- cypherpunks - lists.cpunks.org

Fwd: Preferred Roaming List Zero Intercept Attack [was: DEF CON nostalgia [before that: going double cryptome at DEF CON 22]][still confusing]
by coderman 03 Aug '14

03 Aug '14

---------- Forwarded message ---------- From: coderman <coderman(a)gmail.com> Date: Sun, Aug 3, 2014 at 3:47 AM Subject: Re: Preferred Roaming List Zero Intercept Attack [was: DEF CON nostalgia [before that: going double cryptome at DEF CON 22]][still confusing] To: Full Disclosure <fulldisclosure(a)seclists.org> On Fri, Aug 1, 2014 at 4:06 AM, coderman <coderman(a)gmail.com> wrote: > ... > Any carrier phones or specific builds known to not accept PRL updates > without authorization should be noted in response to this thread... anon from the wiki pointed out the verizon rigmaiden aircard incident.[0] while not a smart phone, this does illustrate how a properly privacy conscious device will refuse to accept insufficiently authenticated roaming list updates. UTStarcom PC5740 at that point in time resistant to surreptitious corruption of roaming list. also, more than twenty years for cell locator tech as written. how many years of PRL Zero tricks? still soliciting pointers, ... best regards, 0. "Secrets of FBI Smartphone Surveillance Tool Revealed in Court Fight" - http://www.wired.com/2013/04/verizon-rigmaiden-aircard/all/ ''' Verizon reprogrammed the device so that when an incoming voice call arrived, the card would disconnect from any legitimate cell tower to which it was already connected, and send real-time cell-site location data to Verizon, which forwarded the data to the FBI. This allowed the FBI to position its stingray in the neighborhood where Rigmaiden resided. The stingray then “broadcast a very strong signal” to force the air card into connecting to it, instead of reconnecting to a legitimate cell tower, so that agents could then triangulate signals coming from the air card and zoom-in on Rigmaiden’s location. To make sure the air card connected to the FBI’s simulator, Rigmaiden says that Verizon altered his air card’s Preferred Roaming List so that it would accept the FBI’s stingray as a legitimate cell site and not a rogue site, and also changed a data table on the air card designating the priority of cell sites so that the FBI’s fake site was at the top of the list. ''' - the second "data table on the air card ... designating the priority of cell sites" not unambiguous. for example, System Determination Algorithms can utilize recent tower connection history foremost, along with the "Preferred Roaming List" as commonly used. a stated common method is listed in priority order: 1. MRU ROAMING History List (MRU) 2. Preferred Roaming List (PRL) ---fwd-ctxt-sw--- please direct questions to Mathew Solnik and Marc Blanchou, who are burning all sorts of vuln this week in Vegas. Cellular Exploitation on a Global Scale: The Rise and Fall of the Control Protocol - https://www.blackhat.com/us-14/briefings.html#Solnik "... In this presentation, we will discuss and disclose how Over-the-Air code execution can be obtained on the major cellular platforms and networks (GSM/CDMA/LTE). Including but not limited to Android, iOS, Blackberry, and Embedded M2M devices." such a setup suitable for silent PRL favor and middling as discussed.

1 0

Fwd: [tor-talk] Tor-ramdisk 20140801 released
by coderman 01 Aug '14

01 Aug '14

---------- Forwarded message ---------- From: Anthony G. Basile <basile(a)opensource.dyc.edu> Date: Fri, Aug 1, 2014 at 8:25 AM Subject: [tor-talk] Tor-ramdisk 20140801 released Hi everyone I want to announce to the list that a new release of tor-ramdisk is out. Tor-ramdisk is an i686 or x86_64 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Security is enhanced by hardening the kernel and binaries, and privacy is enhanced by forcing logging to be off at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key, which may be exported/imported by FTP or SCP. Changelog: tor was updated to 0.2.4.23 which addresses CVE-2014-5117. The kernel was updated to 3.15.7+ Gentoo's hardened-patches-3.15.7-1.extras. All other packages are the same as the previous release. It is recommended that users upgrade immediately. For more information see https://lists.torproject.org/pipermail/tor-announce/2014-July/000094.html. i686: Homepage: http://opensource.dyc.edu/tor-ramdisk Download: http://opensource.dyc.edu/tor-ramdisk-downloads x86_64: Homepage: http://opensource.dyc.edu/tor-x86_64-ramdisk Download: http://opensource.dyc.edu/tor-x86_64-ramdisk-downloads -- Anthony G. Basile, Ph. D. Chair of Information Technology D'Youville College Buffalo, NY 14201 (716) 829-8197

