What the hell can be done with this trinity?

Mon Dec 29 11:59:15 PST 2014

TL;DR below

2014-12-29 19:13 GMT+01:00 Александр <afalex169 at gmail.com>:

> If all else fails, the NSA and its allies resort to brute force:
>> 1. They hack their target's computers/
>>
>
Hardly brute force the way they do it.

The trick is (imho) small (ie: little complexity/code) validated (ie: using
good tricks) attack surfaces. Attack surface being (for every (sub-)system)
that which is able to receive potentially exploitative info.

So, again, make the security-sensitive code as obviously and undeniably
correct as possible.

And don't run any code that doesn't follow the guidelines. (That includes
every consumer-oriented OS ever, I guess)

> 2.
>> 
>> They hack Internet routers to get to the secret encryption.
>>
>
Ehh? Don't trust your network, it's silly to do so anyway. Or is this the
in-house routers? I think it kind of comes back to the first point. Maybe
"LANs don't have fences" is a thing to live by. Internet protocols have
never been that secure; everything about ARP spoofing still makes me cringe
a little, and having all those weak wifi-encryption schemes is also very
silly.

> 3. T
>> 
>> hey intercept computers on the way to their targets, open them and insert
>> spy gear before they even reach their destination.
>
>
This one is the one to *really* worry about. In fact, you should worry they
didn't already produce the hardware with exploits build in (*COUgh* Intel
Remote Administration *COUGH*) . I've yet to find a way for a rational
entity of any kind to objectively confirm it's own execution without a
trusted third party (although I could of course not be sure that I didn't
already find a way, because how could I trust myself to understand trust?)
and my personal favorite horror scenario is waking up in a world where all
my computers are little espionage boxes and I end up incapable of fixing it
because, well, everything anyone ever works with is a little NSA
observatory.

Most of the NSA's stuff had FETs for creating a radar-observable readout.
Radiation shielding your device is probably not very effective, but it's a
start. Jamming is probably more effective, and also probably not very
effective. Thing is, real life things are finicky. Perhaps a little more
noise makes it unworkable, who knows?

You *could* use "mirror neurons" for computers, simply replicate some of
the OPs from another person and voila, the NSA doesn't really know whom
they're spying on. Plausible deniability. A fake (recorded/streamed) USB
session, some webbrowsing, etc. This is a pretty silly idea, not really
worth it in 99.99% of the cases.

Tamper evident SOCs designed/produced under supervision of trusted
authority (a consortium of properly incentive-ed trustworthish parties, or
something like that) could mitigate this problem too. This strikes me as
surprisingly realistic; it seems fair to pay twice the usual
cost-per-performance to obtain a trustable die. If one also makes it open
source it'd be a god amongst SOCs. But remember, in the land of the blind
the one eyed man's king. This isn't my field though, so I'll pass on this
challenge.

TL;DR (To recap:)
Hacks? Don't be hackable (it's reasonably possible)
Router hacks? Irrelavant; don't trust your network (you don't need to)
Physical tempering? Apply lotion to ease the pain (am software guy)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 5336 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20141229/18905674/attachment-0001.txt>