From jya at pipeline.com Sun Feb 1 06:14:25 2015 From: jya at pipeline.com (John Young) Date: Sun, 01 Feb 2015 09:14:25 -0500 Subject: www.nsa-observer.net In-Reply-To: References: <88F21790-A209-4592-8FF5-A18F7605BADC@littledystopia.net> Message-ID: Forensics of paper docs, by, say, FBI, examined paper constituents (ecology of trees, soil, tree-cutters, haulers, pulp mill, paper mill, coating mill, shipping containers, distributors, sellers, buyers, lenders), inks and their constituents, human and machine handling and using and transmitting detritus, attempts to camouflage, divert and hoax. Forensics of digital docs do all this and much more from creation to transceiving, forging, hoaxing, tracking, calling home, so forth. Coupled with the Internet and commodiously ID'd digital processing devices from manufacturers of programs and devices to the poor user blocked from seeing the galore of peeping toms, diverted by promises of privacy and comsec from, sad to say, promoted by orgs receiving funds from the.manufacturers to play that very user narcosis role, what can be done? If a bio-hazard suit promises protection from ecological hazards, what digital-hazard suit is available not contaminated with data siphoning of the wearer like products tagged for sale to end of world believers. Crypto is trap- and back-doored and corrupt, so it is warned by those offering an NSA career in the womb of Rosemary's Baby, privacy is delusionary, so it is preached by those inviting into OTR communities filled with Google-SM-informants and XXers, openness worse deception than official secrecy, so blind-justice visionaries reveal and beckon to get off the grid and underground deep and dark far away from the electromagnetic spectrum -- quanta-land, teleportation nirvana, across rivernet of Styx Stux. Remember when cpunk seers cautioned commodiously of sinister authorities and their vilainous contractors, and encouraged heroically to assassinate them anonymously? Remember the gradual hiring of those seers to remain in place while aiding and abetting the authorities as contractors to invent and promise comsec and privacy and anonymity, generously trap- and back-doored and trojaned and Call Homed tracing the arc of Snowden and gobs of others requiring forenics to counter and counter-counter forensics of fora like this, like Post-Snowden journalism enthralled with the adopting of secure drop boxes, leak sites, secure comms, PK swaps and signings, to camouflage long-standing lunches and briefings with officials to agree on what can be slipped into public perception of acceptable corruption to hide the unacceptable. Adobe brags PDFs can simulate paper docs exactly. Indeed, and much more forensically easy. At 02:16 AM 2/1/2015, you wrote: >On 1/31/15, Jason McVetta wrote: > > ... > > For Ubuntu users: > > > > sudo apt-get install libimage-exiftool-perl > > exiftool -a -G1 > > adobe-acrobat-xi-scan-paper-to-pdf-and-apply-ocr-tutorial-ue.pdf | less -S > > >per the python PDF tools, (with varied options), > or reduced option command line pdf2txt, or pdftotext, or > also: > >strings --bytes=$varlength ... with varying --encoding= ... , for as >John mentioned, all the metadatas and annotations typically unseen, > > >consider that the specific "configuration and input parsing" as a >"profile" for a given "input document" identified by "self certifying >identifier" for all of the above results in collaborative simplified >text paragraphs as a working base. > >so sha256(generated corpora) == sha256(sha256(doc) ^ sha256(config of >parse opts) ^ sha256(parse-product) ) > >if i use a convenient generated slang, ... > >this means at least a dozen "to text" engines with configuration, >(parse opts and parse products) per input document as a working state. > >and ten to twenty times the input pages as simplified output text >paragraphs (common base) collected from the useful parts of the best >transformations, used for subsequent text based natural language >processing. > >in a sense, this is devops come to document processing, where the >process itself is embodied in version controlled and complete archives >with self certifying integrity. this means boring, and also done >decades ago, more or less, in varying contexts. everything old is new >again ;P > >there are a whole field of customer parser and data sets and scrapers >all dedicated to variations on this theme, although sadly they don't >live public lives, for the most part. > > >best regards, From s at ctrlc.hu Sun Feb 1 01:41:12 2015 From: s at ctrlc.hu (stef) Date: Sun, 1 Feb 2015 10:41:12 +0100 Subject: www.nsa-observer.net In-Reply-To: References: <88F21790-A209-4592-8FF5-A18F7605BADC@littledystopia.net> Message-ID: <20150201094112.GA7440@ctrlc.hu> On Sat, Jan 31, 2015 at 04:06:13PM -0800, coderman wrote: > > via use of many ‘conversion’ tools (Calibre comes to mind instantly) or are > > these embedded organisms a persistent across any automated conversion > > routine? > > consider a watermark, that resized half, still persists. this is the > kind of meta leval manipulation of structure you may see in a rich > document (PDF) that could still persist in some transformations. there was this laywer in .no who lost his license because he leaked photos of anders behring brevik to the press. and police watermarked a set of bait-photos and gave it to the laywers of the families with dead kids. the press made a photo of the pictures, printed the photo in a test news paper, took a photo again, and printed that. so a lot of adc-dac conversions in betweeen. the size also got significantly smaller. yet the watermark was clearly identifiable. it turned out later, that this was some kind of photoshop plugin, which is "primarily for tracking copyright violations" -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From guninski at guninski.com Sun Feb 1 06:35:03 2015 From: guninski at guninski.com (Georgi Guninski) Date: Sun, 1 Feb 2015 16:35:03 +0200 Subject: [OT] pre-Snowden movie involving the dear NSA: "Travelling Salesman" Message-ID: <20150201143503.GA2503@sivokote.iziade.m$> Off-topic, FIY, 2012 movie involving NSA: "Travelling Salesman": http://www.imdb.com/title/tt1801123/ >From the above trivia: > The film was made for under $10,000. > Principal photography was accomplished in just 10 days. > The film won 3 Awards at the 2012 Silicon Valley Film Festival > including Best Feature Film, Best Lead Actor, and Best Editing. From list at sysfu.com Sun Feb 1 18:57:01 2015 From: list at sysfu.com (Seth) Date: Sun, 01 Feb 2015 18:57:01 -0800 Subject: Wickr vs stef's seven rules of thumb to detect snakeoil Message-ID: Searched the cpunk archives and was surprised to find no mention of wickr yet. I thought I'd run it through stef's seven rules of thumb to detect snakeoil so here goes: * not free software - Closed source (although audited by Veracode) * runs in a browser - no * runs on a smartphone - yes * the user doesn't generate, or exclusively own the private encryption keys - unsure (displays a message about 'securing your phone using military grade encryption' during first app launch/sign-in, believe local keys are generated during this step.) * there is no threat model - (claims to be 'last messaging app standing with no 0days to date', claims nation threat attacks were expected from day one, claims zero knowledge company infrastructure server configuration) * uses marketing-terminology like "cyber", "military-grade" - displays message 'securing your phone using military grade encryption' during app setup * neglects general sad state of host security - unsure Additional notes: - Offers desktop app for Win/OSX/Linux since 2014/12 - https://wickr.com/ appears to require javascript to view - Founder Nico Sell is long time Def-Con organizer, founded Def-Con for kids (now called Rootz Asylum) in 2010 - Wickr company infrastructure security audited by iSecPartners From ryacko at gmail.com Sun Feb 1 21:22:53 2015 From: ryacko at gmail.com (Ryan Carboni) Date: Sun, 1 Feb 2015 21:22:53 -0800 Subject: Spies LEVITATE infohounds, filesharers, and Glee watchers Message-ID: > > NSA knows this. Bayes’ Theorem is elementary common knowledge. I wouldn't be so sure about that. The NSA must have developed some advanced math that we don't know about. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 364 bytes Desc: not available URL: From cathalgarvey at cathalgarvey.me Sun Feb 1 13:24:54 2015 From: cathalgarvey at cathalgarvey.me (Cathal Garvey) Date: Sun, 01 Feb 2015 21:24:54 +0000 Subject: Barium Meal Tests In-Reply-To: <20150201094112.GA7440@ctrlc.hu> References: <88F21790-A209-4592-8FF5-A18F7605BADC@littledystopia.net> <20150201094112.GA7440@ctrlc.hu> Message-ID: <54CE99A6.7000804@cathalgarvey.me> > there was this laywer in .no who lost his license because he leaked > photos of anders behring brevik to the press. and police watermarked a set of bait-photos and gave it to the laywers of the families with > dead kids. the press made a photo of the pictures, printed the photo > in a test news paper, took a photo again, and printed that. So a lot > of adc-dac conversions in betweeen. the size also got significantly > smaller. yet the watermark was clearly identifiable. it turned out > later, that this was some kind of photoshop plugin, which is > "primarily for tracking copyright violations" This is the classic "Barium Meal Test", a highly effective way to find a mole. I have been meaning for some time to write a quick pythons script which implements the Barium Meal Test on plain text, perhaps even in a distributed way; by making common misspellings, by replacing whitespace with unicode equivalents (bit too obvious?), by making synonymous punctuation modifications - a dash rather than a semicolon as in this sentence couplet, for example. Part of the idea is to help identify "moles" in follower networks of "private users" in P2P social networks, when people "retweet" private messages. If you could divide your followers into groups and give each group a different barium meal'd message, then after a few "leaks" you'd be able to identify likely leakers. The other part was to point out how easy such identifying substitutions are to make, and to make people acutely aware of the risks involved in sharing potentially watermarked information. On 01/02/15 09:41, stef wrote: > On Sat, Jan 31, 2015 at 04:06:13PM -0800, coderman wrote: >>> via use of many ‘conversion’ tools (Calibre comes to mind instantly) or are >>> these embedded organisms a persistent across any automated conversion >>> routine? >> >> consider a watermark, that resized half, still persists. this is the >> kind of meta leval manipulation of structure you may see in a rich >> document (PDF) that could still persist in some transformations. > > there was this laywer in .no who lost his license because he leaked photos of > anders behring brevik to the press. and police watermarked a set of > bait-photos and gave it to the laywers of the families with dead kids. the > press made a photo of the pictures, printed the photo in a test news paper, > took a photo again, and printed that. so a lot of adc-dac conversions in > betweeen. the size also got significantly smaller. yet the watermark was > clearly identifiable. it turned out later, that this was some kind of > photoshop plugin, which is "primarily for tracking copyright violations" > -- Twitter: @onetruecathal Phone: +353876363185 miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM peerio.com: Use email or phone. Uses above miniLock key. From list at sysfu.com Sun Feb 1 22:03:13 2015 From: list at sysfu.com (Seth) Date: Sun, 01 Feb 2015 22:03:13 -0800 Subject: Wickr vs stef's seven rules of thumb to detect snakeoil In-Reply-To: References: Message-ID: On Sun, 01 Feb 2015 18:57:01 -0800, Seth wrote: > Searched the cpunk archives and was surprised to find no mention of > wickr yet. > > I thought I'd run it through stef's seven rules of thumb to detect > snakeoil so here goes: Yikes, just found this excellent video review of Wickr and it's not flattering: https://www.youtube.com/watch?v=GDq7GJWKyqc. The presenter sums it up as "this is really a classic example of what can happen when you try to do your security in secret, and nobody really looks too closely at what you're doing." Main flaws claimed to be found by reviewer: Password stored on servers hardware binding is a joke caught using static AES key Were not signing their messages TOFU (Trust On First Use) architecture Crappy TLS implementation Wickr servers using PHP scripts I'd say the verdict leans towards snake-oil so far. From mirimir at riseup.net Sun Feb 1 22:34:12 2015 From: mirimir at riseup.net (Mirimir) Date: Sun, 01 Feb 2015 23:34:12 -0700 Subject: PSA: Archive of cypherpunks@toad.com Message-ID: <54CF1A64.9020305@riseup.net> See for 0 References: <4119466.BPOYotYFB6@lapuntu> Message-ID: On Mon, 02 Feb 2015 02:51:00 -0800, rysiek wrote: > Dnia niedziela, 1 lutego 2015 22:03:13 Seth pisze: >> I'd say the verdict leans towards snake-oil so far. > > "Leans"?.. I was trying to be politic about it. :D To be fair the TLS setup on the secex.info mentioned in the video has since been fixed, however I am not sure if the other flaws have been addressed along with a public announcement that they were fixed. I'm skeptical that's the case. Wickr has been offering a $100,000 bug bounty for a year now. It might be an opportunity for someone with the right skill set to clean up. http://venturebeat.com/2014/01/15/wickr-bug-bounty/ Some additional thoughts: 1) Wickr claims on the front page of their web site that they are 'the first company to put a warrant canary in our transparency report'. This may be true with the crucial detail of it being including in a transparency report. At first I was pretty sure Nico Sell was claiming in a video or interview that Wickr is the first company to use a warrant canary, which would be patently untrue, but I could have misheard. Rsync.net has been doing this since at least 2007. They are the first company I am aware of to have done so. http://www.rsync.net/resources/notices/canary.txt http://lippard.blogspot.de/2007/03/rsyncnet-warrant-canary.html 2) I like the fact that Wickr has a desktop client. I have long wished that something similar existed for TextSecure and Redphone. 3) Wickr has raised 30 million in venture capital in a round led by Jim Breyer, founder and CEO of Breyer Capital who made his first billion with an early investment in Facebook. 4) The 'Technical Mumbo Jumbo' youtube reviewer guy has another video where he demonstrates how easy it is to grab a screenshot on an iOS device of a 'self destructing' message. Screenshot has been disabled on Android, but considering iOS was the first device Wickr was released on, this is an embarrassing flaw in their client and marketing claims. I recommend watching all his video reviews of Wickr. From list at sysfu.com Mon Feb 2 11:07:40 2015 From: list at sysfu.com (Seth) Date: Mon, 02 Feb 2015 11:07:40 -0800 Subject: Wickr vs stef's seven rules of thumb to detect snakeoil In-Reply-To: <20150202101828.GA7238@ctrlc.hu> References: <20150202101828.GA7238@ctrlc.hu> Message-ID: On Mon, 02 Feb 2015 02:18:28 -0800, stef wrote: >> * runs on a smartphone >> - yes > > this is where we can stop. ;) What are the primary objections to the smart phone as a platform again? Off the top of my head 1) Evil blackbox baseband controller 2) Products of corrupt mega-corps in bed with the surveillance state 3) App Stores could be used to push malware onto device From s at ctrlc.hu Mon Feb 2 02:18:28 2015 From: s at ctrlc.hu (stef) Date: Mon, 2 Feb 2015 11:18:28 +0100 Subject: Wickr vs stef's seven rules of thumb to detect snakeoil In-Reply-To: References: Message-ID: <20150202101828.GA7238@ctrlc.hu> On Sun, Feb 01, 2015 at 06:57:01PM -0800, Seth wrote: > * not free software > - Closed source (although audited by Veracode) static analysis != audited. however i believe that without any static analysis any product would be even more snakeoil. but you know how static analysis goes, you get a long list of warnings and errors, and then you go supressing them. ;) would be interesting to see the list of warnings and the mitigations. but then, static analysis has its limits. > * runs on a smartphone > - yes this is where we can stop. ;) > * there is no threat model > - (claims to be 'last messaging app standing with no 0days to date', claims > nation threat attacks were expected from day one, claims zero knowledge > company infrastructure server configuration) > > * uses marketing-terminology like "cyber", "military-grade" > - displays message 'securing your phone using military grade encryption' > during app setup > > * neglects general sad state of host security > - unsure see runs on a phone (i think someone noticed this redundancy in the original 7 rules as well) > - https://wickr.com/ appears to require javascript to view :/ > - Wickr company infrastructure security audited by iSecPartners not everything must be bad, statistically speaking somethings must be right, at least on a bell curve distribution between epic and fail. :) -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From rysiek at hackerspace.pl Mon Feb 2 02:51:00 2015 From: rysiek at hackerspace.pl (rysiek) Date: Mon, 02 Feb 2015 11:51 +0100 Subject: Wickr vs stef's seven rules of thumb to detect snakeoil In-Reply-To: References: Message-ID: <4119466.BPOYotYFB6@lapuntu> Dnia niedziela, 1 lutego 2015 22:03:13 Seth pisze: > Main flaws claimed to be found by reviewer: > > Password stored on servers > hardware binding is a joke > caught using static AES key > Were not signing their messages > TOFU (Trust On First Use) architecture > Crappy TLS implementation > Wickr servers using PHP scripts > > I'd say the verdict leans towards snake-oil so far. "Leans"?.. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From alfiej at fastmail.fm Sun Feb 1 19:27:49 2015 From: alfiej at fastmail.fm (Alfie John) Date: Mon, 02 Feb 2015 14:27:49 +1100 Subject: Wickr vs stef's seven rules of thumb to detect snakeoil In-Reply-To: References: Message-ID: <1422847669.2694911.221786537.11C3B5C0@webmail.messagingengine.com> On Mon, Feb 2, 2015, at 01:57 PM, Seth wrote: > I thought I'd run it through stef's seven rules of thumb to detect > snakeoil so here goes: > > * not free software > - Closed source (although audited by Veracode) >From Wikipedia: "Veracode’s patented binary static analysis technology analyzes binary code to create a detailed model of the application’s data and control paths." "Veracode’s binary static analysis technology analyzes all application code without requiring access to source code." Does anyone know how this works against self-encrypted binaries? Alfie -- Alfie John alfiej at fastmail.fm From coderman at gmail.com Tue Feb 3 10:15:48 2015 From: coderman at gmail.com (coderman) Date: Tue, 3 Feb 2015 10:15:48 -0800 Subject: thick gaps Message-ID: On 2/3/15, dan at geer.org wrote: > ... > John, you know this I'm sure, but for the record the highest > security places use sacrificial machines to receive e-mail and > the like, to print said transmissions to paper, and then those > (sacrificial) machines are sacrificed, which is to say they > are reloaded/rebooted. Per message. The printed forms then > cross an air gap and those are scanned before transmission to > a final destination on networks of a highly controlled sort. > I suspect, but do not know, that the sacrificial machines are > thoroughly instrumented in the countermeasure sense. this is defense to depths layered through hard experience lessons ;) > ... For the > entities of which I speak, the avoidance of silent failure is > taken seriously -- which brings us 'round to your (and my) > core belief: The sine qua non goal of security engineering is > "No Silent Failure." there was an interesting thread here last year on instrumenting runtimes to appear stock (vulnerable) but which fail in obvious ways when subversion is attempted. (after all, being able to observe an attack is the first step in defending against such a class...) "hack it first yourself, before your attacker does..." From dan at geer.org Tue Feb 3 08:43:52 2015 From: dan at geer.org (dan at geer.org) Date: Tue, 03 Feb 2015 11:43:52 -0500 Subject: www.nsa-observer.net In-Reply-To: Your message of "Sat, 31 Jan 2015 12:39:11 -0500." Message-ID: <20150203164352.3B16B2281D7@palinka.tinho.net> | Depends on the converter, whether it keeps the Adobe spying | features witting or unwitting -- which it may be aware of or not. | And whether it has a deal with Adobe to retain disguised. | ... John, you know this I'm sure, but for the record the highest security places use sacrificial machines to receive e-mail and the like, to print said transmissions to paper, and then those (sacrificial) machines are sacrificed, which is to say they are reloaded/rebooted. Per message. The printed forms then cross an air gap and those are scanned before transmission to a final destination on networks of a highly controlled sort. I suspect, but do not know, that the sacrificial machines are thoroughly instrumented in the countermeasure sense. For the entities of which I speak, the avoidance of silent failure is taken seriously -- which brings us 'round to your (and my) core belief: The sine qua non goal of security engineering is "No Silent Failure." --dan From list at sysfu.com Tue Feb 3 12:11:31 2015 From: list at sysfu.com (Seth) Date: Tue, 03 Feb 2015 12:11:31 -0800 Subject: Calyx institute announces canarywatch.org web site Message-ID: "Warrant canaries rely upon the legal theory of compelled speech. Compelled speech happens when a person is forced by the government to make expressive statements they do not want to make. Fortunately, the First Amendment protects against compelled speech in most circumstances. In fact, we’re not aware of any case where a court has upheld compelled false speech. Thus, a service provider could argue that, when its statement about the legal process received is no longer true, it cannot be compelled to reissue the now false statement, and can, instead, remain silent. So far, no court has addressed this issue." https://canarywatch.org/ From mrbits.dcf at gmail.com Tue Feb 3 09:43:58 2015 From: mrbits.dcf at gmail.com (MrBiTs) Date: Tue, 03 Feb 2015 15:43:58 -0200 Subject: China backdoors Message-ID: <54D108DE.8040702@gmail.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Not sure if somebody posted it, but: http://spectrum.ieee.org/tech-talk/telecom/security/chinas-new-rules-ask-tech-firms-to-hand-over-source-code CheerS - -- echo 920680245503158263821824753325972325831728150312428342077412537729420364909318736253880971145983128276953696631956862757408858710644955909208239222408534030331747172248238293509539472164571738870818862971439246497991147436431430964603600458631758354381402352368220521740203494788796697543569807851284795072334480481413675418412856581412376640379241258356436205061541557366641602992820546646995466P | dc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJU0QjeAAoJEG7IGPwrPKWrB4MH/137/TFnO1J0TiSDsDNdtUcO 6S8qRZFxZBTEu66STW58JJD9pzQQVulAQRZvUD+pPOXYlw8JMvLVcfthYMCXcA7q 2WokokB5IsGj9/clsy+uFZcImwWGKjikTqB2Kt6X+CU+O3fqklmIO7SrPBE6Qeao IPd597JoQcuOMLLfVzRIty44vYmvNRsgXi8aiHCJjtw3eMTzGFILzRyteTsD5Q3r 78FJyZY50b74yIc/3N47ho19im9JCXOsTm4uzO6bujHxAM7wFwxjXcrQUuG2nJ3l 5rPDWN/M2SJphVnNMWU3V0+sY/In6qAmbc9rZXyvYj6RgQu8rfELVz9dVP6x6Ck= =/tiP -----END PGP SIGNATURE----- From rysiek at hackerspace.pl Tue Feb 3 08:13:02 2015 From: rysiek at hackerspace.pl (rysiek) Date: Tue, 03 Feb 2015 17:13:02 +0100 Subject: Tox.im In-Reply-To: <20140705203650.GG6997@ctrlc.hu> References: <53B84037.7030406@cathalgarvey.me> <20140705203650.GG6997@ctrlc.hu> Message-ID: <2906430.aKg3HFcaSO@lapuntu> Yo, don't you die on me! Lately I started testing Tox, it's actually usable, voice and video, and file transfers work, it looks neat. Question is (to quote Tolkien, whom I'm sure we all love and cherish): "Is it secret? Is it safe?" So we have this: Dnia sobota, 5 lipca 2014 22:36:50 stef pisze: > afaics there's a traffic analysis weakness in all messages, it discloses > both public keys of the peers in public: > https://github.com/irungentoo/toxcore/blob/master/docs/updates/Crypto.md#cry > pto-request-packets We also have a brave soul (not me) that attemted writing proper protocol documentation for Tox, and started diving into the code. The docs seem lacking, the only things we've been able to find are: https://github.com/irungentoo/toxcore/tree/master/docs https://jenkins.libtoxcore.so/job/Technical_Report/lastSuccessfulBuild/artifact/tox.pdf/ Not *that* helpful, but look at the Crypto section in the PDF: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Tox uses crypto_box() from the NaCl crypto library for all the cryptography in Tox. Unless otherwise noted, all keys refer to keys generated with crypto_box_keypair(), all encryption is done with crypto_box() and all decryption with crypto_box_open(). For performance purposes the functions to precompute the shared secret and encrypt and decrypt messages with it are used extensively in Tox; however, this is not relevant to this document. The function crypto_box() provides fast public-key authenticated encryption. For exactly how it works read the NaCl docs. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Hmmm... So, the brave RFC-writing soul got some questions. Maybe somebody here has access to some answers? Questions being: - does the transport layer have encryption? (does the middle layer do that all or...?) - where is the documentation of the cryptography? - is there any hmac done at all? - what is the tox id for a seed with all 0? - how does the tox implementation handle different byte alignment? - how does the tox implementation handle different byte endiness? - how well stressed is the tox implementation? benchmarks? - where is the rest of the documentation? - where can I find a full view of how tox works from bottom to top? Anybody? -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From mirimir at riseup.net Tue Feb 3 17:20:33 2015 From: mirimir at riseup.net (Mirimir) Date: Tue, 03 Feb 2015 18:20:33 -0700 Subject: What the fark is "TFC" In-Reply-To: <15658830.G1IiJoRcAd@lapuntu> References: <15658830.G1IiJoRcAd@lapuntu> Message-ID: <54D173E1.8020608@riseup.net> On 02/03/2015 04:59 PM, rysiek wrote: > Hi there, > > my brain is fried and I can't get any sane result in my attempts to decipher > the "TFC" acronym. And "TCB", that shows up around it. > > PLZ2ENLIGHTEN KTHXBAI. My best guess is "traffic-flow confidentiality (TFC)", as defined in "Internet Security Glossary, Version 2" (IETF Network Working Group RFC 4949) . From oottela at cs.helsinki.fi Tue Feb 3 09:28:01 2015 From: oottela at cs.helsinki.fi (Markus Ottela) Date: Tue, 03 Feb 2015 19:28:01 +0200 Subject: Tox.im In-Reply-To: <2906430.aKg3HFcaSO@lapuntu> References: <53B84037.7030406@cathalgarvey.me> <20140705203650.GG6997@ctrlc.hu> <2906430.aKg3HFcaSO@lapuntu> Message-ID: <54D10521.9060104@cs.helsinki.fi> From the PoW of Stef's seven rules of thumb to detect snake oil: *1. Not free software * https://github.com/irungentoo/toxcore/commit/dcc3921682c8bededfac7d76f4976fd56b051c72 "/Licenced the code under the GPL for now./" (Free software? Good. But, "for now" ? Is it going to change?) *2. Runs in a browser * No. *3. Runs on a smartphone * https://wiki.tox.im/index.php/Multiple_Devices Has been suggested but not yet implemented. *4. The user doesn't generate, or exclusively own the private encryption keys* The user is in control, yet the source of randomness and crypto implementation are not explained properly. The wiki talks about public keys and PFS without explaining the relation between the two. https://github.com/irungentoo/toxcore/blob/master/docs/updates/Crypto.md *5. There is no threat model* "/With the rise of government monitoring programs/" implies it's designed to be secure against state surveillance. "Tox does not cloak IP addresses when communicating with other users" In disclaimer it is also just stated that "/Tox prevents message contents from being read or altered by third parties, or anyone else other than the intended recipient/", yet it doesn't even bother to evaluate the system against HSAs or MSAs. Instead, the threat model seems to revolve around developer anonymity (https://wiki.tox.im/DevAnonymity). "/Potential harassment by the government and trolls/" seems to include people pointing out issues with the software as well. *6. Uses marketing-terminology like "cyber", "military-grade"* It doesn't, although it does say "/leading-class encryption/", and the logo is yet another unnecessary lock. *7. Neglects general sad state of host security * This. The developers think it is obvious for every user, that if the endpoint device is compromised, there is no security. This is horrible since average computer user is still mainly occupied with thoughts "I need a firewall" or "I might get a virus" -- not "The government might exploit unpatched OS or exploit a 0-day" or "The company behind my proprietary OS might be issued a subpoena to include a backdoor". It's not the job of Tox developers to patch OS, but it's their job to warn users there are attack vectors the developers are not in control of. They have refused to do so, which limits the users ability to make informed choices depending on their threat model. ---- For some time I've wanted to evaluate TFC from these perspectives as well: * 1. Not free software * It is, and it will always be. *2. Runs in a browser *It doesn't, and never will. *3. Runs on a smartphone *Only the handler of encrypted messages might in future run on smartphone (or proprietary OS), the TCB's never will. *4. The user doesn't generate, or exclusively own the private encryption keys *The user does, and the user is also in control of the circuit that generates the encryption keys. *5. There is no threat model *The whitepaper has a five-page dissection about different attack vectors, what TFC is secure against and what it is not. *6. Uses marketing-terminology like "cyber", "military-grade"* It never has and it never will. * 7. Neglects general sad state of host security* This was the starting point. Key-exfiltration-wise, it is immune against post exploitation of TCB-modules. On 03.02.2015 18:13, rysiek wrote: > Yo, > > don't you die on me! > > Lately I started testing Tox, it's actually usable, voice and video, and file > transfers work, it looks neat. Question is (to quote Tolkien, whom I'm sure we > all love and cherish): > "Is it secret? Is it safe?" > > So we have this: > > Dnia sobota, 5 lipca 2014 22:36:50 stef pisze: >> afaics there's a traffic analysis weakness in all messages, it discloses >> both public keys of the peers in public: >> https://github.com/irungentoo/toxcore/blob/master/docs/updates/Crypto.md#cry >> pto-request-packets > We also have a brave soul (not me) that attemted writing proper protocol > documentation for Tox, and started diving into the code. The docs seem > lacking, the only things we've been able to find are: > https://github.com/irungentoo/toxcore/tree/master/docs > https://jenkins.libtoxcore.so/job/Technical_Report/lastSuccessfulBuild/artifact/tox.pdf/ > > Not *that* helpful, but look at the Crypto section in the PDF: > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > Tox uses crypto_box() from the NaCl crypto library for all the cryptography > in Tox. Unless otherwise noted, all keys refer to keys generated with > crypto_box_keypair(), all encryption is done with crypto_box() and all > decryption > with crypto_box_open(). For performance purposes the functions to > precompute the shared secret and encrypt and decrypt messages with it are > used extensively in Tox; however, this is not relevant to this document. > The function crypto_box() provides fast public-key authenticated encryption. > For exactly how it works read the NaCl docs. > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > Hmmm... > > So, the brave RFC-writing soul got some questions. Maybe somebody here has > access to some answers? Questions being: > > - does the transport layer have encryption? (does the middle layer do that > all or...?) > - where is the documentation of the cryptography? > - is there any hmac done at all? > - what is the tox id for a seed with all 0? > - how does the tox implementation handle different byte alignment? > - how does the tox implementation handle different byte endiness? > - how well stressed is the tox implementation? benchmarks? > - where is the rest of the documentation? > - where can I find a full view of how tox works from bottom to top? > > Anybody? > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 7608 bytes Desc: not available URL: From rysiek at hackerspace.pl Tue Feb 3 10:38:37 2015 From: rysiek at hackerspace.pl (rysiek) Date: Tue, 03 Feb 2015 19:38:37 +0100 Subject: Tox.im In-Reply-To: <54D10521.9060104@cs.helsinki.fi> References: <53B84037.7030406@cathalgarvey.me> <2906430.aKg3HFcaSO@lapuntu> <54D10521.9060104@cs.helsinki.fi> Message-ID: <1670759.7W4F6sST8F@lapuntu> OHAI, So, I assessed it vis-a-vis stef's rules already, otherwise I would not dive into it at all. ;) But yeah, let's have a look. Dnia wtorek, 3 lutego 2015 19:28:01 Markus Ottela pisze: > From the PoW of Stef's seven rules of thumb to detect snake oil: > > *1. Not free software * > https://github.com/irungentoo/toxcore/commit/dcc3921682c8bededfac7d76f4976fd > 56b051c72 "/Licenced the code under the GPL for now./" (Free software? Good. > But, "for now" ? Is it going to change?) So, that's not going to change, IMHO. There are several developers and I don't think there was any ascribing of copyrights to any legal or physical person, so changin a license *from* GPL is not entirely straightforward. I ticked this one as "AOK". > *2. Runs in a browser * > No. AOK. > *3. Runs on a smartphone * > https://wiki.tox.im/index.php/Multiple_Devices > Has been suggested but not yet implemented. https://wiki.tox.im/Antox Still, you don't have to use it. As in, I use a desktop client, not going to be using it on my mobile anyway. It doesn't *require* smartphone use, just like e-mail does not *require* a smartphone e-mail app (if you use one, well, that's your choice). inb4 "e-mail is not safe" -- puh-lease, that was just a way to illustrate a point. "AOK" for here too. > *4. The user doesn't generate, or exclusively own the private encryption > keys* > The user is in control, ACK. > yet the source of randomness and crypto implementation are not explained > properly. The wiki talks about public keys and PFS without explaining > the relation between the two. > https://github.com/irungentoo/toxcore/blob/master/docs/updates/Crypto.md ACK. So, the PDF I linked to goes a *bit* further (just a wee bit). Go have a look at the "Crypto" section: https://jenkins.libtoxcore.so/job/Technical_Report/lastSuccessfulBuild/artifact/tox.pdf/ So, at least not a "we hold your keys -- FOR SAFETY!!1!" kind of snakeooil. Half of an "AOK" from me here. > *5. There is no threat model* > "/With the rise of government monitoring programs/" implies it's > designed to be secure against state surveillance. > "Tox does not cloak IP addresses when communicating with other users" > In disclaimer it is also just stated that > "/Tox prevents message contents from being read or altered by third > parties, or anyone else other than the intended recipient/", yet it > doesn't even bother to evaluate the system against HSAs or MSAs. True. One has to consider their own threat model and assess if Tox is the answer. Tox does *not* provide anonymity, it at least *tries* to provide OTR- like features (encryption, integrity, etc.). > Instead, the threat model seems to revolve around developer anonymity > (https://wiki.tox.im/DevAnonymity). "/Potential harassment by the > government and trolls/" seems to include people pointing out issues with > the software as well. Indeed. So again, half an "AOK". > *6. Uses marketing-terminology like "cyber", "military-grade"* > It doesn't, although it does say "/leading-class encryption/", and the > logo is yet another unnecessary lock. I like the logo. "AOK" from me, especially taken into account they're not reimplementing the wheel but using NaCL instead. > *7. Neglects general sad state of host security * > This. The developers think it is obvious for every user, that if the > endpoint device is compromised, there is no security. This is horrible > since average computer user is still mainly occupied with thoughts "I > need a firewall" or "I might get a virus" -- not "The government might > exploit unpatched OS or exploit a 0-day" or "The company behind my > proprietary OS might be issued a subpoena to include a backdoor". It's > not the job of Tox developers to patch OS, but it's their job to warn > users there are attack vectors the developers are not in control of. > They have refused to do so, which limits the users ability to make > informed choices depending on their threat model. Well, yes, and my beef with Tox is also that the private keys do not require a passpharse to unlock. So that's a no-no in my book. Still, this doesn't look like snakeoil; rather like a good idea with not-so- stellar execution, which *might* get better. Am I missing anything? > ---- > > For some time I've wanted to evaluate TFC from these perspectives as well: Could we have a *separate* thread for it? I'm really interested in having a more in-depth discussion of Tox and this could potentially hi-jack this thread. Much obliged. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From tom at ritter.vg Tue Feb 3 17:52:52 2015 From: tom at ritter.vg (Tom Ritter) Date: Tue, 3 Feb 2015 19:52:52 -0600 Subject: What the fark is "TFC" In-Reply-To: <15658830.G1IiJoRcAd@lapuntu> References: <15658830.G1IiJoRcAd@lapuntu> Message-ID: On 3 February 2015 at 17:59, rysiek wrote: > Hi there, > > my brain is fried and I can't get any sane result in my attempts to decipher > the "TFC" acronym. And "TCB", that shows up around it. TCB is usually Trusted Computing Base. Some searching indicates TFC may be Traffic Flow Confidentiality. (Or less likely, TinFoil Chat, which appears to be some random chat app plugin for encrypted messaging.) -tom From natanael.l at gmail.com Tue Feb 3 10:55:19 2015 From: natanael.l at gmail.com (Natanael) Date: Tue, 3 Feb 2015 19:55:19 +0100 Subject: thick gaps In-Reply-To: References: Message-ID: Den 3 feb 2015 19:19 skrev "coderman" : > > On 2/3/15, dan at geer.org wrote: > > ... > > John, you know this I'm sure, but for the record the highest > > security places use sacrificial machines to receive e-mail and > > the like, to print said transmissions to paper, and then those > > (sacrificial) machines are sacrificed, which is to say they > > are reloaded/rebooted. Per message. The printed forms then > > cross an air gap and those are scanned before transmission to > > a final destination on networks of a highly controlled sort. > > I suspect, but do not know, that the sacrificial machines are > > thoroughly instrumented in the countermeasure sense. > > this is defense to depths layered through hard experience lessons ;) > > > > > ... For the > > entities of which I speak, the avoidance of silent failure is > > taken seriously -- which brings us 'round to your (and my) > > core belief: The sine qua non goal of security engineering is > > "No Silent Failure." > > there was an interesting thread here last year on instrumenting > runtimes to appear stock (vulnerable) but which fail in obvious ways > when subversion is attempted. (after all, being able to observe an > attack is the first step in defending against such a class...) > > "hack it first yourself, before your attacker does..." Canary bugs / honeypot bugs? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1826 bytes Desc: not available URL: From juan.g71 at gmail.com Tue Feb 3 15:55:00 2015 From: juan.g71 at gmail.com (Juan) Date: Tue, 3 Feb 2015 20:55:00 -0300 Subject: [OT] pre-Snowden movie involving the dear NSA: "Travelling Salesman" In-Reply-To: <20150201143503.GA2503@sivokote.iziade.m$> References: <20150201143503.GA2503@sivokote.iziade.m$> Message-ID: <54d15f3c.c66d8c0a.92f7.086d@mx.google.com> On Sun, 1 Feb 2015 16:35:03 +0200 Georgi Guninski wrote: > Off-topic, FIY, 2012 movie involving NSA: > > "Travelling Salesman": http://www.imdb.com/title/tt1801123/ Thanks for the pointer. It was entertaining/interesting https://www.youtube.com/watch?v=yyG48T-tdoA I thin the idea that all math problems can be somehow solved magically is a poetic license or 'plot device'. > > From the above trivia: > > > The film was made for under $10,000. > > > Principal photography was accomplished in just 10 days. > > > The film won 3 Awards at the 2012 Silicon Valley Film Festival > > including Best Feature Film, Best Lead Actor, and Best Editing. From juan.g71 at gmail.com Tue Feb 3 16:27:03 2015 From: juan.g71 at gmail.com (Juan) Date: Tue, 3 Feb 2015 21:27:03 -0300 Subject: Tox.im In-Reply-To: <1516136.c3cOKeir0W@lapuntu> References: <54D1279B.7080103@cs.helsinki.fi> <2595280.3Iuk8EjAjT@lapuntu> <54D1518F.40007@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> Message-ID: <54d166be.e6548c0a.46eb.0e29@mx.google.com> On Wed, 04 Feb 2015 00:59:06 +0100 rysiek wrote: > Problem is, people DIE, NOW, because they use Skype. And the source(s) for that claim is...? From oottela at cs.helsinki.fi Tue Feb 3 11:55:07 2015 From: oottela at cs.helsinki.fi (Markus Ottela) Date: Tue, 03 Feb 2015 21:55:07 +0200 Subject: Tox.im Message-ID: <54D1279B.7080103@cs.helsinki.fi> On 03.02.2015 20:38, rysiek wrote: >> yet the source of randomness and crypto implementation are not explained >> properly. The wiki talks about public keys and PFS without explaining >> the relation between the two. >> https://github.com/irungentoo/toxcore/blob/master/docs/updates/Crypto.md > ACK. So, the PDF I linked to goes a *bit* further (just a wee bit). Go > have a > look at the "Crypto" section: > https://jenkins.libtoxcore.so/job/Technical_Report/lastSuccessfulBuild/artifact/tox.pdf/ > > > So, at least not a "we hold your keys -- FOR SAFETY!!1!" kind of > snakeooil. > Half of an "AOK" from me here. > Just because it could be worse doesn't mean it couldn't be better. Thanks for the whitepaper, I'll have a look when I've the time. >> *5. There is no threat model* >> "/With the rise of government monitoring programs/" implies it's >> designed to be secure against state surveillance. >> "Tox does not cloak IP addresses when communicating with other users" >> In disclaimer it is also just stated that >> "/Tox prevents message contents from being read or altered by third >> parties, or anyone else other than the intended recipient/", yet it >> doesn't even bother to evaluate the system against HSAs or MSAs. > True. One has to consider their own threat model and assess if Tox is the > answer. Tox does *not* provide anonymity, it at least *tries* to > provide OTR- > like features (encryption, integrity, etc.). > IIRC the DH signing keys are bound the the account ID. Appelbaum recommended in his 31c3 talk 'Reconstructing Narratives' that users rotate their OTR keys often and verify the hash using off-band channel. I'm not sure it's a convenient thing users have to re-add their contacts every time the DH signing key needs to be refreshed. It's sort of good thing users are immediately using the public signing key (Tox ID) but the issue is, while the Tox ID doesn't have to be secret, it must be authentic: so users unaware of this can be subjected to MITM attack. >> *7. Neglects general sad state of host security * >> > Well, yes, and my beef with Tox is also that the private keys do not > require a > passpharse to unlock. So that's a no-no in my book. This only changes the type of attack: a keylogger has to be used along the private key exfiltration tool. > Still, this doesn't look like snakeoil; rather like a good idea with > not-so- > stellar execution, which *might* get better. > > Am I missing anything? > I would argue the current OTR/PGP/ZRTP implementation has limited lifespan regardless of execution, given the fact intelligence community is expanding end-point exploitation to mass surveillance levels: methodology is changing, not the scale: https://www.youtube.com/watch?v=FScSpFZjFf0&t=37m35s There's a lot of misconception on 0-days being expensive 'one-time-hacks' that must be used only when necessary. How many anti-virus programs detect and report these? What percentage of users are running some sort of IDS? How many users assume sudden system crash is due to malfunctioning exploit/payload? A 0-day is more like a master key for given OS with average lifespan of 300 days ( http://users.ece.cmu.edu/~tdumitra/public_documents/bilge12_zero_day.pdf ) > Could we have a *separate* thread for it? I'm really interested in > having a > more in-depth discussion of Tox and this could potentially hi-jack this > thread. Much obliged. > I agree it should be separate. I tried to keep that section short and the intention was to provide contrast and show each of these can be addressed simultaneously. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 6750 bytes Desc: not available URL: From rysiek at hackerspace.pl Tue Feb 3 13:06:55 2015 From: rysiek at hackerspace.pl (rysiek) Date: Tue, 03 Feb 2015 22:06:55 +0100 Subject: Tox.im In-Reply-To: <54D1279B.7080103@cs.helsinki.fi> References: <54D1279B.7080103@cs.helsinki.fi> Message-ID: <2595280.3Iuk8EjAjT@lapuntu> Dnia wtorek, 3 lutego 2015 21:52:34 piszesz: > Just because it could be worse doesn't mean it couldn't be better. True. But the state of affairs right now is that people are massively using Skype. So even not-so-well implemented free-software crypto peer-to-peer audio-video and IM app is a step-up (as long as it's not being sold as end- all-problems-heal-your-dog-panaceum). And I would not call Tox snakeoil mainly because snakeoil salesmen *ignore* criticism and *willfully and knowingly* sell bullshit; Tox is at least *trying* to get things working and properly implemented, as far as I can see. So there's a huge difference in (perceived? apparent? true?) intentions. > Thanks for the whitepaper, I'll have a look when I've the time. It's 7 pages, hardly a "white paper", and the Crypto section is about 6 lines. It's a stub, but it does contain *some* info. > > True. One has to consider their own threat model and assess if Tox is the > > answer. Tox does *not* provide anonymity, it at least *tries* to provide > > OTR- like features (encryption, integrity, etc.). > > IIRC the DH signing keys are bound the the account ID. Appelbaum > recommended in his 31c3 talk 'Reconstructing Narratives' that users > rotate their OTR keys often and verify the hash using off-band channel. Yeah, and I stand by my "still better than Skype, and no intentional nastiness so far found". ;) > I'm not sure it's a convenient thing users have to re-add their contacts > every time the DH signing key needs to be refreshed. It's sort of good > thing users are immediately using the public signing key (Tox ID) but > the issue is, while the Tox ID doesn't have to be secret, it must be > authentic: so users unaware of this can be subjected to MITM attack. Yes. But now we're discussing the proto and the implementation, so I assume we moved forward from the "is it snakeoil" question. At least I hope so. > >> *7. Neglects general sad state of host security * > > > > Well, yes, and my beef with Tox is also that the private keys do not > > require a passpharse to unlock. So that's a no-no in my book. > > This only changes the type of attack: a keylogger has to be used along > the private key exfiltration tool. "Using seatbelts only means that the type of the car accident has to change: faster and with flying debris." I'll take the seatbelts, though. I'm fine with making the attacker spend a bit more time and resources if they want to get me. There are no bulletproof solutions anyway. > > Still, this doesn't look like snakeoil; rather like a good idea with > > not-so- stellar execution, which *might* get better. > > > > Am I missing anything? > > I would argue the current OTR/PGP/ZRTP implementation has limited > lifespan regardless of execution, given the fact intelligence community > is expanding end-point exploitation to mass surveillance levels: > methodology is changing, not the scale: > https://www.youtube.com/watch?v=FScSpFZjFf0&t=37m35s And the point here is... what exactly? "Don't use encryption, because it *might* be broken one day?" > There's a lot of misconception on 0-days being expensive > 'one-time-hacks' that must be used only when necessary. How many > anti-virus programs detect and report these? What percentage of users > are running some sort of IDS? How many users assume sudden system crash > is due to malfunctioning exploit/payload? A 0-day is more like a master > key for given OS with average lifespan of 300 days ( > http://users.ece.cmu.edu/~tdumitra/public_documents/bilge12_zero_day.pdf ) And that changes... what exactly? This affects *any and all* desktop-usable security solutions, so let's just assume that this is the baseline we have to work with and assess the solutions on their own merits, eh? > > Could we have a *separate* thread for it? I'm really interested in having > > a > > more in-depth discussion of Tox and this could potentially hi-jack this > > thread. Much obliged. > > I agree it should be separate. I tried to keep that section short and > the intention > was to provide contrast and show each of these can be addressed > simultaneously. Thanks. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From ygwald at brandeis.edu Tue Feb 3 19:34:16 2015 From: ygwald at brandeis.edu (Yaron Greenwald) Date: Tue, 03 Feb 2015 22:34:16 -0500 Subject: Tox.im In-Reply-To: <54D17872.4090401@cs.helsinki.fi> References: <54D1279B.7080103@cs.helsinki.fi> <2595280.3Iuk8EjAjT@lapuntu> <54D1518F.40007@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> <54D17872.4090401@cs.helsinki.fi> Message-ID: On 02/03/2015 08:40 PM, Markus Ottela wrote: >> Those people do not have the privilege of having a desk with 3 >> laptops, they >> often don't even have damn ADMIN RIGHTS on their laptop. Giving them a >> tool >> that works on their (insecure, I agree!!) platforms and yet LOWERS their >> exposure actually can save lives. > If you're not in control of the laptop, you shouldn't be trusting your > life on it; Tox does very little if there's a keylogger present, neither > does TFC if you're not in control of the two TCB computers. Why is it that everyone here rocks at threat models as long as they get to own a computer. Why is it that everyone here can consider everything from if a Global Passive Adversary is directly targeting you to if your next door neighbor is doing, I dunno, Van-Eck Phreaking or something like that, but can't *possibly* consider the use case of "my government can break into any computer it wants, and I'm running from netcafe to netcafe, and just need them to not be able to find me for the next one or two weeks". A keylogger only compromises you once they find the logs to read -- But say they've got a thumb drive with their data and software, two legs (or one, or none, depending, I suppose), a car, and the driving will to *keep running and fighting*. "You shouldn't be trusting your life" my rear. Half of these people are expecting a knock on their door every day. You think they're gonna just give up because they can't be Perfectly Cryptographically Secure? So we can give up on them, or we can give them whatever help they can get. Two. Choices. ...sorry for ranting. But, like, could we *please* at least consider scenarios where people don't control their computer? Instead of just totally dismissing them off-hand? Like, there *is* stuff they can do, and there *is* stuff we can do for them. And it's just... *wrong* to just say "go hang". From juan.g71 at gmail.com Tue Feb 3 18:05:44 2015 From: juan.g71 at gmail.com (Juan) Date: Tue, 3 Feb 2015 23:05:44 -0300 Subject: Tox.im In-Reply-To: <1649539.hNB5UO0CMZ@lapuntu> References: <54D1279B.7080103@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> <54d166be.e6548c0a.46eb.0e29@mx.google.com> <1649539.hNB5UO0CMZ@lapuntu> Message-ID: <54d17de0.8826e00a.72c9.201f@mx.google.com> On Wed, 04 Feb 2015 02:03:44 +0100 rysiek wrote: > Or this (linked within): > https://www.eff.org/deeplinks/2012/06/darkshades-rat-and-syrian-malware "Trojans, including one disguised as a Skype encryption tool, which covertly install spying software onto the infected computer," Not a problem of skype per se, so your claim is bullshit. > > Oh, I also appreciate how you're the first to jump in and criticize > Tor, Just as I appreciate you licking the boots of the US military and its spies. > but for some reason you don't really seem to have a problem with > Skype. Double standards much? :) Lol. You are lying barefacedly. I never said I don't have a problem with skype. I have a problem with any kind of garbage coming from the US, ESPECIALLY from the pentagon. Unlike you. > > ~~~=:) > From electromagnetize at gmail.com Tue Feb 3 22:13:15 2015 From: electromagnetize at gmail.com (brian carroll) Date: Wed, 4 Feb 2015 00:13:15 -0600 Subject: get chipped at your local tattoo parlor Message-ID: Swedish office gets under employees' skin with RFID microchips; Forget your office door key? Can't remember the code for the photocopier? No need to worry if you happen to have a microchip implanted in your hand. // (2.3.2015), 2 min. video http://www.cnet.com/news/swedish-office-gets-under-employees-skin-with-rfid-microchips/ in-article reference, (9.12.2014): The rise of the Swedish cyborgs By Jane Wakefield Technology reporter http://www.bbc.com/news/technology-30144072 '"The idea is to become a community that is why they get implants done together," [Mr Sjoblad] says.' From oottela at cs.helsinki.fi Tue Feb 3 14:54:07 2015 From: oottela at cs.helsinki.fi (Markus Ottela) Date: Wed, 04 Feb 2015 00:54:07 +0200 Subject: Tox.im In-Reply-To: <2595280.3Iuk8EjAjT@lapuntu> References: <54D1279B.7080103@cs.helsinki.fi> <2595280.3Iuk8EjAjT@lapuntu> Message-ID: <54D1518F.40007@cs.helsinki.fi> On 03.02.2015 23:06, rysiek wrote: > Dnia wtorek, 3 lutego 2015 21:52:34 piszesz: > > > True. But the state of affairs right now is that people are massively using > Skype. So even not-so-well implemented free-software crypto peer-to-peer > audio-video and IM app is a step-up (as long as it's not being sold as end- > all-problems-heal-your-dog-panaceum). > > And I would not call Tox snakeoil mainly because snakeoil salesmen *ignore* > criticism and *willfully and knowingly* sell bullshit; Tox is at least > *trying* to get things working and properly implemented, as far as I can see. > > So there's a huge difference in (perceived? apparent? true?) intentions. They are ignoring the criticism they should be warning users about constant issues in endpoint security: Subrosa, Ricochet, TextSecure, Cryptocat and Threema have all included a threat model/warning, Tox should do so too. Notifying users about risks is what keeps them safe, not moving to slightly more secure products they assume are impenetrable. Conscious ignoring of this on the developers part equals selling "bullshit". Lets assume they put the warning on the web page. Now every user who reads the security warning begins to think "Ok, so given my contacts, reputation and opsec, my private key is compromised with probability P. Am I still going to write this or do I upgrade my tools? Am I under constant monitoring? Do I need to regenerate my keys?". In the beginning of Citizenfour, Snowden gives a warning to