1 0

Fwd: Preferred Roaming List Zero Intercept Attack [was: DEF CON nostalgia [before that: going double cryptome at DEF CON 22]][still confusing]
by coderman 01 Aug '14

01 Aug '14

---------- Forwarded message ---------- From: coderman <coderman(a)gmail.com> Date: Fri, Aug 1, 2014 at 4:06 AM Subject: Preferred Roaming List Zero Intercept Attack [was: DEF CON nostalgia [before that: going double cryptome at DEF CON 22]][still confusing] To: Full Disclosure <fulldisclosure(a)seclists.org> Cc: Georgi Guninski <guninski(a)guninski.com> ### The Preferred Roaming List Zero Intercept Attack # SUMMARY # Attackers in position to carry out Monkey-in-the-Middle against CDMA2000 links between customer stations and their carrier BTS equipment can leverage silent push PRL updates to apply a routing list preferring paths through malicious "tower(s)" carrying the subscriber voice and data traffic under threat. The use of a specific PRL version Zero (0), aka Preferred Roaming List Zero Intercept Attack, implements the rogue tower associations with least potential interference to legit carrier bands and devices present in broadcast domain of attack. The presence of PRL version zero (0) on a device indicates malfunction at best and potential maliciousness when supported by other confirming factors. Note that malicious changes to the PRL may happen out of band (at baseband / control plane) regardless of disabled update facilities on the Android, iOS, or other device operating system. Polling must be used to detect silent forced PRL updates at the version level. # IMPACT # All common smart phones deployed on Verizon, Sprint, MetroPCS, US Cellular, and Telus carrier networks appear to support silent force push PRL with insufficient authorization. Any carrier phones or specific builds known to not accept PRL updates without authorization should be noted in response to this thread and the author with specific radio and carrier details. Software defined CDMA2000 implementations observed to date unaffected as manual tower associations are usually required in these systems. # RECOMMENDED MITIGATIONS # 1. Smart phone platforms and OEM distributions should refuse to silently downgrade or set to version zero (0) any PRL updates. Versions always increment, an offset sequence is a signal of something amiss and must require user confirmation to execute overrides. 2. Manufacturers should pressure baseband vendors for strong controls around PRL updates similar to controls around signed firmware updates and defense in depth like TrustZone enforced PRL management. In addition, preferred only bit set (use only preferred systems) should be the default, not the exception. 3. Privacy conscious consumers should communicate via software defined radio stacks rather than proprietary baseband black boxes. Full control over all channels, forward, reverse, supplementary and the content within them compelling transparency for radio comms. 4. Hackers at DEF CON should create apps to monitor for PRL zero status and securely report the results to a hidden site. Unauthorized PRL changes should then force radios off (airplane mode or cell radios down) and trigger counter measures. # BACKGROUND # On Thu, Jul 31, 2014 at 6:13 AM, Georgi Guninski <guninski(a)guninski.com> wrote: > ... > Fyodor's Full Disclosure is heavily moderated. > He stops me at SMTP level. > Quite likely he will sell the list the > way aleph1 did with Bugtraq. > (I am not posting on FFD). asking for disclosure or utility seems not unreasonable. [0][1] far from a free for all these days, for sure, ... the rest of the rant after this regularly scheduled programming: [2] # VULNERABILITY ASPECTS # - Vulnerability Classes: Improper Access Control - Remotely Exploitable: Yes - Locally Exploitable: Yes; most devices - Authentication Required: No; only middle position # TECHNICAL DETAIL # Working knowledge of CDMA2000 network principles and protocols is assumed. Explicit PRL updates as may be invoked via dialing ##873283# on Sprint, *228 for Verizon - then opt. 2, or *228 on many other networks are user initiated and properly authorized. Over-the-Air system update facilities on carrier networks may also silently force push PRL updates to customers for better service, as intended, with incrementing versions. When used maliciously, OTA PRL updates with a version of zero (0) function well as in-scope target enabling, having the property that once a target leaves the broadcast area under attack the legitimate carrier update, no matter which real carrier or intervening time period, will always be great than zero, and thus replace the transient malicious roaming list with a legitimate copy of whatever is current. It is this specific aspect: silent force PRL downgrade to version zero (0) which is condemened. Any other aspects of securely communicating provider preferences to customer devices is left as a problem for the reader; CDMA designed to protect carrier base stations and networks, not subscribers from a rogue "carrier". Consider the following original roaming configuration for a device subject to this attack: | PRL Version: 1205 | Primary CDMA Channel: 500 | Secondary CDMA Channel: 425 | 0(SID+NID+AcqIdx+RoamInd): 0x000A+0xFF+1+OFF | 1(SID+NID+AcqIdx+RoamInd): 0x0012+0xFF+7+ON | 2(SID+NID+AcqIdx+RoamInd): 0x0015+0xFF+33+ON | n<=28(...): NULL The attacker desires least interruption to carrier SIDs ...0A, 12, 15, and associated frequencies. Attacker assumes operations on channels 650 and 725 with SID 0x00A1 to co-exist with incidental communications inside the broadcast domain under attack. With the new rogue station operating, a Preferred Roaming List Zero attack can now be mounted, routing targets over the malicious base stations as long as they remain in range of attacker. Such a roaming configuration may