NSLs, gag-orders, code-changes, coerced backdoors - any tech response? (Re: Lavabit and End-point Security)

Adam Back adam at cypherspace.org
Sun Aug 11 03:13:28 PDT 2013


About physical access - there is one non-physical solution to this - hide
the location of the server behind tor, proxies etc.  Seems to work
remarkably well for pirate bay.  I cant imagine its that big a secret as to
where the packets are routed from the current proxy to the current physical
host, but seemingly NSA type resources have not been brought to bear against
it.  Step one for the attacker is to find it.  Maybe physical tamper
detection can wipe the RAM, cold reboot as the cage unlocked, or box is
opened, and immediately switch to the back up server in a different tor
hidden physical location.

One thing that occurs to me is that aside from the laundering of NSA tip
offs to FBI etc with faked plausible trails, that have been reported on
lately; there was an aspect that they would be hesitant to reveal what they
could tap, correlate etc, or under what circumstances they would abuse
national security (military) resources for various levels of criminal
activity (major, organized to minor, petty, or political misuse).  

But the very fact that Snowden did the world a favour in disclosing the
illegal activities of the NSA and global partners, now people know what they
are doing or can better imagine, and not discount as paranoia, consequently
maybe once the dust has settled they will feel freer to feed ever more petty
or political or corporate espionage related information.  After all they'd
no longer be risking knowledge of information capability, or political
willingness.  Everyone pretty much figures they're in it up to their elbows
with corporate espionage (boeing vs airbus wiretaps), minor crimes with
fabricated evidence trails (maybe they wont bother fabricating them even in
future) and perhaps the political stuff though that is really evil and
anti-democractic (eg tea-party member IRS audits, blackmail etc).

It seems to me companies need to delegate code review and signing to a civil
society charitable organization with smart use of jurisdictions.  eg Germany
(chaos computer club code signing silent circle code?), Switzerland,
Iceland, or psuedonymous but high reputation individuals or groups.  Or
privacy groups which may have a more clear disinterest and immunity from
financial blackmail (like USG will cancel contracts if ISP, internet
service, or softwre company doesnt fold to NSL or other extra-legal
threats).  Or maybe EFF, privacy international etc.  Via their lawyers they
could retain a highly competent and pseudonymous team of technical reviews
and code signing that companies that care to demonstrate their alignment to
providing end to end secure services to their users would if it became
popular given an explanation of why they were not protected by independent
review based code signatures.

Adam

On Sun, Aug 11, 2013 at 02:27:54AM -0700, coderman wrote:
>5. don't forget physical security - this is the universal oversight
>and most effective end run around all other operational and technical
>security measures. there is a reason physical access so often implies
>"game over" and why black bag jobs are still and will continue to be
>effective against all targets.



More information about the cypherpunks mailing list