Poitras about private keys: even though PGP encrypts private key at rest. After that, Laura bought an airgapped machine and created new PGP keypair. >> I'm not sure it's a convenient thing users have to re-add their contacts >> every time the DH signing key needs to be refreshed. It's sort of good >> thing users are immediately using the public signing key (Tox ID) but >> the issue is, while the Tox ID doesn't have to be secret, it must be >> authentic: so users unaware of this can be subjected to MITM attack. > Yes. But now we're discussing the proto and the implementation, so I assume we > moved forward from the "is it snakeoil" question. At least I hope so. > Again, security is a process, not a product: unless the implementation of crypto is secure and users know how to use it, properly written Salsa20 implementation isn't going to do much good. Writing a good manual is the responsibility of the developer. >>>> *7. Neglects general sad state of host security * >>> Well, yes, and my beef with Tox is also that the private keys do not >>> require a passpharse to unlock. So that's a no-no in my book. >> This only changes the type of attack: a keylogger has to be used along >> the private key exfiltration tool. > "Using seatbelts only means that the type of the car accident has to change: > faster and with flying debris." > > I'll take the seatbelts, though. I'm fine with making the attacker spend a bit > more time and resources if they want to get me. There are no bulletproof > solutions anyway. Here's a Metasploit payload Meterpreter. How hard do you think it's for me to automate the two Armitage GUI functionalities of browsing files and logging keystrokes once I buy a 0-day from Vupen with tax money? https://4.bp.blogspot.com/-9SL6twrYlLg/UcKHmH8QkyI/AAAAAAAAALg/GogP6DN4KIs/s1600/35.JPG Now think about Fox Acid, Metasploit, with a budget. Then think of things like Quantuminsert that automate this process on mass scale. Your seat belt is a bad analogy. There are no bulletproof solutions but there are better ones. >>> Still, this doesn't look like snakeoil; rather like a good idea with >>> not-so- stellar execution, which *might* get better. >>> >>> Am I missing anything? >> I would argue the current OTR/PGP/ZRTP implementation has limited >> lifespan regardless of execution, given the fact intelligence community >> is expanding end-point exploitation to mass surveillance levels: >> methodology is changing, not the scale: >> https://www.youtube.com/watch?v=FScSpFZjFf0&t=37m35s > And the point here is... what exactly? "Don't use encryption, because it > *might* be broken one day?" No, the point here is, don't put TCB on a computer that does networking. Why are you putting emphasis on the word 'might' when Snowden says NSA bypasses encryption *every day*: https://www.youtube.com/watch?v=YxPKoXTKDc8#t=48m53s > And that changes... what exactly? This affects *any and all* desktop-usable > security solutions, so let's just assume that this is the baseline we have to > work with and assess the solutions on their own merits, eh? No, let's not assume. I've a small desk but it's still able to handle the three laptops in a configuration that does not have the issue. The community has already accepted the host security as part of snake oil check. What on earth is the check doing here if we should accept OS vulnerabilities as a "baseline"? If the product isn't going to address it, it better not neglect it at least, Tox doesn't do even that. I'm not trying to hijack this Tox discussion to say TFC is the solution. I'm trying to say it's pointless to create anything secure on a setup the features of which are limited(/rigged) to begin with. That's why smartphone is part of the snake oil checklist. The very first step says the product has to be FOSS, without free OS, no encryption software stands a chance. Without endpoint security, it's the same. The community is already praising $1,300 Novena laptops - I'm saying we can achieve higher security with set of three $200 COTS laptops and a few extra components. From rysiek at hackerspace.pl Tue Feb 3 15:59:06 2015 From: rysiek at hackerspace.pl (rysiek) Date: Wed, 04 Feb 2015 00:59:06 +0100 Subject: Tox.im In-Reply-To: <54D1518F.40007@cs.helsinki.fi> References: <54D1279B.7080103@cs.helsinki.fi> <2595280.3Iuk8EjAjT@lapuntu> <54D1518F.40007@cs.helsinki.fi> Message-ID: <1516136.c3cOKeir0W@lapuntu> Hi, this is getting absurdly long. I am going to answer this one part below. Dnia środa, 4 lutego 2015 00:54:07 Markus Ottela pisze: > > And that changes... what exactly? This affects *any and all* > > desktop-usable > > security solutions, so let's just assume that this is the baseline we have > > to work with and assess the solutions on their own merits, eh? > > No, let's not assume. I've a small desk but it's still able to handle > the three laptops in a configuration that does not have the issue. > > The community has already accepted the host security as part of snake > oil check. What on earth is the check doing here if we should accept OS > vulnerabilities as a "baseline"? If the product isn't going to address > it, it better not neglect it at least, Tox doesn't do even that. Answer A: Well then, do a damn pull request and fix it. With the amount of typing done in this thread already you could have done it 3 times over. :) Answer B: Can you please direct me towards any software that in your opinion does not have a problem with the "host security" part? A single example of any program, say any communication program, like IM, VoIP, e-mail client, etc, installable on a chosen operating system. Answer C (I think I'll go with this one): On a more serious vein, I see I'm dealing with a view that security is binary. That one can only be safe in a meaningful sence, when one has three laptops in a particular setup on their desk. Problem is, people DIE, NOW, because they use Skype. Not because they misjudged a particular way software A uses crypto primitive B or some such, but because they are using an inherently fucked up, security wise, software to communicate. Those people do not have the privilege of having a desk with 3 laptops, they often don't even have damn ADMIN RIGHTS on their laptop. Giving them a tool that works on their (insecure, I agree!!) platforms and yet LOWERS their exposure actually can save lives. This is something that has to be rammed into the heads of people with a baseball bat. Ideal setups don't exist, that's why they are "ideal". Here, have a read: https://medium.com/message/81e5f33a24e1 Especially this part: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Managing all the encryption and decryption keys you need to keep your data safe across multiple devices, sites, and accounts is theoretically possible, in the same way performing an appendectomy on yourself is theoretically possible. This one guy did it once in Antarctica, why can’t you? (...) So the question I put to hackers, cryptographers, security experts, programmers, and so on was this: What’s the best option for people who can’t download new software to their machines? The answer was unanimous: nothing. They have no options. They are better off talking in plaintext I was told, “so they don’t have a false sense of security.” Since they don’t have access to better software, I was told, they shouldn’t do anything that might upset the people watching them. But, I explained, these are the activists, organizers, and journalists around the world dealing with governments and corporations and criminals that do real harm, the people in real danger. Then they should buy themselves computers, I was told. That was it, that was the answer: be rich enough to buy your own computer, or literally drop dead. I told people that wasn’t good enough, got vilified in a few inconsequential Twitter fights, and moved on. Not long after, I realized where the disconnect was. I went back to the same experts and explained: in the wild, in really dangerous situations — even when people are being hunted by men with guns — when encryption and security fails, no one stops talking. They just hope they don’t get caught. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - I accept Tox could warn about some issues better. I accept that desktop security is a joke. But for the love of Dog, that is not what I am asking when I'm asking if Tox is a sane thing to look into. I'm asking about "do we know of serious security bugs or fuckups in this software". I am asking "can anybody point out any serious, SNAFU-level bugs in the protocol design". And so on. > I'm not trying to hijack this Tox discussion to say TFC is the solution. > I'm trying to say it's pointless to create anything secure on a setup > the features of which are limited(/rigged) to begin with. > That's why smartphone is part of the snake oil checklist. How about we let stef talk about that himself. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From rysiek at hackerspace.pl Tue Feb 3 15:59:21 2015 From: rysiek at hackerspace.pl (rysiek) Date: Wed, 04 Feb 2015 00:59:21 +0100 Subject: What the fark is "TFC" Message-ID: <15658830.G1IiJoRcAd@lapuntu> Hi there, my brain is fried and I can't get any sane result in my attempts to decipher the "TFC" acronym. And "TCB", that shows up around it. PLZ2ENLIGHTEN KTHXBAI. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From rysiek at hackerspace.pl Tue Feb 3 17:03:44 2015 From: rysiek at hackerspace.pl (rysiek) Date: Wed, 04 Feb 2015 02:03:44 +0100 Subject: Tox.im In-Reply-To: <54d166be.e6548c0a.46eb.0e29@mx.google.com> References: <54D1279B.7080103@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> <54d166be.e6548c0a.46eb.0e29@mx.google.com> Message-ID: <1649539.hNB5UO0CMZ@lapuntu> Dnia wtorek, 3 lutego 2015 21:27:03 Juan pisze: > On Wed, 04 Feb 2015 00:59:06 +0100 > > rysiek wrote: > > Problem is, people DIE, NOW, because they use Skype. > > And the source(s) for that claim is...? https://about.okhin.fr/posts/Stupid_journos/ Stop killing people, stop using Skype! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - A journalists friend of mine pointed me to a news flash from AFP - REF: 29578 DVBP 729 GLN20 (4) AFP (295) , if it means something to you - in which they killed someone. Or, if it's not the case, he will be killed soon. Why? First, they used his full name in the text, and the city where he lives. This is, in essence, like putting a target on his forehead and waiting for snipers, tanks and/or mortars to kill him. But worse, they used the infamous malware named Skype to contact him. Besides the huge privacy issue related to using something that has been 'accidentaly' deployed in the last Windows Update, it is of public knowledge that Skype is used as a trojan to identify and hunt activists in Syria. The EFF posted about it, kaspersky, posted about it, even the original writer of the tool used inside Skype to deploy the Remote Access Tool has wrote about it along iwth a removal tool. So, journalists now knows, for month, that it is dangerous to use Skype. It is also dangerous to use closed and proprietary software. A lot of people are telling this for months now and even make propositions to use alternative, free and decentralized systems, because it is the only way to enforce some bits of privacy. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Or this (linked within): https://www.eff.org/deeplinks/2012/06/darkshades-rat-and-syrian-malware Oh, I also appreciate how you're the first to jump in and criticize Tor, but for some reason you don't really seem to have a problem with Skype. Double standards much? :) ~~~=:) -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From s at ctrlc.hu Tue Feb 3 18:04:56 2015 From: s at ctrlc.hu (stef) Date: Wed, 4 Feb 2015 03:04:56 +0100 Subject: Tox.im In-Reply-To: <1516136.c3cOKeir0W@lapuntu> References: <54D1279B.7080103@cs.helsinki.fi> <2595280.3Iuk8EjAjT@lapuntu> <54D1518F.40007@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> Message-ID: <20150204020456.GB7629@ctrlc.hu> On Wed, Feb 04, 2015 at 12:59:06AM +0100, rysiek wrote: > Answer B: > Can you please direct me towards any software that in your opinion does not > have a problem with the "host security" part? > A single example of any program, > say any communication program, like IM, VoIP, e-mail client, etc, installable > on a chosen operating system. i can: pond stores the key material in tpm, whether to trust tpm or not is open for debate. gpg is able to work with smartcards, and qubes has this split-pgp mode. these are all quite cool approaches to the host security problem. i think in general it is about compartmentalization of sensitive material, if possible in external fully controlled hw with very simple observable interfaces. > Problem is, people DIE, NOW, because they use Skype. Not because they they will they as well if they use the right tools but wrongly. :/ > How about we let stef talk about that himself. you troll. :) -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From grarpamp at gmail.com Wed Feb 4 00:37:42 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 4 Feb 2015 03:37:42 -0500 Subject: Calyx institute announces canarywatch.org web site In-Reply-To: References: Message-ID: On Tue, Feb 3, 2015 at 3:11 PM, Seth wrote: > "Warrant canaries rely upon the legal theory of compelled speech. > https://canarywatch.org/ Accepting playment of this dodging game seems largely irrelavent (and harmful) to the real issue at hand... your right to speak. At least in the US... http://www.archives.gov/exhibits/charters/bill_of_rights.html Congress shall make no law ... abridging the freedom of speech, or of the press; or the right of the people ... to petition the Government for a redress of grievances. The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated; and no Warrants shall issue but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. It's frankly appalling that in the whole US, with its millions of warrants (and fewer unconstitutional NSL's) per year, that no one, not even the idealists or other types, seem to have the balls to speak and publish a single one of them (or even the simple castrated fact that you received one)... "Congress shall make no law ... abridging the freedom of speech"... And that the abhorrence of Mass Surveillance is somehow... "upon probable cause" against your person, and the people... http://www.law.cornell.edu/constitution/first_amendment http://www.law.cornell.edu/anncon/html/amdt1toc_user.html http://www.law.cornell.edu/constitution/fourth_amendment http://www.law.cornell.edu/anncon/html/amdt4toc_user.html Some would say that any interpretation (fiat) of the original Charters text created subsequent to, and without sole dedication to exclusive analysis of, the thoughts of those who wrote them... is bogus, unless so amended. Lots of bogus laws based on flawed interpretation (or on flawed interpretation of good interpretation) out there... and no one testing them. Slowly stacking up, harder to revert with each additional one layered on and woven in tight. A fine day to be a lawyer and a citizen perhaps. Or perhaps there are none that good... From oottela at cs.helsinki.fi Tue Feb 3 17:40:02 2015 From: oottela at cs.helsinki.fi (Markus Ottela) Date: Wed, 04 Feb 2015 03:40:02 +0200 Subject: Tox.im In-Reply-To: <1516136.c3cOKeir0W@lapuntu> References: <54D1279B.7080103@cs.helsinki.fi> <2595280.3Iuk8EjAjT@lapuntu> <54D1518F.40007@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> Message-ID: <54D17872.4090401@cs.helsinki.fi> On 04.02.2015 01:59, rysiek wrote: > Hi, > > this is getting absurdly long. > > I am going to answer this one part below. > > Dnia środa, 4 lutego 2015 00:54:07 Markus Ottela pisze: >>> And that changes... what exactly? This affects *any and all* >>> desktop-usable >>> security solutions, so let's just assume that this is the baseline we have >>> to work with and assess the solutions on their own merits, eh? >> No, let's not assume. I've a small desk but it's still able to handle >> the three laptops in a configuration that does not have the issue. >> >> The community has already accepted the host security as part of snake >> oil check. What on earth is the check doing here if we should accept OS >> vulnerabilities as a "baseline"? If the product isn't going to address >> it, it better not neglect it at least, Tox doesn't do even that. > > Answer A: > Well then, do a damn pull request and fix it. With the amount of typing done > in this thread already you could have done it 3 times over. :) > Tox developer team were not interested in implementing it in similar fashion. Using three computers was the main obstruction: A successor for Skype that makes the headlines is the one that you get everyone to use because it's easy to setup. It wouldn't get any attention nor media coverage if it wasn't free as in 'next, yes, next, next, install'. I'd rather not meddle with Tox source: to quote the Norton's article you posted "C is good for two things: being beautiful and creating catastrophic 0days in memory management." Tox is written in C, by people who seem to have limited understanding on computer security and programming. I do too, but a least I selected an approach that doesn't require 0-day free code, or OS. > Answer B: > Can you please direct me towards any software that in your opinion does not > have a problem with the "host security" part? A single example of any program, > say any communication program, like IM, VoIP, e-mail client, etc, installable > on a chosen operating system. TFC stands for Tinfoil Chat. cs.helsinki.fi/u/oottela/tfc.pdf // pages 9 and 10 explain how why there is no key exfiltration risk. TCB is the Trusted Computing Base, the system responsible for cryptographic operations. > Answer C (I think I'll go with this one): > On a more serious vein, I see I'm dealing with a view that security is binary. > That one can only be safe in a meaningful sence, when one has three laptops in > a particular setup on their desk. > > Problem is, people DIE, NOW, because they use Skype. Not because they > misjudged a particular way software A uses crypto primitive B or some such, > but because they are using an inherently fucked up, security wise, software to > communicate. It depends on your threat model and how technically skilled your adversary is. If adversarial government decides to buy malware from say, Hacking Team that automatically replaces Tox IDs inside unencrypted emails to those owned by the state, it'll still get you killed unless you know what you're doing. Just telling the user to meet the contact and exchange Tox ID in person is enough not to get MITM'd. Just warning the user about not saying the most sensitive stuff on Tox might be enough to not to get killed. > Those people do not have the privilege of having a desk with 3 laptops, they > often don't even have damn ADMIN RIGHTS on their laptop. Giving them a tool > that works on their (insecure, I agree!!) platforms and yet LOWERS their > exposure actually can save lives. If you're not in control of the laptop, you shouldn't be trusting your life on it; Tox does very little if there's a keylogger present, neither does TFC if you're not in control of the two TCB computers. > This is something that has to be rammed into the heads of people with a > baseball bat. Ideal setups don't exist, that's why they are "ideal". > > Here, have a read: > https://medium.com/message/81e5f33a24e1 > > Especially this part: > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > Managing all the encryption and decryption keys you need to keep your data > safe across multiple devices, sites, and accounts is theoretically possible, > in the same way performing an appendectomy on yourself is theoretically > possible. This one guy did it once in Antarctica, why can’t you? That part sounds like infomercial trying to overcomplicate a problem. You need one device to store the (a)symmetric encryption keys (TCB 1) You need another to store the (a)symmetric decryption keys (TCB 2) You need third one to transmit encrypted messages. You need data diodes to enforce unidirectional communication between the devices. That's all. > So the question I put to hackers, cryptographers, security experts, > programmers, and so on was this: What’s the best option for people who can’t > download new software to their machines? The answer was unanimous: nothing. > They have no options. They are better off talking in plaintext I was told, “so > they don’t have a false sense of security.” Since they don’t have access to > better software, I was told, they shouldn’t do anything that might upset the > people watching them. But, I explained, these are the activists, organizers, > and journalists around the world dealing with governments and corporations and > criminals that do real harm, the people in real danger. Then they should buy > themselves computers, I was told. > > That was it, that was the answer: be rich enough to buy your own computer, or > literally drop dead. I told people that wasn’t good enough, got vilified in a > few inconsequential Twitter fights, and moved on. The issue is global whether it's occupy movement fighting against economic segregation in the West, or dissidents in 3rd world countries. The difference is the threat model. In west it's HSAs, in poor countries, MSAs at top, unless it's the US doing surveillance against Afghans etc. > Not long after, I realized where the disconnect was. I went back to the same > experts and explained: in the wild, in really dangerous situations — even when > people are being hunted by men with guns — when encryption and security fails, > no one stops talking. They just hope they don’t get caught. > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > I accept Tox could warn about some issues better. I accept that desktop > security is a joke. But for the love of Dog, that is not what I am asking when > I'm asking if Tox is a sane thing to look into. > > I'm asking about "do we know of serious security bugs or fuckups in this > software". I am asking "can anybody point out any serious, SNAFU-level bugs in > the protocol design". And so on. I get what you mean. You're trying to evaluate the skillset of developers in terms of how things are implemented and programmed. I'm trying to say they've a bigger job to do and so far they have failed at it. From coderman at gmail.com Wed Feb 4 03:50:56 2015 From: coderman at gmail.com (coderman) Date: Wed, 4 Feb 2015 03:50:56 -0800 Subject: www.nsa-observer.net is on clear web, don't use clear web. Message-ID: On 2/4/15, grarpamp wrote: > ... > Moving 10G/day/node to or from clearnet is possible. Posting in the > darknet might find you parallel armies of sympathetic nodes willing > to help with task. don't use clear-web, not even once. not even one-way. it is DEF CON wireless; pre-pwned and malicious since many years. this includes: - don't use DNS - don't use HTTP over public IPv4 or IPv6 - don't use HTTPS over public IPv4 or IPv6 - don't use TCP over public IPv4 of IPv6 - do use UDP VPN at least past first last-mile ISP, most likely to be onery and RST'ery. - do use Tor bridges to avoid like UDP VPN above, with even better cover. - must use resume capable HTTP/1.1 range based capable client with secure digest verification! (multiple reports of cryptome.org streams of Cfour.7z getting RST inline, or otherwise frequent and frustrating failures before complete on some specific provider networks; bonus points for RST inject filtering, but not all OS support it.) for array of onion hosts (location hidden mirrors) - 5 x connections, to 5 of 9 onions, max two conns per host - 18 x connections to 9 onions, two conns per host [ e.g. aria2c --piece-length=1M --min-split-size=1M --split=18 --max-connection-per-server=3 --max-concurrent-downloads=18 ... aria2c does sha256 for free ] => 1.8MByte/sec to 3.5MByte/sec sustained over 50G archive in whole over various rounds of testing the fy2014 dist. add randomized filling, and you can stack parallel instances with multiple Tor clients for added capacity. ... anything more seems limited by client side, even in best of circumstances ... hey look, latter is simpler! two things to solve it. ;) best regards, From coderman at gmail.com Wed Feb 4 04:22:00 2015 From: coderman at gmail.com (coderman) Date: Wed, 4 Feb 2015 04:22:00 -0800 Subject: www.nsa-observer.net is on clear web, don't use clear web. In-Reply-To: References: Message-ID: On 2/4/15, coderman wrote: >... > don't use clear-web, not even once. not even one-way. it is DEF CON > wireless; pre-pwned and malicious since many years. in earlier thread, why not crowd source or lay utilize idle, to process archives with SIGINT and technical annotations? consider this example, or ask your technical friend about their complaints with shallow attention porn media which is most media. --- in "crowd sourced" wikipedia, the first image is a fiction, while the program itself, QUANTUMSQUIRREL is in fact authentic and in use recently and likely ongoing. this is an example of something (misunderstanding, witting or unwitting assertion, etc.) that an "expert" would avoid, and not allow into reference corpus. best regards, -------------- next part -------------- A non-text attachment was scrubbed... Name: Attrition_by_Tailored_Quantum_Squirrel.png Type: image/png Size: 379341 bytes Desc: not available URL: From coderman at gmail.com Wed Feb 4 04:22:43 2015 From: coderman at gmail.com (coderman) Date: Wed, 4 Feb 2015 04:22:43 -0800 Subject: www.nsa-observer.net is on clear web, don't use clear web. In-Reply-To: References: Message-ID: On 2/4/15, coderman wrote: >... > in "crowd sourced" wikipedia, > the first image is a fiction, while the program itself, > QUANTUMSQUIRREL is in fact authentic and in use recently and likely > ongoing. https://en.wikipedia.org/wiki/Tailored_Access_Operations , https://peertech.org/files/Attrition_by_Tailored_Quantum_Squirrel.png From rysiek at hackerspace.pl Tue Feb 3 19:23:12 2015 From: rysiek at hackerspace.pl (rysiek) Date: Wed, 04 Feb 2015 04:23:12 +0100 Subject: Tox.im In-Reply-To: <20150204020456.GB7629@ctrlc.hu> References: <54D1279B.7080103@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> <20150204020456.GB7629@ctrlc.hu> Message-ID: <1855168.LsMSVnF1CS@lapuntu> Dnia środa, 4 lutego 2015 03:04:56 stef pisze: > On Wed, Feb 04, 2015 at 12:59:06AM +0100, rysiek wrote: > > Answer B: > > Can you please direct me towards any software that in your opinion does > > not > > have a problem with the "host security" part? > > A single example of any program, > > say any communication program, like IM, VoIP, e-mail client, etc, > > installable on a chosen operating system. > > i can: pond stores the key material in tpm, whether to trust tpm or not is > open for debate. gpg is able to work with smartcards, and qubes has this > split-pgp mode. these are all quite cool approaches to the host security > problem. Nice, didn't know about pond. Still, Tox got a no-no from me on host security (for as simple thing as not having a password on private keys), so... ;) Maybe it's a good moment to add a point to your list of snakeoil tell-tales: - "does not have decent documentation of protocols/mode of operation available" As Tox shows (as if it needed to be shown...), source code is not enough, by far. Had the protocol been documented, we would already have a Python implementation, probably, which would solve the "oh crap, C" problem. > i think in general it is about compartmentalization of sensitive > material, if possible in external fully controlled hw with very simple > observable interfaces. Absolutely. > > Problem is, people DIE, NOW, because they use Skype. Not because they > > they will they as well if they use the right tools but wrongly. :/ That's true. > > How about we let stef talk about that himself. > > you troll. :) Always at your service. :) -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From rysiek at hackerspace.pl Tue Feb 3 19:25:15 2015 From: rysiek at hackerspace.pl (rysiek) Date: Wed, 04 Feb 2015 04:25:15 +0100 Subject: Tox.im In-Reply-To: References: <54D1279B.7080103@cs.helsinki.fi> <54d17de0.8826e00a.72c9.201f@mx.google.com> Message-ID: <1769562.f9PS11B08e@lapuntu> Dnia środa, 4 lutego 2015 13:38:21 Zenaan Harkness pisze: > On 2/4/15, Juan wrote: > > On Wed, 04 Feb 2015 02:03:44 +0100 > > > > rysiek wrote: > >> Oh, I also appreciate how you're the first to jump in and criticize > >> Tor, > >> > > Just as I appreciate you licking the boots of the US > > military and its spies. > : > :) > > Come one rysiek, you should know better by now around here - you just > got Juan'ed... Nah, I was perfectly aware of what I was signing up for. It's a kind of a sport of mine. Hope the list can forgive me for generating this bit of additional noise. > And I'm not saying that's a bad thing either :) I guess it's fine as long as nobody gets hurt. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From rysiek at hackerspace.pl Tue Feb 3 19:49:07 2015 From: rysiek at hackerspace.pl (rysiek) Date: Wed, 04 Feb 2015 04:49:07 +0100 Subject: What the fark is "TFC" In-Reply-To: <15658830.G1IiJoRcAd@lapuntu> References: <15658830.G1IiJoRcAd@lapuntu> Message-ID: <1535232.6JyciEGQhY@lapuntu> Dnia środa, 4 lutego 2015 00:59:21 rysiek pisze: > Hi there, > > my brain is fried and I can't get any sane result in my attempts to decipher > the "TFC" acronym. And "TCB", that shows up around it. Wait, wait. I know! It's when you see another "security" program written in C: "The Fuck, C?" -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From grarpamp at gmail.com Wed Feb 4 01:52:32 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 4 Feb 2015 04:52:32 -0500 Subject: www.nsa-observer.net In-Reply-To: <20150203164352.3B16B2281D7@palinka.tinho.net> References: <20150203164352.3B16B2281D7@palinka.tinho.net> Message-ID: On Tue, Feb 3, 2015 at 11:43 AM, wrote: > (sacrificial) machines are sacrificed, which is to say they > are reloaded/rebooted. Per message. Network booting a known image is common. Putting the print system in hardware is possible too. > the sacrificial machines are > thoroughly instrumented in the countermeasure sense. > ... silent failiure Validation of correct operation, and detection, in face of evil input seems much harder... any and all change to memory dump, files, firmware. All soft parts would need reinitialized. Even becoming recursively expensive. All for a printer on the don't care side of the air gap? Doubtful so long as it passes test vectors. Your opponents highest secrets are historically not likely to come to you embedded in a freaknasty pdf, but on foot. That may be changing [1]. Either way, sometimes nothing beats a roomful of human transcriptionists, translators and auditors with typewriters. [1] Many a gem may even flow through each side's postmaster@ mail. From coderman at gmail.com Wed Feb 4 04:55:07 2015 From: coderman at gmail.com (coderman) Date: Wed, 4 Feb 2015 04:55:07 -0800 Subject: www.nsa-observer.net In-Reply-To: References: <88F21790-A209-4592-8FF5-A18F7605BADC@littledystopia.net> Message-ID: On 1/31/15, coderman wrote: > ... > as another example, this is why referencing even simplified subsets of > text by a self certifying identifier, like > afb1e384e450d644703ad96cdfe9f728be509854388687eb65b7c622e2f798a9 , > e.g. bigsundaawafn36e.onion/shid/afb/1e3/afb1e384e450d644..5b7c622e2f798a9 > , > or > http://sunshineeevvocqr.onion/bigsun/raw/afb1e384e450d644..5b7c622e2f798a9 > which is the same paragraph in ascii no matter PDF or Word or HTML > origin simplified to text paragraph. this text is: And I'll go one further. Everything's secret. I mean, I got an e-mail saying, "Merry Christmas." It carried a Top Secret NSA classification marking. The easy option is to classify everything. This is an Agency that for the most of its existence was well served by not having a public image. When the nation felt its existence was threatened, it was willing to cut agencies like NSA quite a bit of slack. But as that threat perception decreases, there is a natural tendency to say, "Now, tell me again what those guys do?" And, therefore, the absence of a public image seems to be less useful today than it was 25 years ago. I don't think we can survive without a public image. (U//FOUO) is should have included at first, as odd, opaque links without context a entropy prank. [ https://twitter.com/nickm_tor/status/549651166834225153 :P ] From coderman at gmail.com Wed Feb 4 05:06:16 2015 From: coderman at gmail.com (coderman) Date: Wed, 4 Feb 2015 05:06:16 -0800 Subject: Backward compatibility bites again (like RC4 in WPA2) In-Reply-To: References: Message-ID: On 12/9/14, coderman wrote: > ... > RC4 in WPA2, and no signs anyone cares it is feb 2015, and still RC4 in WPA2, also remote, also blind, also post-exchange kletographicexfil without disclosures, without firmware updates, without papers, without trendy security con stage hack theatrics, it is industry force, creates its own moral justification without reservation. 2015, RC4 still in WPA2, WPA2 still in everything, ... [0]. best regards, 0. "I've seen people act like you can't disable RC4 until you agree whether it's very very weak or completely broken." - https://twitter.com/nickm_tor/status/542192592424017920 From grarpamp at gmail.com Wed Feb 4 02:11:50 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 4 Feb 2015 05:11:50 -0500 Subject: www.nsa-observer.net In-Reply-To: References: <88F21790-A209-4592-8FF5-A18F7605BADC@littledystopia.net> Message-ID: On Sun, Feb 1, 2015 at 9:14 AM, John Young wrote: > Crypto is trap- and back-doored and corrupt, so it is warned by > ... > Remember when cpunk seers cautioned commodiously of sinister > authorities and their vilainous contractors, and encouraged heroically > to assassinate them anonymously? Remember the gradual hiring > of those seers to remain in place while aiding and abetting the > authorities as contractors to invent and promise comsec and privacy > and anonymity, generously trap- and back-doored and trojaned and > ... ... so when all is declared or known to be well fucked and jiggered... > dark far away from the electromagnetic spectrum -- quanta-land, > teleportation nirvana, across rivernet of Styx Stux. ...have we naught left to do but ride horseback to meet in the rainsoaked barn of friends the next town over, while the adversary continue using quanta against us. Or do we recognize there must be something useful in their spectrum that gives them power... and thus put out our antenna to capture it, modulate it, amplify it, and broadcast it back to them. From rysiek at hackerspace.pl Tue Feb 3 20:58:46 2015 From: rysiek at hackerspace.pl (rysiek) Date: Wed, 04 Feb 2015 05:58:46 +0100 Subject: Tox.im In-Reply-To: <54D17872.4090401@cs.helsinki.fi> References: <54D1279B.7080103@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> <54D17872.4090401@cs.helsinki.fi> Message-ID: <2817108.iTz92Mvrx1@lapuntu> OHAI, first of all, all that Yaron just wrote. Very much so. Dnia środa, 4 lutego 2015 03:40:02 Markus Ottela pisze: > I get what you mean. You're trying to evaluate the skillset of > developers in terms of how things are implemented and programmed. I'm trying > to say they've a bigger job to do and so far they have failed at it. No. I'm trying to assess if Tox is legitimately a better, or "better-stay- away", alternative to Skype. So far I see three serious problems: - no warning for users about a few things (like "Tox does not provide anonymity", etc); - written in C, and the code is "TFC" as defined in my mail in another thread; ;) - no good protocol documentation, so no way to to easily: - write other implementations; - assess the quality of the protocol. Apart from these, there are the questions I brought up earlier, which might or might not translate to more serious problems. For the time being I'm going to use Tox for not-mission-critical stuff and testing, and will suggest it to Skype users wanting to talk to me. I will not advocate its use as a security tool. Am I missing anything? Can anybody provide any answers to the questions I mentioned, and provide below? - does the transport layer have encryption? (does the middle layer do that all or...?) - where is the documentation of the cryptography? - is there any hmac done at all? - what is the tox id for a seed with all 0? - how does the tox implementation handle different byte alignment? - how does the tox implementation handle different byte endiness? - how well stressed is the tox implementation? benchmarks? - where is the rest of the documentation? - where can I find a full view of how tox works from bottom to top? -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From grarpamp at gmail.com Wed Feb 4 02:59:01 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 4 Feb 2015 05:59:01 -0500 Subject: get chipped at your local tattoo parlor In-Reply-To: References: Message-ID: On Wed, Feb 4, 2015 at 1:13 AM, brian carroll wrote: > Swedish office gets under employees' skin with RFID microchips; > http://www.cnet.com/news/swedish-office-gets-under-employees-skin-with-rfid-microchips/ > http://www.bbc.com/news/technology-30144072 > '"The idea is to become a community that is why they get implants done > together," [Mr Sjoblad] says.' Ahhh yes, cute happy lemmings leading and cheering each other into the blue sea. Unencrypted, readable without their authorization by anyone... A single unique id, rather than a different one for every context... Issued by central authority, rather than by them... No physical blackening function under their control to root out that error soon lodged deep within their brain... No change there, just happy continuation of the same, over the cliff and down the slope they go, wheee what fun they say... Before being forced to become someone else's cyborg (and enjoy their pretty blue pill of a sea), let my last instruction be: terminate program. From grarpamp at gmail.com Wed Feb 4 03:15:07 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 4 Feb 2015 06:15:07 -0500 Subject: www.nsa-observer.net In-Reply-To: References: Message-ID: On Sat, Jan 31, 2015 at 4:43 AM, coderman wrote: > scaling distribution of tens of gigs of reference materials is a > challenge. technically it is working, but usability needs some help... > (next dist should be easier to mirror) Moving 10G/day/node to or from clearnet is possible. Posting in the darknet might find you parallel armies of sympathetic nodes willing to help with task. From oottela at cs.helsinki.fi Tue Feb 3 20:39:48 2015 From: oottela at cs.helsinki.fi (Markus Ottela) Date: Wed, 04 Feb 2015 06:39:48 +0200 Subject: What the fark is "TFC" In-Reply-To: References: <15658830.G1IiJoRcAd@lapuntu> Message-ID: <54D1A294.8040504@cs.helsinki.fi> Dingdingding. And we have a winner: Tinfoil Chat it is. Though I liked Gutmann's answer the most. On 04.02.2015 03:52, Tom Ritter wrote: > On 3 February 2015 at 17:59, rysiek wrote: >> Hi there, >> >> my brain is fried and I can't get any sane result in my attempts to decipher >> the "TFC" acronym. And "TCB", that shows up around it. > TCB is usually Trusted Computing Base. > > Some searching indicates TFC may be Traffic Flow Confidentiality. (Or > less likely, TinFoil Chat, which appears to be some random chat app > plugin for encrypted messaging.) > > -tom From list at sysfu.com Wed Feb 4 07:35:35 2015 From: list at sysfu.com (Seth) Date: Wed, 04 Feb 2015 07:35:35 -0800 Subject: Calyx institute announces canarywatch.org web site In-Reply-To: References: Message-ID: On Wed, 04 Feb 2015 00:37:42 -0800, grarpamp wrote: > Accepting playment of this dodging game seems largely irrelavent > (and harmful) to the real issue at hand... your right to speak. At > least in the US... Agreed, but who wants to gamble with the next 20-35 years of their life being thrown away in some hellish sensory deprivation solitary confinement torture chamber to prove the point? Let the gubmint further undermine whatever legitimacy they have left by inventing tortured legal arguments as to why people must be compelled under threat of violence to speak lies (ironically by not speaking) > Some would say that any interpretation (fiat) of the original > Charters text created subsequent to, and without sole dedication > to exclusive analysis of, the thoughts of those who wrote them... > is bogus, unless so amended. Lots of bogus laws based on flawed > interpretation (or on flawed interpretation of good interpretation) > out there... and no one testing them. Slowly stacking up, harder > to revert with each additional one layered on and woven in tight. > A fine day to be a lawyer and a citizen perhaps. Or perhaps there > are none that good... If we go by the Tacitus metric of “The more corrupt the state, the more numerous the laws.”, then the United States is well and goodly f*ck'd. http://www.farnamstreetblog.com/2011/11/tacitus-syllogism/ I like Richard J. Maybury's 'The Two Laws' concept; Two laws are necessary for civilizations to develop and advance: 1) Do all you have agreed to do. 2) Do not encroach on other persons or their property It's dead simple and all we really need IMHO. From dan at geer.org Wed Feb 4 05:14:41 2015 From: dan at geer.org (dan at geer.org) Date: Wed, 04 Feb 2015 08:14:41 -0500 Subject: One more way to track you: via mouse In-Reply-To: Your message of "Wed, 04 Feb 2015 13:36:31 +0200." <20150204113513.GB2472@sivokote.iziade.m$> Message-ID: <20150204131441.8563D2280F5@palinka.tinho.net> Every thing is unique if examined at fine enough grain. It is the infrastructure of examination that matters. --dan From cathalgarvey at cathalgarvey.me Wed Feb 4 00:15:09 2015 From: cathalgarvey at cathalgarvey.me (Cathal Garvey) Date: Wed, 04 Feb 2015 08:15:09 +0000 Subject: thick gaps In-Reply-To: References: Message-ID: <54D1D50D.4070701@cathalgarvey.me> Proven tradition out in the wild. I gather there are SSH honeypots that allow logins with trivial attempts (pi/raspberry, admin/admin..), then simply record which commands the attacker runs first. Usually they'll be scripted commands to scope out the compromised system, and if it passes muster it dials home. I don't think those honeypots are designed to make much of a human attacker, but they allow rapid identification and classification of who's attacking and offer some scope for countermeasures. For example, if your attacker is running a certain command and capturing a certain form of expected output, what happens if your honeypot gives it too much, or a different kind of output? :) Is your automated attacker using SQL to store attack data? I hope it's escaping input.. Is your attacker using stars in any commands ('grep foobar *')? Did you know you can have filenames that look like shell command flags and bash will uncritically pass them as arguments? On 03/02/15 18:55, Natanael wrote: > Den 3 feb 2015 19:19 skrev "coderman" >: > > > > On 2/3/15, dan at geer.org > wrote: > > > ... > > > John, you know this I'm sure, but for the record the highest > > > security places use sacrificial machines to receive e-mail and > > > the like, to print said transmissions to paper, and then those > > > (sacrificial) machines are sacrificed, which is to say they > > > are reloaded/rebooted. Per message. The printed forms then > > > cross an air gap and those are scanned before transmission to > > > a final destination on networks of a highly controlled sort. > > > I suspect, but do not know, that the sacrificial machines are > > > thoroughly instrumented in the countermeasure sense. > > > > this is defense to depths layered through hard experience lessons ;) > > > > > > > > > ... For the > > > entities of which I speak, the avoidance of silent failure is > > > taken seriously -- which brings us 'round to your (and my) > > > core belief: The sine qua non goal of security engineering is > > > "No Silent Failure." > > > > there was an interesting thread here last year on instrumenting > > runtimes to appear stock (vulnerable) but which fail in obvious ways > > when subversion is attempted. (after all, being able to observe an > > attack is the first step in defending against such a class...) > > > > "hack it first yourself, before your attacker does..." > > Canary bugs / honeypot bugs? > -- Scientific Director, IndieBio Irish Programme Got a biology-inspired business idea that $50,000 - & 3 months in a well equipped lab could accelerate? Apply for the Summer programme in Ireland: http://indie.bio/apply-to-ireland Twitter: @onetruecathal Phone: +353876363185 miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM peerio.com: cathalgarvey From drwho at virtadpt.net Wed Feb 4 10:32:53 2015 From: drwho at virtadpt.net (The Doctor) Date: Wed, 04 Feb 2015 10:32:53 -0800 Subject: thick gaps In-Reply-To: References: Message-ID: <54D265D5.8080402@virtadpt.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 02/03/2015 10:55 AM, Natanael wrote: >> "hack it first yourself, before your attacker does..." > Canary bugs / honeypot bugs? "What would I do if I wanted to crack us...?" - -- The Doctor [412/724/301/703/415] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ IHOP: The world's largest, most popular goth club. -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJU0mXQAAoJED1np1pUQ8Rktq0P/303vPV1jvxG2YqywhtDT0uj NEhgpqn4OlsldpltfbHl6tNpNz+RQZ3E96BmFRdAbLwU3uMcJ40wlgCx3CqLny8j /XQ8HGjFEe2OwGtrB6oj3rp0VfBNSFlU7Bin9UlaylWwoiLiHG2JafB+cCwybWK+ 5i7t5YJVp+i7KzngZISwrxx0UiAuabOZJmdv2liVReVxx5jkZEAMrxz+9kcGCFJ3 5o5U5ol8rzZ+o0h1mTaeZXeWbtfvc/gS5S8nrB4R68X1weJzc2vcGylXbZINUfO5 So9x2jkQDNew3GajlMJYFJZ3LsW/qEjevisHeG0KmqdYmTaJ9zPq0tWvGHlnvYr7 BPRC+c7v7YpGHQbEJKSjyQLWUR8CU7coRYKtqQoDJDaWHFyAznIMft2+s0ygqzjC RdWFbK+k3r8WKYRoYTM865yvQ959j3qUud8yrOj/IaOgNaOdjg/Nlf7sX+l1Z9SA ZK0GCPZzUmJdsLQaDaa2TpOmYrXJr7EP9P/JpWwaSaLc67QTUvgy4QghvTRCwunZ H6ziIxNSz8DssEuLNAZbw2/hj4iVh6qqtjn4gvqcj9Vn4wyvhtkeDd/CilfiTqAH 9aQnRxi+cym3AudDllm1+8N5CNDlvZDxVIsNLvWFIzs7ptJkStEtw4QQnfO5Sag+ dkYn04bYbljLZMcnMt2P =vxOw -----END PGP SIGNATURE----- From odinn.cyberguerrilla at riseup.net Wed Feb 4 03:18:38 2015 From: odinn.cyberguerrilla at riseup.net (odinn) Date: Wed, 04 Feb 2015 11:18:38 +0000 Subject: What the fark is "TFC" In-Reply-To: <54D1A294.8040504@cs.helsinki.fi> References: <15658830.G1IiJoRcAd@lapuntu> <54D1A294.8040504@cs.helsinki.fi> Message-ID: <54D2000E.1030907@riseup.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Too Fucking Cool. For you. Markus Ottela: > Dingdingding. And we have a winner: Tinfoil Chat it is. Though I > liked Gutmann's answer the most. > > On 04.02.2015 03:52, Tom Ritter wrote: >> On 3 February 2015 at 17:59, rysiek >> wrote: >>> Hi there, >>> >>> my brain is fried and I can't get any sane result in my >>> attempts to decipher the "TFC" acronym. And "TCB", that shows >>> up around it. >> TCB is usually Trusted Computing Base. >> >> Some searching indicates TFC may be Traffic Flow Confidentiality. >> (Or less likely, TinFoil Chat, which appears to be some random >> chat app plugin for encrypted messaging.) >> >> -tom > > - -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJU0gANAAoJEGxwq/inSG8CGg0IALxDXDM7Kdrp+Y0BtWu+z3V+ S2nqO+osxFLffokrgbOra/sq3okiGzUrdjZLort6H/LQPYhVMeO6uOqilm/UU51I QQJvxtq+fD/94PaGDfmEkTjo2DA4+kfHC5+6NTHG0WbkVM1bE7UJboTLDFStlMM+ SgjSZlKKaPtBiysvszpIAqeBBL4EX+xjIObnUDRCyb6vMel/HEc/riZfa4yb58H4 6O9E7v3paIeqgeHnZQRmadk+kAMkqwiBRYWSjyI75YmozTycuBUETblqo/k5PEjn U6UIMdh7O1QgbFaTZbeVMPL5ux5tGgx/dhSll3MI5KKV5nFdOAvsK/BBmEMgr/M= =56aj -----END PGP SIGNATURE----- From jya at pipeline.com Wed Feb 4 08:20:01 2015 From: jya at pipeline.com (John Young) Date: Wed, 04 Feb 2015 11:20:01 -0500 Subject: www.nsa-observer.net In-Reply-To: References: Message-ID: Darknet is hardly dark, or no more than Tor anonymizes, PKC protects, official secrecy keeps secrets. What they are are seductive lures that siren sailors to blindly pursue lustful comforts of heroic Greek mythology espoused by temple maidens turned to stone by inhaling excess incense. Still, the monuments of folly lure tourists to fatten pigeons and bloat architects of incensed vengeance, aka spies and warfighters who, with complicit elected officials, are the world's shrewdest mythologists. >Moving 10G/day/node to or from clearnet is possible. Posting in the >darknet might find you parallel armies of sympathetic nodes willing >to help with task. From rysiek at hackerspace.pl Wed Feb 4 02:58:17 2015 From: rysiek at hackerspace.pl (rysiek) Date: Wed, 04 Feb 2015 11:58:17 +0100 Subject: What the fark is "TFC" In-Reply-To: <54D1A294.8040504@cs.helsinki.fi> References: <15658830.G1IiJoRcAd@lapuntu> <54D1A294.8040504@cs.helsinki.fi> Message-ID: <3919812.q1dzmxQad4@lapuntu> Dnia środa, 4 lutego 2015 06:39:48 Markus Ottela pisze: > Dingdingding. And we have a winner: Tinfoil Chat it is. Uhm... http://tinfoilchat.chatango.com/ https://forums.hak5.org/index.php?/topic/31131-tinfoil-chat-pidgin-otp-endpoint-security/ But okay, waded through the other thread and found: http://www.cs.helsinki.fi/u/oottela/tfc.pdf Too tired right now to read it through. Anybody else wants to have a look? -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From electromagnetize at gmail.com Wed Feb 4 10:37:06 2015 From: electromagnetize at gmail.com (brian carroll) Date: Wed, 4 Feb 2015 12:37:06 -0600 Subject: q: time & crypto Message-ID: observation, i have been intrigued by the idea of future mechanical watches built using nanoelectronics and micromechanical timing mechanisms that could be scaled to very tiny watch movements that perhaps could be hybrid analog (mechanical) computer-on-a-chip devices, so that a watch would have an electronics interface (LCD screen, other indicators) along with mechanical hands and timing, potentially. that said, today the Swiss technology seems thoroughly operating at the old scale (at least to outside views) in their watching, yet this scaling-down of watch movements seems a natural next step in the technological progression, perhaps a mechanical moore's law of some sort relating to physics tools enabling clockwork modeling at ever smaller scales, & also circuitry. so what if what today exists as a half-dollar (USD) medallion sized watch 'movement' tomorrow could be equivalent to the realm occupied by fabled smart dust, where the mechanism itself nearly disappears by comparison, say down to a centimeter if not a few millimeters for a mechanical movement that could rotate minutes and seconds hands on a watch display, that through magnification via lens could then appear at a normal watch scale for readability, etc. such that additional power would not be needed to gear a motor to drive larger scaled watch hands, or perhaps that would even be possible, given future energy options. the point here being the idea of mechanical timing operating at a lower scale, though also with increased timing precision. one way to consider it would be to have such a system synced with GPS for accuracy, and then adjust the mechanical watch hands to a synchronized time regimen. another way to consider it would be that something new is possible in this realm, including both mechanically, where a mechanical cantilever can be set to vibrate at a natural harmonic frequency (much like a quartz crystal used in timing circuits) if not mistaken, (these things used as frequency-combs for spectroscopy) [0], thus if consistent timing were achievable, perhaps this vibrational energy could be the basis for moving a clockwork mechanism, ratcheted gear by interconnected gear, to produce 'time' as it were. at the nanoelectronic side of things, [1] it would seem that at whatever the smallest scale of charged particle flow could be harnessed into circuits, that this then would build-up the electronics side of the watch, to interact with a mechanical circuit via additional info or data (communications, software, etc) though potentially also timing regulation, or smoothing out input or whatever may be possible. so perhaps the 'electronics' could be part of the timing circuit or exist beside it, functioning independently in parallel. or that the accuracy of the timing could be generated via electronics (say a more accurate crystal frequency or resolution for the timing circuit, that either adjusts or corrects it or drives it). so thinking about extremes and what-ifs, the idea here is to consider what may be possible if reaching such a capacity for a watchmaking and what might change as a result of this kind of technological advancement, especially in terms of time. needless to say, today mechanical hybrid watches and "smartwatches" have comparably low resolution timing accuracy when compared to the most accurate atomic clocks in use for standardized time keeping. so too, the idea of network 'timestamps' appears to propagate as a way of maintaining time on network-reachable watches, such that an Internet Time Server relays a time signal to a device which then sets its clock to that remote standard, perhaps not unlike issues of web serves and routers and how time is maintained and used to coordinate and route event data. and it is to question this existing scenario (in particular electronic and computer-based watches and devices) as this relates to issues like encryption and random-numbers and hashing functions, if the "time" of a device is managed remotely and in some major sense, inaccurate at a local level, or not unique to a particular space-time and instead managed by a centralized though inaccurate timekeeping system which is never actually synchronized. in that there are huge gaps and losses of resolution (which may be a matter of perspective, in that 'time' may be viewed a construct) and yet, what if this has fundamental relation to how crypto functions, could function, or cannot function as a result. this consideration led to my observation of how having an atomic clock as a wristwatch movement would likely be possible in the above MEMs and nanoelectronics scenario. and what would that mean, if super-resolution timekeeping were available at a local level of interaction, where gravity or nano-fractional differences in time may be leveraged for unique non-reproducible running number sequencing that could generate hashes or be used for randomization or encryption of unique point-to-point timing where the keys are correlated to the unique timing of independent atomic watches. In that, consider GPS satellites that send out a time signal to a device and in their miniscule differences in arrival, location can be determined. what if the same is true of wristwatches, where each watch is like that, with relativism or the gap, instead of being a dead-area or deficit, becomes a basis for knowledge and a barrier or wall to outside peering into the connection, if a secure channel between watches could be established, and thus not 'tapped' into without a certain running timing sequence to discombobulate the merged streams as harmonized. It is just wondered if such atomic wristwatches could feasibly change the game for point to point or one-to-many communications in a secure communications protocol. or perhaps such timing mechanisms per device, as applicable, in terms of security (phone, bankcard, etc). it just seems that timing and encryption could go hand-in-hand in that their dynamics are potentially highly complimentary though also, the lack of such timing coherence then could allow negative relativistic dynamics in their place, where exploits could be based on inaccurate homogenous timing regimens that remove timing as part of a security measure or defense. 