Hmm maybe so maybe not Re: "Blackphone" said to be "a super-secure nsa-proof"

gwen hastings gwen at cypherpunks.to
Sat Jan 18 12:16:45 PST 2014


Hi All,

Unfortunately there are NO guarantees of NSA proof claims,
Phil above all knows this after having designed version after version of
insecurity with pgp, bassomatic and web of evidence being only 2
examples that went public,(dont even get me started on the DSA key mess...)

Similar bumps in the road were noted during ZRTP development..

Now in the secure phone case .. there is NO way to know that you are
secure against NSA TAO even if ALL source code to the phone apps and the
base band processor firmware is published.. not even if the VHDL code
for the IC design is published..

does mean we stop trying and give up?? hell no...think of it as a
economic problem even classifying enough crypto at realtime speeds for
capture turns into a major pain the the ass even on Narus boxen.
And enough PFS-type systems ie DH ephemeral key exchange systems
deployed and the headache grows even more...

but all claims of NSA proof are indeed basically somewhat fraudulent as
its a guarantee that no one checked out the chip design software for
auto insert logic additions to their cell libraries. And with TAO
placing teams of engineers its almost a sure bet that the  IC libs are
contaminated either with active flaws or simply important ones that
never got reported. And etc ad nauseam from the silicon on out..



we should just stop using loaded language like "NSA Proof" and resting
on past laurels to assure folks that such is a fact(it isn't).



       gh(who is now finally picking up the python language in a serious
way)

ps "Violent Python"(the book) rocks!
next will be taking pbp routines and formats and creating a new
curvep25519 version of type 1 and type 2 remailers with a nym.alias.net
clone in python using Curvep25519 keys to emulate a type 1 reply
block(have to see what mixminion does for reply-blocks if any)

ps2ps: PCP and PBP developers need to make up their collective heads
about external representation key formats for public keys(I will be
using pbp as its already in python) I am kind of dependent on these(key
format representations)



On 1/17/14 1:25 AM, Jim Bell wrote:
> 
> 
> http://www.yahoo.com/tech/startup-launching-a-super-secure-nsa-proof-73511096050.html
> 
> 
> Fears over NSA spying have prompted people around the world to think 
> about security differently, whether it be petitioning for companies to 
> better secure their data or changing the information they share online. 
> In particular, security around smartphones has been of great concern, as people increasingly surf the Web, make calls and send messages from 
> their mobile devices.
> An international group of privacy enthusiasts has come together to 
> create Blackphone, a smartphone that claims it will help to better 
> protect your information.
> Mashable writes that Blackphone is the brainchild of Silent Circle and Geekosphere, 
> with participation from big players in the fight for information privacy and computer security. Phil Zimmermann, creator of data encryption 
> protocol PGP (Pretty Good Privacy), is one of the minds behind the 
> device.
> “Blackphone provides users with everything they need to ensure 
> privacy and control of their communications, along with all the other 
> high-end smartphone features they have come to expect,” Zimmerman said, 
> according to Mashable.
> [ Right Click: Kiwi lifestyle tracker to free people from their smartphones ]
> The operating system is a custom build of Android OS called PrivatOS, designed for improved security. Silent Circle’s CEO Mike Janke says the project will be open source, as will the PrivatOS operating system. The phone likely won’t have the most outstanding specs, but the team says 
> that’s because privacy is the top concern.
> No specific details have been given about the phone yet (although 
> some of the code has been posted to GitHub). The companies say they’ll 
> be unveiling it properly at Mobile World Congress in Barcelona beginning Feb. 24.
> Even with very little information about the device currently 
> available, some media outlets are suggesting that the phone could be 
> “NSA-proof.” That’s a tall order, especially in light of a story from The New York Times claiming that the NSA has implanted software in nearly 100,000 computers to create backdoor radio access.
> For more information on Blackphone, visit its website at https://www.blackphone.ch.
> 


-- 
Tentacle #99

ecc public key curve p25519(pcp 0.15)

1l0$WoM5C8z=yeZG7?$]f^Uu8.g>4rf#t^6mfW9(rr910

Governments are instituted among men,
 deriving their just powers from the consent of the governed,
that whenever any form of government becomes destructive
of these ends, it is the right of the people to alter or
 abolish it, and to institute new government, laying its
 foundation on such principles, and organizing its powers
 in such form, as to them shall seem most likely to effect
 their safety and happiness.’

https://github.com/TLINDEN/pcp.git to get pcp(curve25519 cli)
https://github.com/stef/pbp.git (curve 25519 python based cli)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x42AA24D5.asc
Type: application/pgp-keys
Size: 70878 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20140118/91349fe0/attachment-0001.key>


More information about the cypherpunks mailing list