[liberationtech] Call For Papers. Philosophy and Technology Special Issue: The Ethical and Legal Aspects of Digital Security
** Sorry for cross-posting ** * * *CALL FOR PAPERS: ** * *PHILOSOPHY AND TECHNOLOGY, Springer, Editor-in-Chief: Luciano Floridi* *Call for Papers for a Special Issue on **The Ethical and Legal Aspects of Digital Security* GUEST EDITORS: Pompeu Casanovas and Ugo Pagallo Security is one of the main issues of contemporary societies, and so are transparency and the preservation of civil rights. New trends in the field of governance —such as Privacy Impact Assessment methodology and Data Protection by Design— require a more careful analysis of the social knowledge and ethical aspects implied in the enactment of soft law, principles, rules and best practices, as recently highlighted by the drafting of new European regulations. Recent political turmoils fuel this intellectual need. Ethical and legal challenges of the balance between security (e.g. procedures, content and boundaries of police interoperability) and data protection (as defined e.g. by legal provisions and enacted by national agencies) will be faced in this Special issue. TOPICS: · Access control, Trust Security · Security, Data Protection and Privacy by Design (PbD) · Privacy and Data Protection Impact Assessment (PIA, DPIA) · Application, implementation, and enforcement of national, international and EU statutes and regulations · Ethical and legal aspects of Open Source Information (OSI) and Social Intelligence · Globalization, cyber-criminality and organized crime · European policies, state policies and deliberative models of democracy · Organization, transfers and police interoperability · Multi-level governance, best practices, ethical codes, and ethical principles · Complexity and regulatory models · Emergencies, Crisis, Conflict Resolution, Crowdsourcing and Online Dispute Resolution (ODR) · Linked Open Data (LOD), Transparency and Open Government Linked Data (OGLD) · Surveillance, video-surveillance, protection of citizens, and preservation of rights · Mobile technologies, platforms, and storage and management of personal information · Digital Rights Management (DRM) · Smart data, social networks and Semantic Web tools Please notice that papers submitted for this Call must not have been published previously in academic journals or article collections. However, submissions may be new elaborations of ideas previously developed in such publications, as long as they represent new, original papers (philosophically, legally or ethically oriented). TIMETABLE January 15, 2014: Deadline papers submissions February 15, 2014: Deadline reviewed papers February 28, 2014: Deadline revised papers April 2014: Publication of the special issue SUBMISSION DETAILS To submit a paper for this special issue, authors should go to the journal’s Editorial Manager http://www.editorialmanager.com/phte/https://mail.unibo.it/owa/redir.aspx?C=rdgVGErjvUGz74_mVPTqqrIW_wQzmdAIHy5n9MTbNoZwKCue1XjCraXpr9gZdLsXGRT-G7PbEtQ.URL=http%3a%2f%2fwww.editorialmanager.com%2fphte%2f The author (or a corresponding author for each submission in case of co- authored papers) must register into EM. The author must then select as article type: Special Issue on The Ethical and Legal Aspects of Digital Security” from the selection provided in the submission process. This is needed in order to assign the submissions to the Guest Editors. Submissions will then be assessed according to the following procedure: New Submission = Journal Editorial Office = Guest Editors = Reviewers = Reviewers’ Recommendations = Guest Editors’ Recommendation = Editor-in-Chief’s Final Decision = Author Notification of the Decision. The process will be reiterated in case of requests for revisions. For any further information please contact: Ugo Pagallo: ugo.paga...@unito.it Pompeu Casanovas: pompeu.casano...@uab.cathttps://mail.unibo.it/owa/redir.aspx?C=rdgVGErjvUGz74_mVPTqqrIW_wQzmdAIHy5n9MTbNoZwKCue1XjCraXpr9gZdLsXGRT-G7PbEtQ.URL=mailto%3apompeu.casanovas%40uab.cat -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Cryptographers condemn US National Security Agency’s tapping and tampering, but mathematicians shrug.
http://www.nature.com/news/researchers-split-over-nsa-hacking-1.13911 Researchers split over NSA hacking Cryptographers condemn US National Security Agency’s tapping and tampering, but mathematicians shrug. Ann Finkbeiner 08 October 2013 The National Security Agency is the largest employer of mathematicians in the United States. PATRICK SEMANSKY/ASSOCIATED PRESS The US National Security Agency (NSA) has upset a great many people this year. Since June, newspapers have been using documents leaked by former intelligence worker Edward Snowden to show how the secretive but powerful agency has spied on the communications of US citizens and foreign governments. Last month, the media reported that the NSA, which is based in Fort Meade, Maryland, had undermined Internet security standards. The revelations have sparked international outrage at the highest levels — even the president of Brazil cancelled a visit to the United States because of the spying. Yet amid the uproar, NSA-supported mathematicians and computer scientists have remained mostly quiet, to the growing frustration of others in similar fields. “Most have never met a funding source they do not like,” says Phillip Rogaway, a computer scientist at the University of California, Davis, who has sworn not to accept NSA funding and is critical of other researchers’ silence. “And most of us have little sense of social responsibility.” Mathematicians and the NSA are certainly interdependent. The agency declares that it is the United States’ largest maths employer, and Samuel Rankin, director of the Washington DC office of the American Mathematical Society, estimates that the agency hires 30–40 mathematicians every year. The NSA routinely holds job fairs on university campuses, and academic researchers can work at the agency on sabbaticals. In 2013, the agency’s mathematical sciences programme offered more than US$3.3 million in research grants. Furthermore, the NSA has designated more than 150 colleges and universities as centres of excellence, which qualifies students and faculty members for extra support. It can also fund research indirectly through other agencies, and so the total amount of support may be much higher. A leaked budget document says that the NSA spends more than $400 million a year on research and technology — although only a fraction of this money might go to research outside the agency itself. “I understand what’s in the newspapers, but the NSA is funding serious long-term fundamental research and I’m happy they’re doing it.” Many US researchers, especially those towards the basic-research end of the spectrum, are comfortable with the NSA’s need for their expertise. Christopher Monroe, a physicist at the University of Maryland in College Park, is among them. He previously had an NSA grant for basic research on controlling cold atoms, which can form the basis of the qubits of information in quantum computers. He notes that he is free to publish in the open literature, and he has no problems with the NSA research facilities in physical sciences, telecommunications and languages that sit on his campus. Monroe is sympathetic to the NSA’s need to track the development of quantum computers that could one day be used to crack codes beyond the ability of conventional machines. “I understand what’s in the newspapers,” he says, “but the NSA is funding serious long-term fundamental research and I’m happy they’re doing it.” Dena Tsamitis, director of education, outreach and training at Carnegie Mellon University’s cybersecurity research centre in Pittsburgh, Pennsylvania, also wants to maintain the relationship. She oversees visitors and recruiters from the NSA but her centre gets no direct funding. She says that her graduate students understand the NSA’s public surveillance to be “a policy decision, not a technology decision. Our students are most interested in the technology.” And the NSA, she says — echoing many other researchers — “has very interesting technology problems”. The academics who are professionally uneasy with the NSA tend to lie on the applied end of the spectrum: they work on computer security and cryptography rather than pure mathematics and basic physics. Matthew Green, a cryptographer at Johns Hopkins University in Baltimore, Maryland, says that these researchers are unsettled in part because they are dependent on protocols developed by the US National Institute of Standards and Technology (NIST) to govern most encrypted web traffic. When it was revealed that the NSA had inserted a ‘back door’ into the NIST standards to allow snooping, some of them felt betrayed. “We certainly had no idea that they were tampering with products or standards,” says Green. He is one of 47 technologists who on 4 October sent a letter to the director of a group created last month by US President Barack Obama to review NSA practices, protesting because the group does not include any independent technologists. Edward Felten, who studies
[liberationtech] Neelie Kroes: Internet Governance: I want your views!
