cypherpunks
Threads by month
- ----- 2026 -----
- January
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- 5 participants
- 34061 discussions
25 Sep '13
----- Forwarded message from michael gurstein <gurstein(a)gmail.com> -----
Date: Tue, 24 Sep 2013 15:37:36 -0700
From: michael gurstein <gurstein(a)gmail.com>
To: Nettime-L <nettime-l(a)kein.org>
Subject: <nettime> "Internet Freedom" and Post-Snowden Global Internet Governance
Reply-To: a moderated mailing list for net criticism <nettime-l(a)mail.kein.org>
With links
http://gurstein.wordpress.com/2013/09/24/internet-freedom-and-post-snowden-g
lobal-internet-governance/
http://tinyurl.com/n3onw87
"Internet Freedom" and Post-Snowden Global Internet Governance: Michael
Gurstein
The big story for the 2012 Internet Governance Forum in Baku was the
almost overwhelming (and overpowering) emphasis placed by the US
government delegation and its corporate allies (primarily Google)
and its associates in (primarily US based) Civil Society on what was
termed "Internet Freedom" and Multistakeholderism as its primary
governance modality.
The campaign was very well orchestrated and coordinated (through the
US delegation led by a US Ambassador and the head of the NTIA Lawrence
Strickling) who insisted that any "Internet governance" position which
included any form of "government involvement" would necessarily imply
or result in government's "takeover" or "control" of the Internet.
Further, it was vociferously asserted that any deviation from this
path was by definition an infringement of "Internet Freedom" and part
of a slippery slope leading to full-on government suppression of "free
speech" on the Internet.
Those who pointed out that there already was quite considerable
involvement of various governments in various aspects of Internet
management were effectively shouted down as being sympathizers with
the autocrats and enemies of "freedom" in such states as China,
Russia and Saudi Arabia. The overwhelming response was that Internet
"governance" was optimal as it was (or at least the corporate, (inter)
governmental, and technical mechanisms governing its evolution were
optimal); and that the only possible position for "lovers of the
Internet" was to support the existing status quo with respect to
Internet ("non") governance.
Precisely what might be meant by "Internet Freedom" apart from rather
fuzzy libertarian notions of keeping "the dead hand of government"
as far as possible from the Internet as a hub of innovation and
enterprise, was never made very clear beyond the level of slogan
and exhortation. Rather it was loudly proclaimed that any form of
formal governance of the Internet would be the greatest sin that
could be perpetrated against the Internet as a burgeoning global
infrastructure.
In choosing among the various ways in which "Freedom" might be
characterized this lobbying steamroller made quite clear that they
were referring to Freedom "from"-government interference, government
oversight, government regulation of anything to do with the Internet.
And this theme and its ITU focused counterparts were equally evident
at the ITU policy meeting held in Dubai some few months later (the
WCIT).
When some few small voices suggested that this full court press in
support of "Freedom from" might also mean for example a freedom from
the means for countries, particularly Less Developed Countries to
introduce some form of taxation on the currently small but rapidly
growing flow of Internet based revenues from already impoverished
economies to already stupendously wealth private (and primarily
US based) Internet corporations; or that there might be something
wrong with the current way in which the basic "naming system" of the
Internet via ICANN might be structured (as a sub-contractor to the US
Department of Commerce); or that some issues such as privacy might
require mechanisms for policy development and global enforcement,
these comments were met with derision and howls that the authors of
such positions were secret sympathizers of communications censors
(ComSymps) of those on the other side of the emerging Internet cold
war - i.e. the Russia's, China's, Saudi Arabia's of the world.
But that was then and this is now and as startling revelation after
revelation tumbles from the thumb drives of Mr. Edward Snowden the
import if not the intent of (one hopes) certain of those Internet
Freedom warriors (speculating on precisely who knew what, when, and
how in this context makes for an interesting exercise) becomes clear.
While so loudly advocating for Freedom "from" (whatever.), the
Internet Freedom (IF) coalition was in fact, providing the diplomatic
cover and lobbying campaign to ensure that no outcome of Internet
governance would interfere with what would appear to be the overall
US strategy of Freedom "to" - surveille, subvert, suborn and overall
embed and maintain (as the NSA so aptly put it)-"total information
dominance" of the Internet and all of its various manifestations
now and presumably forever, in the service of US "security" and US
interests.
Such "security" it is clear from the Snowden documents means not only
security against terrorism but also it seems (as enabled by the NSA's
surveillance machine) security against potentially independent comment
(and ultimately action) by both opposing and allied states; against
fair competition since one side has access to all its information and
the information from the other side as well; and quite startlingly the
security of having the means to listen in on and ultimately control
independent action, comment, commerce, and thought itself not only
among "foreigners" (i.e. everyone else) but also even among those
(in theory) protected by that most oft cited of documents the US
constitution.
That this "Freedom from" campaign has now been fully revealed for what
it was (providing the ideological justification for an on-going coup
d'etat against the republic of the Internet), leaves the matters of
Internet Governance (where this all started) completely up in the air.
But once having been revealed that we are no longer in Kansas and
that the wicked witches of the North, South, East and West will be
relentless in their pursuit of control including through the use of
their boundless financial and technical resources; a response of some
sort however reluctantly and with what trepidations seems to be in the
cards as per the recent speech to the UN General Assembly by President
Rousseff of Brazil.
And so we have the upcoming 8th session of the Internet Governance
Forum in Bali with many of the main protagonists having been more or
less completely discredited (it might be fun if the same coalition
were to try for another round of "Internet Freedom" confabulations but
one can't imagine that even those folks have been sufficiently well
trained to carry that one off with a straight face).
So, what will be discussed at the IGF apart from the usual empty
rhetoric about capacity building for LDC's and legitimate campaigns
against online skullduggery of the spam, kiddieporn, phishing variety.
Perhaps I could make a modest suggestion for the discussion. Perhaps
we could discuss "Internet Freedom" but Internet Freedom in a
post-Snowden world and without the hypocrisy and sanctimony of the
previous discussions.
Perhaps we could discuss Internet Freedom as Freedom from undue
and unaccountable surveillance. Internet Freedom as true Freedom
of Expression where the forces of repression whether in Langley or
in Moscow or Shanghai are made transparent and accountable; where
Internet Freedom is anchored in the rule of law-not the, shall we say,
rather "flexible" law of the world's single superpower but a rule
of law to which all are expected to adhere and where mechanisms are
in place to ensure that, to the degree possible, all are responsive
and accountable; where Internet Freedom is not just for some but
where it's responsibilities and most importantly its protections are
available for all of us - "foreigners" or no and where all have some
degree of input into how those laws are constructed and administered;
where Internet Freedom does not mean that actions on and through the
Internet will be subverted and directed simply to further enrich the
already obscenely enriched but rather to ensure that the benefits
including financial benefits accruing from the Internet serve to
reduce global inequalities.
I look for those who a year ago, were so eager to rally forces in
support of Internet Freedom to rally again to this somewhat battered
standard but now one that is rather less naive and rather more
reflective of the underlying reality of this technology enabled world
in which we live.
# distributed via <nettime>: no commercial use without permission
# <nettime> is a moderated mailing list for net criticism,
# collaborative text filtering and cultural politics of the nets
# more info: http://mx.kein.org/mailman/listinfo/nettime-l
# archive: http://www.nettime.org contact: nettime(a)kein.org
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
1
0
https://github.com/ShaneWilton/dissentr
Note: This project was created as part of a 36-hour hackathon - and primarily as a proof of concept. While the ideas may be sound, and the prototype may work as designed, the protocols involved in this specific project have not been peer-reviewed, and so I cannot recommend that the network be used for anything requiring serious privacy.
Dissentr
A High-Latency Overlay Mix Network
Essentially, Dissentr is a security-minded network, inspired by Tor, with a few important characteristics which serve to differentiate it.
High-Latency
Tor is a low-latency network. This makes it ideal for real time activities like web browsing, but as a result, opens it up to attacks involving large-scale traffic analysis methods known as end-to-end correlation. In these attacks, an adversary with the ability to analyze massive amounts of traffic in a short period of time is able to match up traffic entering the network with the corresponding traffic which will inevitably soon exit it.
Dissentr manages to protect against these sorts of attacks by being engineered as a high-latency network. Assuming any given node has not been compromised, that node will intentionally hold off on forwarding its traffic to the next node in the network until it is able to forward a large amount of data in bulk, rendering the aforementioned end-to-end correlation far less feasible. For an excellent discussion on this attack, and possible countermeasures, see Practical Traffic Analysis: Extending and Resisting Statistical Disclosure.
Cascades
Much like any mix network, Dissentr models its network as a graph of nodes, each responsible for handling the relay of traffic as it moves along some path through the network. Where Dissentr differs from a network such as Tor is in how this path is constructed. In Dissentr, the network is constructed out of cascades (A term I first heard described by Ian Goldberg, but I've been unable to pin down an original source for): essentially directed, acyclic sub-graphs, in which a node defines a set of "trusted" nodes, through which they are willing to relay traffic through. Dissentr simplifies this model by only allowing for nodes of out-degree 1, at this time. This construction brings about a number of useful results:
In the event that a node is known to be compromised, individual nodes are allowed the ability to either remove themselves from a cascade, or bypass untrusted nodes entirely, without the necessity of a trusted third-party.
The network is protected from "supernode invasions," in which an attacker floods the network with compromised nodes, in the hopes of either endangering the network's health, or placing the security of users passing through their nodes at risk of traffic interception, and subsequent analysis. This can be guaranteed because cascades are constructed by virtue of a measure of trust between node-operators, and so long as there exists some non-zero subset of trusted operators, they retain the ability to form a cascade of their own, effectively shutting out the efforts of such an attacker.