look like: | PRL Version: 0 | Primary CDMA Channel: 650 | Secondary CDMA Channel: 725 | 0(SID+NID+AcqIdx+RoamInd): 0x00A1+0xFF+1+OFF ** attacker SID | 1(SID+NID+AcqIdx+RoamInd): 0x000A+0xFF+2+OFF | 2(SID+NID+AcqIdx+RoamInd): 0x0012+0xFF+7+ON | 3(SID+NID+AcqIdx+RoamInd): 0x0015+0xFF+33+ON | n<=28(...): NULL One last note: It is useful to be alerting on scenarios where channel drops, and strong neighbor appears just outside SRCH_WIN_N with a hard hand-off. Investigation of the exchange in detail warranted, in addition to any control messages that followed. # DISCLOSURE PERSPECTIVE # - "State Level" attackers using since before 2008? [how long before?] - Observed "in the wild" 2011. - Paying Fyodor's FD Tithe to public at Fri Aug 1 10:58:20 UTC 2014, plus moderation delay. # ADDITIONAL INFORMATION # Will not be coming from this channel. This includes no press; sorry. Third parties encouraged to continue and disseminate additional inquiry, however! # SOLICITED INFORMATION FOR BENEFIT OF OTHERS # - Are R-UIM based devices affected by force PRL zero? - Can knob frobbing mitigate successfully on carrier devices without root'ing or jailbreak'ing? [PCS, WCDMA, other radio opts] - If you force closed loop power control with constrained codings, can you thwart the effectiveness of attackers using mobile or non-tower emitters? - Will Metasploit deploy GNU CDMA blocks for this and other attacks along with requisite faraday tents? # FOR WANT OF CITES # 0. <citation needed> - i remember Fyodor asking that inflamatory off-topics at least be combined with a disclosure of some technical merit, too. as a way to atone for wasting precious minutes squandered and never to return; alas i can't find the message on a cursory search. i don't have a problem with this policy (Vuln for Voice) but it does seem to raise a high bar! *grin* 1. "Meta: List moderation", "Request to mailing list Fulldisclosure rejected", etc. - http://seclists.org/fulldisclosure/2014/Jul/56 2. # RESUME RANT # - this is in reference to [3] which is actually the gist of my angst. public and named individuals, organizations, institutions overly risk averse. prosecutorial zeal into the absurd squelching independent research while proprietary malcode monopolies from intelligence community to private sector weaponizers fleece talent into un-disclosure prisons with mental inhibitors decades to the future. we're in a strange new future now, and i have no idea what role full disclosure has in it, if any. so, "Vuln for Voice": why not? .. it certainly keeps the signal higher and the n3td3v lower! # END RANT # 3. "DEF CON nostalgia [was: going double cryptome at DEF CON 22]" - https://cpunks.org/pipermail/cypherpunks/2014-July/005269.html ''' a hollow, decrepit shell of its former self.. ... oh the 0ld days, ;) "We'd appreciate some more ethics." - GOBBLES - https://www.youtube.com/watch?v=DAJSxOzrD1g [ GOBBLES Security - still disappointed in 2014 ... ] ---- regarding the current line up: https://defcon.org/html/defcon-22/dc-22-speakers.html "Detecting Bluetooth Surveillance Systems" - what about RFID? "Dropping Docs on Darknets: How People Got Caught" - see also, EPICFAIL "How to Disclose an Exploit Without Getting in Trouble" - if you thought ice cream had many flavors, welcome to the brave new world of 'responsible disclosure'! "NSA Playset: PCIe" - the lack of any VT-d mention makes for mediocre. TAO tools better include a VM breakout and uCode errata exploitation. (spoiler alert - i don't think this is actually dropping NSA exploits) "The Monkey in the Middle: A pentesters guide to playing in traffic" - this middle perspective, however, is absolutely a tailored favorite. a gift that keeps on giving... "Investigating PowerShell Attacks" - this is now pointless, what with pass the hash dead. IT'S ALL OVER, JUST GO HOME. *sobbing* [c.f. http://www.harmj0y.net/blog/penetesting/pass-the-hash-is-dead-long-live-pas… ] "Screw Becoming A Pentester - When I Grow Up I Want To Be A Bug Bounty Hunter!" - one step further to enlightenment. the industry that should not exist; better yet to become build engineer or test automationer or devops devotee and build security in at unsexy day jobs for not fame and not riches. #hashtagInfosuckprotipyolo "In the forest of knowledge with 1o57" - nothing to say here other than i'm selling 1o57's uber badge for bitcoin to highest bidder. come find me :P~ "RF Penetration Testing, Your Air Stinks" - my discriminator for a delicious sw defined deployment: a) new grc blocks or custom sdr pipeline? b) wideband and full duplex? c) opportunistic and ad-hoc capabilities? - if you answered no to any of the following please try again, with more harder! [c.f. http://www.pervices.com/buy-crimson/ dual 10GigE, 100kHz – 6GHz, <= 800MHz bandwidth, 4 x (16 bit, 370 MSPS ADCs), 2 x (quad channel, 16 bit, 2500 MSPS DAC), 10MHz, 10ppb, reference OCXO] P.P.S. if you want do your own training on "WB Quad System" without travel to FVEY facilities this is how ;) "Panel - Diversity in Information Security" - i was not invited to this panel. credibility lost. "Android Hacker Protection Level 0" - because more fingers in the dike is more fingers. "Blinding The Surveillance State" - i am soliciting donations for premium consulting expertise. i don't think Soghoian's free advice will be instrumental, but Cowboy Alexander has some sweet new shit (you get what you pay for? :) [ c.f. http://www.foreignpolicy.com/articles/2014/07/29/the_crypto_king_of_the_NSA… "Summary of Attacks Against BIOS and Secure Boot" - aka, why to coreboot and kill AMT with fire. ok Intel chipsec peeps i got bones to pick SEE YOU IN VEGAS --- how about the talks you want so much but will never see? those billions for your discretion clearly benefiting profitability over pervasive security. best regards, '''