[ Apologies if you receive duplicates. Please do share this message widely ] Dear colleagues, dear friends, I would like to share with you the recent blog post by Neelie Kroes, Vice President of the European Commission and Commissioner for the Digital Agenda, on Internet Governance. The blog post is accessible at http://ec.europa.eu/commission_2010-2014/kroes/en/content/internet-governance-i-want-your-views and also reproduced below for ease of reference. Vice-President Kroes highlights some of her key thoughts on the main challenges for the governance of the Internet and calls upon everyone to share their views on how the Internet should be governed and what Europe's role should be. Such online engagement will take place via the Digital Agenda website at https://ec.europa.eu/digital-agenda/en/content/europe-and-internet-global-context. Importantly, as part of this online engagement a discussion paper was produced and put online at https://ec.europa.eu/digital-agenda/sites/digital-agenda/files/131007%20public%20questions%20formatted.pdf. I would encourage all of you to express your views. +++ Internet Governance: I want your views! http://ec.europa.eu/commission_2010-2014/kroes/en/users/neelie-kroes Published by Neelie KROEShttp://ec.europa.eu/commission_2010-2014/kroes/en/users/neelie-kroes on Wednesday, 09/10/2013 As digital agenda commissioner I have long fought hard to keep the Internet driving positive change - helping Europe's economy and society. And now we are asking for your views on internet governancehttps://ec.europa.eu/digital-agenda/en/content/europe-and-internet-global-context. I have fought especially hard for an open Internet. As a network of networks, no one person or country owns the Internet, but we do need a clear set of rules that everybody needs to play by. I have defended such rules at international conferences on the Internet, most recently at the Internet Governance Forum in Baku - and, in particular, resisted attemptshttp://europa.eu/rapid/press-release_MEMO-12-922_en.htm by others to push for significant increases to the scope of International Telecoms Regulations at the recent WCIT meeting in Dubai. But since then a lot of things have happened. We have heard about massive surveillance operations by secret services, within Europe as well as the US. Of course we are extremely concerned by what that means for personal data protection. But this also has deep implications for the governance of the Internet. It is clearly influencing how some international partners are thinkinghttp://www.un.org/apps/news/story.asp?NewsID=45955Cr=General+DebateCr1=. And it is even more important now that we agree on common principles for Internet governance, and how decisions are made in all Internet-related matters. This autumn will be crucial in many ways. In Europe, I am proposing ambitious measures to bring down barriers within our connected continenthttp://ec.europa.eu/commission_2010-2014/kroes/en/content/building-connected-continent. That's a priority for me, and a priority for our economic future, which I hope EU leaders will take seriously at their forthcoming summithttp://www.european-council.europa.eu/council-meetings?meeting=760391ff-5b52-4248-a076-5032044c6288lang=entype=EuropeanCouncil. But, at the same time as we bring those barriers down, I want to avoid new ones going up. Later this month, Internet world leaders are meeting at the Internet Governance Forumhttp://www.intgovforum.org/cms/ in Bali. I am sorry that, for the first time, I cannot be there in person myself. But I would like to contribute, both to make clear how closely and seriously we are watching this debate, and to stress the importance of having a clear and robust framework for Internet Governance and policy-making as soon as possible. As it stands today, the conclusions of the World Summit on the Information Society (WSIS) are the only international-level political agreement on Internet governance; and they are the subject of several consultations. Particularly important among those consultations are the discussions in the WSIS+10 High-Level Eventhttp://www.itu.int/wsis/review/mpp/, and the UN Working Group on Enhanced Cooperationhttp://unctad.org/en/Pages/cstd.aspx; I hope many of you will be contributing. The Internet is increasingly the forum for so much of our lives; from transacting through commerce or banking; to interacting through social networks; to communicating with governments or pushing for democratic change. It's clear to me that the Internet is a European strategic domain - and, although the internet is a different kind of place to the real world, our stance towards it should be underpinned by just the same values, priorities and interests as everything else. This digital age needs a new social contract. Decisions that affect the Internet shouldn't be taken just by politicians, companies or technicians alone, without any reference to
[liberationtech] SHIFT::Tech to award $25K to develop social good app in Armenia
Dear Liberation Tech, On October 5th, 2013, history was made in Armenia -- the little country that could, where leading minds have taken flight despite a difficult social and political history. Enter SHIFT::Tech. A world-wide app challenge that invites entrepreneurs from around the world to pitch their ideas for a significant, scalable and profitable mobile application to compete for $25,000 in design, branding and world-class mobile development support -- all in Armenia. In the last decade, Armenia has become one of the leading information technology nations among CIS and Middle Eastern countries. With a booming IT sector, which takes up a corruption-free 20% of the country's annual GDP, start-ups are popping up all over the country. The world’s premier, full-featured mobile photo editor, Picsart, Inc., for example, started in Armenia and has 77 million users. The competition will have the full support of non-profit crowdfunding organization ONEArmenia and top app developer Social Objects, in addition to a world-class jury that includes Alexis Ohanian and others. ONEArmenia is not your traditional organization. We’ve put Armenia on the map by showing the world that it’s a place where intrepid ideas can become real, change-making individuals are empowered on a local level and the old model of giving becomes a thing of the past. Portions of potential profits from the winning SHIFT::Tech app will go towards funding ONEArmenia’s projects. We think your listeners and readers, especially those interested in using technology for social good, will find SHIFT::Tech a real inspiration--and want to participate. We hope you agree. I appreciate your time and consideration for what ONEArmenia has to offer. If you’re interested in learning more, please email me at n...@onearmenia.org. Sincerely, Nora Kayserian PR/Social Media Manager -- Nora Kayserian PR/Social Media Manager ONEArmenia website http://www.onearmenia.org/ | Facebookhttp://www.facebook.com/onearmenia | Twitter http://www.twitter.com/onearmenia | Instagramhttp://www.instagram.com/onearmenia | Vimeo http://vimeo.com/onearmenia -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Computer Network Attacks International Law at Stanford CISAC
http://cisac.stanford.edu/events/7951? Computer Network Attacks and International Law Social Science Seminar DATE AND TIME October 10, 2013 3:30 PM - 5:00 PM AVAILABILITY Open to the public No RSVP required SPEAKERS Elaine Korzak - Cybersecurity Predoctoral Fellow, CISAC, and PhD Candidate at Department of War Studies, King's College London Andrew K. Woods (commentator) - Cybersecurity Fellow at CISAC ABOUT THE SPEAKER: Elaine Korzak joined CISAC in September 2013 as a predoctoral cybersecurity fellow. She is a PhD student in the Department of War Studies at King's College London. Elaine's thesis evaluates how cyber attacks challenge current legal norms and whether the identified challenges ultimately warrant a new legal framework. The analysis focuses on two areas in particular: international law on the use of force (jus ad bellum) and international humanitarian law (jus in bello). During her time at CISAC, Elaine is conducting empirical research examining states' responses to the legal challenges created by cyber attacks. Her analysis focuses on various state positions in key international forums, including the United Nations and the International Telecommunication Union. Elaine earned a Bachelor's degree in International Relations from the University of Dresden (Germany) before focusing her research interests at the interface of international law and security studies. She holds both an MA in International Peace and Security from King's College London and an LL.M in Public International Law from the London School of Economics. Her professional experience includes various governmental and non-governmental institutions (both national and international), where she has worked on various disarmament and international security issues. These include, most recently, NATO's Cyber Defence Section as well as the European Commission's Director-General on Information Society and Media. ABOUT THE TOPIC: With their unique characteristics such as swiftness, its non-kinetic nature and anonymity, computer network attacks fundamentally challenge the current international legal paradigm which is based on a state-centered concept of armed force involving some degree of kinetic energy transfer through blast and fragmentation. It has been argued that a revolution in military affairs has been ushered in by technological advancements that cannot be accommodated within the existing legal framework. Both practitioners and scholars have called for a new regulatory framework to govern computer network attacks. This presentation will give an overview of Elaine's doctoral research project which evaluates these claims by examining if and how computer network attacks challenge key norms of international law on the use of force and international humanitarian law and whether the identified challenges ultimately warrant a new legal framework. LOCATION CISAC Conference Room Encina Hall Central, 2nd floor 616 Serra St. Stanford University Stanford, CA 94305-- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Fwd: [Announce] Wanted: Lantern Ambassadors