Use-Cases
As mentioned previously, the high-latency nature of the network causes a shift in the sorts of activities best facilitated by its use, however, there do exist some unique opportunities which I have neither seen implemented in the context of a mix network, nor discussed in the literature.
A personal favourite idea revolves around creating a platform for political blogging, which, assuming a noisy enough network, would offer political dissidents the ability to freely write about issues of corruption or government abuse, without many of the risks associated with using a lower-latency network like Tor. If it takes a week for a blog post to appear in circulation after the author posts it to the network, it becomes magnitudes more difficult for any assailant to trace the authorship of that blog post - especially if that author never visited the website which hosts their content in the first place!
It also becomes a fairly trivial exercise to adapt the network to act as a mixing service for digital currency such as Bitcoin. Furthermore, by breaking the network into a number of smaller, disjoint networks for that purpose, one is be able to counter many of the current attacks which target existing mixing services.
Cryptosystem
I again emphasize that the cryptosystem in place is the result of a rather rushed 48-hour hackathon - in a production system, I would recommend implementing a peer-reviewed cryptosystem, such as the very lightweight Sphinx, or, pending their coming proof of security, the recently proposed Ibis. That being said, Dissentr works as follows:
Every node in the network maintains an RSA-keypair, with the public key being exposed to every node in a given cascade.
When a client wishes to send a message M through the network, they choose some cascade C.
For each node in the cascade, beginning with the exit node, and continuing through to the entrance node, the client generates an AES CFB128 key, which it uses to encrypt M. The key is then encrypted using that node's public RSA key.
M, now encrypted with AES CFB128 for every node in the cascade, is then passed to the entrance node along with the encrypted AES keys. The entrance node then uses its private RSA key to decrypt the AES key, so that it can subsequently decrypt M, yielding yet another cipher text.
This process is repeated for every node in the cascade, until the final node decrypts M to a plaintext, which it then handles accordingly.
Building and Running it
If, after all of my warnings, you still want to see it in action, it's dead-easy to get setup. All you'll need is Erlang installed (Tested on R16B02), along with Elixir. From there, you'll want to invoke the following from within Dissentr's directory, on every machine you want to host a node:
iex --sname {Any name, different per machine} --cookie {Any string, common between all machines} -S mix
This will stick you into a REPL, loaded with Dissentr's namespaces and dependencies. Sorry, there's no interface yet. From there, if you're using more than one machine, you'll want to link them all together, by running the following on every machine you want to host a node on. Since Erlang node connections are transitive, you won't have to do this for every pair of nodes.:
:net_adm.ping(binary_to_atom(hostname))
The hostname in question can be found in the iex prompt. Most likely it will be something@domain.
Now, just spawn a few nodes to create a network. I've got some temporary methods in place for making this easy, using some hardcoded keys stored in example_data/ for testing. Ideally, each node will be hosted on a different machine, but for testing purposes it doesn't matter. Within your prompt, execute the following:
Dissentr.Cascade.add_node(:node1, nil, 1)
Dissentr.Cascade.add_node(:node2, :node1, 2)
Dissentr.Cascade.add_node(:node3, :node2, 3)
Dissentr.Cascade.add_node(:node4, :node3, 4)
Dissentr.Cascade.add_node(:node5, :node4, 5)
Finally, to send an encrypted message, run the following, substituting the node and message as desired:
Dissentr.Cascade.mix(:node3, "Something, something, NSA")
If all went well, you should see a debug statement print out the plaintext message, on the machine which is hosting :node1
4
5
RISKS-LIST: Risks-Forum Digest Tuesday 24 September 2013 Volume 27 : Issue 48
ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, moderator, chmn ACM Committee on Computers and Public Policy
***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/27.48.html>
The current issue can be found at
<http://www.csl.sri.com/users/risko/risks.txt>
Contents:
Girl's Suicide Points to Rise in Apps Used by Cyberbullies (Lizette Alvarez
via Monty Solomon)
Police: BMW Door Locks Contributed To 14-Year-Old Girl's Death (Erik Rosales
via Lauren Weinstein)
Another major government IT failure (Peter Bernard Ladkin)
United Airlines Agrees to Honor Accidental $0 Tickets (Joshua Freed via
Monty Solomon)
Million Second Quiz gets overloaded (Paul Robinson)
Fake online reviews crackdown in New York sees 19 companies fined
(Lauren Weinstein)
"Verizon's diabolical plan to turn the Web into pay-per-view" (Bill Snyder
via Gene Wirchenko)
Freedom and the Social Contract (Vint Cerf via Dave Farber)
WiReD: Apple's Fingerprint ID May Mean You Can't 'Take the Fifth'
(Marcia Hoffman via Lauren Weinstein)
The US government has betrayed the Internet. We need to take it back
(Bruce Schneier via Matthew Kruk)
FBI Admits It Controlled Tor Servers Behind Mass Malware Attack
(Kevin Poulsen via Monty Solomon)
Gov't standards agency "strongly" discourages use of NSA-influenced
algorithm (Larson and Elliott via Monty Solomon)
*The New York Times* provides new details about NSA backdoor (Ars Technica
via David Farber)
Malware Mining Civil Aviation Data - AVweb flash Article (Gabe Goldberg)
E-ZPasses Get Read All Over New York, Not Just At Toll Booths (Kashmir Hill
via Henry Baker)
"Adobe issues critical security updates for Flash Player, Reader and
Shockwave Player" (Lucian Constantin via Gene Wirchenko)
"Microsoft pulls botched KB 2871630, while many Office patch problems
remain" (Woody Leonhard via Gene Wirchenko)
Sharing due to phone failure (Karl Goetz)
HuffPost Essay by Charles Perrow on Fukushima (John Bosley via Dave Farber)
BOOK: Rebecca Slayton, Arguments that Count (PGN)
Abridged info on RISKS (comp.risks)
----------------------------------------------------------------------
Date: Sun, 15 Sep 2013 01:31:47 -0400
From: Monty Solomon <monty(a)roscom.com>
Subject: Girl's Suicide Points to Rise in Apps Used by Cyberbullies
(Lizette Alvarez)
Lizette Alvarez, *The New York Times*, 13 Sep 2013
MIAMI - The clues were buried in her bedroom. Before leaving for school on
Monday morning, Rebecca Ann Sedwick had hidden her schoolbooks under a pile
of clothes and left her cellphone behind, a rare lapse for a 12-year-old
girl.
Inside her phone's virtual world, she had changed her user name on Kik
Messenger, a cellphone application, to "That Dead Girl" and delivered a
message to two friends, saying goodbye forever. Then she climbed a platform
at an abandoned cement plant near her home in the Central Florida city of
Lakeland and leaped to the ground, the Polk County sheriff said.
In jumping, Rebecca became one of the youngest members of a growing list of
children and teenagers apparently driven to suicide, at least in part, after
being maligned, threatened and taunted online, mostly through a new
collection of texting and photo-sharing cellphone `applications. Her suicide
raises new questions about the proliferation and popularity of these
applications and Web sites among children and the ability of parents to keep
up with their children's online relationships.
For more than a year, Rebecca, pretty and smart, was cyberbullied by a
coterie of 15 middle-school children who urged her to kill herself, her
mother said. The Polk County sheriff's office is investigating the role of
cyberbullying in the suicide and considering filing charges against the
middle-school students who apparently barraged Rebecca with hostile text
messages. Florida passed a law this year making it easier to bring felony
charges in online bullying cases. [...]
http://www.nytimes.com/2013/09/14/us/suicide-of-girl-after-bullying-raises-…
------------------------------
Date: Fri, 13 Sep 2013 17:37:40 -0700
From: Lauren Weinstein <lauren(a)vortex.com>
Subject: Police: BMW Door Locks Contributed To 14-Year-Old Girl's Death
(Erik Rosales)
[This is not the first time I've heard of such problems with these
electronic locking systems. LW]
http://www.kmph.com/story/23421319/police-bmw-door-locks-contribute-to-14-y…
------------------------------
Date: Thu, 12 Sep 2013 08:42:31 +0200
From: Peter Bernard Ladkin <ladkin(a)rvs.uni-bielefeld.de>
Subject: Another major government IT failure
12 Sep 2013: "..... the [UK] Department for Work and Pensions (DWP) could
write off up to 161 million pounds spent on an IT system for ambitious
welfare changes......."
Full story at http://gu.com/p/3ty4n
------------------------------
Date: Sun, 15 Sep 2013 01:35:14 -0400
From: Monty Solomon <monty(a)roscom.com>
Subject: United Airlines Agrees to Honor Accidental $0 Tickets (Joshua Freed)
Joshua Freed, The Associated Press, 14 Sep 2013
United Airlines said on Friday that it will honor the tickets it
accidentally gave away for free. The decision is good news for people who
snapped up the tickets on Thursday after United listed airfares at $0. Many
customers got tickets for $5 or $10, paying only the cost of the Sept. 11
security fee.
The mistake was an especially good deal for any passengers who bought
tickets for travel within the next week. For instance, a Houston to
Washington Dulles flight for next weekend would have cost $877, according to
United's website on Friday. ...
http://www.dailyfinance.com/2013/09/14/united-airlines-price-error-free-tic…
------------------------------
Date: Wed, 11 Sep 2013 17:17:32 -0700 (PDT)
From: Paul Robinson <paul(a)paul-robinson.us>
Subject: Million Second Quiz gets overloaded
Last night on the NBC TV network program "The Million Second Quiz," Host
Ryan Seacrest admitted two things. (1) The App to allow viewers to play
along with the TV show at home is the most-downloaded free app ever provided
on iTunes. (2) So many people were playing the home game app that it crashed
the servers.