1 0

Re: [Cryptography] You can't trust any of your hardware
by grarpamp 31 Jul '14

31 Jul '14

On Thu, Jul 31, 2014 at 11:46 AM, Jerry Leichter <leichter(a)lrw.com> wrote: > http://arstechnica.com/security/2014/07/this-thumbdrive-hacks-computers-bad… > The full talk/paper don't seem to be available yet, but they (a) figured out > how to write malware that attacks a system via something plugged into its > USB port (no, it doesn't depend on AUTORUN); (b) flipped that around and > figured out how to replace the firmware on a USB device from the host. I > wouldn't have thought (b) was possible - after all, how many firmware > updates for USB devices have you ever seen? - but I guess it's handy at the > end of manufacturing, and gets left open because ... who would ever think of > attacking it? > > On further reflection, though, I realized that the only thing new here is > that they actually went and built a full-cycle virus. All the rest was done > a couple of years ago: Apple published an update for its (USB) keyboards - > http://support.apple.com/kb/HT4010 - and someone reverse-engineered it and > figured out how to upload any code they liked - > https://www.blackhat.com/presentations/bh-usa-09/CHEN/BHUSA09-Chen-RevApple… > > The fun never ends.... Just like BIOS/HDD firmware APT's, the updateability of firmware on USB controllers is nothing new... even thumbdrives come with firmware 'deleted' or fast formatted off their media, dd(1)... it just took a while to make it fun for the entire family. flashboot.ru phison.com usb mass production tool BadUSB BadBIOS spritesmods.com hddhack