Haven't looked at it myself - passing on for others. Cheers, -Ali -- Forwarded message -- From: Sandra sandraordo...@openitp.org Date: Thu, Oct 10, 2013 at 2:23 PM Subject: [Announce] Wanted: Lantern Ambassadors To: annou...@lists.openitp.org Lantern is a new type of open source censorship circumvention tool. It uses peer-to-peer (P2P) technology that connects people in censored regions with those in uncensored regions to create a free internet for everyone. We see it as a new approach to an increasingly challenging situation. It provides users in “free” countries with a passive but effective way to help, while providing censored users with a trusted network from which they can access blocked information. Currently, we are looking for Lantern Ambassadors, a group of users to build the Lantern Network, and thus allow the Lantern team to test the tool with live users. All that is required is to download the open source tool, which runs seamlessly in the background, and provide the team with feedback if necessary. Request an invitation now: https://www.getlantern.org While the tool is designed to scale to millions of people, it only works if enough users share their connections to open the internet with others. As a result, we also encourage you to invite friends to download the tool as well. In the last few months, the Lantern team has made great progress with many improvements in usability, stability and censorship resistance. They recently reach their 1.0 beta milestone and have been focusing on improving the core software. As a result, any feedback will be greatly appreciated. Join the Lantern movement today and help create a new type of tool that brings a free internet to everyone. Request an invite now: http://getlantern.org Thanks in advance! -Team Lantern ___ Announce mailing list annou...@lists.openitp.org https://lists.openitp.org/mailman/listinfo/announce -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Funding for EdTech Startups
Hi, Hope all is well. Just touching base to let you know about the inaugural EdTech Venture Capital track at the 8th annual New England Venture Summit on December 10-11, 2013. If you know any EdTech startups that are seeking funding, there may be an opportunity for them present their companies in front of a live investor audience. Let me know if you would like to suggest/nominate anyone as candidate. Warm Regards, Avi Avi Maderer youngStartup Ventures Where Innovation Meets Capital e. a...@youngstartup.com p. 212-202-1002 w. www.youngstartup.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] 10 reasons not to start using PGP
We had some debate on this topic at the Circumvention Tech Summit and I got some requests to publish my six reasons not to use PGP. Well, I spent a bit more time on it and now they turned into 10 reasons not to. Some may appear similar or identical, but actually they are on top of each other. Corrections and religious flame wars are welcome. YMMV. -- TEN REASONS NOT TO START USING PGP -- Coloured version at http://secushare.org/PGP [01]Pretty Good Privacy is better than no encryption at all, and being [02]end-to-end it is also better than relying on [03]SMTP over [04]TLS (that is, point-to-point between the mail servers while the message is unencrypted in-between), but is it still a good choice for the future? Is it something we should recommend to people who are asking for better privacy today? 1. Downgrade Attack: The risk of using it wrong. Modern cryptographic communication tools simply do not provide means to exchange messages without encryption. With e-mail the risk always remains that somebody will send you sensitive information in cleartext - simply because they can, because it is easier, because they don't have your public key yet and don't bother to find out about it, or just by mistake. Maybe even because they know they can make you angry that way - and excuse themselves pretending incompetence. Some people even manage to reply unencrypted to an encrypted message, although PGP software should keep them from doing so. The way you can simply not use encryption is also the number one problem with [05]OTR, the off-the-record cryptography method for instant messaging. 2. The OpenPGP Format: You might aswell run around the city naked. As Stf pointed out at CTS, thanks to its easily detectable [06]OpenPGP Message Format it is an easy exercise for any manufacturer of [07]Deep Packet Inspection hardware to offer a detection capability for PGP-encrypted messages anywhere in the flow of Internet communications, not only within SMTP. So by using PGP you are making yourself visible. Stf has been suggesting to use a non-detectable wrapping format. That's something, but it doesn't handle all the other problems with PGP. 3. Transaction Data: He knows who you are talking to. Should Mallory not [08]possess the private keys to your mail provider's TLS connection yet, he can simply intercept the communication by means of a [11]man-in-the-middle attack, using a valid fake certificate that he can make for himself on the fly. It's a bull run, you know? Even if you employ PGP, Mallory can trace who you are talking to, when and how long. He can guess at what you are talking about, especially since some of you will put something meaningful in the unencrypted Subject header. Should Mallory have been distracted, he can still recover your mails by visiting your provider's server. Something to do with a PRISM, I heard. On top of that, TLS itself is being recklessly deployed without forward secrecy most of the time. 4. No Forward Secrecy: It makes sense to collect it all. As Eddie has told us, Mallory is keeping a complete collection of all PGP mails being sent over the Internet, just in case the necessary private keys may one day fall into his hands. This makes sense because PGP lacks [12]forward secrecy. The characteristic by which encryption keys are frequently refreshed, thus the private key matching the message is soon destroyed. Technically PGP is capable of refreshing subkeys, but it is so tedious, it is not being practiced - let alone being practiced the way it should be: at least daily. 5. Cryptogeddon: Time to upgrade cryptography itself? Mallory may also be awaiting the day when RSA cryptography will be cracked and all encrypted messages will be retroactively readable. Anyone who recorded as much PGP traffic as possible will one day gain strategic advantages out of that. According to Mr Alex Stamos that day may be closer than PGP advocates think as [13]RSA cryptography may soon be cracked. This might be true, or it may be counter-intelligence to scare people away from RSA into the arms of [14]elleptic curve cryptography (ECC). A motivation to do so would have been to get people to use the curves recommended by the NIST, as they were created using magic numbers chosen without explanation by the NSA. No surprise they are suspected [15]to be corrupted. With both of these developments in mind, the alert cryptography activist scene seems now to converge on [16]Curve25519, a variant of ECC whose parameters where elaborated mathematically (they are the smallest numbers that satisfy all mathematical criteria that were set forth). ECC also happens to be a faster and more compact encryption technique, which you should take
Re: [liberationtech] 10 reasons not to start using PGP
In my opinion, this makes about as much sense as telling people who are already having sex not to use condoms. Consider mine a critique of why this post makes almost no sense to and won't convince any member of the public. I'm sure some of the geeks here will have a field day with it, but some of it is barely in my realm of understanding (and while I'm admittedly not a 'geek', I've been working in this field for a long time, which puts me at the top rung of your 'average user' base). TL;DR: This may well be a solid argument for convincing developers to implement better UIs, etc, but it doesn't work for its intended purpose, which seems to be convincing n00bs not to use PGP. (Detailed snark in-line) On Thu, Oct 10, 2013 at 12:23 PM, carlo von lynX l...@time.to.get.psyced.org wrote: We had some debate on this topic at the Circumvention Tech Summit and I got some requests to publish my six reasons not to use PGP. Well, I spent a bit more time on it and now they turned into 10 reasons not to. Some may appear similar or identical, but actually they are on top of each other. Corrections and religious flame wars are welcome. YMMV. -- TEN REASONS NOT TO START USING PGP -- Coloured version at http://secushare.org/PGP [01]Pretty Good Privacy is better than no encryption at all, and being [02]end-to-end it is also better than relying on [03]SMTP over [04]TLS (that is, point-to-point between the mail servers while the message is unencrypted in-between), but is it still a good choice for the future? Is it something we should recommend to people who are asking for better privacy today? 1. Downgrade Attack: The risk of using it wrong. Modern cryptographic communication tools simply do not provide means to exchange messages without encryption. With e-mail the risk always remains that somebody will send you sensitive information in cleartext - simply because they can, because it is easier, because they don't have your public key yet and don't bother to find out about it, or just by mistake. Maybe even because they know they can make you angry that way - and excuse themselves pretending incompetence. Some people even manage to reply unencrypted to an encrypted message, although PGP software should keep them from doing so. The way you can simply not use encryption is also the number one problem with [05]OTR, the off-the-record cryptography method for instant messaging. Okay, I'm not going to argue that PGP isn't hard or that people don't use it incorrectly at times. But would you say don't use condoms because they're ineffective sometimes? No, you would not. This is a reason to improve the UI of PGP/OTR for sure, but not a reason not to use it. 2. The OpenPGP Format: You might aswell run around the city naked. As Stf pointed out at CTS, thanks to its easily detectable [06]OpenPGP Message Format it is an easy exercise for any manufacturer of [07]Deep Packet Inspection hardware to offer a detection capability for PGP-encrypted messages anywhere in the flow of Internet communications, not only within SMTP. So by using PGP you are making yourself visible. Stf has been suggesting to use a non-detectable wrapping format. That's something, but it doesn't handle all the other problems with PGP. Okay, this part requires more explanation for the layman, methinks. It's not intuitive for a non-tech to understand. 3. Transaction Data: He knows who you are talking to. Should Mallory not [08]possess the private keys to your mail provider's TLS connection yet, he can simply intercept the communication by means of a [11]man-in-the-middle attack, using a valid fake certificate that he can make for himself on the fly. It's a bull run, you know? You're not going to convince anyone with jargony talk. Even if you employ PGP, Mallory can trace who you are talking to, when and how long. He can guess at what you are talking about, especially since some of you will put something meaningful in the unencrypted Subject header. Again, this is a call for better education around email practices, not for people to stop using PGP. Should Mallory have been distracted, he can still recover your mails by visiting your provider's server. Something to do with a PRISM, I heard. On top of that, TLS itself is being recklessly deployed without forward secrecy most of the time. 4. No Forward Secrecy: It makes sense to collect it all. As Eddie has told us, Mallory is keeping a complete collection of all PGP mails being sent over the Internet, just in case the necessary private keys may one day fall into his hands. This makes sense because PGP lacks [12]forward secrecy. The characteristic by which encryption keys are frequently refreshed, thus the private