Tonight they admitted that there aren't even that many downloading the app,
a mere 1000 downloads a minute. While that doesn't indicate how many were
connecting to the servers, clearly a game where the money accumulating as a
contestant is playing is $10/second and the grand prize which the 4 top
winners (all of whom will probably have won a minimum six figures each by
the time the game completes) will be going after is US$2,000,000 and it's
possible for a home game contestant to be invited on the show (a "line
jumper" as they call it), that it should have been obvious the home game
would be getting a lot of hits on their servers.
With inadequate provisioning like this, it doesn't even require attackers to
try to DDOS or otherwise disable a system, the users can do it just by too
many of them showing up all at once!
------------------------------
Date: Mon, 23 Sep 2013 14:03:45 -0700
From: Lauren Weinstein <lauren(a)vortex.com>
Subject: Fake online reviews crackdown in New York sees 19 companies fined
http://j.mp/16CqA2Q (*The Guardian* via NNSquad)
"Eric Schneiderman announced agreements with 19 firms Monday that
commissioned fake reviews and several reputation-enhancement companies
that helped place reviews on sites like Citysearch, Google, Yahoo and
Yelp. They were fined a total of $350,000."
------------------------------
Date: Thu, 12 Sep 2013 10:59:51 -0700
From: Gene Wirchenko <genew(a)telus.net>
Subject: "Verizon's diabolical plan to turn the Web into pay-per-view"
(Bill Snyder)
Bill Snyder, InfoWorld, 12 Sep 2013
The carrier wants to charge websites for carrying their packets, but
if they win it'd be the end of the Internet as we know it
http://www.infoworld.com/d/the-industry-standard/verizons-diabolical-plan-t…
------------------------------
Date: Thu, 12 Sep 2013 09:06:42 -0400
From: David Farber <farber(a)gmail.com>
Subject: Freedom and the Social Contract, by Vint Cerf
[In the CACM -- Vint's Comments on the Role of Government. DF]
FROM THE PRESIDENT (of the ACM)
Freedom and the Social Contract
By Vinton G. Cerf
Communications of the ACM, Vol. 56 No. 9, Page 7
10.1145/2500468.2500470
The last several weeks (as of this writing) have been filled with
disclosures of intelligence practices in the U.S. and elsewhere. Edward
Snowden's unauthorized release of highly classified information has stirred
a great deal of debate about national security and the means used to
preserve it.
In the midst of all this, I looked to Jean-Jacques Rousseau's well-known
18th-century writings on the Social Contract (Du Contrat Social, Ou
Principes du Droit Politique) for insight. Distilled and interpreted through
my perspective, I took away several notions. One is that in a society, to
achieve a degree of safety and stability, we as individuals give up some
absolute freedom of action to what Rousseau called the sovereign will of the
people. He did not equate this to government, which he argued was distinct
and derived its power from the sovereign people.
I think it may be fair to say that most of us would not want to live in a
society that had no limits to individual behavior. In such a society, there
would be no limit to the potential harm an individual could visit upon
others. In exchange for some measure of stability and safety, we voluntarily
give up absolute freedom in exchange for the rule of law. In Rousseau's
terms, however, the laws must come from the sovereign people, not from the
government. We approximate this in most modern societies creating
representative government using public elections to populate the key parts
of the government.
I think it is also likely to be widely agreed that a society in which there
was no privacy and every action or plan was visible to everyone might not be
a place in which most of us might like to live. I am reminded, however, of
my life in a small village of about 3,000 people in Germany. In the 1960s,
no one had phones at home (well, very few). You went to the post office to
mail letters, pick up mail, and make or receive phone calls. In some sense,
the Postmaster was the most well-informed person about the doings of the
town. He saw who was calling or writing to whom. There was not a lot of
privacy. The modern notion of privacy may in part have derived from the
growth of large urban concentrations in which few people know one another.
In today's world, threats to our safety and threats to national security
come from many directions and not all or even many of them originate from
state actors. If I can use the term "cyber-safety" to suggest safety while
making use of the content and tools of the Internet, World Wide Web, and
computing devices in general, it seems fair to say the expansion of these
services and systems has been accompanied by a growth in their
abuse. Moreover, it has been frequently observed that there is an asymmetry
in the degree of abuse and harm that individuals can perpetrate on citizens,
and on the varied infrastructure of our society. Vast harm and damage may be
inflicted with only modest investment in resources. Whether we speak of
damage and harm using computer-based tools or damage from lethal, homemade
explosives, the asymmetry is apparent. While there remain serious potential
threats to the well-being of citizens from entities we call nation- states,
there are similarly serious potential threats originating with individuals
and small groups.
Presuming we have accepted the theory that safety is partly found through
voluntarily following law, we must also recognize that there are parties
domestic and otherwise who wish us individual and collective harm. The
societal response to this is to provide for law enforcement and intelligence
gathering (domestic and non-domestic) in an attempt to detect and thwart
harmful plans from becoming harmful reality. We do not always succeed.
The tension we feel between preserving privacy and a desire to be protected
from harm feeds the debate about the extent to which we are willing to trade
one for the other. Not everyone, nor every culture, will find the same point
of equilibrium. Moreover, as technology and society evolve, the equilibrium
points may shift. It has been said that "security" is not found in
apprehending a guilty party but in preventing the harm from occurring. While
this notion can surely be overextended, it can also be understood to justify
a certain degree of intelligence gathering in the service of safety and
security.
There is some irony in the fact that our privacy is more difficult than ever
to preserve, given the advent of smartphones, tablets, laptops, the Web and
the Internet, but that the threats against our safety and security use the
same infrastructure to achieve nefarious ends. Our discipline, computer
science, is deeply involved in the many dimensions of this conundrum and we
owe it to our fellow citizens to be thoughtful in response and to contribute
to reasoned consideration of the balance our society needs between potential
policy extremes.
Vinton G. Cerf, ACM PRESIDENT
Permission to make digital or hard copies of part or all of this work for
personal or classroom use is granted without fee provided that copies are
not made or distributed for profit or commercial advantage and that copies
bear this notice and full citation on the first page. Copyright for
components of this work owned by others than ACM must be
honored. Abstracting with credit is permitted. To copy otherwise, to
republish, to post on servers, or to redistribute to lists, requires prior
specific permission and/or fee. Request permission to publish from
permissions(a)acm.org or fax (212) 869-0481.
------------------------------
Date: Fri, 13 Sep 2013 17:21:13 -0700
From: Lauren Weinstein <lauren(a)vortex.com>
Subject: Wired: Apple's Fingerprint ID May Mean You Can't 'Take the Fifth'
(Marcia Hoffman)
http://j.mp/17VN56u (Marcia Hoffman in *WiReD.com* via NNSquad)
"But if we move toward authentication systems based solely on physical
tokens or biometrics -- things we have or things we are, rather than things
we remember -- the government could demand that we produce them without
implicating anything we know. Which would make it less likely that a valid
privilege against self-incrimination would apply."
------------------------------
Date: Thu, 19 Sep 2013 20:48:59 -0600
From: "Matthew Kruk" <mkrukg(a)gmail.com>
Subject: The US government has betrayed the Internet. We need to take it back
Bruce Schneier, *The Guardian*, Thursday 5 September 2013 20.04 BST
The NSA has undermined a fundamental social contract. We engineers built the
Internet - and now we have to fix it
http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-in…
------------------------------
Date: Sun, 15 Sep 2013 01:54:43 -0400
From: Monty Solomon <monty(a)roscom.com>
Subject: FBI Admits It Controlled Tor Servers Behind Mass Malware Attack
(Kevin Poulsen)
Kevin Poulsen, *WiReD.com*, 13 Sep 2013
It wasn't ever seriously in doubt, but the FBI yesterday acknowledged that
it secretly took control of Freedom Hosting last July, days before the
servers of the largest provider of ultra-anonymous hosting were found to be
serving custom malware designed to identify visitors.
Freedom Hosting's operator, Eric Eoin Marques, had rented the servers from
an unnamed commercial hosting provider in France, and paid for them from a
bank account in Las Vegas. It's not clear how the FBI took over the servers
in late July, but the bureau was temporarily thwarted when Marques somehow
regained access and changed the passwords, briefly locking out the FBI until
it gained back control.
The new details emerged in local press reports from a Thursday bail hearing
in Dublin, Ireland, where Marques, 28, is fighting extradition to America on
charges that Freedom Hosting facilitated child pornography on a massive
scale. He was denied bail today for the second time since his arrest in
July.
Freedom Hosting was a provider of turnkey "Tor hidden service" sites -
special sites, with addresses ending in .onion, that hide their geographic
location behind layers of routing, and can be reached only over the Tor
anonymity network. Tor hidden services are used by sites that need to evade
surveillance or protect users' privacy to an extraordinary degree -
including human rights groups and journalists. But they also appeal to
serious criminal elements, child-pornography traders among them.
On August 4, all the sites hosted by Freedom Hosting - some with no
connection to child porn - began serving an error message with hidden code
embedded in the page. Security researchers dissected the code and found it
exploited a security hole in Firefox to identify users of the Tor Browser
Bundle, reporting back to a mysterious server in Northern Virginia. The FBI
was the obvious suspect, but declined to comment on the incident. The FBI
also didn't respond to inquiries from WIRED today. ...
http://www.wired.com/threatlevel/2013/09/freedom-hosting-fbi/
------------------------------
Date: Sun, 15 Sep 2013 01:57:35 -0400
From: Monty Solomon <monty(a)roscom.com>
Subject: Gov't standards agency "strongly" discourages use of
NSA-influenced algorithm (Larson and Elliott)
NIST: "we are not deliberately... working to undermine or weaken encryption."