1 1

Hacking Washington DC (and other Sensys Networks) traffic control systems
by coderman 31 Jul '14

31 Jul '14

http://blog.ioactive.com/2014/07/hacking-washington-dc-traffic-control.html ''' The latest Sensys Networks numbers indicate that approximately 200,000 sensor devices are deployed worldwide. See http://www.trafficsystemsinc.com/newsletter/spring2014.html. Based on a unit cost of approximately $500, approximately $100,000,000 of vulnerable equipment is buried in roads around the world that anyone can hack. I’m also concerned about how much it will cost tax payers to fix and replace the equipment.... ''''

1 0

Identity Intelligence
by coderman 31 Jul '14

31 Jul '14

XKeyScore classifiers for your data exhaust, --- http://fas.org/blogs/secrecy/2014/07/identity-intel/ "Identity Intelligence and Special Operations" - Posted on Jul.30, 2014 by Steven Aftergood "Identity intelligence” is a relatively new intelligence construct that refers to the analysis and use of personal information, including biometric and forensic data among others, to identify intelligence targets of interest and to deny them anonymity. The term began to appear a few years ago and was included, for example, in a 2012 Defense Intelligence Agencybriefing package. Since then it has quickly propagated throughout U.S. military and intelligence operations. ... The new DoD doctrine on Special Operations — Joint Publication 3-05, dated 16 July 2014 — includes further discussion of identity intelligence (I2) in the special operations context: “I2 is the collection, analysis, exploitation, and management of identity attributes and associated technologies and processes. The identification process utilizes biometrics-enabled intelligence (BEI), forensics-enabled intelligence (FEI), information obtained through document and media exploitation (DOMEX), and combat information and intelligence to identify a person or members of a group.” “I2 fuses identity attributes (biological, biographical, behavioral, and reputational information related to individuals) and other information and intelligence associated with those attributes collected across all intelligence disciplines….” “USSOCOM [US Special Operations Command] exploits biometric, forensic, document and media data collections and integrates the data with all-source intelligence to locate and track unattributed identities across multiple or disparate instances. Intelligence collections are processed through the appropriate DOD and interagency databases, exploited to produce intelligence, and then disseminated to deployed SOF and throughout the interagency. I2 products enable real-time decisions in special operations worldwide.” ... “Special operations require unique modes of employment, tactics, techniques, procedures, and equipment. They are often conducted in hostile, denied, or politically and/or diplomatically sensitive environments, and are characterized by one or more of the following: time-sensitivity, clandestine or covert nature, low visibility, work with or through indigenous forces, greater requirements for regional orientation and cultural expertise, and a higher degree of risk,” JP 3-05 says. ...

1 0

DEF CON nostalgia [was: going double cryptome at DEF CON 22]
by coderman 31 Jul '14

