Re: črypto is finished... and it's about time × (also: 'Balrog' malnet, firsthand view)

Zenaan Harkness zen at freedbms.net
Fri Jun 12 01:17:40 PDT 2015 

On 6/12/15, grarpamp <grarpamp at gmail.com> wrote:
> On Thu, Jun 11, 2015 at 10:17 PM, Zenaan Harkness <zen at freedbms.net> wrote:
>> May be time to get serious about known-user to known-user
>> offline-key-established networks - F2F network, not necessarily
>> darknets either, but a new "public" network - to join the new internet
>> you must contact your local HUG (hospitable user group) for assistance
>> and establishment of shared keys.
>
> It is long past since time for F2F networks, physical ones,
> or at minimum logical. Be anon or not on top of that.
> Step outside your front door, pan your head and look
> at all the other doors, what do you see there?
> Uplinks to bigcorp with surveillance fangs on them?
> Or potentially many private data paths ripe for mutual association?
> http://www.ebay.com/sch/i.html?_nkw=1000ft+cat7a
> http://www.ebay.com/sch/i.html?_nkw=gigabit+media+converter
> http://www.ebay.com/sch/i.html?_nkw=fiber+optic+cable+spool

Attempting a conceptual pathway to some form of digital/ connected
communication sanity:

Foundations (please jump in):
- No operating system is spared.
- No browser is spared.
- MITM with existing "web" tech is industrialized, pervasive, and
unstoppable even by infosec/ security "professionals".
- There are some library fuzzing "security improvement" projects (e.g.
Google's fuzzing projects for image libraries etc as depended on by
Chrome etc), but the layers and levels of dependencies are far greater
that a few libraries, as seen in the OP article in this thread - SVG
libs, lower level networking, higher level networking, HDDs/ SSDs
dieing, malware being added onto downloaded/ upgraded software left
right and center with no operating system spared, and (from the sound
of the article) digital signatures still "matching" somehow.

Fuck! This is intense!

Some possible next steps to focus on:
- How to ensure that what we download, e.g. for an Ubuntu system
upgrade, is actually what is intended to be distributed by the
developers?
- How can we reduce the dependencies when "publicly browsing" - e.g.
slim down TBB (e.g. do not support SVG fonts, and much more)?
- How do we improve the security of the code we are depending on (in
the public website viewing pipeline)? E.g. industrialized fuzz-testing
(libraries, kernel-level code like the network stack, kernel data
structures, kernel drivers etc)?

Medium to longer term:
- Now that no OS is spared when accessing public web sites, even with
F2F encrypted network infrastructure, we need a specification/
foundations for a hardware-level F2F network node - e.g. libre open
code from the BIOS/ firmware up to "userspace" e.g. the VPN code etc.
- What type of F2F network makes sense?
- What type of crypto is reasonable with current think, for our F2F networks?
- Document protocols for key exchange/ OS installation/ F2F HUG meetings etc.
- Userspace network stack - Simplify (and audit) network packet
pathways - e.g. take a copy of the Linux network stack, remove
everything extraneous, perhaps make it a user-space thing with really
minimal "driver" code in the kernel only - this might be a good
foundation for multiple cross-project collaboration (eg TBB, I2P, Tor
node, Gnunet, mixmaster, openvpn, whonix/ qubes, etc).

Next steps:
- if there's a monthly computer user group meetup in reasonable
distance, start participating
- if not, create one
- begin one or more of the above steps - even assisting with the
documentation of a step
- where possible, work with others, build community
- build trust
- build real trust networks (human to human connections, whoah!)
- build digital trust networks

High priority:
- figure out how to create a cryptographically and networkingly secure
F2F network, and document this e.g.:
  - hardware nodes can only begin to be trusted if they host no
end-user WWW-facing software!
  - how to configure apt so that ubuntu package installation checks
multiple hashes/ signatures for each package downloaded/installed - we
absolutely must create a software distribution and verification
protocol which is essentially uncrackable
  - how to establish surety that your ubuntu/rawhide "package signing
key" matches that actually intended to be distributed by the
corresponding project, e.g.:
     - view the signature of the key on the project's HTTPS web page
     + check the key as it appears published on one or more mailing lists
     + compare your version of the signature with the signature that
others have at your local HUG
     + ??

We've been officially fucked over, we have no option but to start
again with a new internet. there's no option but for each of us to
start doing our bit.

Good luck, and please post your success stories so we all can benefit
and be inspired,
Zenaan

More information about the cypherpunks mailing list