logger for example). There is a lot of emphasis on TPM != Palladium, and TPM != DRM. TPM can not control the machine, and for DRM to work the way RIAA wants, TPM won't meet their needs. TPM looks pretty useful as it sits for real practical security tho, so I can see why IBM wants those !='s to be loud and clear. Bearing in mind though that DRM/Paladium won't work at all if it can't trust its hardware - so TPM != Paladium, but TPM (or an improved TPM) is a prerequisite.
The Digital Evolution: Freenet and the Future of Copyright on the Internet
IMHO, the article is the most reasoned, complete and balanced legal (and commonly accessible technical) analysis of the P2P scene. The direct link is http://www.lawtechjournal.com/articles/2002/05_021229_roemer.php Conclusion More legal questions and conundrums are raised with a technology like Freenet than can be currently answered. Presently, Freenet is still an enthusiast's toy and not the next or current Napster, Morpheus, etc. However, even if Freenet never gains a massive user base, the law-defying encryption and distributed caching techniques of the project will likely end up in the next generation of P2P services. The struggles over changes in the Internet, seen through the eyes of emerging technologies, demonstrate that the confrontations between copyright owners and free information advocates will only continue to escalate. This escalation will be inextricably tangled in both legal and technological complexity, as neither the law nor technology appears capable of solving these dilemmas alone. As Andrew Frank poignantly observes, P2P technologies are evolving in a Darwinian fashion, proving more resistant to technological and legal control with each iteration.183 The content industry stopped Napster. The industry may stop the FastTrack companies. It may even stop Freenet. Eventually, however, a new system, borne of the lessons of these pioneering technologies, will likely arrive that cannot be addressed within the current practical confines of copyright law. When that day comes, the content industry will perhaps have to consider (if has not already done so) how it will evolve in the ever-changing digital landscape.
RE: Deniable Thumbdrive? (and taking signal detection seriously)
From: Tyler Durden [EMAIL PROTECTED] The cool thing about this drive (small enough that it has holes for use as a keychain) is that it's got a Public area and a private area, and the private area is accessible (if one desires) only via the little fingerprint reader on the top of the drive. (It's also USB based, and on Windows2000 and beyond you don't need any software drivers--just plug it in to a USB port and it appears as a drive). ANyway, I was wondering. I'd really like a nice software mod of this thing so that, depending on which finger I use for verification, a different private area on the drive will open (right now several users can be assigned access by the master user to use their fingerprint for access to the single private area). Of course, there should be no indication that there even IS more than one private area. 1. You should not rely on their encryption alone, you should use your own crypto on whatever you store there. You can carry your whole environment --incl. copies of tools, digsigs,and keyrings -- with you. You do, of course, have to trust the hardware/OS you use it with. If you don't know the socket, keep your dongle in your pants 2. If you use your 'nose' you need to borrow other noses to do a signal detection study ---tally hits, misses, false alarms, false positives. Then get back to us. We can even characterize and compare the performance of say human sentries this way; even measure their fatigue, perhaps. If the FAA/TSA has half a clue they've done this for their x-ray snoopers.
Re: [IP] Open Source TCPA driver and white papers (fwd)
On Fri, 24 Jan 2003, David Howe wrote: Bearing in mind though that DRM/Paladium won't work at all if it can't trust its hardware - so TPM != Paladium, but TPM (or an improved TPM) is a prerequisite. Certainly! But this TPM is really nothing more than a dongle attached to the pci bus. It will be straight forward to bypass it for many nefarious operations. Which makes me ahppy, but I suspect it won't make the RIAA very happy :-) Patience, persistence, truth, Dr. mike
RE: Deniable Thumbdrive?
Peter Trei wrote... What's you're threat model? If it's your wife or kid sister, this might work. If it's a major corporation or a government, forget it - they'll bitcopy the whole flash rom, and look at it with ease. At this point, most of my threat models are on this level or the next one higher--local cops or dumb goons grab a protestor or whatever and try to shake his photos and whatever digital else out of him...OK punk, you're not calling a lawyer until you show me what's on this thing...Don't tell me nothing's in there I see a login prompt, ya' commie faggot...open it up. This could of course be done without the thumbprint (probably better), but I think that only when you get -really- dangerous do you have to worry about highly technical people who are informed of the latest info gadgets, and who would even know there are multiple private areas. As for the thumbprint, I'm wondering if other parts of the body could be used (then even very savvy rubberhosers couldn't just make you try every finger). I'll try using my, um, nose tonight. -TD _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
Re: Deniable Thumbdrive?