0. http://en.wikipedia.org/wiki/Force_spectroscopy http://en.wikipedia.org/wiki/Atomic_force_microscopy 1. http://en.wikipedia.org/wiki/Nanoelectronics From guninski at guninski.com Wed Feb 4 03:36:31 2015 From: guninski at guninski.com (Georgi Guninski) Date: Wed, 4 Feb 2015 13:36:31 +0200 Subject: One more way to track you: via mouse Message-ID: <20150204113513.GB2472@sivokote.iziade.m$> http://www.theregister.co.uk/2015/02/03/behaviour_based_biometrics_darpa_us_army/ DARPA: We KNOW WHO YOU ARE... by the WAY you MOVE your MOUSE For me one more reason to avoid js whenever possible... From zen at freedbms.net Tue Feb 3 18:38:21 2015 From: zen at freedbms.net (Zenaan Harkness) Date: Wed, 4 Feb 2015 13:38:21 +1100 Subject: Tox.im In-Reply-To: <54d17de0.8826e00a.72c9.201f@mx.google.com> References: <54D1279B.7080103@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> <54d166be.e6548c0a.46eb.0e29@mx.google.com> <1649539.hNB5UO0CMZ@lapuntu> <54d17de0.8826e00a.72c9.201f@mx.google.com> Message-ID: On 2/4/15, Juan wrote: > On Wed, 04 Feb 2015 02:03:44 +0100 > rysiek wrote: >> Oh, I also appreciate how you're the first to jump in and criticize >> Tor, > > Just as I appreciate you licking the boots of the US > military and its spies. :) Come one rysiek, you should know better by now around here - you just got Juan'ed... And I'm not saying that's a bad thing either :) From ryacko at gmail.com Wed Feb 4 14:29:16 2015 From: ryacko at gmail.com (Ryan Carboni) Date: Wed, 4 Feb 2015 14:29:16 -0800 Subject: Tox.im Message-ID: In an enemy of the state scenario, don't think any amount of OPSEC will help you. Unless you literally live in a cave without running water or electricity. Personally: don't trust anything you can't program yourself, don't trust anything you wouldn't understand -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 355 bytes Desc: not available URL: From pgut001 at cs.auckland.ac.nz Tue Feb 3 19:39:45 2015 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Wed, 04 Feb 2015 16:39:45 +1300 Subject: What the fark is "TFC" In-Reply-To: <15658830.G1IiJoRcAd@lapuntu> Message-ID: rysiek writes: >my brain is fried and I can't get any sane result in my attempts to decipher >the "TFC" acronym. It's Tennessee Fried Chicken (sometimes known as Tomato Fried Chicken due to the way it was served), an early, unsuccessful competitor to the more popular Kentucky Fried Chicken. HTH, HAND. Peter. From s at ctrlc.hu Wed Feb 4 07:51:43 2015 From: s at ctrlc.hu (stef) Date: Wed, 4 Feb 2015 16:51:43 +0100 Subject: What the fark is "TFC" In-Reply-To: <3919812.q1dzmxQad4@lapuntu> References: <15658830.G1IiJoRcAd@lapuntu> <54D1A294.8040504@cs.helsinki.fi> <3919812.q1dzmxQad4@lapuntu> Message-ID: <20150204155143.GC6948@ctrlc.hu> On Wed, Feb 04, 2015 at 11:58:17AM +0100, rysiek wrote: > Dnia środa, 4 lutego 2015 06:39:48 Markus Ottela pisze: > http://www.cs.helsinki.fi/u/oottela/tfc.pdf i think i have to add an 8th rule: vendor applies rules against own product. ;) but seriously, the hw design with the diodes is pretty cool, however maybe i missed it but i couldnt find much focus on sidechans. also what i don't get is why pidgin, if you have the communication end behind the diodes, then what exactly does pidgin provide? but i was only skimming the doc. -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From guninski at guninski.com Wed Feb 4 07:57:31 2015 From: guninski at guninski.com (Georgi Guninski) Date: Wed, 4 Feb 2015 17:57:31 +0200 Subject: One more way to track you: via mouse In-Reply-To: <20150204131441.8563D2280F5@palinka.tinho.net> References: <20150204113513.GB2472@sivokote.iziade.m$> <20150204131441.8563D2280F5@palinka.tinho.net> Message-ID: <20150204155731.GC2472@sivokote.iziade.m$> On Wed, Feb 04, 2015 at 08:14:41AM -0500, dan at geer.org wrote: > Every thing is unique if examined at fine enough grain. > It is the infrastructure of examination that matters. > > --dan -1 for top posting ;) Hope they don't find out some analyzed actors actually don't have physical mouse/touchpad/etc. From s at ctrlc.hu Wed Feb 4 09:14:06 2015 From: s at ctrlc.hu (stef) Date: Wed, 4 Feb 2015 18:14:06 +0100 Subject: Tox.im In-Reply-To: References: <54D1279B.7080103@cs.helsinki.fi> <2595280.3Iuk8EjAjT@lapuntu> <54D1518F.40007@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> <54D17872.4090401@cs.helsinki.fi> Message-ID: <20150204171406.GD6948@ctrlc.hu> On Tue, Feb 03, 2015 at 10:34:16PM -0500, Yaron Greenwald wrote: > Why is it that everyone here rocks at threat models as long as they get > to own a computer. Why is it that everyone here can consider everything > from if a Global Passive Adversary is directly targeting you to if your lets not forget the local active adversaries. finfisher sells to a lot of customers, not only the nsa has such capabilities - assuming you allude to the (5|9|many)eyes alliance with he GPA, or do you mean cloudflare? > next door neighbor is doing, I dunno, Van-Eck Phreaking or something > like that, but can't *possibly* consider the use case of "my government > can break into any computer it wants, and I'm running from netcafe to > netcafe, and just need them to not be able to find me for the next one > or two weeks". > > A keylogger only compromises you once they find the logs to read -- hackingteam has that market covered i guess. > But say they've got a thumb drive with their data and software, two legs > (or one, or none, depending, I suppose), a car, and the driving will to > *keep running and fighting*. > > "You shouldn't be trusting your life" my rear. Half of these people are > expecting a knock on their door every day. You think they're gonna just > give up because they can't be Perfectly Cryptographically Secure? indeed. however they also endanger their support networks and if the brave sacrifice themselves for some community which is compromised in the mean time because of the 'immma compromised already' attitude does not advance their cause very much if there's no one left to die for. furthermore cryptographically secure is as the 7 rules show only one aspect, as long as people can be tricked with spear-phishing emails or fancy linkedin pages to install malware. crypto means only one thing, increasing the likelihood of malware instead of in-transit interception of plaintext communication. which brings us directly to host security and its dismal state. how many of these brave souls have updated their gear lately? how much malware is running on those hosts? how many believe that antivirus is something positive and not a system level backdoor? > So we can give up on them, or we can give them whatever help they can > get. Two. Choices. so by definition not having control over a device means the device can do whatever it wants within the limits of its capabilities. so this means you cannot ensure confidentiality, authenticity, anonymity, etc. the probability of a device acting against the will/interest of its user is pretty high already considering only commercial adversaries. however if the person is one of special interest because of 1/ the person itself is interesting or 2/ the person is one with weak security standards and in close proximity to persons of interest, in this case the probability of the device acting against the interest of the user is quite higher. so of course if your threat model is currently the littlesis one, then rot13 does protect you against 90% of adversaries. however disregarding more advanced adversaries can reduce your future agency against them enormously. like john travolta by the time scientology became an adversary for him, they had all the compromise to bind him. the other point that is ignored, is the asymmetry in the capabilities and modus operandi of the opposing adversaries. if we are considering the model of the arabian spring where you have people against some regime. the government has the monopoly of violence, and other stuff, that makes them able to work extralegally, also there's experience for many years in suppression of mass movements (look at cointelpro, or how the occupy movement got nowhere). on the other side, for citizens one of the expensive tools there exists in such an asymmetric setting is the sacrifice, like the soviets in the 2nd world war everyone gets ammunition but only 1 out of 5 soldiers a gun. the others get an order of inheritance of the gun. worked quite well, however it was very wasteful and tragic. of course losses can be cut, but they require efforts and resources that like the soviets, avg people hypnotized by us propaganda lack. > ...sorry for ranting. But, like, could we *please* at least consider > scenarios where people don't control their computer? Instead of just i did a bit of that consideration i hope. let me ask you what scenarios can you envision where there is no control of devices and thus no authenticity, confidentiality, etc? and yet useful for people above the littlesis adversary model? i think the context of the littlesis model is of little interest in this community though. > totally dismissing them off-hand? Like, there *is* stuff they can do, > and there *is* stuff we can do for them. can you be a bit more specific what you mean, and why you think that it would be efficient? what are your metrics for "success" or "efficiency"? let me try too: there's a few things that can be done, 1/ eliminate all snakeoil 2/ educate the few people that are actually doing things 3/ most importantly go harass the vendors that profit from the sabotaged infrastructure that these brave souls trust blindly. i'm sorry, the fact that we have not much to protect ourselves with is mostly due to the profit silicon valley, they wanted as fast as much users as possible, sacrificing everything for their quarterly profits, the externalities of this as it can be euphemised are on the victims. to do real stuff, the opsec is very hard and will be limited to only a few, and even most of them will fall, so everyone should expect to be owned and the wider consequences of that. although i think it's a great idea to raise the general costs for adversaries, i think this is much more expensive than you think. as an attacker i'll attack the cheapest way possible to maximise my results, surely. so when you start raising the cost of the cheapest way, i do not care about this until the cost is higher than the second cheapest attack. in which case it becomes the cheapest, and i use that. if i do my job well, i will continue a bit the old attack, so i force you to overspend on that defense, and make my life easier for some more time. > And it's just... > *wrong* to just say "go hang". i don't know where this comes from, but this is indeed wrong if anyone ever implied that, and it's not only a journalistic tool. lastly - allow me to naively exaggerate a bit - i think such regular "why can't you save us all" is very distracting in a community that is allegedly about writing code, not mails. our resources are limited and we are already motivated to work on this stuff. having to explain things over and over again should be handled by the people enjoying publicity and attention, not those enjoying good math, code and obscurity. -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From s at ctrlc.hu Wed Feb 4 09:34:36 2015 From: s at ctrlc.hu (stef) Date: Wed, 4 Feb 2015 18:34:36 +0100 Subject: Tox.im In-Reply-To: <20150204171406.GD6948@ctrlc.hu> References: <54D1279B.7080103@cs.helsinki.fi> <2595280.3Iuk8EjAjT@lapuntu> <54D1518F.40007@cs.helsinki.fi> <1516136.c3cOKeir0W@lapuntu> <54D17872.4090401@cs.helsinki.fi> <20150204171406.GD6948@ctrlc.hu> Message-ID: <20150204173436.GE6948@ctrlc.hu> On Wed, Feb 04, 2015 at 06:14:06PM +0100, stef wrote: > let me try too: there's a few things that can be done please go and bash mozilla to spend their warchest on UX of security features like cert handling, or a proper enigmail ui instead of ever more rounded corners, new ui experiences and transparent tabs. what a waste. also proper sandboxing would be wise to spend on. why does no one ever bash those only the depressing cypherpunks that say stuff no one wants to hear? -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From electromagnetize at gmail.com Wed Feb 4 18:44:54 2015 From: electromagnetize at gmail.com (brian carroll) Date: Wed, 4 Feb 2015 20:44:54 -0600 Subject: q: security model Message-ID: third and last observation: the other day i was considering how 'security' seems to be achievable only by putting someone in a secure area or box, and keeping the world outside this box, and how absurd that seems to be because it requires removing the world in order to try to attain security, if indeed this is an accurate assessment. the thing that struck me about this is that the world changes outside the box, and so this could either force detachment from the world, which then increasingly becomes out of touch with the external realm not included in the box, or that only people who are inside the same box can safely communicate, as long as they are modeled or entirely known in their parameters. in other words, if a person is all alone in the box they may be secured, yet the moment anything changes, or the world itself changes, this situation could be effected within this supposedly safe and secure zone. in that, if the person is inhabit or engage with the world they need to be able to interface and interact with the world. and thus perhaps the boundary or threshold issue, of entropic balancing, should anything change or the two realms somehow begin to crossover into one another. in this way, interaction beyond the box of security then potentially allows vulnerabilities into this secure zone, via the unknowability or inaccurate accounting for how these external relations exist, both outside and inside the once secure box. so too, any persons that are also included in the safe zone of the box inherently carry with them unknowns if not modeled and accounted for accurately that potentially jeapordize this internal condition, presumably more secure than no security, though with more interaction and access to 'the outside world' the more vulnerable in various dimensions, parameters, dynamics, known and unknown. so it just seemed like security itself would be impossible to achieve if the idea involves keeping out the world, or not accounting for things within a security context, yet having this be a hive of activity likewise, unless security accounting were happening to the Nth-degree beyond what may be external signifiers of security, 'the sign of security' versus its indepth practice in undocumented terms that may not even be mentioned or perceivable, given the advanced context that could exist in certain scenarios. it is somewhat like the scenario: a person walks into a bar... except that it is a supposedly secure box where they exchange secret messages and meet at conferences and function in industries (boxes within boxes) where various vulnerabilities are interwoven with activities and how could this occur in a real context of actual security unless much more was happening than meets the eye or ear. maybe this leads back to the idea of unknowability as the threshold for security, beyond a realm of awareness, where it cannot be deducted because things do not add up beyond a threshold condition and sensory awareness fails to provide a framework to evaluate what conditions feasibly need to exist for security to exist, which tends towards the metaphysical, the invisible, the utterly alien, etc. From oottela at cs.helsinki.fi Wed Feb 4 10:46:16 2015 From: oottela at cs.helsinki.fi (Markus Ottela) Date: Wed, 04 Feb 2015 20:46:16 +0200 Subject: What the fark is "TFC" In-Reply-To: <20150204155143.GC6948@ctrlc.hu> References: <15658830.G1IiJoRcAd@lapuntu> <54D1A294.8040504@cs.helsinki.fi> <3919812.q1dzmxQad4@lapuntu> <20150204155143.GC6948@ctrlc.hu> Message-ID: <54D268F8.40701@cs.helsinki.fi> To summarise the general classess of side channels mentioned in Wikipedia: Power analysis should be tackled with running the TCBs on batteries. I introduced the issue of electromagnetic and acoustic leaks but it's a very complex issue and I'm not an expert dealing with them. The RxM is the only device attacker can introduce faulty data to compute on. However, no feedback is available due to the implementation thus unless pre-compromised, the hardware should not have back channel. TFC does it's best effort to overwrite and verify overwriting after key material has been used. Each of these is mentioned in white paper. More work is needed to create high-assurance physical/close proximity security but again, user is informed about the issues and the main threat is automated remote exploitation. The purpose of Pidgin is to transmit the messages. To simplify, TFC is a plugin for Pidgin that automates you doing encryption in a secure environment and typing the ciphertext to OTR encrypted Pidgin window with your keyboard. It also automates decryption of ciphertexts you receive when OTR-plugin of Pidgin decrypts the outer layer of message. So for TFC the encryption is SSL( OTR( OTP(Message)||MAC )) and for TFC-CEV you replace OTP(Message)||MAC with AES_GCM(Twofish(Salsa20(Keccak(Message)))). The pages 9 and 10 of whitepaper explains this in more detail. Please let me know if there's anything that needs to be clarified. On 04.02.2015 17:51, stef wrote: > On Wed, Feb 04, 2015 at 11:58:17AM +0100, rysiek wrote: >> Dnia środa, 4 lutego 2015 06:39:48 Markus Ottela pisze: >> http://www.cs.helsinki.fi/u/oottela/tfc.pdf > i think i have to add an 8th rule: vendor applies rules against own product. ;) > > but seriously, the hw design with the diodes is pretty cool, however maybe i > missed it but i couldnt find much focus on sidechans. also what i don't get is > why pidgin, if you have the communication end behind the diodes, then what > exactly does pidgin provide? but i was only skimming the doc. > From coderman at gmail.com Wed Feb 4 21:04:30 2015 From: coderman at gmail.com (coderman) Date: Wed, 4 Feb 2015 21:04:30 -0800 Subject: www.nsa-observer.net In-Reply-To: References: Message-ID: On 2/4/15, John Young wrote: > Darknet is hardly dark, or no more than Tor anonymizes, > ... true; perhaps best quantified as: "no ISP asshattery". but fails like all earth human technology in face of capable attacker with significant resources. [ specifically, onion overlay avoids TCP RST, DNS redir, local network ARP poisoning, IPv4/IPv6 BGP route jacking, transport privacy and authenticity** attacks (rewrite proxy) ] ** key management, someone has to do it. and it is always cumbersome... but that is nary a sliver in the sky of surface exposed, in typical "rich web service" context, full of javascript and media handlers and plug-ins, oh my! tell us John, do your server logs show mostly complete or incomplete downloads of Cfour? :P From kanzure at gmail.com Wed Feb 4 19:09:20 2015 From: kanzure at gmail.com (Bryan Bishop) Date: Wed, 4 Feb 2015 21:09:20 -0600 Subject: q: security model In-Reply-To: References: Message-ID: On Wed, Feb 4, 2015 at 8:44 PM, brian carroll wrote: > third and last observation: the other day i was considering how > 'security' seems to be achievable only by putting someone in a secure > area or box, and keeping the world outside this box, and how absurd > that seems to be because it requires removing the world in order to > try to attain security, if indeed this is an accurate assessment. See also the bobble: http://extropians.weidai.com/extropians.3Q97/4356.html Also you can possibly employ some trickery involving conservation of energy or physical costliness along the order of the universal scarcity of entropy. - Bryan http://heybryan.org/ 1 512 203 0507 From electromagnetize at gmail.com Wed Feb 4 19:24:26 2015 From: electromagnetize at gmail.com (brian carroll) Date: Wed, 4 Feb 2015 21:24:26 -0600 Subject: q: security model In-Reply-To: References: Message-ID: Bryan Bishop wrote: > See also the bobble: > http://extropians.weidai.com/extropians.3Q97/4356.html quote: "The reason I bring up cryptography, however, is to show that it IS possible to defend against adversaries with enormous resources at comparatively little cost, at least in certain situations. The Singularity tunneling problem should not be dismissed out of hand as being unsolvable, but rather deserves to be studied seriously. There is a very realistic chance that the Singularity may turn out to be undesirable to many of us." just wanted to share the view that 'the singularity' may be an ideological concept unless grounded in a model of empirical truth, whereby 'many worlds' or parallel experiences are actually issues of relativistic frameworks that are not aligned and instead exist in different, faulty models of partial- or pseudo-truth, whereas 'the singularity' would involve annihilating all reigning and ruling falsehoods via a single integrated model of empirical truth for all people to function within, thus the non-fiction approach to this idea as it also involves psychology and awareness and these effecting computation and softwared reasoning/rationalizations. akin to, in some sense, the issue of various religions and deities that are competing and contrasted, versus 'one truth religion' where truth survives and is the religion. everything aligned with itself and coherent, as cosmic order. then if someone doesn't get their way or privilege or status due to grounding part with whole, it would be for the better, and certainly people will in this way be falsified and not allowed specious grand beliefs in denial of shared reality and instead this would be mediated through hypotheses, debate, and evidence, logical reasoning, and not now today via ideologies, beliefs and opinions shared by individuals and groups as if reason, which instead functions as powerful entities that are more powerful, determining events via their truth, which manages interpretation. also of note: forgot to simplify about the box. no technology in the box. start with a pencil and paper, not a personal computer for crypto, and each step involving the outside or reliance on the outside introduces vulnerabilities. the more complex, the more can go wrong, etc. thus the heavy reliance on computational technology itself becomes the insecurity in the system though also, interaction with others. the bobble observation prescient in that, in the above comment about truth, if the tunneling is considered to be happening in a realm of truth that is beyond external observation, that is effectively security, even if against a more powerful adversary. which seems to have been your point, much appreciated. From pgut001 at cs.auckland.ac.nz Wed Feb 4 00:25:39 2015 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Wed, 04 Feb 2015 21:25:39 +1300 Subject: get chipped at your local tattoo parlor In-Reply-To: Message-ID: brian carroll writes: >The rise of the Swedish cyborgs >By Jane Wakefield Technology reporter >http://www.bbc.com/news/technology-30144072 > >'"The idea is to become a community that is why they get implants done >together," [Mr Sjoblad] says.' Same idea as the WWI Pal's Battalions... Peter. From grarpamp at gmail.com Wed Feb 4 19:07:29 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 4 Feb 2015 22:07:29 -0500 Subject: REAL-ID Internet Access Coming Soon Message-ID: http://www.pcmag.com/article2/0,2817,2476275,00.asp Do not underestimate the precedence of the Chinese, Facebook and the rumblings in the UK/US/etc. Code all you want, but unless you start acting now in realworld politics to prevent this type of stuff (ID/names, anti-crypto, etc), you will very soon be kissing any rights to freedom and self managed privacy you now enjoy on the internet goodbye forever. Grabbers gonna grab and you'll be sorry. Don't try to claim people didn't warn you (you'll be censored by then anyways). From coderman at gmail.com Thu Feb 5 02:17:23 2015 From: coderman at gmail.com (coderman) Date: Thu, 5 Feb 2015 02:17:23 -0800 Subject: FOIPA adventures Message-ID: "you want me to consent to make my FBI file public? Are you fucking mad?" - https://twitter.com/thegrugq/status/563036665837789184 --- i am currently making requests through MuckRock.com which i recommend for their helpful and dedicated staff, as well as their time devoted to review and reporting on released information. i am using the professional service, which lets you set requests private until reviewed and ready to release publicly. this implies a bit of trust in MuckRock, and i hope it is not misplaced. few years back i asked for participants in a similar effort. some things resulted: 1) this also opens up the requester to risk; that is, whoever is filing must also potentially show some trust, if a falsified DOJ-361 is sent and used as pretext to "deter" you. i have not heard of this actually happening, but i was also not willing to push it. '''beware who you accept, coder, or they're setting you up for USC 18 fuckery. sure, it may in the end be ok. but you're in misery until cleared.'''' 