Jeff Larson and Justin Elliott, ProPublica.org
Sept 13 2013
Ars Technica
Following revelations about the National Security Agency's (NSA) covert
influence on computer security standards, the National Institute of
Standards and Technology, or NIST, announced earlier this week it is
revisiting some of its encryption standards. But in a little-noticed
footnote, NIST went a step further, saying it is "strongly" recommending
against even using one of the standards.
The institute sets standards for everything from the time to weights to
computer security that are used by the government and widely adopted by
industry.
As ProPublica, The New York Times, and The Guardian reported last week,
documents provided by Edward Snowden suggest that the NSA has heavily
influenced the standard, which has been used around the world. In its
statement Tuesday, the NIST acknowledged that the NSA participates in
creating cryptography standards "because of its recognized expertise" and
because the NIST is required by law to consult with the spy agency. "We are
not deliberately, knowingly, working to undermine or weaken encryption,"
NIST chief Patrick Gallagher said at a public conference Tuesday.
Various versions of Microsoft Windows, including those used in tablets and
smartphones, contain implementations of the standard, though the
NSA-influenced portion isn't enabled by default. Developers creating
applications for the platform must choose to enable it. ...
... elliptic curve-based deterministic random bit generator
http://arstechnica.com/security/2013/09/government-standards-agency-strongl…
------------------------------
Date: Wed, 11 Sep 2013 04:42:17 -0400
From: David Farber <dave(a)farber.net>
Subject: *The New York Times* provides new details about NSA backdoor
http://arstechnica.com/security/2013/09/new-york-times-provides-new-details…
NSA leaks, Ars Technica
Of course NSA can crack crypto. Anyone can. The question is, how much?
Long-shot bill forbidding NSA backdoors in encryption has renewed attention
Spooks break most Internet crypto, but how?
Google speeding up end-to-end crypto between data centers worldwide
Let us count the ways: How the feds (legally, technically) get our data
Today, *The New York Times* reported that an algorithm for generating random
numbers, which was adopted in 2006 by the National Institute of Standards
and Technology (NIST), contains a backdoor for the NSA. The news followed a
*NYT* report from last week, which indicated that the National Security
Agency (NSA) had circumvented widely used (but then-unnamed) encryption
schemes by placing backdoors in the standards that are used to implement the
encryption.
In 2007, cryptographers Niels Ferguson and Dan Shumow presented research
suggesting that there could be a potential backdoor in the Dual_EC_DRBG
algorithm, which NIST had included in Special Publication 800-90. If the
parameters used to define the algorithm were chosen in a particular way,
they would allow the NSA to predict the supposedly random numbers produced
by the algorithm. It wasn't entirely clear at the time that the NSA had
picked the parameters in this way; as Ars noted last week, the rationale for
choosing the particular Dual_EC_DRBG parameters in SP 800-90 was never
actually stated.
Today, *The NYT* says that internal memos leaked by Edward Snowden confirm
that the NSA generated the Dual_EC_DRBG algorithm. Publicly, however, the
agency's role in development was significantly underbilled: ``In publishing
the standard, NIST acknowledged 'contributions' from NSA, but not primary
authorship,'' wrote the NYT. From there, the NSA pushed the International
Organization for Standardization to adopt the algorithm, calling it ``a
challenge in finesse'' to convince the organization's leadership.
``Eventually, NSA became the sole editor'' of the international standard,
according to one classified memo seen by the NYT.
The details come just as NIST released a promise to reopen the public
vetting process for SP 800-90. ``We want to assure the IT cybersecurity
community that the transparent, public process used to rigorously vet our
standards is still in place,'' a memo from the Institute read. ``NIST would
not deliberately weaken a cryptographic standard. We will continue in our
mission to work with the cryptographic community to create the strongest
possible encryption standards for the US government and industry at large.''
Still, NIST asserted that its purpose was to protect the federal government
first: ``NIST's mandate is to develop standards and guidelines to protect
federal information and information systems. Because of the high degree of
confidence in NIST standards, many private industry groups also voluntarily
adopt these standards.''
The public comment period on SP 800-90 ends November 6, 2013.
------------------------------
Date: Tue, 17 Sep 2013 10:02:00 -0400
From: Gabe Goldberg <gabe(a)gabegold.com>
Subject: Malware Mining Civil Aviation Data - AVweb flash Article
A computer security company, TrendMicro, Thursday reported that it has found
a particular family of malware gathering information "related to the civil
aviation sector."
[but doesn't mention how such a sector is targeted]
The best defense against the Sykipot malware is to keep your computer
systems updated with the most current security software.
[Profoundly advises a company selling security software]
Sykipot attacks normally arrive via email attachments that exploit
applications like Adobe Reader and Microsoft Office but has evolved to use a
target's operating system, web browsers and Java scripts.
[Exploiting such innovative attack vectors...]
http://www.avweb.com/avwebflash/news/Malware-Mining-Civil-Aviation-sykipot-…
------------------------------
Date: Sat, 14 Sep 2013 05:17:12 -0700
From: Henry Baker <hbaker1(a)pipeline.com>
Subject: E-ZPasses Get Read All Over New York, Not Just At Toll Booths
(Kashmir Hill)
Of course, with license plate readers everywhere, this is now old news...
http://www.forbes.com/sites/kashmirhill/2013/09/12/e-zpasses-get-read-all-o…
Kashmir Hill, *Forbes*, 12 Sep 2013 (PGN-ed)
After spotting a police car with two huge boxes on its trunk -- that turned
out to be license-plate-reading cameras -- a man in New Jersey became
obsessed with the loss of privacy for vehicles on American roads. (He's not
the only one.) The man, who goes by the Internet handle Puking Monkey, did
an analysis of the many ways his car could be tracked and stumbled upon
something rather interesting: his E-ZPass, which he obtained for the purpose
of paying tolls, was being used to track his car in unexpected places, far
away from any toll booths.
Puking Monkey is an electronics tinkerer, so he hacked his RFID-enabled
E-ZPass to set off a light and a `moo cow' every time it was being
read. Then he drove around New York. His tag got milked multiple times on
the short drive from Times Square to Madison Square Garden in mid-town
Manhattan, and also on his way out of New York through Lincoln Tunnel, again
in a place with no toll plaza.
At Defcon, where he presented his findings, Puking Monkey said he found the
reading of the E-ZPass outside of where he thought it would be read when he
put it in his car ``intrusive and unsettling,'' quoting from Sen. Chuck
Schumer's remarks about retailers tracking people who come into their stores
using their cell phones. [...]
[Also noted by Monty Solomon. PGN]
------------------------------
Date: Fri, 13 Sep 2013 10:59:35 -0700
From: Gene Wirchenko <genew(a)telus.net>
Subject: "Adobe issues critical security updates for Flash Player,
Reader and Shockwave Player" (Lucian Constantin)
Does it seem to you that it has been a bad time lately for patches?
Lucian Constantin, InfoWorld, 11 Sep 2013
The new updates address vulnerabilities that could allow attackers to
compromise computers
http://www.infoworld.com/d/security/adobe-issues-critical-security-updates-…
------------------------------
Date: Fri, 13 Sep 2013 10:54:23 -0700
From: Gene Wirchenko <genew(a)telus.net>
Subject: "Microsoft pulls botched KB 2871630, while many Office patch
problems remain" (Woody Leonhard)
Woody Leonhard, *InfoWorld*, 12 Sep 2013
Pulling the KB 2871630 patch took Microsoft more than 14 hours after the
first warnings appeared, and admins are furious. What's Microsoft doing
wrong?
http://www.infoworld.com/t/microsoft-windows/microsoft-pulls-botched-kb-287…
[Gene previously had noted an earlier article:
It must be Wretched Wednesday -- the day after Black Tuesday. Watch
out for automatic patches KB 2817630, KB 2810009, KB 2760411, KB 2760588,
and KB 2760583. PGN-ed]
http://www.infoworld.com/t/microsoft-windows/microsoft-botches-still-more-p…
------------------------------
Date: Fri, 20 Sep 2013 19:23:13 +1000
From: Karl Goetz <karl(a)kgoetz.id.au>
Subject: Sharing due to phone failure
My partner's phone developed problems in the last few weeks and was finally
taken in for repair this week.
I will brush over the risks associated with over dependence on mobile
devices (we have no fixed voice line so depend on our mobiles heavily) to
consider what I found the most interesting bit of the experience.
The loaner phone she was given still had the last users messages on it!
I can see three places someone should have checked for data that shouldn't
be shared:
- when the previous user was done with the phone
- when the shop received the phone back
- before the phone was given out again
An interesting vector for data leakage.
------------------------------
Date: September 23, 2013 9:43:56 AM EDT
From: John Bosley <jandpbosley(a)verizon.net>
Subject: HuffPost Essay by Charles Perrow on Fukushima (via Dave Farber)
Dr. Perrow has a long history of studying how safe systems seem to go wrong.
http://www.huffingtonpost.com/charles-perrow/fukushima-forever_b_3941589.ht…
------------------------------
Date: Tue, 24 Sep 2013 11:37:07 PDT
From: "Peter G. Neumann" <neumann(a)csl.sri.com>
Subject: BOOK: Rebecca Slayton, Arguments that Count
Rebecca Slayton
Arguments that Count:
Physics, Computing, and Missile Defense, 1949-2012
MIT Press, 2013
xi + 325 (including 76 pages of end notes and a 21-page index)
Here is a remarkably well researched and comprehensive book that is totally
within the mainstream of RISKS. The MIT Press release includes this text:
She compares how two different professional communities -- physicists
and computer scientist -- constructed arguments about the risks of
missile defense, and how these changed over time.
------------------------------
Date: Sun, 7 Oct 2012 20:20:16 -0900
From: RISKS-request(a)csl.sri.com
Subject: Abridged info on RISKS (comp.risks)
The ACM RISKS Forum is a MODERATED digest. Its Usenet manifestation is
comp.risks, the feed for which is donated by panix.com as of June 2011.