Tyler Durden wrote: I got a hold of a little gadget recently that is very nearly perfect for certain forms of data storage. It's called a Thumbdrive and I bought it online somewhere (64Meg for about $179 or so). The cool thing about this drive (small enough that it has holes for use as a keychain) is that it's got a Public area and a private area, and the private area is accessible (if one desires) only via the little fingerprint reader on the top of the drive. (It's also USB based, and on Windows2000 and beyond you don't need any software drivers--just plug it in to a USB port and it appears as a drive). ANyway, I was wondering. I'd really like a nice software mod of this thing so that, depending on which finger I use for verification, a different private area on the drive will open (right now several users can be assigned access by the master user to use their fingerprint for access to the single private area). Of course, there should be no indication that there even IS more than one private area. So...anyone heard of such a hack/mod, or is there a straightforward way to go about doing it oneself? Nice! Get them to cut _all_ your fingers off instead of just one. Just say no to amputationware. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff
Re: Deniable Thumbdrive?
Nice! Get them to cut _all_ your fingers off instead of just one. Just say no to amputationware. Use the kind of fingerprint reader that can also sense the blood flow in the finger, kinda like the heart rate sensors on some exercise machines. Dead fingers then will be of no use. ...of course, one can still take a fingerprint photograph, etch it to metal, pour thin layer of silicone over it, make a relief layer to put over one's own finger, and fool the sensor. For this you don't even need a cut-off finger, though - the access to the digitized thumbprints in ie. a police database (or the database of those stores that allow you to pay with a fingerprint, if you're there) is enough.
Re: thumdrive integrity --Deniable Thumbdrive?
On Fri, Jan 24, 2003 at 09:51:46PM +0100, Thomas Shaddack wrote: DEFINITELY TRUE! ... The device should be able to perform the encryption/decryption services on its own (hence the cryptographic CPU). Eg, you have an untrusted computer. You plug the device to its port, move a document from the untrusted machine to device's directory Cleartext, authorize yourself to the device with fingerprint and PIN, select the Encrypt function (which can be done eg. by a suffix to the PIN). In few seconds, you should then find the encrypted document in the device's directory Ciphertext. Similarly, the device should support write-only directory, to which you could write files freely but won't be able to retrieve them without authorization (this could allow using the device for data couriers who would be able to pick data but won't be able to read them along the way). ... Good points. I've thought a lot about the possibility of such devices (I suppose they are kind of obvious/inevitable to crypto-minded people). One comment: One the of the primary uses for such a device would be in protocols requiring digital signatures. If the device is to be used for this, it would seem necessary to also include a small display on it so the user can view what the untrusted computer wants signed and authorize the signature. Of course, with a screen, it's going to be more like a PDA and less like a key-chain sized device. One of these days, I might build a little device that stores a private key and does on-board encryption using a microcontroller. I would do it just for fun, since it is pretty useless if the infrastructure to support it is not out there. John Bethencourt
RE: Deniable Thumbdrive?