2) the information is going to be public; if you've got a file because you're a privacy enthusiast, then filing to make your file public is the opposite of enjoying your privacy. there is merit in taking one for team earth human, however... --- as a first report, deliveries of USPS forms DOJ-361 to multiple, and a batch of three sent concurrently. two arrived promptly, but one got scrutiny before leaving town (forms to FBI, perhaps related to ? :) a) INTERPOL Washington FOIA Service Center (202)-616-0201 U.S. Department of Justice Washington, D.C. 20530 --- Form DOJ-361 sent, currently: February 4, 2015 , 11:41 pm - Arrived at USPS Facility - WASHINGTON, DC 20066 Tracking Number: 9405510200829494303833 b) U.S. Department of Justice United States Marshals Service Office of General Counsel Washington, DC 20530-1000 --- Form DOJ-361 sent, currently: February 4, 2015 , 11:40 pm - Arrived at USPS Facility - WASHINGTON, DC 20066 "Your item arrived at our USPS facility in WASHINGTON, DC 20066 on February 4, 2015 at 11:40 pm. The item is currently in transit to the destination." Tracking Number: 9405510200830593742348 c) Record/Information Dissemination Section (RIDS) FBI-Records Management Division 170 Marcel Drive, Winchester, VA 22602-4843 --- Form DOJ-361 sent, currently: February 3, 2015 , 6:15 pm - Arrived at USPS Origin Facility - PORTLAND, OR 97218 "Your item arrived at our USPS origin facility in PORTLAND, OR 97218 on February 3, 2015 at 6:15 pm. The item is currently in transit to the destination." Tracking Number: 9405510200828494428195 [ i offered to send via FAX if mail was problematic and excessively latent. ] From coderman at gmail.com Thu Feb 5 05:25:34 2015 From: coderman at gmail.com (coderman) Date: Thu, 5 Feb 2015 05:25:34 -0800 Subject: Pixel Dust Is Futile like FOIPA Message-ID: On 2/5/15, John Young wrote: > Peter Gutmann's pixel dust protection of privacy works as > an update for faith in elaborately futile shenanigans to evade > and to nab evaders inherently implanted in fetuses then re-implanted > in corpses: dust to dust... speaking of pixel dust futility, US Marshals sent back a tracking pixel nope, need vetting. ''' We sent you a form to have you certify your identification. You have not replied to this certification. We also ask you to clarify the information you were seeking as you were unclear in your request. See highlighted portion of our email below. << insert honeytoken >> '''' - https://muckrock.s3.amazonaws.com/foia_files/WRD000_630.jpg [ or was it muckrock failing protectively? or both? or one as cover for the latter? ... *grin* ] --- request to DHS rejected on specificity grounds, cycle continues, , hey John, want to file FOIPAs through MuckRock like the fucking mad you are? :P From coderman at gmail.com Thu Feb 5 05:39:31 2015 From: coderman at gmail.com (coderman) Date: Thu, 5 Feb 2015 05:39:31 -0800 Subject: Pixel Dust Is Futile like FOIPA In-Reply-To: References: Message-ID: On 2/5/15, coderman wrote: > ... > US Marshals sent back a tracking pixel nope, need vetting.... INTERPOL responded: 'We have not received your certificate of identity form DOJ-361, it appears to be in transit to the destination. Please call if you wish to modify or discuss your request.' but no sphearphish. resume_wait(); From jya at pipeline.com Thu Feb 5 05:10:21 2015 From: jya at pipeline.com (John Young) Date: Thu, 05 Feb 2015 08:10:21 -0500 Subject: Pixel Dust Is Futile In-Reply-To: References: Message-ID: Peter Gutmann's pixel dust protection of privacy works as an update for faith in elaborately futile shenanigans to evade and to nab evaders inherently implanted in fetuses then re-implanted in corpses: dust to dust. Logs are as deceptive and who, what and how they log. Machine designers and sysadmins artfully possessive documentaries inherently evasive and capturing. At 12:04 AM 2/5/2015, coderman wrote: >On 2/4/15, John Young wrote: > > Darknet is hardly dark, or no more than Tor anonymizes, > > ... > >true; perhaps best quantified as: "no ISP asshattery". > but fails like all earth human technology in face of capable attacker >with significant resources. > >[ specifically, onion overlay avoids TCP RST, DNS redir, local network >ARP poisoning, IPv4/IPv6 BGP route jacking, transport privacy and >authenticity** attacks (rewrite proxy) ] > >** key management, someone has to do it. and it is always cumbersome... > >but that is nary a sliver in the sky of surface exposed, in typical >"rich web service" context, full of javascript and media handlers and >plug-ins, oh my! > > >tell us John, do your server logs show mostly complete or incomplete >downloads of Cfour? :P From rysiek at hackerspace.pl Thu Feb 5 02:06:16 2015 From: rysiek at hackerspace.pl (rysiek) Date: Thu, 05 Feb 2015 11:06:16 +0100 Subject: Tox.im In-Reply-To: <20150204173436.GE6948@ctrlc.hu> References: <54D1279B.7080103@cs.helsinki.fi> <20150204171406.GD6948@ctrlc.hu> <20150204173436.GE6948@ctrlc.hu> Message-ID: <5463501.jFhPAEoxSA@lapuntu> Dnia środa, 4 lutego 2015 18:34:36 stef pisze: > On Wed, Feb 04, 2015 at 06:14:06PM +0100, stef wrote: > > let me try too: there's a few things that can be done > > please go and bash mozilla to spend their warchest on UX of security > features like cert handling, or a proper enigmail ui instead of ever more > rounded corners, new ui experiences and transparent tabs. what a waste. Or fucking EME and "Firefox Hellno", the latter being superfluous, the former simply evil. Can I quote the above (anonymously or otherwise, as you prefer) if I ever write anywhere about it? > also proper sandboxing would be wise to spend on. why does no one ever bash > those only the depressing cypherpunks that say stuff no one wants to hear? +1 -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From rysiek at hackerspace.pl Thu Feb 5 02:08:15 2015 From: rysiek at hackerspace.pl (rysiek) Date: Thu, 05 Feb 2015 11:08:15 +0100 Subject: Tox.im In-Reply-To: References: Message-ID: <2217773.QN5dbVIWqS@lapuntu> Dnia środa, 4 lutego 2015 14:29:16 Ryan Carboni pisze: > In an enemy of the state scenario, don't think any amount of OPSEC will > help you. The state treats *EVERYBODY* as enemies right now. It can, because it's so easy and cheap. Running the costs of surveillance up (for instance through ubiquitous encryption) just a bit will mean that they *have to choose*. Which already would be a win. And the more we can drive those costs up, the better. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From rysiek at hackerspace.pl Thu Feb 5 02:11:18 2015 From: rysiek at hackerspace.pl (rysiek) Date: Thu, 05 Feb 2015 11:11:18 +0100 Subject: REAL-ID Internet Access Coming Soon In-Reply-To: References: Message-ID: <2265819.O2j8fQfzAy@lapuntu> Dnia środa, 4 lutego 2015 22:07:29 grarpamp pisze: > http://www.pcmag.com/article2/0,2817,2476275,00.asp > > > Do not underestimate the precedence of the Chinese, > Facebook and the rumblings in the UK/US/etc. Code all > you want, but unless you start acting now in realworld politics > to prevent this type of stuff (ID/names, anti-crypto, etc), you > will very soon be kissing any rights to freedom and self managed > privacy you now enjoy on the internet goodbye forever. This. For a million times THIS! The UK "ban on encryption" is not about banning encrytion, it's about criminalizing anybody that does use it to be able to prosecute anybody Teh Gummint doesn't like without the hassle of building a real case. Make no mistake about it. > Grabbers gonna grab and you'll be sorry. Don't try to claim people didn't > warn you (you'll be censored by then anyways). Exactly. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From s at ctrlc.hu Thu Feb 5 02:51:28 2015 From: s at ctrlc.hu (stef) Date: Thu, 5 Feb 2015 11:51:28 +0100 Subject: Tox.im In-Reply-To: <5463501.jFhPAEoxSA@lapuntu> References: <54D1279B.7080103@cs.helsinki.fi> <20150204171406.GD6948@ctrlc.hu> <20150204173436.GE6948@ctrlc.hu> <5463501.jFhPAEoxSA@lapuntu> Message-ID: <20150205105128.GA6927@ctrlc.hu> On Thu, Feb 05, 2015 at 11:06:16AM +0100, rysiek wrote: > Dnia środa, 4 lutego 2015 18:34:36 stef pisze: > > please go and bash mozilla to spend their warchest on UX of security > > features like cert handling, or a proper enigmail ui instead of ever more > > rounded corners, new ui experiences and transparent tabs. what a waste. > > Or fucking EME and "Firefox Hellno", the latter being superfluous, the former > simply evil. what is eme and firefoxhellno? a joke that i don't get? > Can I quote the above (anonymously or otherwise, as you prefer) if I ever > write anywhere about it? only on the condition that you mention also the fact that DRM and advertising have seen great efforts spent on. their sabotage of critical infrastructure deserves nothing but contempt. -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From pgut001 at cs.auckland.ac.nz Wed Feb 4 17:30:33 2015 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Thu, 05 Feb 2015 14:30:33 +1300 Subject: Tox.im In-Reply-To: <20150204171406.GD6948@ctrlc.hu> Message-ID: Yaron Greenwald writes: >Why is it that everyone here rocks at threat models as long as they get to >own a computer. Why is it that everyone here can consider everything from if >a Global Passive Adversary is directly targeting you to if your next door >neighbor is doing, I dunno, Van-Eck Phreaking or something like that, but >can't *possibly* consider the use case of "my government can break into any >computer it wants, and I'm running from netcafe to netcafe, and just need >them to not be able to find me for the next one or two weeks". This is why we have cryptography, it provides us with a precise mathematical framework for debating the implications of various paranoid delusions. No matter how the gubmint is trying to get you, there's bound to be some cryptographic pixie dust of some form that you can sprinkle to help you feel better. Peter. From afalex169 at gmail.com Thu Feb 5 04:45:54 2015 From: afalex169 at gmail.com (=?UTF-8?B?INCQ0LvQtdC60YHQsNC90LTRgCA=?=) Date: Thu, 5 Feb 2015 14:45:54 +0200 Subject: OnionShare - what do you think about this piece of software? Message-ID: https://github.com/micahflee/onionshare https://onionshare.org/ Well, it's too "young", but it's OpenSource and the idea is good. any thoughts? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 288 bytes Desc: not available URL: From gdr at gdr.name Thu Feb 5 07:43:56 2015 From: gdr at gdr.name (GDR!) Date: Thu, 5 Feb 2015 16:43:56 +0100 Subject: Tox.im In-Reply-To: <20150205105128.GA6927@ctrlc.hu> References: <54D1279B.7080103@cs.helsinki.fi> <20150204171406.GD6948@ctrlc.hu> <20150204173436.GE6948@ctrlc.hu> <5463501.jFhPAEoxSA@lapuntu> <20150205105128.GA6927@ctrlc.hu> Message-ID: <20150205164356.781c74e1@gdr-desktop.gdr.name> On Thu, 5 Feb 2015 11:51:28 +0100 stef wrote: > what is eme and DRM built into Firefox https://hacks.mozilla.org/2014/05/reconciling-mozillas-mission-and-w3c-eme/ > firefoxhellno? a joke that i don't get? A chat client built into Firefox https://www.mozilla.org/en-US/firefox/hello/ From rysiek at hackerspace.pl Thu Feb 5 08:20:28 2015 From: rysiek at hackerspace.pl (rysiek) Date: Thu, 05 Feb 2015 17:20:28 +0100 Subject: Tox.im In-Reply-To: <20150205164356.781c74e1@gdr-desktop.gdr.name> References: <54D1279B.7080103@cs.helsinki.fi> <20150205105128.GA6927@ctrlc.hu> <20150205164356.781c74e1@gdr-desktop.gdr.name> Message-ID: <4990427.7E7gq3q08K@lapuntu> Dnia czwartek, 5 lutego 2015 16:43:56 GDR! pisze: > On Thu, 5 Feb 2015 11:51:28 +0100 > > stef wrote: > > what is eme and > > DRM built into Firefox > https://hacks.mozilla.org/2014/05/reconciling-mozillas-mission-and-w3c-eme/ For the record: http://rys.io/en/141 > > firefoxhellno? a joke that i don't get? > > A chat client built into Firefox > https://www.mozilla.org/en-US/firefox/hello/ Or, a joke nobody gets. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From rysiek at hackerspace.pl Thu Feb 5 15:47:56 2015 From: rysiek at hackerspace.pl (rysiek) Date: Fri, 06 Feb 2015 00:47:56 +0100 Subject: OnionShare - what do you think about this piece of software? In-Reply-To: References: Message-ID: <1514184.mYzQZaSjnT@lapuntu> Dnia czwartek, 5 lutego 2015 14:45:54 Александр pisze: > https://github.com/micahflee/onionshare > https://onionshare.org/ > > Well, it's too "young", but it's OpenSource and the idea is good. > any thoughts? Does it work behind a NAT? If it doesn't, it's pretty much useless... -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From grarpamp at gmail.com Thu Feb 5 22:18:00 2015 From: grarpamp at gmail.com (grarpamp) Date: Fri, 6 Feb 2015 01:18:00 -0500 Subject: Calyx institute announces canarywatch.org web site In-Reply-To: References: Message-ID: On Wed, Feb 4, 2015 at 10:35 AM, Seth wrote: > Agreed, but who wants to gamble with the next 20-35 years of their life > being thrown away in some hellish sensory deprivation solitary confinement > torture chamber to prove the point? Ignoring reasonably good possiblity of constitutionality appeal vacating it, that's not the penalty for publishing a NSL/warrant received. > Let the gubmint further undermine whatever legitimacy they have left by inventing > tortured legal arguments as to why people must be compelled under threat of violence to speak lies While exposing their hand, ultimately this doesn't excercise your rights, or get them back. At least not until revolution (which is something to be avoided). > speak ... (ironically by not speaking) Nor should you have to develop an entire matrix of canaries such that if even one goes silent you know the full text of what occured. Just speak already, it's not hard. Unlike the odds with that, if you don't, your next 20-35 years will definitely be nothing but an ever growing set of... https://en.wikipedia.org/wiki/Free_speech_zone From hannes at mehnert.org Fri Feb 6 01:10:28 2015 From: hannes at mehnert.org (Hannes Mehnert) Date: Fri, 06 Feb 2015 09:10:28 +0000 Subject: OnionShare - what do you think about this piece of software? In-Reply-To: <1514184.mYzQZaSjnT@lapuntu> References: <1514184.mYzQZaSjnT@lapuntu> Message-ID: <54D48504.5080306@mehnert.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA384 On 02/05/2015 23:47, rysiek wrote: > Dnia czwartek, 5 lutego 2015 14:45:54 Александр pisze: >> https://github.com/micahflee/onionshare https://onionshare.org/ >> >> Well, it's too "young", but it's OpenSource and the idea is >> good. any thoughts? > > Does it work behind a NAT? If it doesn't, it's pretty much > useless... Since it uses TOR hidden services, it does work behind NAT. hannes -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCQAGBQJU1IUEAAoJELyJZYjffCju5VcP/0H1QCWCZ+7YZmIBv16AmZHw O45IAKJVDGlgPBnXDt3kTGMaMETYdxrqUFkriegmGucMDXJL5jIV1GFsXr4z2+Rm uKmXixgfJ1Pa00aC7IIOfsC9H2u72hybC0faA08JOAcUrhBDoAo3d4crsOI3KT43 LKAg6giTCFz8VoVcLaqF02nkILPMEMdzk/ImuEt7Je6njigiF4mlRbKrb098ovOI VhT7z2qPvRzJRjAvTl08bb8okeVdzhIf6xRYnpo7WWjhBkNxOax0Jwmsp7dvPo91 FnaFQVDvPsxCDC/XvG1JWbj9maIjVjPc9qh1Ngtupbvr5VFlwK4YyYeBC9vbYv+F 96vFr1HWnemmKsWqSSlydnkyng/pyniFRAdbrSj59LsiQ3Qeig+NcSnJSMBAiPKp UOSUL1cvjatIPwkyubdIYyvwArEFvyN0AnqiYS7z6Bt5gjGO0c/GXziCCnglYgGz jY+m3eajE24e9uuMSg6Sx6t//jBB1+azh06JkxfbK50EgbOrmNo2g8fURojX4FXD 1Vf3M5arGlZPx6sQWidry7VVP7o0mBgCZ5ExUh25fet/j4YwVlsF2dDTiavjG06t 4WXCAdpfFmv1qLdn9n2bSSM8Mt5Uxwdw331xQwz0EIsdJiph+IAriAvXNLP3cFTb Cy9CwFKAuwV36jMoPI9m =sFTZ -----END PGP SIGNATURE----- From rysiek at hackerspace.pl Fri Feb 6 02:25:38 2015 From: rysiek at hackerspace.pl (rysiek) Date: Fri, 06 Feb 2015 11:25:38 +0100 Subject: OnionShare - what do you think about this piece of software? In-Reply-To: <54D48504.5080306@mehnert.org> References: <1514184.mYzQZaSjnT@lapuntu> <54D48504.5080306@mehnert.org> Message-ID: <1680857.CAZYUBBF9N@lapuntu> Dnia piątek, 6 lutego 2015 09:10:28 Hannes Mehnert pisze: > On 02/05/2015 23:47, rysiek wrote: > > Dnia czwartek, 5 lutego 2015 14:45:54 Александр pisze: > >> https://github.com/micahflee/onionshare https://onionshare.org/ > >> > >> Well, it's too "young", but it's OpenSource and the idea is > >> good. any thoughts? > > > > Does it work behind a NAT? If it doesn't, it's pretty much > > useless... > > Since it uses TOR hidden services, it does work behind NAT. So it's more of a "cool idea, and a nice research project" rather than "damn, that's going into my standard toolset". On the other hand, how hard would it be to add a kind of "Tor-in-Tor" connection? If I have a Tor daemon running, it's connecting to the Tor network anyway, even behind NAT; can't this connection be used to also serve stuff under a hidden service? -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From rysiek at hackerspace.pl Fri Feb 6 04:17:25 2015 From: rysiek at hackerspace.pl (rysiek) Date: Fri, 06 Feb 2015 13:17:25 +0100 Subject: OnionShare - what do you think about this piece of software? In-Reply-To: <1680857.CAZYUBBF9N@lapuntu> References: <54D48504.5080306@mehnert.org> <1680857.CAZYUBBF9N@lapuntu> Message-ID: <2605348.llGBjidTuo@lapuntu> Dnia piątek, 6 lutego 2015 11:25:38 rysiek pisze: > Dnia piątek, 6 lutego 2015 09:10:28 Hannes Mehnert pisze: > > On 02/05/2015 23:47, rysiek wrote: > > > Dnia czwartek, 5 lutego 2015 14:45:54 Александр pisze: > > >> https://github.com/micahflee/onionshare https://onionshare.org/ > > >> > > >> Well, it's too "young", but it's OpenSource and the idea is > > >> good. any thoughts? > > > > > > Does it work behind a NAT? If it doesn't, it's pretty much > > > useless... > > > > Since it uses TOR hidden services, it does work behind NAT. > > So it's more of a "cool idea, and a nice research project" rather than > "damn, that's going into my standard toolset". I'm going to lay down somewhere under a rock now and consider re-learning the fine art of reading with comprehension. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From cathalgarvey at cathalgarvey.me Fri Feb 6 11:19:02 2015 From: cathalgarvey at cathalgarvey.me (Cathal Garvey) Date: Fri, 06 Feb 2015 19:19:02 +0000 Subject: I Encourage Everyone, Right Here And Now, To Donate Money To His Three Main Security Programs, Which He Uses The Most! In-Reply-To: References: Message-ID: <54D513A6.4060408@cathalgarvey.me> Does Werner have a Gratipay account so I can sign up for monthly support? (Or, uh, Patreon) Not enough developers of this infrastructure make it *convenient* to support their work. And, that may sound mercenary, but it's the reality; whether you're selling a product or soliciting donations, if you make it hard to buy/donate you'll get nothing. So yea, I'll go support Werner, but I'd love to see him make it easier to help him develop GPG. Same goes for the rest of 'em; plenty of "donate once", which makes you feel like a cheapskate for offering only €1, not enough "commit to €1 a month", which is practically a no-brainer. On 06/02/15 18:51, Александр wrote: > http://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke > > The man who built the free email encryption software used by > whistleblower Edward Snowden, as well as hundreds of thousands of > journalists, dissidents and security-minded people around the world, > is running out of money to keep his project alive. > > _______________________ > > > I was shocked that almost nobody donates money to Werner Koch. > Especially in the Post-Snowden Era. > Are we so greedy/stupid/so f*cken selfish that we can not donate some > money to a man, whose labor we use to protect our most sensitive > information?! > Hell, we buy bread, coffee and cheese and pay at the cash register, but > for privacy we are unable (or rather do not want to) to pay a penny. > > And then we wonder, why is that great security software vanish or don't > receive security updates fast enough. And whom do we blame? The NSA, the > GCHQ. But it's not only them. This is us. This is our indifference, dammit! > Each throws off the responsibility on the other. "Someone else will > donate". Or "I have donated a year ago" (wow! And this year the > developer doesn't want to eat, right?!) > > Our enemies are investing billions into breaking down these > programs/protocols which are designed to protect us (GPG, Tor, OTR, > Tails, VeraCrypt, Jitsi etc.). And? It turns out, that the developers of > these great programs don't have enough money even for the bare minimum! > > It is a shame! > > I encourage everyone, right here and now, to donate some money to his > three main security programs, which he uses the most. And donate at > least once a year. > > There is nothing to discuss. "Just Do It". > > Alexander. -- Scientific Director, IndieBio Irish Programme Got a biology-inspired business idea that $50,000 - & 3 months in a well equipped lab could accelerate? Apply for the Summer programme in Ireland: http://indie.bio/apply-to-ireland Twitter: @onetruecathal Phone: +353876363185 miniLock: JjmYYngs7akLZUjkvFkuYdsZ3PyPHSZRBKNm6qTYKZfAM peerio.com: cathalgarvey From guninski at guninski.com Fri Feb 6 09:21:39 2015 From: guninski at guninski.com (Georgi Guninski) Date: Fri, 6 Feb 2015 19:21:39 +0200 Subject: Calyx institute announces canarywatch.org web site In-Reply-To: References: Message-ID: <20150206172139.GA2519@sivokote.iziade.m$> On Wed, Feb 04, 2015 at 07:35:35AM -0800, Seth wrote: > On Wed, 04 Feb 2015 00:37:42 -0800, grarpamp wrote: > > I like Richard J. Maybury's 'The Two Laws' concept; Two laws are > necessary for civilizations to develop and advance: > > 1) Do all you have agreed to do. > > 2) Do not encroach on other persons or their property > > It's dead simple and all we really need IMHO. Your model is very good on paper. I am _very sceptical_ about _good_ real world implementation of your model in the near future, even with the help of deities. On paper the dear USA is good model, in practice it is a Ponzi scheme (check the debt). If you implement your model now, here are some difficulties about implementation: 1. Software/hardware is full of batshit. This empowers "h4x0rs". 2. Your humans will include current mafia/overlords (unless you manage to kill them all, which might be considered bad by sheeple). 3. Humans are relatively easy to exploit, search for `clinton blowjob scandal` (no quotes). From afalex169 at gmail.com Fri Feb 6 10:51:01 2015 From: afalex169 at gmail.com (=?UTF-8?B?INCQ0LvQtdC60YHQsNC90LTRgCA=?=) Date: Fri, 6 Feb 2015 20:51:01 +0200 Subject: I Encourage Everyone, Right Here And Now, To Donate Money To His Three Main Security Programs, Which He Uses The Most! Message-ID: http://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke The man who built the free email encryption software used by whistleblower > Edward Snowden, as well as hundreds of thousands of journalists, dissidents > and security-minded people around the world, is running out of money to > keep his project alive. > _______________________ I was shocked that almost nobody donates money to Werner Koch. Especially in the Post-Snowden Era. Are we so greedy/stupid/so f*cken selfish that we can not donate some money to a man, whose labor we use to protect our most sensitive information?! Hell, we buy bread, coffee and cheese and pay at the cash register, but for privacy we are unable (or rather do not want to) to pay a penny. And then we wonder, why is that great security software vanish or don't receive security updates fast enough. And whom do we blame? The NSA, the GCHQ. But it's not only them. This is us. This is our indifference, dammit! Each throws off the responsibility on the other. "Someone else will donate". Or "I have donated a year ago" (wow! And this year the developer doesn't want to eat, right?!) Our enemies are investing billions into breaking down these programs/protocols which are designed to protect us (GPG, Tor, OTR, Tails, VeraCrypt, Jitsi etc.). And? It turns out, that the developers of these great programs don't have enough money even for the bare minimum! It is a shame! I encourage everyone, right here and now, to donate some money to his three main security programs, which he uses the most. And donate at least once a year. There is nothing to discuss. "Just Do It". Alexander. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2059 bytes Desc: not available URL: From grarpamp at gmail.com Sat Feb 7 01:31:48 2015 From: grarpamp at gmail.com (grarpamp) Date: Sat, 7 Feb 2015 04:31:48 -0500 Subject: [tor-talk] Fwd: I Encourage Everyone, Right Here And Now, To Donate Money To His Three Main Security Programs, Which He Uses The Most! In-Reply-To: <54D5C43A.8060206@emails.veryspeedy.net> References: <54D5C43A.8060206@emails.veryspeedy.net> Message-ID: On Sat, Feb 7, 2015 at 2:52 AM, Lara wrote: >> when2plus2is5 at riseup.net: >> In addition, Facebook and the online payment processor Stripe each >> pledged to donate $50,000 a year to Koch’s project. Useful. > So Facebook is not that evil after all. But on balance, merely a political photo op. http://en.wikipedia.org/wiki/File:PRISM_Collection_Details.jpg http://en.wikipedia.org/wiki/File:Prism_slide_5.jpg http://news.sciencemag.org/social-sciences/2015/02/facebook-will-soon-be-able-id-you-any-photo http://www.cracked.com/quick-fixes/5-terrifying-ways-google-facebook-are-using-their-power/ http://www.businessinsider.com/10-reasons-to-delete-your-facebook-account-2010-5?IR=T https://www.eff.org/deeplinks/2010/04/facebook-timeline/ http://buzz.money.cnn.com/2014/07/01/facebook-evil-stock/ http://pitweston.com/facebookevil/ From shelley at misanthropia.org Sat Feb 7 10:35:14 2015 From: shelley at misanthropia.org (shelley at misanthropia.org) Date: Sat, 07 Feb 2015 10:35:14 -0800 Subject: Facebook sucks [was: I Encourage Everyone, Right Here And Now, To Donate Money To His Three Main Security Programs, Which He Uses The Most!] In-Reply-To: References: <54D5C43A.8060206@emails.veryspeedy.net> Message-ID: <14b6552fb00.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> On February 7, 2015 2:26:03 AM grarpamp wrote: > On Sat, Feb 7, 2015 at 2:52 AM, Lara wrote: > >> when2plus2is5 at riseup.net: > >> In addition, Facebook and the online payment processor Stripe each > >> pledged to donate $50,000 a year to Koch’s project. > > Useful. > > > So Facebook is not that evil after all. > > But on balance, merely a political photo op. > > http://en.wikipedia.org/wiki/File:PRISM_Collection_Details.jpg > http://en.wikipedia.org/wiki/File:Prism_slide_5.jpg > http://news.sciencemag.org/social-sciences/2015/02/facebook-will-soon-be-able-id-you-any-photo > http://www.cracked.com/quick-fixes/5-terrifying-ways-google-facebook-are-using-their-power/ > http://www.businessinsider.com/10-reasons-to-delete-your-facebook-account-2010-5?IR=T > https://www.eff.org/deeplinks/2010/04/facebook-timeline/ > http://buzz.money.cnn.com/2014/07/01/facebook-evil-stock/ > http://pitweston.com/facebookevil/ > Thank you for the useful links! I'm tired of explaining to non-infosec friends and family why I so despise Fuckerberg and his Failbook empire. Now I can just copy and paste these links; I had some, but not all of them. Perhaps they'll STFU about my refusal to be associated with it (or google) in any way. And yes, Fuckerburg throwing his pocket change toward this project does demonstrate any benevolence on his part. From zen at freedbms.net Fri Feb 6 15:56:18 2015 From: zen at freedbms.net (Zenaan Harkness) Date: Sat, 7 Feb 2015 10:56:18 +1100 Subject: Calyx institute announces canarywatch.org web site In-Reply-To: References: Message-ID: On 2/6/15, grarpamp wrote: > On Wed, Feb 4, 2015 at 10:35 AM, Seth wrote: >> Agreed, but who wants to gamble with the next 20-35 years of their life >> being thrown away in some hellish sensory deprivation solitary >> confinement >> torture chamber to prove the point? > > Ignoring reasonably good possiblity of constitutionality appeal vacating > it, that's not the penalty for publishing a NSL/warrant received. > >> Let the gubmint further undermine whatever legitimacy they have left by >> inventing >> tortured legal arguments as to why people must be compelled under threat >> of violence to speak lies > > While exposing their hand, ultimately this doesn't excercise your rights, Double ACK. It's a funny thing about rights - the government, police, courts, schools etc, can not *exercise* my rights for me. It is only I who can exercise -my- rights. That's the very nature of exercising one's rights. > or get them back. At least not until revolution (which is something to be > avoided). Ie. the point where so many rights 'proclaimers' yet 'fail-to-exercise-ers' have resulted in such fear, oppression and finally tyranny, that it is too late to rescue the 'reasonable system' from the bad people who co-opted it, without said revolution. >> speak ... (ironically by not speaking) Well the mind is the great trickster so am certain that lying 'for the courts' will be somehow twisted by someone into 'lying for God' is a good thing. Humans will in general continue to do nothing rather than live a right with any risk to even a little bit of personal liberty, and it looks like we shall soon see whether humans will in general lie for the government, in denial of self and fellow human's' rights, but wait there's more of course, with Neighbourhood Watch, Crime Watch and now "dob in a neighbour (sorry, 'suspicious activity')" programs, we are but a small step away from "if you fail to dob in your neighbour, -you- will be punished'. And the decent of human shall be complete. Not only the police and military up-holding the tyranny of my state (government), but every fucking so-called 'human' out there (or most of them anyway). But anyway who wants to have freedom for all those evil plant cultivators, evil self medicator mind journey trippers, evil gun users, evil home building experimenters, evil home educators, evil reiligious believers and evil thought thinkers? Seth you are right, very few will ever lift a finger for their own human rights, let alone for the rights of others, since they -do- see it as a gamble of personal liberty. So I say that those: - who fail to remain silent when 'ordered' to tell a lie, - who fail to speak when 'ordered' to hide the truth, - who fail to take action and live a right when human freedom is challenged, - who fail to take ANY gamble FOR our human rights and dignity by LIVING our human rights, - and finally complain about "things getting worse" and, oh heaven forbid we might get a revolution, May they be micro-chipped into pervasive monitoring and compliance, taxed of all their wealth and further indebted into total slavery!!! For those of us who prize freedom so greatly, death is a better option. Yet for such slaves as described above, they would cling to their "right to be in slavery". I can hear it now "Stop Right There - I get TWO meals of rice and sugar a day, but all my friends only get one, that's why I'm the slave manager and with shoes instead of bare feet - I like my golden bird cage so don't you dare suggest I rock the boat! I'm raising my child to