Re: [liberationtech] 10 reasons not to start using PGP
Also, the premise of your argument, 10 reasons not to start, presupposes the truth of your argument, essentially begigng the question. Not that it makes your other arguments invalid, but I cringed when I saw the title, and also laughed. - Jason Gulledge On Oct 10, 2013, at 9:40 PM, Jillian C. York jilliancy...@gmail.com wrote: In my opinion, this makes about as much sense as telling people who are already having sex not to use condoms. Consider mine a critique of why this post makes almost no sense to and won't convince any member of the public. I'm sure some of the geeks here will have a field day with it, but some of it is barely in my realm of understanding (and while I'm admittedly not a 'geek', I've been working in this field for a long time, which puts me at the top rung of your 'average user' base). TL;DR: This may well be a solid argument for convincing developers to implement better UIs, etc, but it doesn't work for its intended purpose, which seems to be convincing n00bs not to use PGP. (Detailed snark in-line) On Thu, Oct 10, 2013 at 12:23 PM, carlo von lynX l...@time.to.get.psyced.org wrote: We had some debate on this topic at the Circumvention Tech Summit and I got some requests to publish my six reasons not to use PGP. Well, I spent a bit more time on it and now they turned into 10 reasons not to. Some may appear similar or identical, but actually they are on top of each other. Corrections and religious flame wars are welcome. YMMV. -- TEN REASONS NOT TO START USING PGP -- Coloured version at http://secushare.org/PGP [01]Pretty Good Privacy is better than no encryption at all, and being [02]end-to-end it is also better than relying on [03]SMTP over [04]TLS (that is, point-to-point between the mail servers while the message is unencrypted in-between), but is it still a good choice for the future? Is it something we should recommend to people who are asking for better privacy today? 1. Downgrade Attack: The risk of using it wrong. Modern cryptographic communication tools simply do not provide means to exchange messages without encryption. With e-mail the risk always remains that somebody will send you sensitive information in cleartext - simply because they can, because it is easier, because they don't have your public key yet and don't bother to find out about it, or just by mistake. Maybe even because they know they can make you angry that way - and excuse themselves pretending incompetence. Some people even manage to reply unencrypted to an encrypted message, although PGP software should keep them from doing so. The way you can simply not use encryption is also the number one problem with [05]OTR, the off-the-record cryptography method for instant messaging. Okay, I'm not going to argue that PGP isn't hard or that people don't use it incorrectly at times. But would you say don't use condoms because they're ineffective sometimes? No, you would not. This is a reason to improve the UI of PGP/OTR for sure, but not a reason not to use it. 2. The OpenPGP Format: You might aswell run around the city naked. As Stf pointed out at CTS, thanks to its easily detectable [06]OpenPGP Message Format it is an easy exercise for any manufacturer of [07]Deep Packet Inspection hardware to offer a detection capability for PGP-encrypted messages anywhere in the flow of Internet communications, not only within SMTP. So by using PGP you are making yourself visible. Stf has been suggesting to use a non-detectable wrapping format. That's something, but it doesn't handle all the other problems with PGP. Okay, this part requires more explanation for the layman, methinks. It's not intuitive for a non-tech to understand. 3. Transaction Data: He knows who you are talking to. Should Mallory not [08]possess the private keys to your mail provider's TLS connection yet, he can simply intercept the communication by means of a [11]man-in-the-middle attack, using a valid fake certificate that he can make for himself on the fly. It's a bull run, you know? You're not going to convince anyone with jargony talk. Even if you employ PGP, Mallory can trace who you are talking to, when and how long. He can guess at what you are talking about, especially since some of you will put something meaningful in the unencrypted Subject header. Again, this is a call for better education around email practices, not for people to stop using PGP. Should Mallory have been distracted, he can still recover your mails by visiting your provider's server. Something to do with a PRISM, I heard. On top of that, TLS itself is being recklessly deployed without forward secrecy most of the time. 4. No
Re: [liberationtech] 10 reasons not to start using PGP
While there are easy ways to mess up using PGP, I think that a more well-rounded approach is to be mindful of the ways that one can be de-anonymized (by others or themselves) while using it. People who don't have a holistic view of their security, and don't want to learn more about their actual threats and risks/rewards of encryption won't be well-served by PGP or OTR or full-disk encryption. Without informed consent, encryption is meaningless. That is not to say that encryption is always meaningless. ~Griffin On 10/10/2013 03:23 PM, carlo von lynX wrote: We had some debate on this topic at the Circumvention Tech Summit and I got some requests to publish my six reasons not to use PGP. Well, I spent a bit more time on it and now they turned into 10 reasons not to. Some may appear similar or identical, but actually they are on top of each other. Corrections and religious flame wars are welcome. YMMV. -- TEN REASONS NOT TO START USING PGP -- Coloured version at http://secushare.org/PGP -- Cypherpunks write code not flame wars. --Jurre van Bergen #Foucault / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de My posts are my own, not my employer's. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] 10 reasons not to start using PGP
Thank you for doing this work! The world needs someone facing the truth, explaining why gpg isn't the solution, advocating positive change. It's a communicative task, a very difficult one. As long there is gpg, most geeks don't see need to create better alternatives. I'd say, gpg's development slowed down. They're qualified but standing in their own way. They should break compatibility with commercial PGP (not because thats good, just because it's easier to implement better solutions), also break compatibility with RFCs, implement better solutions and standardize later. The current first standardize, then maybe implement, and don't implement if it's not standardized approach is much too slow, can't keep up with real developments in real word. (Still don't even have mail subject encryption.) If Bitmessage succeeds (I haven't learned much about it yet), and actually provides better protection than gpg, I am happy with that also if there isn't a RFC. If Bitmessage gets really popular, I am sure they'll somehow work things out and happen to standardize it later. Sometimes I even think, if there wasn't gpg, new approaches had better chances reaching critical mass. carlo von lynX: But what should I do then!?? So that now we know 10 reasons not to use PGP over e-mail, let's first acknowledge that there is no easy answer. Electronic privacy is a crime zone with blood freshly spilled all over. None of the existing tools are fully good enough. I am a gpg user myself, but must say that it has really awful usability. OTR has so much better usability, but it it (yet?) can't be used to sign files or for higher latency communication (e-mail). I agree, the existing tools aren't remotely good enough. Thank you, PGP. Thanks for acknowledging that. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] CPJ: Knowing How Law Technology Meet at US borders
Piece below on crossing US borders may be of interest here. Thanks to Josh Stearns at Free Press, Dan Auberbach at EFF, among others. I'm also pasting the link to the Canadian Bar Association's guidance to Canadian lawyers crossing US borders. http://www.cba.org/cba/practicelink/tayp/laptopborder.aspx http://www.cpj.org/security/2013/10/knowing-how-law-and-technology-meet-at-us-borders.php Knowing how law and technology meet at U.S. borders By Frank Smyth/CPJ Senior Adviser for Journalist Security Border crossings have long posed a risk for journalists. In many nations, reporters and photographers alike have been subjected to questioning and having their electronic devices searched, if not also copied. But more recently, protecting electronically stored data has become a greater concern for journalists, including those who are U.S. citizens, upon entering or leaving the United States. This is an issue in the U.S., but it is just a fraction of what journalists are facing in countries around the world, Josh Stearns, journalism and public media campaign director of Free Press, a U.S.