31 Jul '14

a hollow, decrepit shell of its former self.. ... oh the 0ld days, ;) "We'd appreciate some more ethics." - GOBBLES - https://www.youtube.com/watch?v=DAJSxOzrD1g [ GOBBLES Security - still disappointed in 2014 ... ] ---- regarding the current line up: https://defcon.org/html/defcon-22/dc-22-speakers.html "Detecting Bluetooth Surveillance Systems" - what about RFID? "Dropping Docs on Darknets: How People Got Caught" - see also, EPICFAIL "How to Disclose an Exploit Without Getting in Trouble" - if you thought ice cream had many flavors, welcome to the brave new world of 'responsible disclosure'! "NSA Playset: PCIe" - the lack of any VT-d mention makes for mediocre. TAO tools better include a VM breakout and uCode errata exploitation. (spoiler alert - i don't think this is actually dropping NSA exploits) "The Monkey in the Middle: A pentesters guide to playing in traffic" - this middle perspective, however, is absolutely a tailored favorite. a gift that keeps on giving... "Investigating PowerShell Attacks" - this is now pointless, what with pass the hash dead. IT'S ALL OVER, JUST GO HOME. *sobbing* [c.f. http://www.harmj0y.net/blog/penetesting/pass-the-hash-is-dead-long-live-pas… ] "Screw Becoming A Pentester - When I Grow Up I Want To Be A Bug Bounty Hunter!" - one step further to enlightenment. the industry that should not exist; better yet to become build engineer or test automationer or devops devotee and build security in at unsexy day jobs for not fame and not riches. #hashtagInfosuckprotipyolo "In the forest of knowledge with 1o57" - nothing to say here other than i'm selling 1o57's uber badge for bitcoin to highest bidder. come find me :P~ "RF Penetration Testing, Your Air Stinks" - my discriminator for a delicious sw defined deployment: a) new grc blocks or custom sdr pipeline? b) wideband and full duplex? c) opportunistic and ad-hoc capabilities? - if you answered no to any of the following please try again, with more harder! [c.f. http://www.pervices.com/buy-crimson/ dual 10GigE, 100kHz – 6GHz, <= 800MHz bandwidth, 4 x (16 bit, 370 MSPS ADCs), 2 x (quad channel, 16 bit, 2500 MSPS DAC), 10MHz, 10ppb, reference OCXO] P.P.S. if you want do your own training on "WB Quad System" without travel to FVEY facilities this is how ;) "Panel - Diversity in Information Security" - i was not invited to this panel. credibility lost. "Android Hacker Protection Level 0" - because more fingers in the dike is more fingers. "Blinding The Surveillance State" - i am soliciting donations for premium consulting expertise. i don't think Soghoian's free advice will be instrumental, but Cowboy Alexander has some sweet new shit (you get what you pay for? :) [ c.f. http://www.foreignpolicy.com/articles/2014/07/29/the_crypto_king_of_the_NSA… ] "Summary of Attacks Against BIOS and Secure Boot" - aka, why to coreboot and kill AMT with fire. ok Intel chipsec peeps i got bones to pick SEE YOU IN VEGAS --- how about the talks you want so much but will never see? those billions for your discretion clearly benefiting profitability over pervasive security. best regards,

2 2

Alleged "microkernel mathematically proven to be bug free"
by Georgi Guninski 30 Jul '14

30 Jul '14

news: http://www.theregister.co.uk/2014/07/28/aussie_droneprotecting_hackerdetect… site: http://sel4.systems/ AFAICT they used Isabelle for the proofs. Coq sucks much (not counting its developers).

7 22

Re: [Cryptography] propaganda on "hurdles for law enforcement"
by grarpamp 30 Jul '14