be a manager too, so we've got a FUTURE to look forward to! Now fuck off with all your freedom lies you filthy commie gun-totin plant-growin devil-worshipn fag! You aint even got a mico chip!!!" "But Jim, I was doin this for you my son - I promised your ma when she died!" > Nor should you have to develop an entire matrix of > canaries such that if even one goes silent you know > the full text of what occured. > > Just speak already, it's not hard. Pick a path responses: a) Oh grarpamp, our sweetly naive grarpamp. If only it were so. You must remember this *is* -humans- we are talking about. b) I agree that to speak is not hard, yet to face one's fear of deprivation of a little personal liberty, even for a night or two in the clink, is far more than most so-called "humans" are capable of. History has born this out just occasionally I might add... c) grarpamp, I agree, just speak the truth judiciously, stand for your rights, and face your fear. There's no more to it than that, yet in the fullness of the experience of the living of ones rights and freedoms, there can arise within oneself a little confront - which is quite the personal growth experience for those who are into that sort of thing. And those who are not, you mofos fail to be worthy of the name "human"! Bottoms up! > Unlike the odds with that, > if you don't, your next 20-35 years will definitely be nothing > but an ever growing set of... > https://en.wikipedia.org/wiki/Free_speech_zone I do hope that enough humans speak freely, travel freely, grow some of those plants "man" has dominion over (to use a phrase at the foundation of some of our legal systems). It would be nice. Zenaan From zen at freedbms.net Fri Feb 6 16:16:33 2015 From: zen at freedbms.net (Zenaan Harkness) Date: Sat, 7 Feb 2015 11:16:33 +1100 Subject: Calyx institute announces canarywatch.org web site In-Reply-To: <20150206172139.GA2519@sivokote.iziade.m$> References: <20150206172139.GA2519@sivokote.iziade.m$> Message-ID: On 2/7/15, Georgi Guninski wrote: > On Wed, Feb 04, 2015 at 07:35:35AM -0800, Seth wrote: >> On Wed, 04 Feb 2015 00:37:42 -0800, grarpamp wrote: >> >> I like Richard J. Maybury's 'The Two Laws' concept; Two laws are >> necessary for civilizations to develop and advance: >> >> 1) Do all you have agreed to do. >> >> 2) Do not encroach on other persons or their property >> >> It's dead simple and all we really need IMHO. > > Your model is very good on paper. > > I am _very sceptical_ about _good_ real world implementation of > your model in the near future, even with the help of deities. There may be problems with the USA foundation documents in terms of a "more ideal" structure for a democracy. Unfortunately it's the power-hungry and self interested actors who dominate the system (and I dare say any system) which is the problem, not so much the system. This occurs because most sheeple want to be shorn, as long as they have their golden cage (and their tummies full). As has been said round here before, we aint seen a system properly put into practice without bad actors. With enough bad actors, no system can protect against, since they just change the system to suit themselves. A robust system can only ever be as good as its people. Not its rulers/ government, but you and I, those who actually live their rights - speaking truth when it needs to be told, traveling the highways and byways and refusing to pay the corporation taxes (road tolls), keeping silent when ordered to tell a lie, and on it goes. > On paper the dear USA is good model, in practice it is a > Ponzi scheme (check the debt). You are mixing up things here. Putting the USA foundation documents into practice, does not result in a ponzi scheme. The bad actors who desired and achieved control of the money power (and lost it, and regained it - go read up on your history, it's all over the interwebs) now run a ponzi scheme where inflation is the exact measure of the (illegal) transfer of wealth from the people (via the people and its government debts) to the currently privately held banks. The money power is ultimately a power of the people, but two (or three? - I'm in Australia, I don't know your exact history) times, the money power was stolen by private hands, at the point of guns. The money power is unfortunately currently in private hands, and yes, is currently run as a ponzi scheme (rather than a credit based credit expansion system it's now a debt based credit expansion system, which is mathematically guaranteed to "reset" once in a while causing enormous transfers of wealth to the (private) bankers in a much shorter time period than normally occurs - a mathematical certainty in such a system, and the time of reset is also entirely controlled by the central bank). > If you implement your model now, here are some difficulties > about implementation: > > 1. Software/hardware is full of batshit. This empowers > "h4x0rs". You mean bad hackers (crackers) or good hackers too? > 2. Your humans will include current mafia/overlords (unless > you manage to kill them all, which might be considered bad > by sheeple). It's more that there will always be those who desire wealth, prestige and power, and tomorrow it might be you or your children, and of course you or they would of course do the "right" thing with that money, prestige and power, unlike all the other wealthy, prestigious and powerful people. And so there's a kind of innate standoff. Those who have thoughts of how to achieve such things, are often the ones who imagine themselves in such positions (of wealth etc). The word mafia implies "bad" overlord. And overlord (wealthy prestigious powerful person) may use their position for the furtherance of the development of mind, creativity and spirituality. In which case they would be in the class "benevolent dictator" or at least "benevolent (over)lord". I believe (but can't back it up right now) that historically, the benevolent dictatorship is about as good as a system can get. The challenge is transitioning from one benevolent dictator, to the next (ie, finding/ training/ testing someone to actually be benevolent in their high position). Oligarchies go to war with each too often. But as I said before, I think any system can be successful, as long as there are enough humans worthy of the term. > 3. Humans are relatively easy to exploit, search for > `clinton blowjob scandal` (no quotes). The impeachment because of his lie - not because of the blowjob. Yes it's depressing, even those who achieve high rank fail to tell the truth in dignity when it needs to be spoken. A system can be no better than its people. Zenaan From s at ctrlc.hu Sat Feb 7 02:52:58 2015 From: s at ctrlc.hu (stef) Date: Sat, 7 Feb 2015 11:52:58 +0100 Subject: OnionShare - what do you think about this piece of software? In-Reply-To: References: Message-ID: <20150207105258.GA7097@ctrlc.hu> On Thu, Feb 05, 2015 at 02:45:54PM +0200, Александр wrote: > https://github.com/micahflee/onionshare > https://onionshare.org/ > > Well, it's too "young", but it's OpenSource and the idea is good. > any thoughts? reminds me of my: https://github.com/stef/stash/ micah has this habit of reimplementing stuff, but then maybe this is more mature or "userfriendly" than mine which i have never really used. -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From jya at pipeline.com Sat Feb 7 11:07:55 2015 From: jya at pipeline.com (John Young) Date: Sat, 07 Feb 2015 14:07:55 -0500 Subject: What the dear NSA allegedly mean by "Mystic site"? In-Reply-To: <20150207175203.GA2468@sivokote.iziade.m$> References: <20150207175203.GA2468@sivokote.iziade.m$> Message-ID: Brief description of MYSTIC on page 8. Implants in wireless/mobile systems, with subprograms by NCSC, DEA and CIA. A DEA subprogram SANDKEY http://cryptome.org/2014/06/dea-nsa-sandkey.pdf At 12:52 PM 2/7/2015, Georgi Guninski wrote: > From cryptome: >http://cryptome.org/2013/11/snowden-tally.htm > >19 May 2014 12 Various Pages 12 >http://cryptome.org/2014/05/nsa-intercept-14-0519.pdf > >p. 2 of the pdf: > >"Approx 10-15 SIGINT reports pers week from "Mystic sites" >other than Sca....." > >1. What does "Mystic site" mean to the dear NSA? > >2. Is "site" in the usual computer sense? From grarpamp at gmail.com Sat Feb 7 12:21:15 2015 From: grarpamp at gmail.com (grarpamp) Date: Sat, 7 Feb 2015 15:21:15 -0500 Subject: Facebook sucks [was: I Encourage Everyone, Right Here And Now, To Donate Money To His Three Main Security Programs, Which He Uses The Most!] In-Reply-To: <14b6552fb00.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> References: <54D5C43A.8060206@emails.veryspeedy.net> <14b6552fb00.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> Message-ID: On Sat, Feb 7, 2015 at 1:35 PM, shelley at misanthropia.org wrote: > Thank you for the useful links! I'm tired of explaining to non-infosec Sometimes companies explain things for you... http://www.businessinsider.com/well-these-new-zuckerberg-ims-wont-help-facebooks-privacy-problems-2010-5 Following the money is often enlightening as well... http://investor.fb.com/ From dstainton415 at gmail.com Sat Feb 7 11:30:25 2015 From: dstainton415 at gmail.com (David Stainton) Date: Sat, 7 Feb 2015 19:30:25 +0000 Subject: OnionShare - what do you think about this piece of software? In-Reply-To: <20150207105258.GA7097@ctrlc.hu> References: <20150207105258.GA7097@ctrlc.hu> Message-ID: Greetings, I use the Tor hidden services features in txtorcon that Meejah and I worked on... It's a Tor controller API for Twisted Python applications. In some cases existing Twisted applications can use our Twisted Tor hidden service endpoint and parser without modifying a single line of code. Here's a powerful one-liner that reuses the Twisted webserver in a new way to service HTTP requests over a Tor hidden service: pip install txtorcon && twistd -n web --port "onion:80" --path ~/public_html you can read more about txtorcon here: http://timaq4ygg2iegci7.onion/ http://txtorcon.readthedocs.org/en/latest/ https://github.com/meejah/txtorcon You might also like the "pastebin" feature of carml: https://github.com/meejah/carml Of course txtorcon is not the only Tor controller API for python. There is also Stem which I believe has similar features that allow you to create Tor hidden services for non-Twisted python apps. Read more about it here: https://stem.torproject.org/ btw if you read the Tor Weekly News then you would have heard about these things =-) If you need verified end-to-end crypto and reliability of data storage then I'd suggest combining Tahoe-LAFS with Tor hidden services. I occasionally organize cryptoparty workshops on using Tahoe-LAFS with Tor hidden services. I can go into great detail about this if anyone is interested. Sincerely, David On Sat, Feb 7, 2015 at 10:52 AM, stef wrote: > On Thu, Feb 05, 2015 at 02:45:54PM +0200, Александр wrote: >> https://github.com/micahflee/onionshare >> https://onionshare.org/ >> >> Well, it's too "young", but it's OpenSource and the idea is good. >> any thoughts? > > reminds me of my: https://github.com/stef/stash/ > micah has this habit of reimplementing stuff, but then maybe this is more > mature or "userfriendly" than mine which i have never really used. > > -- > otr fp: https://www.ctrlc.hu/~stef/otr.txt From guninski at guninski.com Sat Feb 7 09:52:03 2015 From: guninski at guninski.com (Georgi Guninski) Date: Sat, 7 Feb 2015 19:52:03 +0200 Subject: What the dear NSA allegedly mean by "Mystic site"? Message-ID: <20150207175203.GA2468@sivokote.iziade.m$> >From cryptome: http://cryptome.org/2013/11/snowden-tally.htm 19 May 2014 12 Various Pages 12 http://cryptome.org/2014/05/nsa-intercept-14-0519.pdf p. 2 of the pdf: "Approx 10-15 SIGINT reports pers week from "Mystic sites" other than Sca....." 1. What does "Mystic site" mean to the dear NSA? 2. Is "site" in the usual computer sense? From jya at pipeline.com Sat Feb 7 17:42:41 2015 From: jya at pipeline.com (John Young) Date: Sat, 07 Feb 2015 20:42:41 -0500 Subject: ODNI Counsel: Governments Want Accessible Crypto from Business Message-ID: ODNI counsel Robert Litt is "optimistic" cryptographers will devise secure encryption which provides government access, it's "what many governments want." "One of the many ways in which Snowden's leaks have damaged our national security is by driving a wedge between government and providers and technology companies so that some companies that formerly recognized that protecting our nation was a valuable and important public service they could perform now feel compelled to stand in opposition." http://cryptome.org/2015/02/odni-litt-15-0204.pdf From katana at riseup.net Sat Feb 7 13:05:40 2015 From: katana at riseup.net (katana) Date: Sat, 07 Feb 2015 22:05:40 +0100 Subject: What the dear NSA allegedly mean by "Mystic site"? In-Reply-To: <20150207175203.GA2468@sivokote.iziade.m$> References: <20150207175203.GA2468@sivokote.iziade.m$> Message-ID: <54D67E24.4090209@riseup.net> Hi, > "Approx 10-15 SIGINT reports pers week from "Mystic sites" other than > Sca....." > 1. What does "Mystic site" mean to the dear NSA? > 2. Is "site" in the usual computer sense? MYSTIC is an ECI codename for a bunch of NSA SSO/TAO-TNT collection sites or installations in foreign telephony provider networks (perhaps corporate partner access with NSA NCSC), collecting telephony contents and metadata in different countries: ACIDWASH ? DUSKPALLET (Kenia, TOPI:CIA) ETCHINGSPIN ? EVENINGEASEL (Mexico, TOPI:CIA) LAUNDROMAT ? PERMANENTPRESS ? RANCIDRINSE ? VENATOR (Philippines, with 5-Eyes partner ASD/Australia) The "Sca..." is imo SCALAWAG, one of the SOMALGET class MYSTIC collection sites/projects (the other SOMALGET's are BASECOAT, OILYRAG, LOLLYGAG) -- Katana From rysiek at hackerspace.pl Sat Feb 7 14:10:25 2015 From: rysiek at hackerspace.pl (rysiek) Date: Sat, 07 Feb 2015 23:10:25 +0100 Subject: OnionShare - what do you think about this piece of software? In-Reply-To: References: <20150207105258.GA7097@ctrlc.hu> Message-ID: <1538908.j7bJPvQRau@lapuntu> Dnia sobota, 7 lutego 2015 19:30:25 David Stainton pisze: > Greetings, > > I use the Tor hidden services features in txtorcon that Meejah and I > worked on... > It's a Tor controller API for Twisted Python applications. In some > cases existing Twisted applications > can use our Twisted Tor hidden service endpoint and parser without > modifying a single line of code. > > Here's a powerful one-liner that reuses the Twisted webserver in a new > way to service HTTP requests over a Tor hidden service: > > pip install txtorcon && twistd -n web --port "onion:80" --path ~/public_html > > you can read more about txtorcon here: > > http://timaq4ygg2iegci7.onion/ > http://txtorcon.readthedocs.org/en/latest/ > https://github.com/meejah/txtorcon > > You might also like the "pastebin" feature of carml: > https://github.com/meejah/carml > > Of course txtorcon is not the only Tor controller API for python. > There is also Stem which I believe has similar features that allow you > to create Tor hidden services for non-Twisted python apps. Read more > about it here: > > https://stem.torproject.org/ Cool, thanks! > btw if you read the Tor Weekly News then you would have heard about > these things =-) > > If you need verified end-to-end crypto and reliability of data storage > then I'd suggest combining Tahoe-LAFS with Tor hidden services. I > occasionally organize cryptoparty workshops on using Tahoe-LAFS with > Tor hidden services. I can go into great detail about this if anyone > is interested. A howto would be great. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From schear.steve at gmail.com Sun Feb 8 00:54:35 2015 From: schear.steve at gmail.com (Steven Schear) Date: Sun, 8 Feb 2015 00:54:35 -0800 Subject: ODNI Counsel: Governments Want Accessible Crypto from Business In-Reply-To: References: Message-ID: Of course, their citizens have little or no real standing to encouraging one direction over the other. On Feb 7, 2015 5:43 PM, "John Young" wrote: > ODNI counsel Robert Litt is "optimistic" cryptographers will devise secure > encryption which provides government access, it's "what many governments > want." > > "One of the many ways in which Snowden's leaks have damaged our national > security is by driving a wedge between government and providers and > technology companies so that some companies that formerly recognized that > protecting our nation was a valuable and important public service they > could perform now feel compelled to stand in opposition." > > http://cryptome.org/2015/02/odni-litt-15-0204.pdf > > > > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1132 bytes Desc: not available URL: From grarpamp at gmail.com Sat Feb 7 22:14:50 2015 From: grarpamp at gmail.com (grarpamp) Date: Sun, 8 Feb 2015 01:14:50 -0500 Subject: [cryptography] ODNI Counsel: Governments Want Accessible Crypto from Business In-Reply-To: References: Message-ID: On Sat, Feb 7, 2015 at 8:42 PM, John Young wrote: > ODNI counsel Robert Litt is "optimistic" cryptographers will devise secure > encryption which provides government access, it's "what many governments > want." > "One of the many ways in which Snowden's leaks have damaged our national > security is by driving a wedge between government and providers and > technology companies so that some companies that formerly recognized that > protecting our nation was a valuable and important public service they could > perform now feel compelled to stand in opposition." Some award winning slimy statements right there. Translation: Govt damaged itself, got caught, is pissed, is trying another sleazy grab. Corp's sold users/customers out the last 15y, are trying to regain trust (you've got at least 15y to make up for... so keep standing in opposition, we'll let you know when you can take a break) Snowden's a hero > http://cryptome.org/2015/02/odni-litt-15-0204.pdf You're all "potential other threats", handy right? http://en.wikipedia.org/wiki/USA_Freedom_Act http://www.lawfareblog.com/2015/02/the-lawfare-podcast-episode-109-robet-litt-on-us-surveillance-policy-one-year-after-ppd-28/ http://www.lawfareblog.com/2015/02/live-bob-litt-speaks-at-brookings-on-intelligence-and-surveillance-reform/ They still haven't answered? that one simple question about how having *you* on their disks without a warrant specifically covering probable cause on *you* to put it there... is constitutional. From electromagnetize at gmail.com Sat Feb 7 23:26:35 2015 From: electromagnetize at gmail.com (brian carroll) Date: Sun, 8 Feb 2015 01:26:35 -0600 Subject: healthcare & wearables Message-ID: (who says assassination politics is not alive & well..) Industry professionals create framework for measuring HIT value http://www.fiercehealthit.com/story/industry-professionals-create-framework-measuring-hit-value/2015-01-29 "Healthcare professionals have created a framework for measuring health information technology with a goal of making "HIT evaluations more relevant to the current needs of the healthcare system," according to a paper published at the American Journal of Managed Care..." From grarpamp at gmail.com Sat Feb 7 22:31:47 2015 From: grarpamp at gmail.com (grarpamp) Date: Sun, 8 Feb 2015 01:31:47 -0500 Subject: [cryptography] ODNI Counsel: Governments Want Accessible Crypto from Business In-Reply-To: References: Message-ID: > http://en.wikipedia.org/wiki/USA_Freedom_Act > http://www.lawfareblog.com/2015/02/the-lawfare-podcast-episode-109-robet-litt-on-us-surveillance-policy-one-year-after-ppd-28/ > http://www.lawfareblog.com/2015/02/live-bob-litt-speaks-at-brookings-on-intelligence-and-surveillance-reform/ Related lawfare: https://www.eff.org/deeplinks/2015/01/section-215-patriot-act-expires-june-congress-ready https://www.eff.org/deeplinks/2015/02/first-government-acknowledges-limits-section-215 From 1337whynot at safe-mail.net Sun Feb 8 03:25:13 2015 From: 1337whynot at safe-mail.net (why not) Date: Sun, 8 Feb 2015 06:25:13 -0500 Subject: OpenBSD 2015 Fundraising Campaign Message-ID: Hello, I just want to spread the word a little bit by saying the OpenBSD 2015 Fundraising Campaign webpage is out with new hopes: http://www.openbsdfoundation.org/campaign2015.html Have a safe day. From odinn.cyberguerrilla at riseup.net Sun Feb 8 01:46:53 2015 From: odinn.cyberguerrilla at riseup.net (odinn) Date: Sun, 08 Feb 2015 09:46:53 +0000 Subject: [cryptography] ODNI Counsel: Governments Want Accessible Crypto from Business In-Reply-To: References: Message-ID: <54D7308D.6050701@riseup.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 In this the USA (ODNI / NSA / three-letter thing) is no different than Russian Federation or China (some latest China stories I've seen floated to this group here): http://spectrum.ieee.org/tech-talk/telecom/security/chinas-new-rules-ask-tech-firms-to-hand-over-source-code http://www.pcmag.com/article2/0,2817,2476275,00.asp This all brings to mind some things I've pointed out in the past and things that people have harped about endlessly but which have mostly gone ignored: Support (or help develop) open source hardware projects that strive to create independence from the sort of things we are seeing in the corporate realm in which USA / Russia / China "force" Microsoft and other companies to backdoor their products. As suggested in this Jan. 2, 2014 blog post... https://odinn.cyberguerrilla.org/index.php/2014/01/02/opensourcebuildguide/ "– Support or develop open source processors. consider using the Open Core project as a starting point – Learn more about OpenRISC development, participate in discussion about it – Become part of, or create, open source collaborative efforts (some examples: Open Source Initiative, Open Daylight, the Open Source Hardware Association (OSHWA), Open Source Firmware (DD-WRT, Tomato), etc.) – Make informed buying choices: Purchase new hardware (any computer equipment, mobile included) only from sources that have committed to open source development of that hardware. (...)" Notes: Popular Science on Tindie: http://www.popsci.com/article/diy/rise-open-source-hardware Novena open source laptop by Bunnie (on Sutajio Ko-usagi's page) http://www.kosagi.com/w/index.php?title=Novena_Main_Page Met 280% of its funding goal in May of 2014 - see: http://vr-zone.com/articles/novena-open-laptop-project-exceeds-280-percent-crowd-funding-target/77905.html Bunnie's page http://www.bunniestudios.com/ grarpamp: > On Sat, Feb 7, 2015 at 8:42 PM, John Young > wrote: >> ODNI counsel Robert Litt is "optimistic" cryptographers will >> devise secure encryption which provides government access, it's >> "what many governments > want." "One of the many ways in which >> Snowden's leaks have damaged our national security is by driving >> a wedge between government and providers and technology companies >> so that some companies that formerly recognized that protecting >> our nation was a valuable and important public service they >> could perform now feel compelled to stand in opposition." > > Some award winning slimy statements right there. > > Translation: Govt damaged itself, got caught, is pissed, is trying > another sleazy grab. Corp's sold users/customers out the last 15y, > are trying to regain trust (you've got at least 15y to make up > for... so keep standing in opposition, we'll let you know when you > can take a break) Snowden's a hero > >> http://cryptome.org/2015/02/odni-litt-15-0204.pdf > You're all "potential other threats", handy right? > > http://en.wikipedia.org/wiki/USA_Freedom_Act > http://www.lawfareblog.com/2015/02/the-lawfare-podcast-episode-109-robet-litt-on-us-surveillance-policy-one-year-after-ppd-28/ > > http://www.lawfareblog.com/2015/02/live-bob-litt-speaks-at-brookings-on-intelligence-and-surveillance-reform/ > > They still haven't answered? that one simple question about how > having *you* on their disks without a warrant specifically covering > probable cause on *you* to put it there... is constitutional. > - -- http://abis.io ~ "a protocol concept to enable decentralization and expansion of a giving economy, and a new social good" https://keybase.io/odinn -----BEGIN PGP SIGNATURE----- iQEcBAEBCgAGBQJU1zCKAAoJEGxwq/inSG8CAEUIAInKlLotsnbbkvWikaxgwuo7 PMjPn6BDSSLti2gXfJ75k/iHyq2jOfa9WJyaQzW/z9IAewbwTjNkvmYIfAQiUhNy tSvBC+PHhJbpcepTQjJvXQgcoOAqn/E36LxaVwPCEwd+EPqCH9ls1bSRaEqRtGAZ 17KkG5vX3DGr2UX60lLa7QyUaRbSEyFVJt3ZrY6VUHRYh4c5T/Pyzja7DUBIphFD jjM1KNWrrMb1CHREoFTnPC4o7teRzgRGbAr+YZFQkWUjerWDCYXXl5MNyHgkJab4 MZ8t0+oEQUycNys4q3fSZ6cl5UuiFo+fO5l/8eloKkUCmOuL6NW7p/0C3NlyoPU= =9bOZ -----END PGP SIGNATURE----- From guninski at guninski.com Sun Feb 8 05:59:20 2015 From: guninski at guninski.com (Georgi Guninski) Date: Sun, 8 Feb 2015 15:59:20 +0200 Subject: What the dear NSA allegedly mean by "Mystic site"? In-Reply-To: <54D67E24.4090209@riseup.net> References: <20150207175203.GA2468@sivokote.iziade.m$> <54D67E24.4090209@riseup.net> Message-ID: <20150208135920.GA2492@sivokote.iziade.m$> On Sat, Feb 07, 2015 at 10:05:40PM +0100, katana wrote: > Hi, > > > "Approx 10-15 SIGINT reports pers week from "Mystic sites" other than > > Sca....." > > > 1. What does "Mystic site" mean to the dear NSA? > > 2. Is "site" in the usual computer sense? > > MYSTIC is an ECI codename for a bunch of NSA SSO/TAO-TNT collection > sites or installations in foreign telephony provider networks (perhaps > corporate partner access with NSA NCSC), collecting telephony contents > and metadata in different countries: > ACIDWASH ? > DUSKPALLET (Kenia, TOPI:CIA) > ETCHINGSPIN ? > EVENINGEASEL (Mexico, TOPI:CIA) > LAUNDROMAT ? > PERMANENTPRESS ? > RANCIDRINSE ? > VENATOR (Philippines, with 5-Eyes partner ASD/Australia) > > The "Sca..." is imo SCALAWAG, one of the SOMALGET class MYSTIC > collection sites/projects (the other SOMALGET's are BASECOAT, OILYRAG, > LOLLYGAG) > > -- > Katana Thanks to all who replied! www.nsa-observer.net defines it very similarly. From grarpamp at gmail.com Mon Feb 9 02:04:59 2015 From: grarpamp at gmail.com (grarpamp) Date: Mon, 9 Feb 2015 05:04:59 -0500 Subject: [cryptography] [Cryptography] How the CIA Made Google In-Reply-To: <54CEB756.3090503@iang.org> References: <54CEB756.3090503@iang.org> Message-ID: On Sun, Feb 1, 2015 at 6:31 PM, ianG wrote: > On 31/01/2015 16:14 pm, John Young wrote: >> >> An early program of Highlands Group was perception management by >> which public opinion would be shaped by disparagement of opposition >> to ubiquitous gov-com spying with gambits like "tin-foil hat," "conspiracy >> theory," and other forms of reputation attacks. > > Sadly, these are really good tactics. They're almost costless, they really > hit hard against the auditing public, and they're almost blameless. > ... > I'd love to see evidence of the program, and I don't doubt it exists, it's > just too good to pass up on. > ... > Even if we see the evidence, the masses still won't believe it. But, > speaking for myself, knowing that there was compelling verified evidence of > actual skulduggery was something that kept me sane. Some would say the program is globalization... more delicately, a cooperation of sovereignties towards a common goal. Whether you can expect to see written evidence proofs ala Snowden depends on how much of the material in groups like the above, Bilderberg, UN, the usual suspects are recorded as opposed to being just chats. Another question is if so, what is/are the common goals? Are they planned/negotiated, or simply coming together from the subconscious. These are areas where you need wide ranging research/articles/books as in the OP taking it all in to take speculation to hypothesis to discovery of a presence, if any. From crypto at jpunix.net Mon Feb 9 04:11:49 2015 From: crypto at jpunix.net (Crypto) Date: Mon, 09 Feb 2015 06:11:49 -0600 Subject: The Reading Room hidden service Message-ID: <54D8A405.10707@jpunix.net> Hello Everyone! About once a week I go in search of TOR hidden services that may be of interest to me. I found one this morning that I think is really great! I purchased a Ebook reader a couple of weeks ago and have been looking for sites to download books on the cheap (free). I found The Reading Room this morning at http://do2j6w3zf2esv4ko.onion/_catalog/ I don't usually promote ANY website but I think whoever did this site deserves a pat on the back (or a donation). I downloaded several Ebooks with no problems. Pardon my posting this if you are offended but I'm SO happy to find a website that will help feed my Ebook addiction! -- Crypto https://lastpass.com/f?3921926 From cyberkiller8 at gmail.com Mon Feb 9 00:18:45 2015 From: cyberkiller8 at gmail.com (=?UTF-8?B?xYF1a2FzeiAnQ3liZXIgS2lsbGVyJyBLb3JwYWxza2k=?