-based media reform organization, told CPJ. Last month a National Public Radio producer, Sarah Abdurraham, along with members of her family and friends, all of whom are U.S. citizens, were on their way home from a wedding in Ontario when they were detained for six hours at the Niagara Falls border crossing while each of their electronic devices were searched. I generally came out of the experience wondering what our rights are, Abdurraham later said in an interview with NPR's On the Media program, where she works. Abdurraham did not specify whether she meant the rights of journalists or U.S. citizens generally. But, according to Michael Price, counsel at New York University Law School and the Brennan Center for Justice's Liberty and National Security Program, it doesn't make any difference. He told CPJ that to date, there are no court rulings providing U.S. journalists with any added protection against having their electronic devices searched when crossing a U.S. border. But a few federal courts have ruled that U.S. citizens crossing U.S. borders have certain rights. Last year in Boston, a judge denied a government motion to dismiss a lawsuit challenging a border search of electronic devices, before the case was settled, after hearing arguments from the American Civil Liberties Union including on First Amendment grounds. This year in San Francisco, a panel of appellate judges ruled that U.S. border agents must at least have reasonable suspicion before searching the data stored on U.S. citizens' electronic devices. If you are flying into the West Coast you have one rule, into the East Coast you have another, said Price, referring to the San Francisco court ruling for the 9th Circuit. All the same, U.S. journalists flying in or out of any part of the United States should expect the possibility that their electronic devices could be searched, copied, or even seized, he and other experts told CPJ. Meanwhile, citizens of other nations, including journalists, enjoy no effective protections from having their data searched upon entering or leaving the United States. The safest option is to not travel with any sensitive data and instead store it in a cloud, Dan Auerbach, staff technologist at the San Francisco-based Electronic Frontier Foundation told CPJ. He noted, however, that safely uploading and downloading sensitive data to any independently hosted platform raises practical challenges, including whether one trusts the firm or group hosting the cloud, and whether the uploads and downloads to the cloud could be intercepted. Another option would be to openly encrypt one's entire hard drive or other device. But journalists who do so should use open-source software, as opposed to proprietary commercial software, as the manufacturer could have built the software with a back door to allow secret government access, said Auerbach. Only a judge can make you give up a password, he said. But he also noted that defying agents of U.S. Immigration and Customs Enforcement, a division of the Department of Homeland Security, could also lead agents to seize one's equipment. What they generally do is make a mirror image of the hard drive, Price told CPJ. Authorities could then try to crack the password later. A third option for journalists would be to try and encrypt sensitive files surreptitiously. One digital safety tool called TrueCrypt allows users to create hidden volumes or unseen partitions on their hard drive to load with encrypted data that may look like something else, such as a corrupted video file. But Auerbach warns that successfully hiding data on a disk may only work if one also lies about it to keep it secret. Lying to border agents is not advisable, because it can be a serious crime, reads EFF's online guide. Although now nearly two years old, the EFF guide still provides timely advice for anyone carrying electronic
Re: [liberationtech] 10 reasons not to start using PGP
10 reasons to give up, stop trying, hide in a corner, and die. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Call for Applications: Social Media for Social Change and Online Security - online learning course
Social Media for Social Change and Online Security http://www.tol.org/client/training/course/23981-social-media-for-social-change-and-online-security.html Transitions (TOL) invite applications from civil society activists for participation in online learning courses on Social Media for Social Change and Online Security to be held between 15 and 24 October. During these live courses, which will be delivered on the renowned TechChange e-learning platform, you will learn about: Social Media for Social Change - Wider benefits of effective social media use in your work - Variety of methods and tools available - Choosing a social media strategy that best suits your communication and campaign goals Online Security - Most common risks - Tools to protect yourself - The basics of censorship and circumvention The courses will be presented in English by Jaroslav Valůch and Emin Huseynzade, leading experts on social media and Internet security. Each course will feature four 60-minute sessions held over two weeks combined with participation on a collaborative forum and homework between the sessions. In addition, the course facilitators will address issues that you identify as specific to your work or country. If you are an activist committed to social change, be it as a professional NGO worker or local volunteer, these courses will help you improve the effectiveness of your work. To apply, please send your CV in English with a cover letter explaining your motives for applying to katerina.beck...@tol.org by 10 October 2013. In the cover letter, please, specify whether you are applying for participation in both or only one of the two courses. The courses are held as part of Transitions’ Capturing Capacity Building and Connecting the Dots projects conducted with ten other partner organizations in Central and Eastern Europe and the United States with financial support from the International Visegrad Fund, National Endowment for Democracy (NED) and the United Nations Democracy Fund (UNDEF). Apply ASAP! and share with people who might be interested! -- Zugravu Gheorghe mob: +373 68289364 twitter: @zugravugheorghe www.zugravu.eu -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] 10 reasons not to start using PGP
Interesting. But someone should also write a piece called 1 reason not to criticise security tech without clearly stating threat model which serves as basis for that criticism. What if Mallory isn't a well-funded governmental organization but is the admin who runs your employer's email servers? This should actually be two lists: reasons not to use e-mail, and reasons not to use OpenPGP over e-mail. Only reasons 2, 3, 4, 5, 7, 8 are really about OpenPGP (you should've stuck to 6 reasons not to use PGP), and at least three of them are really good reasons to look for alternatives. There are no good alternatives over e-mail: S/MIME unfortunately suffers from many of the same issues as OpenPGP, and then some more. And reason #1 is something that the client should take care of (ideally with default settings), and not the encryption protocol. Why are you attacking OpenPGP and OTR for this? And thank you so much for the comparative chart. It is *very* useful. Why doesn't telephony have SIP? ~ Pranesh carlo von lynX [2013-10-10 15:23]: We had some debate on this topic at the Circumvention Tech Summit and I got some requests to publish my six reasons not to use PGP. Well, I spent a bit more time on it and now they turned into 10 reasons not to. Some may appear similar or identical, but actually they are on top of each other. Corrections and religious flame wars are welcome. YMMV. -- TEN REASONS NOT TO START USING PGP -- Coloured version at http://secushare.org/PGP [01]Pretty Good Privacy is better than no encryption at all, and being [02]end-to-end it is also better than relying on [03]SMTP over [04]TLS (that is, point-to-point between the mail servers while the message is unencrypted in-between), but is it still a good choice for the future? Is it something we should recommend to people who are asking for better privacy today? 1. Downgrade Attack: The risk of using it wrong. Modern cryptographic communication tools simply do not provide means to exchange messages without encryption. With e-mail the risk always remains that somebody will send you sensitive information in cleartext - simply because they can, because it is easier, because they don't have your public key yet and don't bother to find out about it, or just by mistake. Maybe even because they know they can make you angry that way - and excuse themselves pretending incompetence. Some people even manage to reply unencrypted to an encrypted message, although PGP software should keep them from doing so. The way you can simply not use encryption is also the number one problem with [05]OTR, the off-the-record cryptography method for instant messaging. 2. The OpenPGP Format: You might aswell run around the city naked. As Stf pointed out at CTS, thanks to its easily detectable [06]OpenPGP Message Format it is an easy exercise for any manufacturer of [07]Deep Packet Inspection hardware to offer a detection capability for PGP-encrypted messages anywhere in the flow of Internet communications, not only within SMTP. So by using PGP you are making yourself visible. Stf has been suggesting to use a non-detectable wrapping format. That's something, but it doesn't handle all the other problems with PGP. 3. Transaction Data: He knows who you are talking to. Should Mallory not [08]possess the private keys to your mail provider's TLS connection yet, he can simply intercept the communication by means of a [11]man-in-the-middle attack, using a valid fake certificate that he can make for himself on the fly. It's a bull run, you know? Even if you employ PGP, Mallory can trace who you are talking to, when and how long. He can guess at what you are talking about, especially since some of you will put something meaningful in the unencrypted Subject header. Should Mallory have been distracted, he can still recover your mails by visiting your provider's server. Something to do with a PRISM, I heard. On top of that, TLS itself is being recklessly deployed without forward secrecy most of the time. 4. No Forward Secrecy: It makes sense to collect it all. As Eddie has told us, Mallory is keeping a complete collection of all PGP mails being sent over the Internet, just in case the necessary private keys may one day fall into his hands. This makes sense because PGP lacks [12]forward secrecy. The characteristic by which encryption keys are frequently refreshed, thus the private key matching the message is soon destroyed. Technically PGP is capable of refreshing subkeys, but it is so tedious, it is not being practiced - let alone being practiced the way it should be: at least daily. 5. Cryptogeddon: Time to upgrade cryptography itself? Mallory may also be
Re: [liberationtech] 10 reasons not to start using PGP