=> SUBSCRIPTIONS: PLEASE read RISKS as a newsgroup (comp.risks or equivalent)
if possible and convenient for you. The mailman Web interface can
be used directly to subscribe and unsubscribe:
http://lists.csl.sri.com/mailman/listinfo/risks
Alternatively, to subscribe or unsubscribe via e-mail to mailman
your FROM: address, send a message to
risks-request(a)csl.sri.com
containing only the one-word text subscribe or unsubscribe. You may
also specify a different receiving address: subscribe address= ... .
You may short-circuit that process by sending directly to either
risks-subscribe(a)csl.sri.com or risks-unsubscribe(a)csl.sri.com
depending on which action is to be taken.
Subscription and unsubscription requests require that you reply to a
confirmation message sent to the subscribing mail address. Instructions
are included in the confirmation message. Each issue of RISKS that you
receive contains information on how to post, unsubscribe, etc.
=> The complete INFO file (submissions, default disclaimers, archive sites,
copyright policy, etc.) is online.
<http://www.CSL.sri.com/risksinfo.html>
*** Contributors are assumed to have read the full info file for guidelines.
=> .UK users may contact <Lindsay.Marshall(a)newcastle.ac.uk>.
=> SPAM challenge-responses will not be honored. Instead, use an alternative
address from which you NEVER send mail!
=> SUBMISSIONS: to risks(a)CSL.sri.com with meaningful SUBJECT: line.
*** NOTE: Including the string "notsp" at the beginning or end of the subject
*** line will be very helpful in separating real contributions from spam.
*** This attention-string may change, so watch this space now and then.
=> ARCHIVES: ftp://ftp.sri.com/risks for current volume
or ftp://ftp.sri.com/VL/risks for previous VoLume
http://www.risks.org takes you to Lindsay Marshall's searchable archive at
newcastle: http://catless.ncl.ac.uk/Risks/VL.IS.html gets you VoLume, ISsue.
Lindsay has also added to the Newcastle catless site a palmtop version
of the most recent RISKS issue and a WAP version that works for many but
not all telephones: http://catless.ncl.ac.uk/w/r
<http://the.wiretapped.net/security/info/textfiles/risks-digest/> .
==> PGN's comprehensive historical Illustrative Risks summary of one liners:
<http://www.csl.sri.com/illustrative.html> for browsing,
<http://www.csl.sri.com/illustrative.pdf> or .ps for printing
is no longer maintained up-to-date except for recent election problems.
*** NOTE: If a cited URL fails, we do not try to update them. Try
browsing on the keywords in the subject line or cited article leads.
==> Special Offer to Join ACM for readers of the ACM RISKS Forum:
<http://www.acm.org/joinacm1>
------------------------------
End of RISKS-FORUM Digest 27.48
************************
1
0
error-corrected text (re:ly), edited for privacy/formatting
https://www.dropbox.com/s/rutqiplhjcrsz0g/feedback8.pdf
source code diagram, context of cryptologica
https://www.dropbox.com/s/rno21ddinxv0gpo/flatland-framework1v27.svg
{note}: begins @ arrow: (x,y) browser scroll of (80,-55)%
⚑ ⚑
1
0
NSA Technical Journal published in October 1959 an article
titled "The Borders of Cryptology."
http://www.nsa.gov/public_info/_files/tech_journals/borders_cryptology.pdf
A chart shows three main topics with subdivisions of each:
Electronic Warfare
Cryptology
SIGINT
http://cryptome.org/cryptology-borders.jpg
Among 16 subdivisions only two are popularly deified today and
whose all-too-human and vain weaknesses and vulnerabilities are
hotly discussed here and elsewhere:
Transmission Security
Crypto-Security
Knowledge of the other 14 could prove useful to compensate for
the faults of the twin deities, now revealed to be not so hot conjoined.
And perhaps overcome the icey ignorance of other less glorified
means and methods used to profanely prop-up the pedestals.
1
0
24 Sep '13
----- Forwarded message from Frank Forman <checker(a)panix.com> -----
Date: Mon, 23 Sep 2013 00:54:58 +0000 (GMT)
From: Frank Forman <checker(a)panix.com>
To: Transhuman Tech <tt(a)postbiota.org>
Subject: [tt] NS 2935: Forget premiums: A peer-to-peer network will cover you
NS 2935: Forget premiums: A peer-to-peer network will cover you
http://www.newscientist.com/article/mg21929354.300-forget-premiums-a-peerto…
* 22 September 2013 by Hal Hodson
People can now insure one another in peer-to-peer networks and do
away with big insurance companies and premiums
INSURANCE is an unfortunate fact of life. We pay large premiums to
cover ourselves for bad events that often never happen. But there is
another way. An online insurance firm called Peercover lets groups
of people insure each other on their own terms and at a fraction of
the cost.
Insurance is the latest financial service to get a shake-up from
peer-to-peer (P2P) dynamics. Already, individuals can lend money for
a return with interest. Similarly, people wanting to exchange
currency can avoid banks and instead use P2P services to find other
people looking to make the opposite trade.
"The changes in financial services that are happening now are
happening more quickly and dramatically than anything we've seen
over the last 100 years," says Ron Suber of peer-to-peer loan
company Prosper. "Peercover is a great example."
P2P insurance is simpler and cheaper than mainstream methods.
"People are paying profit and overhead to insurance firms when they
pay premiums," says Peercover co-founder Jared Mimms. Peercover
groups don't collect premiums. Instead, every individual in the
group has a stake - each is both insurer and insuree. The group's
founder sets the initial conditions for that group, including what
can be insured and the maximum value of an item. The payout for a
claim is split between all members but is only made when the
majority of the group approve the claim. The amount you pay out is
directly proportional to the value of the goods you have insured, as
calculated by Peercover's algorithms. Someone insuring a $400
cellphone will pay a larger proportion of a member's claim than
someone who is insuring a $100 cellphone, for example. Members who
fail to pay are ejected from the group and are no longer covered.
The reason all this is possible is, as with other P2P services,
because of the rise of new ways to pay online. "The kind of
insurance we're interested in wasn't possible a few years ago," says
Mimms. "It only became possible because of micropayments."
Behind micropayments are breakthroughs such as the virtual currency
Bitcoin and the payment network Ripple, which Peercover uses. Both
charge an extremely small fee for processing a transaction compared
with traditional models such as credit card companies, making
payments as low as 20 cents feasible.
Initially, Peercover's focus is on building groups to cover small
things like cellphones, and what Mimms calls positive insurance.
This is where a group pays out when a member reaches an agreed goal,
such as giving up smoking. But he has grander visions too, such as
health insurance, where large groups of Peercover users could
negotiate preferential rates for treatment.
"The technology allows for the potential of collective bargaining in
the negotiation of healthcare costs in which groups may band
together to practise some of the bargaining techniques used by
governments and traditional insurance behemoths," Mimms says.
Ellen Carney, an insurance industry analyst with research firm
Forrester, says Peercover points towards the future of insurance.
"It's very clever. This model is at the historical roots of so many
insurance companies."
She backs the idea that Peercover has the potential to change how
health insurance works in the US, although there are obvious
regulatory hurdles. "Health insurance in the US has a lot of
problems. You could see that this would be an interesting
alternative."
Richard Carter, CEO of financial software developer Nostrum Group,
says that data from sources such as social networks will play a role
in a peer-to-peer world. This won't just be in the form of finding
friends to go in with on coverage, but to judge unknown group
applicants too.
"Consumers need to learn that everything they put into the public
domain is going to be used to judge them in future, whether they
like it or not," Carter says.
_______________________________________________
tt mailing list
tt(a)postbiota.org
http://postbiota.org/mailman/listinfo/tt
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
2
1
http://www.wired.com/threatlevel/2013/09/nsa-backdoor/all/
How a Crypto ‘Backdoor’ Pitted the Tech World Against the NSA
BY KIM ZETTER09.24.136:30 AM
Illustration: alengo/Getty Images
In August 2007, a young programmer in Microsoft’s Windows security group
stood up to give a five-minute turbo talk at the annual Crypto conference in
Santa Barbara. It was a Tuesday evening, part of the conference’s
traditional rump session, when a hodge-podge of short talks are presented
outside of the conference’s main lineup. To draw attendees away from the wine
and beer that competed for their attention at that hour, presenters sometimes
tried to sex up their talks with provocative titles like “Does Bob Go to
Prison?” or “How to Steal Cars – A Practical Attack on KeeLoq” or “The Only
Rump Session Talk With Pamela Anderson.”
Dan Shumow and his Microsoft colleague Niels Ferguson titled theirs,
provocatively, “On the Possibility of a Back Door in the NIST SP800-90 Dual
Ec Prng.” It was a title only a crypto geek would love or get.
The talk was only nine slides long (.pdf). But those nine slides were
potentially dynamite. They laid out a case showing that a new encryption
standard, given a stamp of approval by the U.S. government, possessed a
glaring weakness that made an algorithm in it susceptible to cracking. But
the weakness they described wasn’t just an average vulnerability, it had the
kind of properties one would want if one were intentionally inserting a
backdoor to make the algorithm susceptible to cracking by design.
For such a dramatic presentation — by mathematicians’ standards — the
reaction to it was surprisingly muted. “I think folks thought, ‘Well that’s
interesting,’ and, ‘Wow, it looks like maybe there was a flaw in the
design,’” says a senior Microsoft manager who was at the talk. “But there
wasn’t a huge reaction.”
Six years later, that’s all changed.
Early this month the New York Times drew a connection between their talk and
memos leaked by Edward Snowden, classified Top Secret, that apparently
confirms that the weakness in the standard and so-called Dual_EC_DRBG
algorithm was indeed a backdoor. The Times story implies that the backdoor
was intentionally put there by the NSA as part of a $250-million, decade-long
covert operation by the agency to weaken and undermine the integrity of a
number of encryption systems used by millions of people around the world.