At 11:40 AM 01/24/2003 -0500, Tyler Durden wrote: Peter Trei wrote... What's you're threat model? If it's your wife or kid sister, this might work. If it's a major corporation or a government, forget it - they'll bitcopy the whole flash rom, and look at it with ease. Agreed. Furthermore, the whole thing is inherently dependent on the processing model and programming interfaces of your thumbdrive. What does it look like to your PC if you're not using the right thumb? What does it look like to your PC if you want to use the right thumb? Three obvious models are - PC doesn't need Thumbdrive-specific drivers, just generic USB disk, and the CPU in the drive decides whether it's seen your thumb and reveals the otherwise-hidden files if it likes you. - PC has specific drivers for the Thumbdrive, Whole drive plus the thumbprint pad are visible to the PC, and you can only decrypt the secret part if you put a matching thumb on the thumbprint. - PC has specific drivers for the Thumbdrive Public drive, thumbprint pad, and hooks for secret drive are visible to the PC, and putting the correct thumb on the pad lets the PC find out the password to mount the secret drive. At this point, most of my threat models are on this level or the next one higher--local cops or dumb goons grab a protestor or whatever and try to shake his photos and whatever digital else out of him...OK punk, you're not calling a lawyer until you show me what's on this thing...Don't tell me nothing's in there I see a login prompt, ya' commie faggot...open it up. First of all, as Peter says, high-tech cops won't be fooled. Low-level goons may not recognize it, or if the thumbprint part requires specific drivers or data on the PC, you can tell them sorry, that part's for access to my work PC, and if you'd like to get a search warrant, they'll let you in the building, and make sure the public part has some pictures of your dog or whatever. For medium-tech cops, you can say that it requires installing drivers on their PC (assuming that it does), and offer to download them, and prearrange that there's a set of drivers at www.kevinmitnick.com just in case they actually take you up on it. As for the thumbprint, I'm wondering if other parts of the body could be used (then even very savvy rubberhosers couldn't just make you try every finger). I'll try using my, um, nose tonight. Depending on the interface presented to the PC, it may or may not be obvious to the PC whether there are zero, one, or more secret areas on the drive. If it's not obvious, then the obvious extension to the product would be to support multiple fingerprints for multiple secret areas, the business model being so that multiple people can use the same drive, so your right thumb gets your right-wing-conspiracy data, your left thumb gets your Commie stuff, and your middle finger gets the picture of J.Edgar Hoover in his black negligee or whatever else you want the cops to see. Otherwise, figure out which body parts you don't mind them cutting off...
SuperCobra Crash Information - WLG
SuperCobra Crash Information - WLG Regarding the Helicopter Crash while on a Drug Bust 2003.01.23 Background: News reports indicate that 2 unknown us marine helicopters crashed in the desert while assisting a DEA/Customs drug interception. News did not break until the next day that these vehicles were BOTH AH1A SuperCobra Helicopters. Apparently outfitted for recon and unarmed. Immediate news reports ALL indicated that eye witnesses can not be trusted and witnesses could not be accurate in a description of the crash US media continues to emphasize the significance of the inability for any witness to accurately describe what they saw. Witnesses have no trouble describing multiple views of an explosion, possible collision, and ground impact of these two AH1A vehicles. While information on the purpose of their mission is most likely not expected, it is not uncommon for military operations to assist in high-profile recon and interception of drugs and other materials in assistance to customs/dea/etc. There is a major problem with this story. The AH1A SuperCobra is amonst the world's most advanced military aircraft. Its capabilities for reconaissance and weapons control is extrordinary, and its onboard sensor capabilities are amongst the most advanced. Even if outfitted for DEA support operations, this vehicle will ALWAYS carry its standard onboard defense and tracking systems, as well as its standard course and threat analysis engines. In short: The AH1A is virtually INCAPABLE of being run into or running something over unless it's control systems are compromised internally. The potential for mid-air collision of MULTIPLE AH1A SuperCobra helicopters is virtually impossible, due to their constant communication and extremely advanced sensor and analysis capabilities. For TWO AH1A vehicles, in ANY situation, to run into each other, is beyond any feasible analysis under any publicly-known conditions. INTERPRETATION: Something VERY big and heavyweight came across the boarder that night. It is most likely this thing used either an advanced weapons system or communication/sensor override technology to take down the two highly advanced AH1As. Scenereo 1: Highly Unlikely: Something shot BOTH the AH1As down. First of all, the public would not hear about it. Secondly, the AH1A would know of the weapons capabilities by the time it got there, and would not allow the piolets to be stupid enough to fly into missile range. Scenereo 2: Plausible: Something jammed or intercepted/falsified communications and sensory capabilities of EITHER or BOTH AH1As, causing at least one to either automaticly (under false information) or allowably (under piolet control) run into the other. Scenereo 3: Unlikely: Someone actually flew a highly advanced helicopter into another identical unit, synchronized with realtime communication and carying automated override capabilities to respond to realtime threats, such as being run over. We can disregard Scenereo 1 due to numerous unlikely conditions. Scenereo 3 is disregarded due to the required conditions: complete system failure, piolet failure, automatia failure, and stupidity beyond belief. IMPLICATIONS: Something with highly advanced capabilities was present in the target operation. It could have most likely somehow compromised the on-board technologies of the well-reviewed AH1A's systems, or sufficiently jammed its ability to operate normally AND somehow instigated a situation where they collide. Could the props have intersected with an unexpected wind gust? A: most likely not with an AH1A SuperCobra... With other aircraft, sure, but not something this advanced. B: It would have known about the wind gust. DEDUCTIONS: Someone took down TWO AH1A SuperCobra attack helicopters. Mechanism of attack unknown and not easily deduced. It is commonly known that these systems are easily overridden, jammed, or falsified (override command control systems from remote), but ONLY by extremely advanced parties. Something associated with that convoy knew how to take the AH1As down. Given that Nothing else was damaged, including the expected numerous Customs/DEA/etc helicopters that would be used in this scenereo, it is expected that an ON-BOARD FAULT and OVERRIDE was used to voluntarily destroy the two AH1As. This could be as simple as falsifying a signal that indicates vehicle 1 is going left when its going right, vehicle 2, to its right, slams into 1 while they turn toward the same point. The problem here, is that SOMETHING knew how to jam and falsify signals and control systems on the world's most advanced line of military helicopters. What would you think? -Wilfred L. Guerin [EMAIL PROTECTED]
Re: thumdrive integrity --Deniable Thumbdrive?
