Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re: BNA'sInternet Law News (ILN) - 12/5/00)
(dcsb and cryptography and other closed lists removed, for obvious reasons) At 4:52 PM -0500 12/5/00, R. A. Hettinga wrote:
Date: Tue, 05 Dec 2000 08:47:20 -0800 From: Somebody To: "R. A. Hettinga" <rah@shipwright.com> Subject: Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re: BNA'sInternet Law News (ILN) - 12/5/00)
An instructive case. Apparently they used the keystroke monitoring to obtain the pgp passphrase, which was then used to decrypt the files.
The legal fight over whether the monitor was legal and whether the information so obtained are in fact records of criminal activity is a side-show. It remains practical evidence of how insecure computer equipment / OS's and pass-phrase based identity authentication combine to reduce the effective security of a system.
I fully support this comment that the whole issue of "legality" is a "side show." We've known that keyboard sniffers were a major issue for many years. I remember describing the sniffers ("keystroke recorders") which were widely available for Macs in the early 90s. Others cited such recorders for Windows and Unices. We discussed at early CP meetings the issue, with various proposed solutions. (For example, pass phrases stored in rings, pendants, Newtons, Pilots. For example, zero knowledge approaches. For example, reliance on laptops always in physical possession.) Frankly, the PGP community veered off the track toward crapola about standards, escrow, etc., instead of concentrating on the core issues. PGP as text is a solved problem. The rest of the story is to ensure that pass phrases and keys are not black-bagged. Forget fancy GUIs, forget standards...concentrate on the real threat model. --Tim May -- (This .sig file has not been significantly changed since 1992. As the election debacle unfolds, it is time to prepare a new one. Stay tuned.)
At 05:31 PM 12/5/00 -0500, R. A. Hettinga wrote:
An instructive case. Apparently they used the keystroke monitoring to obtain the pgp passphrase, which was then used to decrypt the files.
A PDA would have been harder to hack, one imagines. Are there padlockable metal cases for PDAs? As I've written, the FBI should run quality house cleaning services in large cities.
On Tue, Dec 05, 2000 at 05:16:03PM -0800, Tim May wrote:
The legal fight over whether the monitor was legal and whether the information so obtained are in fact records of criminal activity is a side-show. It remains practical evidence of how insecure computer equipment / OS's and pass-phrase based identity authentication combine to reduce the effective security of a system.
I fully support this comment that the whole issue of "legality" is a "side show."
Exactly - not every attacker represents law enforcement, and not every law enforcement attack is performed with the intention of creating admissible evidence. The US' exclusionary rule is the exception, not the rule, worldwide - most courts take more or less whatever evidence they can get. And thugs and goons and spies of many flavors don't give a shit about even pretending to cover their tracks when they're not following the rules. -- Greg Broiles gbroiles@netbox.com PO Box 897 Oakland CA 94604
At 9:06 PM -0500 on 12/5/00, David Honig wrote:
A PDA would have been harder to hack, one imagines.
This is why Chaum wants a small cryptographic device with it's own I/O, certainly. We'll get one when there's enough money behind it. Money's edge of the wedge... Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
At 9:56 PM -0800 12/5/00, Greg Broiles wrote:
On Tue, Dec 05, 2000 at 05:16:03PM -0800, Tim May wrote:
The legal fight over whether the monitor was legal and whether the information so obtained are in fact records of criminal activity is a side-show. It remains practical evidence of how insecure computer equipment / OS's and pass-phrase based identity authentication combine to reduce the effective security of a system.
I fully support this comment that the whole issue of "legality" is a "side show."
Exactly - not every attacker represents law enforcement, and not every law enforcement attack is performed with the intention of creating admissible evidence. The US' exclusionary rule is the exception, not the rule, worldwide - most courts take more or less whatever evidence they can get. And thugs and goons and spies of many flavors don't give a shit about even pretending to cover their tracks when they're not following the rules.