The Times story has kindled a firestorm over the integrity of the byzantine
process that produces security standards. The National Institute of Standards
and Technology, which approved Dual_EC_DRBG and the standard, is now facing a
crisis of confidence, having been forced to re-open the standard for public
discussion, while security and crypto firms scramble to unravel how deeply
the suspect algorithm infiltrated their code, if at all. On Thursday,
corporate giant RSA Security publicly renounced Dual_EC_DRBG, while also
conceding that its commercial suite of cryptographic libraries had been using
the bad algorithm as its default algorithm for years.
But beneath the flames, a surprising uncertainty is still smoldering over
whether Dual_EC_DRBG really is backdoored. The Times, crypto experts note,
hasn’t released the memos that purport to prove the existence of a backdoor,
and the paper’s direct quotes from the classified documents don’t mention any
backdoor in the algorithm or efforts by the NSA to weaken it or the standard.
They only discuss efforts to push the standard through committees for
approval.
Jon Callas, the CTO of Silent Circle, whose company offers encrypted phone
communication, delivered a different rump session talk at the Crypto
conference in 2007 and saw the presentation by Shumow. He says he wasn’t
alarmed by it at the time and still has doubts that what was exposed was
actually a backdoor, in part because the algorithm is so badly done.
“If [NSA] spent $250 million weakening the standard and this is the best that
they could do, then we have nothing to fear from them,” he says. “Because
this was really ham-fisted. When you put on your conspiratorial hat about
what the NSA would be doing, you would expect something more devious,
Machiavellian … and this thing is just laughably bad. This is Boris and
Natasha sort of stuff.”
Indeed, the Microsoft presenters themselves — who declined to comment for
this article — didn’t press the backdoor theory in their talk. They didn’t
mention NSA at all, and went out of their way to avoid accusing NIST of
anything. “WE ARE NOT SAYING: NIST intentionally put a back door in this
PRNG,” read the last slide of their deck.
The Microsoft manager who spoke with WIRED on condition of anonymity thinks
the provocative title of the 2007 presentation overstates the issue with the
algorithm and is being misinterpreted — that perhaps reporters at the Times
read something in a classified document showing that the NSA worked on the
algorithm and pushed it through the standards process, and quickly took it as
proof that the title of the 2007 talk had been right to call the weakness in
the standard and algorithm a backdoor.
But Paul Kocher, president and chief scientist of Cryptography Research, says
that regardless of the lack of evidence in the Times story, he discounts the
“bad cryptography” explanation for the weakness, in favor of the backdoor
one.
“Bad cryptography happens through laziness and ignorance,” he says. “But in
this case, a great deal of effort went into creating this and choosing a
structure that happens to be amenable to attack.
“What’s mathematically creative [with this algorithm] is that when you look
at it, you can’t even prove whether there is a backdoor or not, which is very
bizarre in cryptography,” he says. “Usually the presence of a backdoor is
something you can prove is there, because you can see it and exploit it…. In
my entire career in cryptography, I’ve never seen a vulnerability like this.”
National Security Agency headquarters, Fort Meade, Maryland. Photo: Wikipedia
It’s not the first time the NSA has been accused of installing backdoors.
Crypto trapdoors, real and imagined, have been part of NSA lore for decades.
In some ways the current controversy echoes the long-ago debate over the
first U.S. Data Encryption Standard in the 1970s. The NSA was widely
suspected of weakening DES to make it more crackable by the agency by
tinkering with a table of numeric constants called an S-Box and shortening
the algorithm’s key length. In 1994, though, the NSA was exonerated when it
turned out that the agency had actually changed the S-Box numbers to harden
DES against a code-breaking technique that had been known only within NSA at
the time.
In 1995, another case came up that seemed to confirm suspicions about the
NSA. The Baltimore Sun reported that year that the NSA had inserted a
backdoor into cryptographic machines made by the respected Swiss company
Crypto AG, apparently substantiating longstanding rumors to that effect.
Then in 1999, Microsoft inadvertently kicked off another controversy when it
leaked its internal name for a cryptographic signing key built into Windows
NT. The key was called _NSAKEY, spawning speculation that Microsoft had
secretly given the agency the power to write and sign its own updates to
Windows NT’s crypto engine. Microsoft said this was incorrect, that the key
was an internal Microsoft key only and that it was called “_NSAKEY” because
the NSA was the technical reviewing authority for U.S. export controls. The
key was part of Microsoft’s compliance with U.S. export laws.
Suspicions about the NSA and backdoors were lingering in 2006 when Shumow and
Ferguson began looking at Dual_EC_DRBG after NIST approved it for inclusion
in a standard (.pdf). The standard discussed four federally sanctioned random
number generators approved for use in encrypting government classified and
unclassified-but-sensitive communication.
Each of the four algorithms was based on a different cryptographic design
family. One was based on hash functions, one on so-called HMAC (hash-based
message authentication code), one on block ciphers and the fourth one was
based on elliptic curves. The NSA had been pushing elliptic curve
cryptography for a number of years, and it publicly championed the last one —
Dual_EC_DRBG — to be included in the standard.
Elliptic curve algorithms are based on slightly different mathematics than
the more common RSA algorithm, and the NSA believes they’re the future of
cryptography, asserting that elliptic curve algorithms are smaller, faster
and offer better security.
But as Shumow and Ferguson examined the properties of the elliptic curve
random number generator in the standard, to determine how to incorporate it
into the Windows operating system, a couple of strange things stood out.
First, the random number generator was very slow – two to three orders of
magnitude slower than another algorithm in the standard.
Second, it didn’t seem to be very secure.
“There was a property [in it] that seemed to make the prediction-resistance
of the algorithm not what you would necessarily want it to be,” the Microsoft
manager says. In non-geek speak, there was a weakness that made the random
number generator not so random.
Good random number generation is at the core of encryption, and a weak RNG
can undo the entire encryption system. Random number generators play a role
in creating cryptographic keys, in opening secure communications between
users and web sites and in resetting passwords for email accounts. Without
assured randomness, an attacker can predict what the system will generate and
undermine the algorithm.
Shumow and Ferguson found that the obstacles to predicting what the random
number generator would generate was low. It wasn’t a catastrophic problem,
but it seemed strange for a security system being promulgated by the
government.
Then they noticed something else.
The standard for implementing the algorithm included a list of constants –
static numbers – that were used in the elliptic curve on which the random
number generator was based. Whoever generated the constants, which served as
a kind of public key for the algorithm, could have generated a second set of
numbers at the same time – a private key.
Anyone possessing that second set of numbers would have what’s known in the
cryptography community as “trapdoor information” – that is, they would be
able to essentially unlock the encryption algorithm by predicting what the
random number generator generated. And, Shumow and Ferguson realized, they
could predict this after seeing as few as 32 bytes of output from the
generator. With a very small sample, they could crack the entire encryption
system used to secure the output.
“Even if no one knows the secret numbers, the fact that the backdoor is
present makes Dual_EC_DRBG very fragile,” cryptographer Bruce Schneier wrote
at the time, in a piece for WIRED. “If someone were to solve just one
instance of the algorithm’s elliptic-curve problem, he would effectively have
the keys to the kingdom. He could then use it for whatever nefarious purpose
he wanted. Or he could publish his result, and render every implementation of
the random-number generator completely insecure.”
No one knew who had produced the constants, but it was assumed that because
the NSA had pushed the algorithm into the standard, the agency had generated
the numbers. The spy agency might also, then, have generated a secret key.
Schneier called it “scary stuff indeed,” but he also said at the time that it
made no sense as a backdoor, since it was so obvious to anyone who looked at
the algorithm and standard that there was this flaw in it. As a result,
developers of web sites and software applications wouldn’t use it to help
secure their products and systems, he said.
But in fact, many developers did use it.
The U.S. government has enormous purchasing power, and vendors soon were
forced to implement the suspect standard as a condition of selling their
products to federal agencies under so-called FIPS certification requirements.
Microsoft added support for the standard, including the elliptic curve
random-number generator, in a Vista update in February 2008, though it did
not make the problematic generator the default algorithm.
Asked why Microsoft supported the algorithm when two of its own employees had
shown it to be weakened, a second Microsoft senior manager who spoke with
WIRED said that while the weakness in the algorithm and standard was “weird”
it “wasn’t a smoking gun.” It was more of an “odd property.”
Microsoft decided to include the algorithm in its operating system because a
major customer was asking for it, because it had been sanctioned by NIST, and
because it wasn’t going to be enabled as the default algorithm in the system,
thus having no impact on other customers.
“In fact it is nearly impossible for any user to implement or to get this
particular random number generator instantiating on their machines without
going into the guts of the machine and reconfiguring it,” he says.
Other major companies, like Cisco and RSA, added it as well. NIST in fact
provides a lengthy list of companies that have included it in their
libraries, though the list doesn’t say which companies made it the default
algorithm in their library or which products have been developed that invoke
the algorithm.
A Cisco spokesman told WIRED that the algorithm was implemented in its
standard crypto library around mid-2012, a library that is used in more than
120 product lines, but the algorithm is not the default, and the default
algorithm cannot be changed by users. The company is currently completing an
internal audit of all of its products that leverage the NIST standard.
RSA, however, made the algorithm the default in its BShare toolkit for Java
and C developers until this week when it told WIRED that it was changing the
default following the renewed controversy over it. The company sent an
advisory to developer customers “strongly” urging them to change the default
to one of a number of other random number generator algorithms RSA supports.
RSA also changed the default on its own end in BSafe and in an RSA key
management system. The company is currently doing an internal review of all
of its products to see where the algorithm gets invoked in order to change
those.
