What the hell can be done with this trinity?
From the "Spiegel" article
If all else fails, the NSA and its allies resort to brute force:
1. They hack their target's computers/ 2. They hack Internet routers to get to the secret encryption/ 3. T hey intercept computers on the way to their targets, open them and insert spy gear before they even reach their destination.
Ok. Nothing new. But what the hell can be done with this trinity?
TL;DR below 2014-12-29 19:13 GMT+01:00 Александр <afalex169@gmail.com>:
If all else fails, the NSA and its allies resort to brute force:
1. They hack their target's computers/
Hardly brute force the way they do it. The trick is (imho) small (ie: little complexity/code) validated (ie: using good tricks) attack surfaces. Attack surface being (for every (sub-)system) that which is able to receive potentially exploitative info. So, again, make the security-sensitive code as obviously and undeniably correct as possible. And don't run any code that doesn't follow the guidelines. (That includes every consumer-oriented OS ever, I guess)
2.
They hack Internet routers to get to the secret encryption.
Ehh? Don't trust your network, it's silly to do so anyway. Or is this the in-house routers? I think it kind of comes back to the first point. Maybe "LANs don't have fences" is a thing to live by. Internet protocols have never been that secure; everything about ARP spoofing still makes me cringe a little, and having all those weak wifi-encryption schemes is also very silly.
3. T
hey intercept computers on the way to their targets, open them and insert spy gear before they even reach their destination.
This one is the one to *really* worry about. In fact, you should worry they didn't already produce the hardware with exploits build in (*COUgh* Intel Remote Administration *COUGH*) . I've yet to find a way for a rational entity of any kind to objectively confirm it's own execution without a trusted third party (although I could of course not be sure that I didn't already find a way, because how could I trust myself to understand trust?) and my personal favorite horror scenario is waking up in a world where all my computers are little espionage boxes and I end up incapable of fixing it because, well, everything anyone ever works with is a little NSA observatory. Most of the NSA's stuff had FETs for creating a radar-observable readout. Radiation shielding your device is probably not very effective, but it's a start. Jamming is probably more effective, and also probably not very effective. Thing is, real life things are finicky. Perhaps a little more noise makes it unworkable, who knows? You *could* use "mirror neurons" for computers, simply replicate some of the OPs from another person and voila, the NSA doesn't really know whom they're spying on. Plausible deniability. A fake (recorded/streamed) USB session, some webbrowsing, etc. This is a pretty silly idea, not really worth it in 99.99% of the cases. Tamper evident SOCs designed/produced under supervision of trusted authority (a consortium of properly incentive-ed trustworthish parties, or something like that) could mitigate this problem too. This strikes me as surprisingly realistic; it seems fair to pay twice the usual cost-per-performance to obtain a trustable die. If one also makes it open source it'd be a god amongst SOCs. But remember, in the land of the blind the one eyed man's king. This isn't my field though, so I'll pass on this challenge. TL;DR (To recap:) Hacks? Don't be hackable (it's reasonably possible) Router hacks? Irrelavant; don't trust your network (you don't need to) Physical tempering? Apply lotion to ease the pain (am software guy)
participants (2)
-
Lodewijk andré de la porte
-
Александр