Agreed. The threat model discussion clearly is too often lost in all the current post-Snowden debates. We need to remember that a lot if solutions might not be enough to protect anyone against NSAish authorities but more than enough against other, most real, threats to peoples personal safety. Regular employers, schools, parents, skiddies, whatever. Marcin 10 okt 2013 kl. 22:11 skrev Pranesh Prakash pran...@cis-india.org: Interesting. But someone should also write a piece called 1 reason not to criticise security tech without clearly stating threat model which serves as basis for that criticism. What if Mallory isn't a well-funded governmental organization but is the admin who runs your employer's email servers? This should actually be two lists: reasons not to use e-mail, and reasons not to use OpenPGP over e-mail. Only reasons 2, 3, 4, 5, 7, 8 are really about OpenPGP (you should've stuck to 6 reasons not to use PGP), and at least three of them are really good reasons to look for alternatives. There are no good alternatives over e-mail: S/MIME unfortunately suffers from many of the same issues as OpenPGP, and then some more. And reason #1 is something that the client should take care of (ideally with default settings), and not the encryption protocol. Why are you attacking OpenPGP and OTR for this? And thank you so much for the comparative chart. It is *very* useful. Why doesn't telephony have SIP? ~ Pranesh carlo von lynX [2013-10-10 15:23]: We had some debate on this topic at the Circumvention Tech Summit and I got some requests to publish my six reasons not to use PGP. Well, I spent a bit more time on it and now they turned into 10 reasons not to. Some may appear similar or identical, but actually they are on top of each other. Corrections and religious flame wars are welcome. YMMV. -- TEN REASONS NOT TO START USING PGP -- Coloured version at http://secushare.org/PGP [01]Pretty Good Privacy is better than no encryption at all, and being [02]end-to-end it is also better than relying on [03]SMTP over [04]TLS (that is, point-to-point between the mail servers while the message is unencrypted in-between), but is it still a good choice for the future? Is it something we should recommend to people who are asking for better privacy today? 1. Downgrade Attack: The risk of using it wrong. Modern cryptographic communication tools simply do not provide means to exchange messages without encryption. With e-mail the risk always remains that somebody will send you sensitive information in cleartext - simply because they can, because it is easier, because they don't have your public key yet and don't bother to find out about it, or just by mistake. Maybe even because they know they can make you angry that way - and excuse themselves pretending incompetence. Some people even manage to reply unencrypted to an encrypted message, although PGP software should keep them from doing so. The way you can simply not use encryption is also the number one problem with [05]OTR, the off-the-record cryptography method for instant messaging. 2. The OpenPGP Format: You might aswell run around the city naked. As Stf pointed out at CTS, thanks to its easily detectable [06]OpenPGP Message Format it is an easy exercise for any manufacturer of [07]Deep Packet Inspection hardware to offer a detection capability for PGP-encrypted messages anywhere in the flow of Internet communications, not only within SMTP. So by using PGP you are making yourself visible. Stf has been suggesting to use a non-detectable wrapping format. That's something, but it doesn't handle all the other problems with PGP. 3. Transaction Data: He knows who you are talking to. Should Mallory not [08]possess the private keys to your mail provider's TLS connection yet, he can simply intercept the communication by means of a [11]man-in-the-middle attack, using a valid fake certificate that he can make for himself on the fly. It's a bull run, you know? Even if you employ PGP, Mallory can trace who you are talking to, when and how long. He can guess at what you are talking about, especially since some of you will put something meaningful in the unencrypted Subject header. Should Mallory have been distracted, he can still recover your mails by visiting your provider's server. Something to do with a PRISM, I heard. On top of that, TLS itself is being recklessly deployed without forward secrecy most of the time. 4. No Forward Secrecy: It makes sense to collect it all. As Eddie has told us, Mallory is keeping a complete collection of all PGP mails being sent over the Internet, just in case the necessary private keys may one day fall into his hands. This makes sense because PGP lacks
[liberationtech] EFF Resigns from Global Network Initiative
From: pressl...@eff.org Electronic Frontier Foundation Media Release For Immediate Release: Thursday, October 10, 2013 Contact: Jillian C. York Director for International Freedom of Expression Electronic Frontier Foundation jill...@eff.org +1 415 436-9333 x118 EFF Resigns from Global Network Initiative Citing Concerns Over NSA’s Impact on Corporate Members, EFF Leaves Industry Group San Francisco - The Electronic Frontier Foundation (EFF) today withdrew from the Global Network Initiative (GNI), citing a fundamental breakdown in confidence that the group's corporate members are able to speak freely about their own internal privacy and security systems in the wake of the National Security Agency (NSA) surveillance revelations. EFF has been a civil society member of the multi-stakeholder human rights group since GNI was founded in 2008 to advance freedom of expression and privacy in the global information and communication technologies sector. While much has been accomplished in these five years, EFF can no longer sign its name on joint statements knowing now that GNI's corporate members have been blocked from sharing crucial information about how the US government has meddled with these companies' security practices through programs such as PRISM and BULLRUN. We know that many within the industry do not like or approve of such government interference, and GNI has, in statements, made it clear that member companies want permission from the US government to engage in greater transparency, EFF's International Director Danny O'Brien and Director for International Freedom of Expression Jillian C. York write in a letter to GNI leadership. However, until serious reforms of the US surveillance programs are in place, we no longer feel comfortable participating in the GNI process when we are not privy to the serious compromises GNI corporate members may be forced to make. Nor do we currently believe that audits of corporate practice, no matter how independent, will uncover the insecurities produced by the US government's--and potentially other governments'--behavior when operating clandestinely in the name of national security. EFF's involvement with GNI included helping to define its founding principles over two years of negotiations; coordinating opposition to the United Kingdom's Communications Data Bill in 2011; releasing a paper addressing free-speech issues surrounding account deactivation and content removal; and collaborating with fellow members in internal international technical and policy analysis. However, EFF can no longer stand behind the credibility of what had been one of GNI's most significant achievements--third-party privacy and freedom of expression assessments of service providers, including Google, Microsoft and Yahoo. Moving forward, EFF plans to continue to provide guidance to the GNI and engage companies directly, but as an external organization. EFF supports the other organizations and individuals that continue to work within the GNI for the free speech and privacy rights of users worldwide. Although EFF is taking a step back, GNI can still serve an important role as a collaborative project between human rights groups, companies, investors and academics, York said. If the United States government truly supports international 'Internet freedom,' it would recognize the damage its policies are doing to weaken such efforts and the world's confidence in American companies. For the text of the letter: https://www.eff.org/document/gni-resignation-letter-0 For this release: https://www.eff.org/press/releases/eff-resigns-global-network-initiative About EFF The Electronic Frontier Foundation is the leading organization protecting civil liberties in the digital world. Founded in 1990, we defend free speech online, fight illegal surveillance, promote the rights of digital innovators, and work to ensure that the rights and freedoms we enjoy are enhanced, rather than eroded, as our use of technology grows. EFF is a member-supported organization. Find out more at https://www.eff.org. -end- -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] 10 reasons not to start using PGP
On 10/10/2013 03:55 PM, adrelanos wrote: Thank you for doing this work! The world needs someone facing the truth, explaining why gpg isn't the solution, advocating positive change. It's a communicative task, a very difficult one. As long there is gpg, most geeks don't see need to create better alternatives. I'd say, gpg's development slowed down. They're qualified but standing in their own way. They should break compatibility with commercial PGP (not because thats good, just because it's easier to implement better solutions), also break compatibility with RFCs, implement better solutions and standardize later. The current first standardize, then maybe implement, and don't implement if it's not standardized approach is much too slow, can't keep up with real developments in real word. (Still don't even have mail subject encryption.) If Bitmessage succeeds (I haven't learned much about it yet), Bitmessage doesn't have forward secrecy, and AFAICT there's no way to easily add it later on. Best, Jonathan -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] 10 reasons not to start using PGP
+1 - you said it much better than me. On Thu, Oct 10, 2013 at 1:55 PM, Enrique Piracés enriq...@benetech.orgwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi there, I think this is a good topic for debate among those who can or are currently developing security tools/protocols, and it is one way to further discuss usability as a security feature in communities like this one. That said, I think it is really bad advice and I encourage you to refrain from providing this as a suggestion for users who may put themselves or others at risk as a result of it. Also, I think the title is misleading, as most of the article is about why PGP is not an ideal solution for the future (a point where I think you would find significant agreement). Again, suggesting not to use PGP without providing a functional alternative is irresponsible. Best, Enrique - -- Enrique Piracés Vice President, Human Rights Program Benetech https://www.benetech.org https://www.martus.org https://www.twitter.com/epiraces On 10/10/13 3:23 PM, carlo von lynX wrote: We had some debate on this topic at the Circumvention Tech Summit and I got some requests to publish my six reasons not to use PGP. Well, I spent a bit more time on it and now they turned into 10 reasons not to. Some may appear similar or identical, but actually they are on top of each other. Corrections and religious flame wars are welcome. YMMV. -- TEN REASONS NOT TO START USING PGP -- Coloured version at http://secushare.org/PGP [01]Pretty Good Privacy is better than no encryption at all, and being [02]end-to-end it is also better than relying on [03]SMTP over [04]TLS (that is, point-to-point between the mail servers while the message is unencrypted in-between), but is it still a good choice for the future? Is it something we should recommend to people who are asking for better privacy today? 