RSA actually added the algorithm to its libraries in 2004 or 2005, before
NIST approved it for the standard in 2006 and before the government made it a
requirement for FIPS certification, says Sam Curry, the company’s chief
technology officer. The company then made it the default algorithm in BSafe
and in its key management system after the algorithm was added to the
standard. Curry said that elliptic curve algorithms were all the rage at the
time and RSA chose it as the default because it provided certain advantages
over the other random number generators, including what he says was better
security.
“Cryptography is a changing field. Some algorithms go up and some come down
and we make the best decisions we can in any point in time,” he says.”A lot
of the hash-based algorithms were getting struck down by some weaknesses in
how they chose numbers and in fact what kind of sample set they chose for
initial seeding. From our perspective it looked like elliptic curve would be
immune to those things.”
Curry says the fact that the algorithm is slower actually provides it with
better security in at least one respect.
“The length of time that you have to gather samples will determine the
strength of your random number generation. So the fact that it’s slower
sometimes gives it a wider sample set to do initial seeding,” he says.
“Precisely because it takes a little longer, it actually winds up giving you
more randomness in your initial seeding, and that can be an advantage.”
Despite the renewed controversy over the algorithm and standard, Microsoft
managers say they still don’t think the weaknesses constitute an intentional
backdoor.
Callas agrees. He thinks it is simply bad cryptography that was included in
the standard to round-out the selection so that there would be at least one
elliptic curve algorithm in the standard.
But one advantage to having the algorithm supported in products like Vista —
and which may be the reason the NSA pushed it into the standard — is that
even if it’s not the default algorithm for encryption on a system, as long as
it’s an option on the system, an intruder, like the NSA, can get into the
system and change the registry to make it the default algorithm used for
encryption, thereby theoretically making it easy for the NSA to undermine the
encryption and spy on users of the machine.
Schneier says this is a much more efficient and stealth way of undermining
the encryption than simply installing a keystroke logger or other Trojan
malware that could be detected.
“A Trojan is really, really big. You can’t say that was a mistake. It’s a
massive piece of code collecting keystrokes,” he said. “But changing a
bit-one to a bit-two [in the registry to change the default random number
generator on the machine] is probably going to be undetected. It is a low
conspiracy, highly deniable way of getting a backdoor. So there’s a benefit
to getting it into the library and into the product.”
To date, the only confirmation that the algorithm has a backdoor comes in the
Times story, based on NSA documents leaked by Edward Snowden, which the Times
and two other media outlets saw.
“[I]nternal memos leaked by a former NSA contractor, Edward Snowden, suggest
that the NSA generated one of the random number generators used in a 2006
NIST standard — called the Dual EC DRBG standard — which contains a back door
for the NSA,” the Times wrote.
An editorial published by the Times this weekend re-asserted the claim:
“Unbeknown to the many users of the system, a different government arm, the
National Security Agency, secretly inserted a ‘back door’ into the system
that allowed federal spies to crack open any data that was encoded using its
technology.”
But all of the quotes that the Times published from the memos refer to the
NSA getting the standard passed by an international standards body; they do
not say the NSA intentionally weakened the algorithm and standard, though the
Times implies that this is what the memos mean by tying them to the 2007
presentation by Shumow and Ferguson.
NIST has denied any knowledge of a backdoor and has also denied that the NSA
authored its standard. The institute has, however, re-opened the standard for
public comment as a result of the controversy and “strongly” urged against
using the algorithm in question until the matter could be resolved. The
public comments period will close Nov. 6.
Even without more explicit confirmation that the weaknesses in the algorithm
and standard constitute a backdoor, Kocher and Schneier believe they do.
“It is extraordinarily bad cryptography,” says Kocher. “If you look at the
NSA’s role in creating standards [over the years] and its general
cryptographic sophistication, none of it makes sense if there isn’t a
backdoor in this.”
Schneier agrees and says the NSA has done too many other things for him to
think, when he sees government-mandated crypto that’s weak, that it’s just by
accident.
“If we were living in a kinder world, that would be a plausible explanation,”
he says. “But we’re living in a very malicious world, it turns out.”
He adds that the uncertainty around the algorithm and standard is the worst
part of the whole matter.
“This is the worst problem that the NSA has done,” Schneier says. “They have
so undermined the fundamental trust in the internet, that we don’t know what
to trust. We have to suspect everything. We’re never sure. That’s the
greatest damage.”
1
0
> On Mon, Sep 23, 2013 at 9:10 AM, Eugen Leitl wrote:
>
> > are you the fuckhead who BSOD my computer
> > and took it down after my first cypherpunks post?
> >
> > (if you are you better watch out- you're in trouble...)
>
> You sound paranoid. There is really no need for that.
> I personally tried to read some of your missives but
> had to skip them due to lack of time.
>
Paranoid, no. having personal experience of locked psychiatric wards and
snakeoil, i know the domain and this is not that. grounded observations
here.
my independent research has been messed around with for a decade plus, this
includes heavy surveillance, now ubiquitous. several projects shut down or
sabotaged due to active, hostile yet "kids gloves" interference, given
origin.
ex. political agenda shuts power off to apartment to stop basic research
into new computing system, threatens destruction of tools (NAS) needed to
prototype AMS (Asperger Management System). message: "stop or equipment
will be fried!" NAS and router already backdoored, NAS ghosted from
beginning anyway, hive of activity, manufactured for sabotage. so have to
stop and move onto plan Z^n.
under siege for years. existence as if held hostage within illegal prison
of hidden dictator. unwanted truth, its uncanny ability to rattle
megastructures of power. ping the biased networks, learn its programmatic
malfunctioning. private group using constitution as shield to illegally
attack citizens, then wrongly expecting to be able to hide behind it for
their own defense, no such boundary.
mistakenly thought refraining from saying what was actually on my mind
would be keeping it ~classy on cypherpunks :L
that is: no advisement of will-writing, death sentences, deballing, cutting
tongues out, hanging by nutsack, fingers cut off, eyes gouged out-- nothing
about war, takedown of vital public equipment, nor role of legal state
murder.
though i wanted the perpetrators to realize the horror that awaits them.
perhaps too understated- i.e. they are cursed with extreme and increasingly
misfortune as a result of their actions. the error-rate will be going way
up for those involved. unbearable pressure. the nightmare of hostile
metaphysical code.
context for computer attack: under heavy noise assault for 19 months,
ranging from harassment and abuse to long periods of sustained noise
torture. water remotely turned down in shower, 70+ times. VOC toxic fume
attacks, bombs of laundry detergents and chemicals, deteriorating nervous
system, debilitating. those involved denying their actions, trying to frame
as crazy, force suicide. noisemaking devices in the walls, remote switches
to control water valves. internet-connected. apartment the bizarre context
of embassy psychological trickery. events directly connected to ruling
ideology, power politics.
my equipment thoroughly surveilled. multi-level honeypot, manufactured to
spy and to break. completely monitored. whomever subverted my system in PC
takedown due to active retaliatory censoring (against crypto-ideas) walked
into a trap. even while i cannot figure it out, it is indicated the
perpetrators are KNOWN.
this event oddly sequenced with local CIA matched reference, power outage
to apartment and immediately back on. a second power blip recurs in the
morning, coinciding with computer attack. seemingly signaling hidden
observer.
the computer attack- DOS shell occasionally appears and vanishes upperleft
upon login. disembodied close-window [x] checkbox sometimes appears
upperleft of screen, as if virus or trojan, along with lower right MS red
signage warning of unidentifiable security threat at time of kernel panic,
locking down windows in pause, cascading into BSOD shutdown. clean
installing OS, new BIOS, nothing stops it, as if occurring outside OS and
motherboard control. occurs after one hour, as if strategically deployed or
unlocked bug to sabotage computing system that cannot be repaired by
software or disk overwrites. so my equipment is ruined. it had bug exploits
before, though now it cannot be used at all as a research tool. this is
active hostile censorship. destruction of property.
imagine if this is what 'crypto' is allowing the state to do to its
citizens, by ideological design. circuit faults as failsafes to stop public
communications via subversion, oversight of an illegal dictatorial state
and its methods, using these 'secret weapons' against the constitution:
freedom of thought, ideas, free expression. now what if those at the NSA or
CYBERCOMMAND are attacking citizens not aligned with the ruling
exploitative political agenda- the state as enemy.
(important to distinguish the context for remote hostile actions localized,
the reliance on 'virtual power' and allowing such functioning, versus
~securing its basis in actual grounded power. also, dependence on masks and
hiding to get away with these exploits, cheating, stealing, subterfuge and
sabotage, etc.)
there is a definite aspect of aggression and bullying, to the point of
torture, and destruction of peoples' lives that has somehow been normalized
by detachment of the population from its representation within the state,
via short-circuits.
that is realism for me. sanity. and my perspective of these events. that
someone would write off-list at the exact moment i begin first attempts at
repair then triggered a thoroughly muted response, not getting into the
fact that people die for doing these things. it is not all virtual and
remote. it can be extremely close-up and involve brutal events and
unimaginable pain and anguish. yet these same mediocre oppressors seem not
to believe there is anything to fear anymore.
there, balanced the psychic equilibrium. thanks.
⚕
1
0
http://cryptome.org/2013/09/belgacom-hack-en.htm /
http://blog.cyberwar.nl/2013/09/belgacom-on-brink-of-catastrophe.html
"""
On the brink of catastrophe (2013-09-21)
Ping. It's Friday the 13th. Around 11 o'clock in the morning, the IT
consultants that Belgacom employs at its largest customers in the
private and public sector receive a message. The message doesn't say
much, except for an urgent request to cancel all appointments of that
forenoon. An "emergency conference call" will take place instead.