One of these days, I might build a little device that stores a private key and does on-board encryption using a microcontroller. I would do it just for fun, since it is pretty useless if the infrastructure to support it is not out there. Check http://developer.axis.com/products/mcm/ - this looks like a good chip. Together with embedded Linux it could be pretty useful for this purpose, could shorten the development time considerably. For $249 they offer a readymade developer board. Has built-in Ethernet and serial ports, and with a chip like FT8U232AM it could work with USB as well.
Re: Deniable Thumbdrive?
On Fri, 24 Jan 2003, Thomas Shaddack wrote: Use the kind of fingerprint reader that can also sense the blood flow in the finger, kinda like the heart rate sensors on some exercise machines. Dead fingers then will be of no use. Photoplethysmography and photoxytometry are easy to fake once you know what you're looking for. Thin-skin translucent silicone casts of fingerprints (you can of course gather the patterns using the usual dactyloscopy paraphernalia, whether reduced iron magnetic brush or iodine/osmium tetroxide exposure) worn over live fingers would probably work. Frankly, the fingerprint is a lousy secret: you leak it all over the place. You can't help it, unless you're wearing gloves all the time. Ditto DNA.
Re: thumdrive integrity --Deniable Thumbdrive?
WTF is the point of adding more biometric security to a device that cannot and does not support data integrity? that flash memory held within the thumbdrive keeps your data in clear text...unless of course you store everything within some form of encrypted disk. even then, the quick and dirty way to bypass the bio-security us to pull the card out of the usb enclosure and start poking at the contents. DEFINITELY TRUE! Thumbdrive products are a good step in the right direction, but by far not long enough. Another approach is needed. The unit should be tamperproof, with more services than just a dumb mass storage device. The unit should contain a biometric sensor (eg, a fingerprint reader), a small keypad or other device to enter a PIN, and its own processor, for performing cryptographic operations. The device should support several operations for different PINs, and several PINs, which will allow several different private storage areas, different operations, and a special PIN for destruction of secure content and offering dummy content instead (See officer? I told you there are no crypto keys there!). The device should be able to keep audit log of operations. The device should store the data in encrypted form in the memory. The PIN could be part of the decryption key. The device should be able to handle the biometric reader output on its own, independently on the host computer. This architecture together with adherence to USB mass-storage standards would make us independent on any OS-specific drivers, making the device truly multiplatform. The device should be able to perform the encryption/decryption services on its own (hence the cryptographic CPU). Eg, you have an untrusted computer. You plug the device to its port, move a document from the untrusted machine to device's directory Cleartext, authorize yourself to the device with fingerprint and PIN, select the Encrypt function (which can be done eg. by a suffix to the PIN). In few seconds, you should then find the encrypted document in the device's directory Ciphertext. Similarly, the device should support write-only directory, to which you could write files freely but won't be able to retrieve them without authorization (this could allow using the device for data couriers who would be able to pick data but won't be able to read them along the way). Optionally, the unit could be usable for encryption/decryption of data streams, which would make it very useful for IP telephony. The key for crypto functions should never leave the unit. Attempt of physical compromising of the unit should result in self destruction of at least the part of the memory that keeps the keys (maybe keep them in battery-backed RAM, sealed in epoxide resin with both passive and active tamper-detection devices (including but not limited to thin wire mesh)? This way, even if the computer itself would get compromised, the only thing the adversary would be able to intercept would be the plaintexts used in the sessions with the compromised machine. Which they would be able to get using TEMPEST or a keylogger anyway. This design should be robust against hijacking of the key by eg. trojan horses.