1. Downgrade Attack: The risk of using it wrong. Modern cryptographic communication tools simply do not provide means to exchange messages without encryption. With e-mail the risk always remains that somebody will send you sensitive information in cleartext - simply because they can, because it is easier, because they don't have your public key yet and don't bother to find out about it, or just by mistake. Maybe even because they know they can make you angry that way - and excuse themselves pretending incompetence. Some people even manage to reply unencrypted to an encrypted message, although PGP software should keep them from doing so. The way you can simply not use encryption is also the number one problem with [05]OTR, the off-the-record cryptography method for instant messaging. 2. The OpenPGP Format: You might aswell run around the city naked. As Stf pointed out at CTS, thanks to its easily detectable [06]OpenPGP Message Format it is an easy exercise for any manufacturer of [07]Deep Packet Inspection hardware to offer a detection capability for PGP-encrypted messages anywhere in the flow of Internet communications, not only within SMTP. So by using PGP you are making yourself visible. Stf has been suggesting to use a non-detectable wrapping format. That's something, but it doesn't handle all the other problems with PGP. 3. Transaction Data: He knows who you are talking to. Should Mallory not [08]possess the private keys to your mail provider's TLS connection yet, he can simply intercept the communication by means of a [11]man-in-the-middle attack, using a valid fake certificate that he can make for himself on the fly. It's a bull run, you know? Even if you employ PGP, Mallory can trace who you are talking to, when and how long. He can guess at what you are talking about, especially since some of you will put something meaningful in the unencrypted Subject header. Should Mallory have been distracted, he can still recover your mails by visiting your provider's server. Something to do with a PRISM, I heard. On top of that, TLS itself is being recklessly deployed without forward secrecy most of the time. 4. No Forward Secrecy: It makes sense to collect it all. As Eddie has told us, Mallory is keeping a complete collection of all PGP mails being sent over the Internet, just in case the necessary private keys may one day fall into his hands. This makes sense because PGP lacks [12]forward secrecy. The characteristic by which encryption keys are frequently refreshed, thus the private key matching the message is soon destroyed. Technically PGP is capable of refreshing subkeys, but it is so tedious, it is not being practiced - let alone being practiced the way it should be: at least daily. 5. Cryptogeddon: Time to upgrade cryptography itself? Mallory may also be awaiting the day when RSA cryptography will be cracked and all
Re: [liberationtech] 10 reasons not to start using PGP
I'm surprised to see this list has missed the thing that bugs me most about PGP: It conflates non-repudiation and authentication. I send Bob an encrypted message that we should meet to discuss the suppression of free speech in our country. Bob obviously wants to be sure that the message is coming from me, but maybe Bob is a spy ... and with PGP the only way the message can easily be authenticated as being from me is if I cryptographically sign the message, creating persistent evidence of my words not just to Bob but to Everyone! When there are only two parties in an encrypted communication this is _trivial_ to solve cryptographically: just use DH to compute a shared secret and use it to authenticate the message. (Multiple parties is solvable too, but requires a ring signature or other more complicated solution). But PGP has no real solutions for that. My other big technical complaint about PGP is (3) in the post, that every encrypted message discloses what key you're communicating with. PGP easily _undoes_ the privacy that an anonymity network like tor can provide. It's possible to use --hidden-recipient but almost no one does. Its also easy to produce a litany of non-technical complaints: PGP is almost universally misused (even by people whos lives may depend on its correct use), the WOT leaks tons of data, etc. In my view the use of PGP is more appropriately seen as a statement about the kind of world we want to have— one where encryption is lawful, widely used, and uncontroversial— and less of a practical way to achieve security against many threats that exist today. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] 10 reasons not to start using PGP
On 10/10/2013 12:23 PM, carlo von lynX wrote: 1. Downgrade Attack: The risk of using it wrong. Fixed in the new generation of clients (mailpile, LEAP, etc). 2. The OpenPGP Format: You might aswell run around the city naked. Fixed by using StartTLS with DANE (supported in the new version of postfix). Admittedly, this makes sysadmin's job more challenging, but LEAP is working to automate the hard stuff (https://leap.se/platform). 3. Transaction Data: He knows who you are talking to. Fixed in the short term by using StartTLS with DANE. Fixed in the long term by adopting one of these approaches: https://leap.se/en/routing 4. No Forward Secrecy: It makes sense to collect it all. Imperfectly fixed in the short term using StartTLS with only PFS ciphers enabled. This could be fixed in the long term by using Trevor Perrin's scheme for triple EC Diffie-Hellman exchange. This has been implemented by moxie for SMS, and could be for SMTP (https://whispersystems.org/blog/simplifying-otr-deniability/). 5. Cryptogeddon: Time to upgrade cryptography itself? New version of GPG supports ECC, but of course nothing in the snowden leaks suggest we need to abandon RSA of sufficient key length (just the ECC curves that have *always* been suspicious). 6. Federation: Get off the inter-server super-highway. Federated transport with spool-then-forward time delay is likely a much more feasible way to thwart traffic analysis than attempting to lay down a high degree of cover traffic for direct peer to peer transport. This is, of course, an area of active academic research and it would be irresponsible to say that we definitively know how to prevent traffic analysis, either with p2p or federation. 7. Statistical Analysis: Guessing on the size of messages. Easily fixed. 8. Workflow: Group messaging with PGP is impractical. No one anywhere has solved the problem of asynchronous, forward-secret group cryptography. There are, however, working models of group cryptography using OpenPGP, such as SELS (http://sels.ncsa.illinois.edu/). This approach makes key management more difficult, but we need to automate key management anyway for OpenPGP to be usable enough for wider adoption. 9. TL;DR: I don't care. I've got nothing to hide. This critique rests on the assumption that the problems with email are unfixable. 10. The Bootstrap Fallacy: But my friends already have e-mail! Email remains one of the two killer apps of the internet, and is unlikely to vanish any time soon. Simple steps we can take to make it much better seem like a wise investment in energy. There are two approaches to addressing the problems with email: (1) assert that email is hopeless and must be killed off. (2) identify areas where we can fix email to bring it into the 21st century. I think that approach #1 is irresponsible: regardless of one's personal feelings about email, it is certainly not a lost cause, and asserting that it is will make it more difficult to build support for fixing it. Approach #2 is certainly an uphill battle, but there are a growing number of organizations working on it. LEAP's (free software) efforts are outlined here: https://leap.se/email. We have it working, we just need to get it mature enough for production use. -elijah -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] 10 reasons not to start using PGP
Hello again. I will answer to most comments all in a single mail to avoid clogging libtech. While I wrote this another ten mails have slipped in, so expect another large reply to those. :-) On 10/10/2013 10:00 PM, Richard Brooks wrote: 10 reasons to give up, stop trying, hide in a corner, and die. Sorry if I start talking about the alternatives only at the very end of the document. This is about becoming aware of how serious the problem is and to start directing some energy into fueling the alternatives which are popping up like mushrooms just recently. For the obvious reasons. And I specifically mention peer reviewing them. So the message is: go get yourself new tools and teach your peers to use the new tool of the day. On 10/10/2013 10:11 PM, Pranesh Prakash wrote: Interesting. But someone should also write a piece called 1 reason not to criticise security tech without clearly stating threat model which serves as basis for that criticism. What if Mallory isn't a well-funded governmental organization but is the admin who runs your employer's email servers? That's a good point. The reason why I don't pay attention to lesser threat models is that the loss in quality of democracy we are currently experiencing is large enough that I don't see much use for a distinction of threat models - especially since alternatives that work better than PGP exist, so they are obviously also better for lesser threat models. For example, I don't think that a dissident in Irya (ficticious country) is better off if no-one but Google Mail knows that he is a dissident. Should at any later time in his life someone with access to that data find it useful to use it against the dissident, he can still do it. And who knows what the world looks like in twenty years from now? Not saying give up and die. Saying if you can opt for better security, don't postpone learning about it. If you can invest money in making it a safe option, don't waste time with yet another PGP GUI project. This should actually be two lists: reasons not to use e-mail, and reasons not to use OpenPGP over e-mail. Fine with me. I don't think it makes much difference for the end user whether SMTP federation or actual PGP is failing her. Only reasons 2, 3, 4, 5, 7, 8 are really about OpenPGP (you should've stuck to 6 reasons not to use PGP), and at least three of them are really good reasons to look for alternatives. There are no good alternatives over e-mail: S/MIME unfortunately suffers from many of the same issues as OpenPGP, and then some more. I don't find S/MIME worth mentioning anymore. It has so failed us. But maybe I should for completeness? And reason #1 is something that the client should take care of (ideally with default settings), and not the encryption protocol. Why are you attacking OpenPGP and OTR for this? Because it's not true that the client can handle it. The fact that an email address exists implies that some folks will send unencrypted stuff to it. I experienced this. Just yesterday a friend changed his life plans because of an unencrypted