The news that is brought in that call makes the IT consultants gasp
for breath. A piece of malicious software has been found on the
network of BICS, a daughter company of Belgacom. It is hard to grasp
even for well-informed insiders. The BICS network is so wide and deep
that it is promptly clear to everybody that this is not just a Belgian
problem. This problem is at least of European proportions. Because
whoever controls BICS, controls the communication of a large part of
the world. "This could have been larger than 9/11", says one source
who closely followed the case. Without a grain of irony.
The pressure on the teams of the Dutch digital defender Fox-IT, that
started cleaning up together with an army of Belgacom employees last
weekend, was enormous.
It was their second attempt, various sources confirm. A first attempt
to remove the villainous software from the infected computers at
Belgacom in the last weekend of August was cancelled. "At the time,
not all conditions were met required to remove everything at once", it
was said. Some computers turned out to run the alternative operating
system Linux, known of the penguin logo, not Windows. "The risk was
too big that we could not remove everything at once. In that case you
should not touch it. Or the adversary will know that the virus has
been found", states someone politically involved.
Strict conditions
The investigation of the hacking started on July 19th, when Belgacom
went to court. During their work, investigators at the intelligence
services, police and justice were very wary of a leak about the entire
operation. In early September they informed the Belgian cabinet on
strict conditions: the list of attendees of that meeting was kept
closely. If a politician would have wanted to reveal the news before
the malware was dealt with, the investigators would press charges for
breach of confidentiality of the investigation. "We could not risk
everything going wrong due to someone talking", it is said.
Belgacom was not infected with some common viruses, but with very
professional malware that costed lots of money to develop. "We had to
re-invent ourselves to do this", an investigator said. "In other
investigations there is a fixed idea of where you're going, but in in
this case it was continuously starting over because it was so
difficult to get a grasp of the malware".
Gradually it became clear that the hackers are not only interested in
the communications in the Middle-East, where BICS holds a solid
position via South-African minority shareholder MTN. "They have been
looking around and took what they could", state sources involved in
the investigation. They are clear about one thing: the attack
originated from the United States. "We determine that by the signature
of the malware, but especially by where the trails lead. They
partially run through the UK. We think the US is the main destination.
And the past weeks at the US Embassy, you notice some embarrassment
when you request exchange of information." Yesterday, the German
weekly magazine Der Spiegel reported that the UK intelligence service
GCHQ (Government Communications Headquartes) are responsible for the
attacks. It based that claim on slides disclosed by whistleblower
Edward Snowden. The news that GCHQ is behind the Belgacom attack is a
surprise to at least the services working on the affair.
The malware could do anything
The malware at Belgacom actually consists of a complex system of
complementary viruses. They are all connected. If a problem is
imminent or if they are detected, they can signal each other. "It is
somewhat like a human virus, which also mutates continuously", states
someone involved who monitors the situation for his service. "For
example, one part is responsible for searching and storing
information, while another part is continuously looks for pathways to
the internet to transfer information. Other pieces of code are
responsible for circumventing firewalls, or carry out surveillance.
If someone detects the hacking or attempts to remove a part of it, the
virus that is acting as a guard promptly signals the other parts.
Because you don't know what the malware is capable of, everything can
go horribly wrong at the last step."
The cost of the entire detection and cleaning operation is
correspondingly high. Fox-IT, the Dutch cyber security/defence company
that is commissioned by Belgacom to first make inventory of the
problems and then solve them, is a familiar name. "For the first two
weeks they estimated the costs to be one million euro", states a
well-placed source. And then adds that the entire operation lasted ten
weeks. Moreover, Fox-IT did not expect that, at a certain point, it
had to allocate all of its employees to this case. A price tag of over
five million euro, then? "It won't be far off."
But what was so terrifying about this cyber attack? And why the panic
that something would go wrong? Telephone data about conversations with
countries such as Afghanistan, Yemen and Syria that disappear, how
could that have such an impact? They are 'just' stolen phone data,
right? The involved expert sitting opposite us, looks dead serious.
There is drama in his voice, but considering the contents of what he
says, that is not unjustified. "This was highly performing malware and
it was present in the nerve centre of communications. Anything that a
highly privileged network operator of Belgacom could do, this system
could do as well. I don't have to make a drawing of it? It had all the
keys, all the passwords and full control. We must dare to classify
this as a big crisis. This could have been a catastrophe. And people
don't seem to realize."
Sensitive customers
Perhaps it wouldn't hurt to make that drawing. BICS calls itself a
"wholesale carrier". Two words, four syllables, but behind it is a
network that spans the entire globe and the beating heart of which is
located in our capital, Brussels. BICS provides the hardware
infrastructure that carries internet traffic, phone conversations,
text messages and mobile data of telecom companies and government
institutions. And the more sensitive the customer, the more likely he
is the end up at BICS. The daughter company of Belgacom markets itself
with the argument that they never ever look at what travels over its
cables. "We provide the cables for you, and you just send whatever you
want over them", is what it basically boils down to.
A glance at the list of BICS' customers makes one dizzy. The financial
transport center Swift, Electrabel, bpost, Belgocontrol, they are all
connected to BICS. The NATO in Evere, the European Commission and
Parliament, SHAPE, the Supreme Headquerters Allied Powers Europe, in
Bergen; BICS, BICS, BICS. Even the headquarters of the NATO Allied Air
Command, in Ramstein, Germany, from where the 2011 air attacks on
Libya where coordinated, depends on BICS. Among the military, it is
pointed out that military communications has an extra layer of
security; but that pointing-out happens with a degree of humility that
is very unusual to the military. "Every organisation, not just the
government, must now begin to wonder whether it is dependent of one
single provider, of one single network. And specially how well it is
secured itself", states someone who was at the front row of the
affair. "Belgacom, that is critical infrastructure. How can Belgium
keep running without it? Those are the questions that we must ask now.
Because the organisation responsible for the attack has in fact the
capability to completely disrupt Belgacom and BICS." A different
source confirms, reluctantly, the doom scenarios: "You can't think of
it. It would be larger than 9/11. The planes would pretty much fall
out of the sky." As a figure of speech? "Hm, yeah."
Lifeline
A governmental source points out the consequences of even a limited
disruption of phone communications and internet. "If a crisis occurs,
what is the first thing a human does? Grasp their phone. Imagine that
that lifeline is lost. Not just for you, but also for the emergency
services, hospital, the fire department...? And for the police? At
first glance it isn't, because they use the Astrid network [a Belgian
national radio communications network intended for emergency
services]. But that network only works apart from BICS for local
communications. For interregional communications it is just as
dependent on BICS as the rest. Hence, it is no coincidence that police
chief Catherine De Bolle started looking for a backup for the
communications system of the federal police on that Friday the 13th,
just before the big cleaning operation would have started.
How long would it take before Belgacom was up and running again after
a destructive cyber attack, is unclear. "But it is clear that we are
not prepared to counter this type of attacks right now", states a
high-ranking source. "That awareness must finally start to grow. I am
very apprehensive for the feeling of relief that I already observe in
some people. 'Ah well, that has been nicely dealt with. It's over.'
It's not, mind you. Whoever doesn't realise, this week, that it is
urgent, will never get it. Playing things down now is dangerous."
After De Standaard brought the news of large-scale hacking at
Belgacom, it turned out that the Ministry of Foreign Affairs and the
cabinet of the prime minister had been hacked. "And this is merely the
top of the iceberg", states a source who was involved in the problems
at Belgacom. Because telecom is one thing, but there are many other
critical sectors that are the fundament of a country. Transportation,
for example. Trains, trams, busses, highways, airplanes, everything
involves computer networks and everywhere one should be cautious for
cyber attacks. The energy supply is another critical fundament. And
last but not least: the banking sector of a country. Luxembourg has
already contacted the Belgian cyberservices [?] to obtain more
information about the malware that hit Belgacom.
Awareness
Besides budgets and well-paid IT personnel, the remedy against the
growing cyberthreat will be found in improved awareness. "Belgium
wants to invest in knowledge and innovation, but if one sector is
vulnerable to espionage, it is that one. Just as many computers of the
global diplomatic network of Foreign Affairs have post-its one them
with the passwords, many small companies are slacking in their
security", a cyber specialist states. "And if you dare ask whether
their Chinese interns are thoroughly screened, they look at you as if
you're from another planet." Whether the gravity of the situation is
apparent to everyone, is doubtful. In official communications,
Belgacom states that it currently has no evidence of impact on its
customers or their data. Understandly, the company does not want to
trigger hysteria, but it sounds like down-playing nonetheless. "What
should we write then?", states spokesman Jan Margot in his response.
"The infection was at dozens of computers in our own system. They have
been cleaned together with the entire network."
BICS too doesn't say much about it. "There are no indications of an
impact on the telecomnetwork of BICS", it states in a press release.
"A number of our IT systems are integrated in the infrastructure of
Belgacom and are affected in that way, but that remained outside the
network that carries customer traffic."
"That's all put rather euphemistically", according to the
investigators involved. "But you cannot accuse them of lying. A lot
of thought went into every comma of the communication."
Joke
Did Belgium become the joke of de European mainland as a result of the
compromise of Belgacom? Intelligence services are continuously in
contact with each other and exchange information. For the image of our
country, the past week has been anything but stellar, but it is
emphasised nonetheless that in such contacts it is often also about
personal relations between people. "Moreover, all countries have
problems and everyone tries to rise above them."
What about ethics? Isn't it schizophrenic that our country, Belgium,
receives information about threats that the US or others have stolen
from us? "That is the eternal paradox", a recipient of such
information states. Diplomatically it is the hardest. But if you
receive information about a serious threat such as terrorism, you
cannot ignore it. Then you have different things on your mind.
"""
1
0
are there any?
3
2