And the "exclusionary rule" is mostly meaningless, anyway. Though there is much noise about "fruit of the poisoned tree" (or "poison tree," not sure which), a black bag job can generate other grounds for arrest and prosecution. For example, planned meets, planned heists, etc. One of my favorite movies of all time is "Heat," with Robert De Niro and Al Pacino. The cops are trying to prove a gang is pulling off a series of violent heists. Surveillance is heavy, and the surveillance per se is not intended to be used in a court: the cops are seeking to catch the gang in action. And then there's the old "confidential informant" ploy: "We got a tip from our snitch." Make no mistake about it, the exclusionary rule will do little to deter black bag jobs. --Tim May -- (This .sig file has not been significantly changed since 1992. As the election debacle unfolds, it is time to prepare a new one. Stay tuned.)
R. A. Hettinga wrote: This is why Chaum wants a small cryptographic device with it's own I/O, certainly.
We'll get one when there's enough money behind it. Money's edge of the wedge...
We have it now. Smartcards. High end smart cards, with a co-processor on board can do their own encrypting and decrypting. Of course, they are still slow enough that you wouldn't want to encrypt/decrypt any large files onboard the card, but for small text it isn't a problem. Bringing this back to PGP and how you might protect the keys, you could keep the keys on the smartcard, or just the passphrase on the smart card. The card could be locked to a PIN number, which after X incorrect entries locked the card permanently. You wouldn't want to do PGP encryption on the card, so the key/passphrase is can still be sniffed when it is pulled off of the card. Regards, Andrew Drapp -- Andrew Drapp <andrew.drapp@hitachi-eu.com> PGP Encrypted Email Preferred (KeyID 65A52F89) ********************************************************************* E-mail Confidentiality Notice and Disclaimer This email and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to which they are addressed. Access to this e-mail by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited. E-mail messages are not necessarily secure. Hitachi does not accept responsibility for any changes made to this message after it was sent. Please note that Hitachi checks outgoing e-mail messages for the presence of computer viruses. *********************************************************************
At 9:56 PM -0800 on 12/5/00, Greg Broiles wrote:
On Tue, Dec 05, 2000 at 05:16:03PM -0800, Tim May wrote:
The legal fight over whether the monitor was legal and whether the information so obtained are in fact records of criminal activity is a side-show. It remains practical evidence of how insecure computer equipment / OS's and pass-phrase based identity authentication combine to reduce the effective security of a system.
I fully support this comment that the whole issue of "legality" is a "side show."
Exactly - not every attacker represents law enforcement,
Right. My own personal opinion is that the more *money* is controlled with cryptography and moved/stored on the internet, the stronger those technologies will become, and, unfortunately, not for any other reason. Like Whit Diffie has said, "cyberwar" will be "fought" by businesses, and not nation-states. Government black-bag jobs are just one of many kinds of theft... Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
At 5:25 AM -0500 on 12/6/00, Andrew Drapp wrote:
We have it now. Smartcards.
Smartcards may be more portable, but *don't* have their own I/O, and David Chaum was *not* talking about smartcards when he mad the point I was making. See the proceedings of the 1998 International Conference on Financial Cryptography for details. They're published by Springer-Verlag. Any large library should have them, if you don't want to actually buy them. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
On Tuesday 05 December 2000 22:05, R. A. Hettinga wrote:
At 9:06 PM -0500 on 12/5/00, David Honig wrote:
A PDA would have been harder to hack, one imagines.
This is why Chaum wants a small cryptographic device with it's own I/O, certainly.
We'll get one when there's enough money behind it. Money's edge of the wedge...
Cheers, RAH
I think someone out there makes a USB client-side digital certificate device. The only problem is you have to type in your passphrase to unlock probably. PDA's would be better. A PDA with an infrared link to a USB/serial connector would be ideal. Preferably with random voice challenge/response or other biometric. jim -- Sometimes it is said that man can not be trusted with the government of himself. Can he, then, be trusted with the government of others? Or have we found angels in the forms of kings to govern him? Let history answer this question. -- Thomas Jefferson, 1st Inaugural
From reading the docs at EPIC, it is not clear that the FBI actually got data from the planted device. The USA application dated June 8 asks for a supplemental order of extension of time in order to break in and remove the device. This need was caused by Scarfo's unexpected removal of the equipment.