30 Jul '14

> I don't see any technical/cryptological way to defeat the > proposed US law; it looks like a political problem that > needs to be dealt with by political means. Proliferation is a political means. Keep on proliferating, proliferate widely, proliferate fast, get all your friends and business on it, get the public on it, remove the capability for legacy plaintext, and embed and entrench crypto deeper than the Marianas. Also, call/visit/write your MP/congresscritter and give them your concerns about backdoors and your freedom/rights, your life being meta'd, recorded, analyzed and stored forever for no good reason (for which an interest in crypto and speech isn't one). Proliferate and speak! On Fri, Jul 25, 2014 at 5:24 PM, John Denker <jsd(a)av8n.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Today's Gomorrah Post has a long article in the "National Security" > section: > > Ellen Nakashima > "Proliferation of new online communications services > poses hurdles for law enforcement" > http://www.washingtonpost.com/world/national-security/proliferation-of-new-… > > I see no particular reason to believe a single word of what > it says. Virtually all of the evidence supporting the main > conclusion is "according FBI officials and others" ... which > puts it in the same category as the "stories" Judy Miller > wrote for the New Ys Times in the runup to the Irag war. > http://www.nytimes.com/2002/09/08/international/middleeast/08IRAQ.html?ex=1… > > Positive reasons for disbelieving the main thrust of that > story is that if the authorities want to search somebody's > bedroom, they can still do it; they just (sometimes!) can't > do it quite so cheaply. That can't do it without getting > up from their comfy armchairs. > > The article contradicts Bill Frantz's assumption that all > present-day crypto is ineffective. I tend to disbelieve > both extremes. I reckon any lock can be picked or drilled > out /if somebody wants to badly enough/ ... but this does > not mean that all locks are completely useless. > > > There is a companion article that lets the cat out of the > bag: > > Ellen Nakashima > "The government wants to wiretap online communications > — or in some cases hack them" > http://www.washingtonpost.com/blogs/the-switch/wp/2014/07/25/the-government… > > Both articles appear to be part of a PR campaign to lay > the groundwork for a new CALEA-on-steroids law that would > reportedly require every ISP and every app developer to > provide hooks to enable armchair/pushbutton wiretapping. > > Before you say that such a law is impossible, especially > in the context of open-source software, let me point out > that most people on earth /already/ live under regimes > where use (or even possession) of an unregistered encryption > device is a serious crime. > > I don't see any technical/cryptological way to defeat the > proposed US law; it looks like a political problem that > needs to be dealt with by political means. > > Tangentially related: On 07/24/2014 09:13 PM, Peter Gutmann > wrote: >> [....] should be preserved somewhere as the standard response to the >> Rumpelstiltskin Defence ("you can't prove I'm using crypto/know the >> keys so you'll have to let me go"). This [imprisonment] perfectly >> sums up what will happen to anyone who wants to try the >> Rumpelstiltskin Defence in court. > > I am certainly not an international lawyer, but we can all read > the plain language of the law. Under the otherwise-Draconian > UK RIP law, the Rumpelstiltskin defense is explicitly allowed: > http://www.legislation.gov.uk/ukpga/2000/23/section/53 > > Also note that if such a defense is not possible, you are already > a criminal, because of the encrypted "message" below, which you > have already received. > a) You don't know the decryption key, although nobody can prove > that you don't. > b) You cannot obtain the key from me or anyone else, because > I destroyed the public key /before/ encrypting the message, > although nobody can