RE: Deniable Thumbdrive? (and taking signal detection seriously)
At 10:11 AM -0800 1/24/03, Major Variola (ret) wrote: You do, of course, have to trust the hardware/OS you use it with. If you don't know the socket, keep your dongle in your pants Given the well documented advantages of poetry over prose in ease of recall, this adage should be, If you don't know the socket, keep your dongle in your pocket. (Think codpieces.) Cheers - Bill - Bill Frantz | Due process for all| Periwinkle -- Consulting (408)356-8506 | used to be the Ameican | 16345 Englewood Ave. [EMAIL PROTECTED] | way. | Los Gatos, CA 95032, USA
Re: thumdrive integrity --Deniable Thumbdrive?
On Fri, 24 Jan 2003, Thomas Shaddack wrote: Has built-in Ethernet and serial ports, and with a chip like FT8U232AM it could work with USB as well. The 232BM version is easier to use and costs the same. Patience, persistence, truth, Dr. mike
Re: thumdrive integrity --Deniable Thumbdrive?
John Bethancourt wrote... One of these days, I might build a little device that stores a private key and does on-board encryption using a microcontroller. I would do it just for fun, since it is pretty useless if the infrastructure to support it is not out there. ...while Thomas Shaddack gave us the first go round of a Requirements document (see below). Sounds like a nice little project...Cypherpunks(TM) DenyDrive. Surely this must exist somewhere, no? Shouldn't the feds have ben using such a thing forever? Maybe we could sell them a few... -TD The unit should be tamperproof, with more services than just a dumb mass storage device. The unit should contain a biometric sensor (eg, a fingerprint reader), a small keypad or other device to enter a PIN, and its own processor, for performing cryptographic operations. The device should support several operations for different PINs, and several PINs, which will allow several different private storage areas, different operations, and a special PIN for destruction of secure content and offering dummy content instead (See officer? I told you there are no crypto keys there!). The device should be able to keep audit log of operations. The device should store the data in encrypted form in the memory. The PIN could be part of the decryption key. The device should be able to handle the biometric reader output on its own, independently on the host computer. This architecture together with adherence to USB mass-storage standards would make us independent on any OS-specific drivers, making the device truly multiplatform. The device should be able to perform the encryption/decryption services on its own (hence the cryptographic CPU). Eg, you have an untrusted computer. You plug the device to its port, move a document from the untrusted machine to device's directory Cleartext, authorize yourself to the device with fingerprint and PIN, select the Encrypt function (which can be done eg. by a suffix to the PIN). In few seconds, you should then find the encrypted document in the device's directory Ciphertext. Similarly, the device should support write-only directory, to which you could write files freely but won't be able to retrieve them without authorization (this could allow using the device for data couriers who would be able to pick data but won't be able to read them along the way). Optionally, the unit could be usable for encryption/decryption of data streams, which would make it very useful for IP telephony. The key for crypto functions should never leave the unit. Attempt of physical compromising of the unit should result in self destruction of at least the part of the memory that keeps the keys (maybe keep them in battery-backed RAM, sealed in epoxide resin with both passive and active tamper-detection devices (including but not limited to thin wire mesh)? This way, even if the computer itself would get compromised, the only thing the adversary would be able to intercept would be the plaintexts used in the sessions with the compromised machine. Which they would be able to get using TEMPEST or a keylogger anyway. This design should be robust against hijacking of the key by eg. trojan horses. _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
Re: Forget VOA -- new exec order creating Global Communications Office
On Thu, Jan 23, 2003 at 06:15:24PM -0800, Bill Stewart wrote: VoA has spent the last N decades alternating between being the official US propaganda arm, and officially NOT being a US propaganda arm, just an organization we fund to make sure there's objective news reporting receivable in Communist countries (ok, ok, being the official US less-official propaganda arm) Yeah, it's weird. The VOA asked me to speak to some Polish journalists via satellite link a few years ago. I was curious and went ahead and did it; it was an entirely uncensored exchange. We had a conversation about press freedoms that was entirely unhindered and unrestricted by VOA. -Declan