We have not been presented with the initial USA application and the initial order, at least not that I've seen. Interesting possibilities are: 1. The FBI is bluffing that it got incriminating data and is using the applications and orders as window dressing or camouflage to hide their failure. Or to hide that they got evidence some other way. 2. The FBI captured some stuff but is faking the rest. 3. Scarfo discovered the device, or suspected it, and removed the equipment in order to sanitize it, or even planted his own device aimed at the feds. Say he rigged a program to endlessly type "fuck you," Or played Bin Laden's taunts. He's a fair comp whiz so all sorts of good stuff may have happened. 4. If Scarfo got the device, by now defenses against it have been deployed, maybe even generated a tidy black market for those who want to snoop and/or snarl the feds by redirecting their own devices.
Mr. May:
Frankly, the PGP community veered off the track toward crapola about standards, escrow, etc., instead of concentrating on the core issues. PGP as text is a solved problem. The rest of the story is to ensure that pass phrases and keys are not black-bagged.
Forget fancy GUIs, forget standards...concentrate on the real threat model.
What is the real threat model? Everybody has different worries. I'm not a bookie, I don't do work for the mob, I don't spend more than I earn. My biggest threat is (1) financial (stolen credit card numbers, or other form of credential fraud) (2) Political--that comments here and other places get me the list of "People To Take Care Of Later". The first threat can be dealt with by "cheap" crypto deployed everywhere--to co-opt one of RAH's phrases--a "Geodesicly encrypted network. In a network where every single stinking bit on the wire is encrypted at as many layers as possible, even with "10 cent" crypto will virtually eliminate (by making it more expensive) many of the low level financial threats. Yes, big banks and large financial institutions need stronger crypto, but they can multiple-encrypt, write their own protocols etc.). The second threat would be made much harder by the encrypt everything all the time type of network, if I weren't so thick headed as to insist on using my Real Name. This is presumably what the "PGP Community" veered off towards. Unfortunately, they've done a half-assed job so far. -- A quote from Petro's Archives: ********************************************** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
At 05:31 PM 12/5/00 -0500, R. A. Hettinga wrote:
An instructive case. Apparently they used the keystroke monitoring to obtain the pgp passphrase, which was then used to decrypt the files.
A PDA would have been harder to hack, one imagines.
Are there padlockable metal cases for PDAs?
As I've written, the FBI should run quality house cleaning services in large cities.
How do you know they don't? -- A quote from Petro's Archives: ********************************************** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
At 6:52 PM -0800 on 12/7/00, petro wrote:
At 05:31 PM 12/5/00 -0500, R. A. Hettinga wrote:
An instructive case. Apparently they used the keystroke monitoring to obtain the pgp passphrase, which was then used to decrypt the files.
A PDA would have been harder to hack, one imagines.
Are there padlockable metal cases for PDAs?
As I've written, the FBI should run quality house cleaning services in large cities.
How do you know they don't?
Watch your attributions. I didn't say the above... Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Petro wrote:
R. A. Hettinga wrote: [...] As I've written, the FBI should run quality house cleaning services in large cities.
How do you know they don't?
In every office or factory I've ever been in, including government ones where we kept paper copies of tax returns (yes folks, I have worked for the Inland Revenue) there are cleaners. They seem to come in 3 kinds - middle-aged black women, African students working their way through college, and people with vaguely asiatic features who sound as if they are speaking Portuguese. (Sometimes you get a few white students working their way through college but they are more likely to get jobs in bars) If I wanted to hire spies or assassins, I'd go for the middle-aged black women. Preferably short and dumpy and shabbily dressed. Someone who looks like a granny. They can go anywhere, no-one ever stops them or asks them who they are. An invisible woman to match Chesterton's Invisible Man. Ken
RAH whinged:
At 6:52 PM -0800 on 12/7/00, petro wrote:
At 05:31 PM 12/5/00 -0500, R. A. Hettinga wrote:
An instructive case. Apparently they used the keystroke monitoring to obtain the pgp passphrase, which was then used to decrypt the files.
A PDA would have been harder to hack, one imagines.
Are there padlockable metal cases for PDAs?
As I've written, the FBI should run quality house cleaning services in large cities.
How do you know they don't?
Watch your attributions. I didn't say the above...
Anyone who has spent *ANY* time on Usenet or mailing lists can easily read the >>'s . If you didn't write *ANY* of the above, then your gripe is with the person to whom I am replying. -- A quote from Petro's Archives: ********************************************** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
At 2:06 PM -0800 on 12/10/00, petro wrote:
RAH whinged
...and in error. My apologies. Cheers, RAH -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
David Honig wrote:
At 05:31 PM 12/5/00 -0500, R. A. Hettinga wrote:
An instructive case. Apparently they used the keystroke monitoring to obtain the pgp passphrase, which was then used to decrypt the files.