prove that I did. > c) Furthermore I can tell you that the plaintext consisted of > 512 bytes of high-grade randomness that wasn't seen or recorded, > although nobody can prove that either. > > I encourage you to forward my "message" to all your legislators, > along with lots of similar messages. > > To say the same thing in more constructive terms: This serves > as an example of /cover traffic/. It allows you to say with > complete sincerity that at least "some" of the data you hold > is undecryptable. > > Adversaries will have to consider the hypothesis that I'm > engaging in some bizarre yet effective steganography, hiding > a tree in the front row of the forest. Nobody can prove /or/ > disprove this hypothesis. > > > - -----BEGIN PGP MESSAGE----- > Version: GnuPG v1 > > hQIMA9jh5gIisxa+AQ//T8x3vgxCVqq6cCNln4TW5r8H6JeHqD1txxEy+jOiybvb > mvdcut6uQQqu/eFkV06rK+1K5LoUWemqTpAgz/E7MKtNsvYv4gardebFLRDxgn3v > WW01mc6XKqH+xpDoqabDN+Mc2jeQGhDD+fBBCMCePx/ca8iJ1gjVL93A3L+2AVan > PJFsRsoCx8X/DoUpIQOqCm0XOJrS+anVTrSOdVSo4t/V4QF7yx+51yi4ro26eAz0 > 5vCm+afMQSMIvZcpK54LI+oWUITQGP8ZhD2+B5HsIUh9nmcZjRr5fK+edGe6tS3W > aam0pQHWrkmyyjfKxNVfxK/aujrboHVybF9sP0tN8wUhFh7Tdj8F1e5EtPppXB/p > DoC7O3SQ30HHCCeNSLMErMzsniw+fHmL6zoE/UnkAsQZ1HJvg/9OD/dxJP/BaMwr > RUwG73wKPBp9m5ROs0tRopBNFcRXtM6hg/1i9ZE8IcbZcsgfcGwUdeo4qbYvhtyR > XU1FfQRyIhW7KRXQeWFSmMS1AWYMl0fX6n02qTbTSmUY7bujdEpOH3Dz8ndSKsjK > q0IWmXXcCpc9OGbiwSRhNgbxQBVu2tZ4ntk8vC+deM9itR7CMo94p95gvZQ9H7dU > fTKHb28jel8Y7CL7MYfcXpeO/vZIsj9H5GnJc+pSOuY8ueR/rTauJZux2DlIrwbS > 6QGqzHz6PaJ4NqoeyL7IiMJDNM4panzYqa4/Shfk3fiTol4FDLCdXMtT3V6eiPOn > GKGjjpbZ/3FP9cJrepM5wuHaesWnyoDO96FYTmqNqgw31r3Cg5sn1JrL6hcguN1x > CHc7mu5yTrft98pjk5olWaCyvqco0OqK3aID+IAKVJgfJV/2FWZE8KMpw+NvJosn > g6UwwN4PMUpq+CGgPRyRx12RzyP8iFxp8J8D0nS8H+BMSOA/+E2Mny54zjFrDUsH > amzFM9QlwCIrBQJ50V+OwTDzCnQVXlsbIV9kH6YaZDKo7vFIuyi7myr6mYttbh5o > m6xgSNQMSLDabyvKQ9l1GX9pQGzR0KPQRR/yn/frQDLydz5qhVEWTwprwxwGSBa/ > lVjLWTsYqqwl1SErI/FfTqJuWGSZUWqy2kUOzTmi5DA+tOvbspaghO5Aqxim/emG > Sz0DoRcR74zgUNLAAzUN4aZIBxfsO9HSqIXq9I6fK4cT6VBMYKjaJh23Hf2qOiuA > Z2g5nl+oT5CDzTlzzIMHZmCTkEjtNDAK+lb6SBCp8ScHcjafcm/cO9gNMV4+EBks > PgEm1eutCEpOpGIOHjcsFV1ryZonB8U0VmbpsxqsDE1Y0l1u6bEUKTMeJoHfEeTe > Q4wdo5LxbKt4LGQACopwX4NNdfupdPNT2SyiGCu7Vh+0P78+IEewbpRetW1KpNg3 > MXWd7sWh2tnA9cRzPwYhvUtUsj0L/GXLOKO9bMH8qfivOnsp5lbRnr6KAKoqzn2L > 3g== > =OuR2 > - -----END PGP MESSAGE----- > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIVAwUBU9LLD/O9SFghczXtAQJedA//UoclobLIQI4cKNu2V/bNIxUxEGb71pXr > QCQJJJQgMbK0kAE9pf6uFldur3m3kDOtPeQEx8AUZ4pS7YEPkE8mDrPxeohYi4i0 > S1yp82EX3JEchZrMDgEveP4C8zqgLg38ie0idL72nPQo2o1D5BpfRFElVA72Z8A1 > 0A9ehua+B9f1g+QKo4wMzPqbfRsHIdOIRELkrniJfRfuIxLY6F4MuiIR5F1YLhJR > TlVjsVUqEFduulO8yBF4A/4QZ1x6QzL47bUYigJwft3YNwbKNshrL8YPhMSgbdjB > BQSoPf93h2RasxKczWalawmTbZaev4kIvBy3EV2S11oy85SqRkAHb/G4f0dq1xI3 > Nc5WTWk+L0Im4Zh0+lqXrBucVvstDsrwEvDRztbrkNaey7p4HKWq+0JQ8zGKxZeq > D4eQD/N89uZLnXV+Q0Gut1w0BHSn7jmYm7TiDiXwk9DBy49i88MYaHocjGtWmLUP > tTSdunXAtOVfRPTJyL47mgbxgsDAyAHFN3CfhmN+PcjaUvrPTvlJ7g6ObdCiAGcr > CEiqKU0QoZTQS9bCkXOeV5LhIvbeh/2P5Ft+4acAAG38oE4/VKJZ+ly49Du4HF6v > LEQFDFJ03WbYRysPIX3J1Krgkza0/wm8Oy0Og27RVfSpVrOV+hPzmgCMURRYz0yS > 21uL+NP/O+o= > =spOA > -----END PGP SIGNATURE----- > _______________________________________________ > The cryptography mailing list > cryptography(a)metzdowd.com > http://www.metzdowd.com/mailman/listinfo/cryptography

3 7

going double cryptome at DEF CON 22
by coderman 30 Jul '14

30 Jul '14

per hddupe some many days hence, [0] requesting public mirrors post-con of copied volumes for Cryptome and other archives, also to be mirrored on Cryptome and other non-affiliated onions. the five deep cryptome'ing petabytes future metropolis mesh near at hand!.... clogging signals directorate capacities like darth cheney's arterial plaque butter, . . . 0. "DEF CON media hard drive duping station - six 1:11 duplication towers / 3 x 4TB mirror tracks (BLUE, GREEN, ORANGE)" - https://defcon.org/html/defcon-22/dc-22-news.html#dc22hddupe

1 0