message. Yes, you could enforce PGP once it's configured - but you can't opt out from e-mail. That is evil. Look at any of the alternatives instead. None of them allow you to transmit an unencrypted message. In fact all the modern systems use the public key for addressing, so you can't do it wrong. And thank you so much for the comparative chart. It is *very* useful. My pleasure. I felt the need to do this since I get asked for recommendations frequently - and I don't like to say.. wait until secushare is ready. I don't want to wait for it myself. Why doesn't telephony have SIP? It should. What would the icons be that you would put there? I'm not familiar with end-to-end encryption over SIP for instance. On 10/10/2013 10:33 PM, Marcin de Kaminski wrote: Agreed. The threat model discussion clearly is too often lost in all the current post-Snowden debates. We need to remember that a lot if solutions might not be enough to protect anyone against NSAish authorities but more than enough against other, most real, threats to peoples personal safety. Regular employers, schools, parents, skiddies, whatever. I think if employers, schools, parents, skiddies can find out who you are exchanging encrypted messages with, that can be a very real threat to you. Using a tool that looks like it does something totally different.. on your screen, over the network and even on your hard disk.. can save your physical integrity. On 10/10/2013 09:55 PM, adrelanos wrote: Thank you for doing this work! The world needs someone facing the truth, explaining why gpg isn't the solution, advocating positive change. It's a communicative task, a very difficult one. As long there is gpg, most geeks don't see need to create better alternatives. Glad someone is understanding the positivity in awareness and will to move forward. Ignoring threats just because they are depressing is a bit
Re: [liberationtech] 10 reasons not to start using PGP
Just replying to this bit of your reply to me; the rest made sense On Thu, Oct 10, 2013 at 3:08 PM, carlo von lynX l...@time.to.get.psyced.org wrote: If this is still jargony to you, hmmm... you are unlikely to understand the risks you are exposed to by using the Internet from day to day. These are concepts that anyone in the circumvention business must be aware of. You can choose to not read the Guardian article and not try to understand what's going on, but then you should better just trust that the conclusion is not made up: No, see that's the thing: *I *get it, but I don't think I'm totally your target audience (I've been using PGP for years, you're talking to people who haven't started yet, right?) You want criticism? There it is. Your writing does not work for the general public. You write in a way that feels condescending and assumes that the reader already has a full grasp of why those things are issues. On the one hand, you're telling people that PGP is too hard/broken, while with the other you're expecting them to already understand it/the threat model. Also, I have no idea what is meant by the bull run comment in that sentence. If you want your piece to have any reach beyond the English language, consider tightening up your writing. -- *Note: *I am slowly extricating myself from Gmail. Please change your address books to: jilliancy...@riseup.net or jill...@eff.org. US: +1-857-891-4244 | NL: +31-657086088 site: jilliancyork.com http://jilliancyork.com/* | * twitter: @jilliancyork* * We must not be afraid of dreaming the seemingly impossible if we want the seemingly impossible to become a reality - *Vaclav Havel* * * * * -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] 10 reasons not to start using PGP
Ah, I see you probably meant BULLRUN. Guess it just wasn't a well-executed pun. On Thu, Oct 10, 2013 at 3:17 PM, Jillian C. York jilliancy...@gmail.comwrote: Just replying to this bit of your reply to me; the rest made sense On Thu, Oct 10, 2013 at 3:08 PM, carlo von lynX l...@time.to.get.psyced.org wrote: If this is still jargony to you, hmmm... you are unlikely to understand the risks you are exposed to by using the Internet from day to day. These are concepts that anyone in the circumvention business must be aware of. You can choose to not read the Guardian article and not try to understand what's going on, but then you should better just trust that the conclusion is not made up: No, see that's the thing: *I *get it, but I don't think I'm totally your target audience (I've been using PGP for years, you're talking to people who haven't started yet, right?) You want criticism? There it is. Your writing does not work for the general public. You write in a way that feels condescending and assumes that the reader already has a full grasp of why those things are issues. On the one hand, you're telling people that PGP is too hard/broken, while with the other you're expecting them to already understand it/the threat model. Also, I have no idea what is meant by the bull run comment in that sentence. If you want your piece to have any reach beyond the English language, consider tightening up your writing. -- *Note: *I am slowly extricating myself from Gmail. Please change your address books to: jilliancy...@riseup.net or jill...@eff.org. US: +1-857-891-4244 | NL: +31-657086088 site: jilliancyork.com http://jilliancyork.com/* | * twitter: @jilliancyork* * We must not be afraid of dreaming the seemingly impossible if we want the seemingly impossible to become a reality - *Vaclav Havel* * * * * -- *Note: *I am slowly extricating myself from Gmail. Please change your address books to: jilliancy...@riseup.net or jill...@eff.org. US: +1-857-891-4244 | NL: +31-657086088 site: jilliancyork.com http://jilliancyork.com/* | * twitter: @jilliancyork* * We must not be afraid of dreaming the seemingly impossible if we want the seemingly impossible to become a reality - *Vaclav Havel* -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] 10 reasons not to start using PGP
Next collection of answers to replies. Expect yours to be somewhere in here. Thanks for all the feedback! I actually expected harsher religious replies! :) On 10/10/2013 10:55 PM, Enrique Piracés wrote: I think this is a good topic for debate among those who can or are currently developing security tools/protocols, and it is one way to further discuss usability as a security feature in communities like this one. That said, I think it is really bad advice and I encourage you to refrain from providing this as a suggestion for users who may put themselves or others at risk as a result of it. The opening sentence says Pretty Good Privacy is better than no encryption at all ... Also, I think the title is misleading, as most of the article is about why PGP is not an ideal solution for the future (a point where I think you would find significant agreement). Again, suggesting not to use PGP without providing a functional alternative is irresponsible. I am suggesting four alternatives and indicating to work harder to make them viable tools for everyone as we should no longer postpone replacing PGP and e-mail. Of course I would also appreciate attention regarding the fifth, secushare. On 10/10/2013 10:57 PM, Jonathan Wilkes wrote: Bitmessage doesn't have forward secrecy, and AFAICT there's no way to easily add it later on. If I understood the principle correctly it allows you to generate new accounts freely, so you can put your *next* account name into a message. If both sides do this, they can obfuscate their identities a bit. And you can automate it. You could also re-key at each message with PGP, but I presume it would make your implementation incompatible with everybody else's. On 10/10/2013 11:08 PM, Gregory Maxwell wrote: I'm surprised to see this list has missed the thing that bugs me most about PGP: It conflates non-repudiation and authentication. I send Bob an encrypted message that we should meet to discuss the suppression of free speech in our country. Bob obviously wants to be sure that the message is coming from me, but maybe Bob is a spy ... and with PGP the only way the message can easily be authenticated as being from me is if I cryptographically sign the message, creating persistent evidence of my words not just to Bob but to Everyone! I kind-of lumped it mentally together with forward secrecy, because for both problems the answer is Diffie-Hellman. But you are right, it is the eleventh reason. My other big technical complaint about PGP is (3) in the post, that every encrypted message discloses what key you're communicating with. PGP easily _undoes_ the privacy that an anonymity network like tor can provide. It's possible to use --hidden-recipient but almost no one does. Guess what, none of the alternative messaging tools would dream of putting the recipient address close to the message. They just make sure that it somehow gets there. Its also easy to produce a litany of non-technical complaints: PGP is almost universally misused (even by people whos lives may depend on its correct use), the WOT leaks tons of data, etc. Oh yes, I completely forgot to link that long article that recently came out criticizing the PGP web of trust. In my view the use of PGP is more appropriately seen as a statement about the kind of world we want to haveâ one where encryption is lawful, widely used, and uncontroversialâ and less of a practical way to achieve security against many threats that exist today. It is not enough for the purpose of protecting democracy, therefore it's one of those statements that backfire: The adversary doesn't care about you making that statement and can use it against you. On 10/11/2013 12:17 AM, Jillian C. York wrote: Just replying to this bit of your reply to me; the rest made sense Grrreat. On Thu, Oct 10, 2013 at 3:08 PM, carlo von lynX l...@time.to.get.psyced.org mailto:l...@time.to.get.psyced.org wrote: If this is still jargony to you, hmmm... you are unlikely to understand the risks you are exposed to by using the Internet from day to day. These are concepts that anyone in the circumvention business must be aware of. You can choose to not read the Guardian article and not try to understand what's going on, but then you should better just trust that the conclusion is not made up: No, see that's the thing: /I /get it, but I don't think I'm totally your target audience (I've been using PGP for years, you're talking to people who haven't started yet, right?) No, not really. It is for the multipliers and activists. The ones that carry the torch to the people. The Luciphers. You have been carrying PGP to the people and I am suggesting you should consider giving them other tools, and educating them to question those tools and look out for even newer tools. And help make these tools safe, reviewed and usable. Then again I wouldn't mind if normal people /get/ it, too, but I wouldn't want them