How would you do that ...

Stefan Claas spam.trap.mailing.lists at gmail.com
Tue May 4 08:45:30 PDT 2021


On Tue, May 4, 2021 at 4:55 AM grarpamp <grarpamp at gmail.com> wrote:

> You say the box has been compromised, thus the crypted docs and
> all app sessions and [meta]data connections happening on the box
> can be totally captured, and your face at the venue... all such usually
> lead to failure.
> And since you say you have no secure devices,
> this implies you are forced to use the compromised box
> to [de]crypt and read/write the plaintext docs, perhaps
> those also on camera too, all of which are failure.
> Nor can you do practical crypto outside the box/venue of
> entire big daily "docs" with pencil, or in your head.
>
> Your stated problem is unsolvable without access to a secure device.
>
> Get a secure device.
>
> Or accept risk of booting your OS on the untrusted hardware.
>
> Or use pencil size text "docs" for which you will need a PSK
> (or a KEX proto which will be even more pencil msg overhead).
>
> Or give up and go offline out of band,
> or out of the country,
> or revolt.

No, not giving up. It should serve as an exercise for the interested reader. :-)

Alice can, once arrived at her destination, purchase a brand new
notebook. The thing which she then needs to figure out can she
or Bob send some stuff in advance to her Hotel, she will book in,
or some other place, in a tamper resistant bag? And what if the bag
was compromised?

The bag would include a serial USB to USB cable and something
like a Kanguru Defender USB stick, with some goodies on it.

The thought here is that equipped with a brand new notebook,
Alice can write her stuff, encrypt it and once she arrives at an Internet
Café she feeds securely data to the compromised Café computer,
assuming trojans etc. can not go through a simple serial terminal
program transfer.

Part two is the daily communications, which requires no log-in in any
kind of service.

Fax communication/telegrams are ruled out, because of possible large data
amounts to be transferred.

Regards
Stefan


More information about the cypherpunks mailing list