A PDA would have been harder to hack, one imagines.
Are there padlockable metal cases for PDAs?
As I've written, the FBI should run quality house cleaning services in large cities.
Physical locks can be picked. I doubt it's worth bothering with unless someone can figure out a good protocol to implement. Why? Simple. Two words: Hardware access. Once you have access to the hardware, including installing both hardware and software sniffers, the game is over. The attacker isn't after your passphrase just to have the passphrase. The attacker is after your data. He wants access to what's in that encrypted email or file. And how does that data get encrypted? You type it in. Or you print or display it. At those two points, someone with hardware access can get to your data without having your passphrase by bugging your keyboard, monitor's output, or printer output. If you type in your messages on the PC and encrypt them before you send them, what's the use? A Keyboard sniffer has already got the message you think you've encrypted. But since you have to type in your passphrase to access the data, they have your passphrase also. Let's go back to using a PDA, ring or other access method: 1. If you simply send your passphrase over a serial port, USB port, IR, ethernet, or any other kind of communications bus, it can be captured. 2. You can do other things such as send the encrypted key to the PDA, have the PDA decrypt it after it asks its owner for a passphrase (and salt with timestamps) but once the key is on the (untrusted) PC, its as good as captured, and so is the data. 3. If you do all the crypto on the PDA (mighty slow unless you've got a beefy PDA) you're choked by the communication method's throughput - which isn't bad over USB. *But* if you display anything on the PC it too can be captured. Bottom line: Unless you can handcuff a notebook to yourself 24/7/365 and never sleep, it's mighty damned hard to trust it. There's always some intrusion vector via the hardware. You can harden your hardware against tampering, which is a guaranteed way to bring up the topic of exploding hard drives, etc. :) And both myself and Tim will tell you "Look in the Archives, we've talked about this to death already." Another option is to have a small portable fully functional computer and just use a big USB/Firewire/SCSI disk to store the encrypted data. Since all the sectors read/written on this drive are encrypted, hardware access to the hard drive gains your attacker nothing. At best they can only damage the drive, which if you have backups is a negligible annoyance. For civilized attackers, remember there is TEMPEST monitoring to worry about. For less civilized attackers: You can be mugged or robbed, but if they get your notebook without the passphrase, it's a waste of their time. So if the notebook is returned to you, sell it on eBay and setup a new one. And at some point, even if you have your notebook with you at all times, you will fall asleep - naturally or with the help of a sleeping pill in your drink, etc. When you do, your attacker has physical access to your notebook, and to you. And when you wake, you may find the rubber hoses awaiting deployment. Now, for extra credit, dear punks, mull over a protocol or way to prevent the above attack vectors. And be sure to include a special passphrase for the rubber hose treatments. Perhaps a few layers of them, so when they beat you for the 2nd passphrase you can give them a slightly more incriminating passphrase, but still not a fully damaging one. -- ----------------------Kaos-Keraunos-Kybernetos--------------------------- + ^ + :Surveillance cameras|Passwords are like underwear. You don't /|\ \|/ :aren't security. A |share them, you don't hang them on your/\|/\ <--*-->:camera won't stop a |monitor, or under your keyboard, you \/|\/ /|\ :masked killer, but |don't email them, or put them on a web \|/ + v + :will violate privacy|site, and you must change them very often. --------_sunder_@_sunder_._net_------- http://www.sunder.net ------------
Ken Brown <k.brown@ccs.bbk.ac.uk> wrote:
In every office or factory I've ever been in, including government ones where we kept paper copies of tax returns (yes folks, I have worked for the Inland Revenue) there are cleaners. They seem to come in 3 kinds - middle-aged black women, African students working their way through college, and people with vaguely asiatic features who sound as if they are speaking Portuguese.
The latter would probably be Phillipinos.
participants (11)
-
Andrew Drapp -
Anonymous Remailer -
David Honig -
Greg Broiles -
Jim Burnes -
John Young -
Ken Brown -
petro -
R. A. Hettinga -
sunder -
Tim May