=) Date: Mon, 09 Feb 2015 09:18:45 +0100 Subject: I Encourage Everyone, Right Here And Now, To Donate Money To His Three Main Security Programs, Which He Uses The Most! In-Reply-To: <54D513A6.4060408@cathalgarvey.me> References: <54D513A6.4060408@cathalgarvey.me> Message-ID: <54D86D65.3070906@gmail.com> W dniu 06.02.2015 o 20:19, Cathal Garvey pisze: > Does Werner have a Gratipay account so I can sign up for monthly > support? (Or, uh, Patreon) > > Not enough developers of this infrastructure make it *convenient* to > support their work. And, that may sound mercenary, but it's the reality; > whether you're selling a product or soliciting donations, if you make it > hard to buy/donate you'll get nothing. > > So yea, I'll go support Werner, but I'd love to see him make it easier > to help him develop GPG. Same goes for the rest of 'em; plenty of > "donate once", which makes you feel like a cheapskate for offering only > €1, not enough "commit to €1 a month", which is practically a no-brainer. > Very true. Not many projects accept donations in any other way than paypal, and then it's not reasonable to give less than 10€, because of fees (and that is way over my donation budget). As for GnuPG, there is a way to subscribe to monthly payments via Flattr: https://flattr.com/thing/1901175/GnuPG-donation (though on the new gpg website this option is no longer listed :-P ) -- Łukasz "Cyber Killer" Korpalski mail: cyberkiller8 at gmail.com xmpp: cyber_killer at jabster.pl site: http://website.cybkil.cu.cc gpgkey: 0x72511999 @ hkp://keys.gnupg.net //When replying to my e-mail, kindly please //write your message below the quoted text. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: OpenPGP digital signature URL: From grarpamp at gmail.com Mon Feb 9 13:07:02 2015 From: grarpamp at gmail.com (grarpamp) Date: Mon, 9 Feb 2015 16:07:02 -0500 Subject: The Reading Room hidden service In-Reply-To: <54d918a9.062e8c0a.7af0.1286@mx.google.com> References: <54D8A405.10707@jpunix.net> <54d918a9.062e8c0a.7af0.1286@mx.google.com> Message-ID: On Mon, Feb 9, 2015 at 3:32 PM, Juan wrote: >> Reading Room this morning at http://do2j6w3zf2esv4ko.onion/_catalog/ > www.gutenberg.org > www.archive.org Library Genesis is still around and probably needs to be entirely implemented, homed, and mirrored within darknets such as i2p/tor before it goes away. From juan.g71 at gmail.com Mon Feb 9 12:32:08 2015 From: juan.g71 at gmail.com (Juan) Date: Mon, 9 Feb 2015 17:32:08 -0300 Subject: The Reading Room hidden service In-Reply-To: <54D8A405.10707@jpunix.net> References: <54D8A405.10707@jpunix.net> Message-ID: <54d918a9.062e8c0a.7af0.1286@mx.google.com> On Mon, 09 Feb 2015 06:11:49 -0600 Crypto wrote: > Hello Everyone! > > About once a week I go in search of TOR hidden services that may > be of interest to me. I found one this morning that I think is really > great! I purchased a Ebook reader a couple of weeks ago and have been > looking for sites to download books on the cheap (free). I found The > Reading Room this morning at http://do2j6w3zf2esv4ko.onion/_catalog/ I > don't usually promote ANY website but I think whoever did this site > deserves a pat on the back (or a donation). I downloaded several > Ebooks with no problems. > > Pardon my posting this if you are offended but I'm SO happy to > find a website that will help feed my Ebook addiction! www.gutenberg.org www.archive.org > From grarpamp at gmail.com Tue Feb 10 02:35:35 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 10 Feb 2015 05:35:35 -0500 Subject: [tor-talk] REAL-ID Internet Access Coming Soon In-Reply-To: References: Message-ID: On Wed, Feb 4, 2015 at 10:15 PM, Max Bond wrote: > What are you proposing we do? As before, take these issues to the realworld political front. If you're a coder, you can write all the code you want. If you're a user, you can use whatever code you want. If you're EFF/ACLU, you can publish all the press releases and fight all the cases under already written laws you want. Yet politicians generally ignore the above groups because they don't have much if any direct political action component that affects them. What's needed is a permanent political fixture and operation similar to the American NRA. These guys have a real, ongoing, political agenda and impact. Candidates are actually afraid of and responsive to the NRA's political clout... before they get elected, and before laws get enacted... not after. The NRA email, fax, letter and call trees, and their members who visit their legislators and stage in public view... are very effective. Look at the banner scroller in the upper right half of their homepage... they have a broad and deep approach to issue outreach/embedding, even a lifestyle. Labor unions and others are common examples of such organization. They all do it by leveraging large monoculture bases to politics. The NRA is 3.5M - 5.0M members strong. They turn $250M/yr from that base (manufacturers too). They have little difference of opinion in their ranks. They are good at crafting and pitching political rhetoric, framing the conversation, and rendering complex issues into simple forms that resonate with their entire base. The EFF/ACLU representing the internet are tiny in comparison. Yet the internet has a household penetration rate of 70%, more than firearms rate of 35%... so a big untapped culture there. Finding 5 million (or 2% of population) internet users should be simple task. Unfortunately, right now there are many tens of flag groups [1] mostly doing their own thing on the net. That's not good enough, and is confusingly diverse to both users and politicians. They need to join together to craft and coordinate the users under a single general banner they've been subconsciously waiting to fall in line behind, and then start firing out actionable political things for them to do. Internet users could demonstrate solidarity on issues with a typical Million User March [1]. They need to start raking in money for their war chest and to fund ongoing operations, etc. Just like the NRA... doing everything needed to become, and be, a strong integrated ongoing political force to be reckoned with. [1] Carrying the various colored flags of privacy, anonymity, free speech, freedom, copyright/filesharing, no data collecting, mining, retention or sharing, user brokered data management, surveillance, crypto, etc. The whole spectrum of related issues. https://www.nraila.org/ https://en.wikipedia.org/wiki/National_Rifle_Association#Political_activity https://en.wikipedia.org/wiki/Gun_politics_in_the_United_States#Advocacy_groups.,_PACs.,_and_lobbying https://en.wikipedia.org/wiki/Gun_politics_in_the_United_States#Rights-based_arguments https://en.wikipedia.org/wiki/Category:Lobbying_organizations_in_the_United_States https://www.opensecrets.org/ https://www.nra.org/ https://www.nrablog.com/ https://www.youtube.com/user/TriggerTheVote https://en.wikipedia.org/wiki/Fight_for_the_Future https://en.wikipedia.org/wiki/Internet_Defense_League [ FftF/IDL are relatively dormant and reactionary than being ongoing political action ] From guninski at guninski.com Tue Feb 10 02:05:27 2015 From: guninski at guninski.com (Georgi Guninski) Date: Tue, 10 Feb 2015 12:05:27 +0200 Subject: The Reading Room hidden service In-Reply-To: References: <54D8A405.10707@jpunix.net> <54d918a9.062e8c0a.7af0.1286@mx.google.com> Message-ID: <20150210100527.GA2519@sivokote.iziade.m$> On Mon, Feb 09, 2015 at 04:07:02PM -0500, grarpamp wrote: > Library Genesis is still around and probably needs to > be entirely implemented, homed, and mirrored within > darknets such as i2p/tor before it goes away. Very good idea :) Is there rough estimate for the bytesize of libgen? Would they cooperate? Are they tolerant to (limited) crawling? From crypto at jpunix.net Tue Feb 10 11:40:00 2015 From: crypto at jpunix.net (Crypto) Date: Tue, 10 Feb 2015 13:40:00 -0600 (CST) Subject: The Reading Room hidden service Message-ID: On Tue, 10 Feb 2015 15:49:59 -0300, Juan wrote: > > > Oh, I forgot to mention http://gallica.bnf.fr/ Do you know what "stealing a thread" is? It means taking a message thread that someone else started and using it to promote your own agenda. Crypto https://www.digitalocean.com/?refcode=b90b690ca5bb --------end of forwarded message------------ this list has some funny people in it...funny as in self-parody. From juan.g71 at gmail.com Tue Feb 10 10:49:59 2015 From: juan.g71 at gmail.com (Juan) Date: Tue, 10 Feb 2015 15:49:59 -0300 Subject: The Reading Room hidden service In-Reply-To: <20150210100527.GA2519@sivokote.iziade.m$> References: <54D8A405.10707@jpunix.net> <54d918a9.062e8c0a.7af0.1286@mx.google.com> <20150210100527.GA2519@sivokote.iziade.m$> Message-ID: <54da5237.c66d8c0a.b3bc.2ae4@mx.google.com> Oh, I forgot to mention http://gallica.bnf.fr/ From dahonig at cox.net Tue Feb 10 16:11:16 2015 From: dahonig at cox.net (David Honig) Date: Tue, 10 Feb 2015 16:11:16 -0800 Subject: Learning from dpr mistakes In-Reply-To: References: <54D48504.5080306@mehnert.org> <1680857.CAZYUBBF9N@lapuntu> Message-ID: <20150211001214.NWJH32693.eastrmfepo103.cox.net@eastrmimpo210> A number of public reviews of DPR's infosec mistakes have been published. I think a strong solution to the 'tackled in library' defects would be to have: 1) program to notice his magic bracelet is not near 2) program to notice that vid cam is not a head but a chaotic scene #2 is particularly easy without extra hardware (ca. 2015) You'll have to switch it off when you visit the loo. And of course, things like 'back to wall facing forward' would have been helpful. Claustophilia is a useful trait. I wish to God these calculations could be done by a steam engine," Babbage complained -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 810 bytes Desc: not available URL: From tbiehn at gmail.com Tue Feb 10 17:00:59 2015 From: tbiehn at gmail.com (Travis Biehn) Date: Tue, 10 Feb 2015 20:00:59 -0500 Subject: Learning from dpr mistakes In-Reply-To: <20150211001214.NWJH32693.eastrmfepo103.cox.net@eastrmimpo210> References: <54D48504.5080306@mehnert.org> <1680857.CAZYUBBF9N@lapuntu> <20150211001214.NWJH32693.eastrmfepo103.cox.net@eastrmimpo210> Message-ID: The feds probably had enough to convict even without his laptops' contents... But yeah, monitoring the environment is a solid idea, as is CPU <-> RAM encrypted pipeline. Internet access is usually the first thing that's cut. (Unless your attacker knows you use it as a trigger, or maybe possibly thought about using it as a trigger.) Travis On Feb 10, 2015 7:28 PM, "David Honig" wrote: > > A number of public reviews of DPR's infosec mistakes have been published. > > > I think a strong solution to the 'tackled in library' defects would be to > have: > > 1) program to notice his magic bracelet is not near > 2) program to notice that vid cam is not a head but a chaotic scene > > #2 is particularly easy without extra hardware (ca. 2015) You'll have to > switch it off when you > visit the loo. > > And of course, things like 'back to wall facing forward' would have been > helpful. > Claustophilia is a useful trait. > > > > > I wish to God these calculations could be done by a > steam engine,” Babbage complained > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1492 bytes Desc: not available URL: From rysiek at hackerspace.pl Tue Feb 10 11:15:48 2015 From: rysiek at hackerspace.pl (rysiek) Date: Tue, 10 Feb 2015 20:15:48 +0100 Subject: [tor-talk] REAL-ID Internet Access Coming Soon In-Reply-To: References: Message-ID: <5314881.hFFS2EZ4RQ@lapuntu> Dnia wtorek, 10 lutego 2015 05:35:35 grarpamp pisze: > https://www.nraila.org/ > https://en.wikipedia.org/wiki/National_Rifle_Association#Political_activity > https://en.wikipedia.org/wiki/Gun_politics_in_the_United_States#Advocacy_gro > ups.,_PACs.,_and_lobbying > https://en.wikipedia.org/wiki/Gun_politics_in_the_United_States#Rights-base > d_arguments > https://en.wikipedia.org/wiki/Category:Lobbying_organizations_in_the_United > _States https://www.opensecrets.org/ > https://www.nra.org/ > https://www.nrablog.com/ > https://www.youtube.com/user/TriggerTheVote > https://en.wikipedia.org/wiki/Fight_for_the_Future > https://en.wikipedia.org/wiki/Internet_Defense_League > [ FftF/IDL are relatively dormant and reactionary than being ongoing > political action ] Here, have a laugh: http://www.protectinternetfreedom.com/ -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From electromagnetize at gmail.com Tue Feb 10 20:27:03 2015 From: electromagnetize at gmail.com (brian carroll) Date: Tue, 10 Feb 2015 22:27:03 -0600 Subject: time & crypto Message-ID: previous post wondered about what atomic clocks everywhere might be useful for, in particular crypto. the following article has more information on how mapping gravity via time differences via highest-precision timekeeping relates to unlocking mysteries of the earth's interior... (thus geological, geophysical) [0] one aspect that has me puzzled about timing is the claim by Apple that the Apple Watch is "One of the most accurate watches ever" while also noting its accuracy is 50 microseconds, and likely has its timing signal indirectly routed through the iPhone thus delayed prior to setting the internal clock. interesting article on this issue [1], with a backgrounder on existing timing technologies available today. in particular, information about Apple's time servers that are linked to UTC at nanosecond accuracy, and also that the clocks or timing circuits inside smartphones and tablets are _not as accurate as i imagined, also losing seconds a day (in this way somewhat like a mechanical watch for precision). the thing about the Apple Watch claim of timing accuracy, which the article makes clear, is that a GPS watch that gets its signal from orbiting satellites (via whatever speed-of-light & atmospheric signaling delay) is receiving a time signal that is accurate in the realm of nanoseconds from the universal standard, via several synchronized atomic clocks onboard the GPS satellites. so apparently that accurate timing signal has to transverse space and time to get to another distant location, and it is unknown if at its destination it has this accuracy or only when the signal is sent. the latter may be possible with additional calculations based on various parameters of GPS, thus the stated 50ns accuracy could be presumed that of a GPS watch if not iPhone GPS time signal. and yet with the tethering of the Apple Watch to the iPhone to maintain its timekeeping, somehow this 50 nanosecond accuracy drops to 50 microseconds, which the observer noted is "a million times worse than...the accuracy delivered by GPS." [1] because of this it is puzzling how the claim of ~extreme accuracy can be made by Apple when an iPhone has presumably better timing resolution due to design decisions, than a device categorized as a watch as if in the same lineage as precision chronometers that defined engineering excellence and feats of microengineering, which also /appear/ as watchfaces on the system-on-a-chip device, and yet that same adherence to accuracy is seemingly not occurring even while still being claimed. to give a sense of the issue, via proportion, a short video of Grace Hopper provides a way of considering this situation by measuring the maximum distance electricity travels in space in a nanosecond and microsecond. [2] this then allows hypothetical comparison between a GPS timing signal sent directly to a smartwatch (50ns*11.8inches = 49.1667 feet) to that GSP or other time signal relayed to the Apple Watch via tethered iPhone and its circuitry (50ms*984feet = 49,200 feet). in other words, length corresponds with accuracy to a universal time standard and a GPS watch is potentially '49 feet accurate' while the tethered Apple Watch seems to be '49,200 feet accurate' and saying this is precise in a horological context of timekeeping and precision timepieces. it just seemed so backwards to me because if there was onboard GPS on the Apple Watch then it would have precision that other devices also have, and the claim of precision would be self-evident, instead of potentially being marketing-speak to sell computer-devices via the pretext of its being a watch, etc. so a boundary or threshold appears to have been crossed or priorities may be different than expected in this way. an onboard radio antenna would also provide higher resolution, though perhaps the timing chip inside the SoC watch is not built around highest precision as may otherwise be assumed. hopefully in the future it will be. the issue that seems relevant in the lag or delay is that there is that much more room for things to happen in terms of unaccounted for delays outside the parameters of hours:minutes:seconds, if milliseconds is some threshold, and then events are occurring in a realm of microseconds or even potentially nanoseconds, and how crypto could be operating or calculating in those dimensions and dynamics otherwise unseen or unobservable, such as 2+2=4 if looked at one way, and 2+2=5 if viewed outside those boundaries. [3] note: i specifically wrote about the above issue as part of a larger Apple Watch analysis, [4] and these recent articles provided more to consider about what may be involved. [4] -- 0. Cryogenic clocks pave the way to new measurements http://phys.org/news/2015-02-centimeter-cryogenic-clocks-pave.html [quote] According to Katori, "It was a great feeling to have shown this excellent agreement between the clocks. If we can miniaturize this technology further, it would have useful applications, since tiny fluctuations in gravitational potential could be used to detect underground resources, underground spaces, and the movement of lava. We also hope that in the future, this will accelerate the movement toward a new definition of the international second, based on optical lattice clocks, to an even more stringent standard than the current definition of the second, which is based on cesium oscillation." [/unquote] 1. How Apple Watch achieves its timekeeping accuracy http://watch.camp/2014/11/apple-watch-timekeeping-accuracy/ 2. Grace Hopper - Nanoseconds / Microseconds https://www.youtube.com/watch?v=JEpsKnWZrJ8 3. [2].5 + [2].5 = [5] 4. AWO: critique of Apple Watch concept… https://appleobservations.wordpress.com/index/5-2/ From grarpamp at gmail.com Tue Feb 10 20:00:56 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 10 Feb 2015 23:00:56 -0500 Subject: Learning from dpr mistakes In-Reply-To: References: <54D48504.5080306@mehnert.org> <1680857.CAZYUBBF9N@lapuntu> <20150211001214.NWJH32693.eastrmfepo103.cox.net@eastrmimpo210> Message-ID: > But yeah, monitoring the environment is a solid idea, as is CPU <-> RAM > encrypted pipeline. Someone was talking about this before, maybe in context of VM's. Yet it really only works if after cold boot the key held in core for those address segments luckily happens to be among the nonrecoverable bits of ram. Who has researched those odds? Though defense in depth is always good. Another way is to introduce a simple XOR hardware mask between the cpu and ram, keyed via some external token, wrist fob, etc. Unlikely computer makers respond to little demand for that. And like AMT you certainly don't want it in your "Intel" chipset. Today you might be able to patch a kernel to switch over post bootloader and consider its address space to now be that provided by an external block device (sata/usb), which could then be such an encrypted mini pluggable in the open hardware spirit of the usb RNG devices. It is the ram, so you don't need a long term key there, random generated per boot use is fine. Then you have moved keying issues to a smaller, manageable, quickly blackenable device, like crushing its silicon with a thumbpress. >> 1) program to notice his magic bracelet is not near >> 2) program to notice that vid cam is not a head but a chaotic scene Oh noes, my user's fitbit indicates ballistic heartrate / excess g forces... blacken keys!... :-) Support more drunken ideas, btc: 1k2VQNW47wJDmsLCd2xkSjY28twKRah63 From grarpamp at gmail.com Tue Feb 10 22:06:52 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 11 Feb 2015 01:06:52 -0500 Subject: The Reading Room hidden service In-Reply-To: <20150210100527.GA2519@sivokote.iziade.m$> References: <54D8A405.10707@jpunix.net> <54d918a9.062e8c0a.7af0.1286@mx.google.com> <20150210100527.GA2519@sivokote.iziade.m$> Message-ID: On Tue, Feb 10, 2015 at 5:05 AM, Georgi Guninski wrote: > Is there rough estimate for the bytesize of libgen? Well over 30TB. It's doable if distributed. They have some amount of semantic, not hash, duplicates that could be removed with help. > Would they cooperate? As to originating or multihoming in darknets? Ask them. Same for all these questions really. > Are they tolerant to (limited) crawling? Dumb bots are not welcome anywhere on the net when smarter mechanisms are available/buildable. Links: https://twitter.com/bodobalazs https://twitter.com/fhuysmans https://twitter.com/OpenBibliotheek http://operatorbeats.tumblr.com/post/37129651818/library-genesis-is-it-bad-that-like-all-books From juan.g71 at gmail.com Tue Feb 10 20:22:03 2015 From: juan.g71 at gmail.com (Juan) Date: Wed, 11 Feb 2015 01:22:03 -0300 Subject: Fw: The Reading Room hidden service Message-ID: <54dad851.485ce00a.6486.ffffa8b4@mx.google.com> Begin forwarded message: From grarpamp at gmail.com Tue Feb 10 22:49:39 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 11 Feb 2015 01:49:39 -0500 Subject: =?UTF-8?Q?Fwd=3A_=5Bguardian=2Ddev=5D_Pi=C3=B1ata_server_intrusion_bounty?= In-Reply-To: References: Message-ID: ---------- Forwarded message ---------- From: Patrick Connolly Date: Tue, Feb 10, 2015 at 1:38 PM Subject: [guardian-dev] Piñata server intrusion bounty To: Guardian Dev https://news.ycombinator.com/item?id=9027743 Would this be an interesting thing to put on a duplicate (...or production?) system and publicize? Might be an interesting practise for creating a form of canary, especially for projects that perhaps can't afford full and constant audits. Patrick -------------------------------------------- Q: Why is this email [hopefully] five sentences or less? | A: http://five.sentenc.es NOTE that my incoming emails are delayed from arriving in my inbox until 9am daily. If you need to reach me sooner, please use other means of getting in touch. #slowwebmovement _______________________________________________ List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To unsubscribe, email: guardian-dev-unsubscribe at lists.mayfirst.org From grarpamp at gmail.com Wed Feb 11 02:04:15 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 11 Feb 2015 05:04:15 -0500 Subject: Why Should[n't] I Work for the NSA? Message-ID: Have there been any threads or good public/panel debates involving one/both sides of this topic? https://www.youtube.com/results?search_query=working+for+the+nsa https://www.youtube.com/results?search_query=working+for+the+nsa+surveillance https://www.youtube.com/watch?v=UrOZllbNarw From hannes at mehnert.org Wed Feb 11 02:03:15 2015 From: hannes at mehnert.org (Hannes Mehnert) Date: Wed, 11 Feb 2015 10:03:15 +0000 Subject: Fwd: [guardian-dev] =?UTF-8?B?UGnDsWF0YSBzZXJ2ZXIgaW50cnVzaW8=?= =?UTF-8?B?biBib3VudHk=?= In-Reply-To: References: Message-ID: <54DB28E3.4070704@mehnert.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA384 Hi, On 02/11/2015 06:49, grarpamp wrote:> ---------- Forwarded message - ---------- > From: Patrick Connolly Date: Tue, > Feb 10, 2015 at 1:38 PM Subject: [guardian-dev] Piñata server > intrusion bounty To: Guardian Dev > > > > https://news.ycombinator.com/item?id=9027743 > > Would this be an interesting thing to put on a duplicate (...or > production?) system and publicize? > > Might be an interesting practise for creating a form of canary, > especially for projects that perhaps can't afford full and > constant audits. I'm one of the authors of OCaml-TLS, and we setup the bounty. So why did we do it? Because lots of company security bounties are very bureaucratic and intransparent - in order to receive the bounty you've to argue with the company - you might not disclose the vulnerability, they might not agree to the vulnerability, etc. (see https://www.schneier.com/crypto-gram/archives/1998/1215.html#contests and http://www.ieee-security.org/Cipher/PastIssues/1996/issue9602/issue9602.txt [I don't share all arguments of both articles]). Thus, having a transparent way [the blockchain] and an automated transmission (the server replies after successful authentication with the private key - no interaction from myself or the other author needed) - motivated us to put something against those security bounties. Unfortunately, it can only show the existence of issues, not their absence. The amount of the bounty is high enough to get some attention - - but might be too low for professionals to properly analyse (but then, they'd be able to brag about their success and get some fame). A too high bounty would put myself and the other author too much into the focus of a targeted attack. Obviously we have access to that private key in some way or another.. If you consider doing something like that again (which I appreciate), please take care to not deduce the security of YYY from no successful attack on the bounty (it depends very much on time, publicity, bounty - - whether it gets interest). It is crucial that such a bounty does not replace proper code audits (I don't have a good definition of "proper" here). Also, it would be neat to think about a good way how the server can prove that it actually has the private key to the bounty - but I believe it is impossible (similar to that the server cannot prove it runs the software we claim it does). So far we had roughly 75000 accesses to the website, and roughly 5000 TLS handshakes to the client/server/reverse client - which very much shows that it primarily gets publicity. I especially like our setup that you can short-circuit the server with its client and observe a successful TLS handshake which afterwards transmits the private key over the encrypted channel. I'm happy to discuss this further, and get feedback on the setup, hannes -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCQAGBQJU2yjjAAoJELyJZYjffCjuYTIQAJJ6ZDR9+pjHUubrN0SNexlm wJGHJ75Lbcgorjvf76vMhx8kB773E+EspluxOqrAU8NSM/nfMypO9PqcAJtWKI4f Bsvm0cNuvoCMTLQA3SM3DZEwNlTtOJSEixYm1xy0/+O6BzXNGPYhmFTwKDEKLrV0 nuBcZGGK0bvS4Mh855nwJYJEhIDXfIqlxCIL7ROAqV3n/HzeeFbIfFcM3zRNWjKg WMiUzeF4ReQhTadhkF+CWO5gWTSqGEgeW04g6wvA3FCWF17vQJZOz4XhA/h5ds3Z sRStWF/j1+wmCo7fDPnQQF1U9nQ4IjRjO9hdXoJAAmH2aN/FWPbgbCarxvX7pFMk 6IRjtjoo3XvJrAI848Gegr41BkV+qLn5ZHeP4pG/KAHE30pg2RBkBXhfzFTTnSBW VHAJ4qczH6tMSIptY/X7GPQjm8UBJh716VZiAYW23fA1Yxzy8CGTyAiYM0C9hhWn KZj+mcL2Gcsnl095iQNGg1Pbs+gSLWW4DH4TEYqxBCalLvmPLfLGIFgHGshw3/+w gRITIk+zHvMPEzNf5EMZYTnItiektPtMCHKsD/aPq2onjVQMvAdzUI7Xd0z58Sfx gvBYKjPZMcd08q3RW1Wf5o9mfUcf66zMHs9haonZIWyDhNyG7G8jokzqhHBkDxee ex0MH6YIA+1734Hymr/S =y6vy -----END PGP SIGNATURE----- From tbiehn at gmail.com Wed Feb 11 08:17:20 2015 From: tbiehn at gmail.com (Travis Biehn) Date: Wed, 11 Feb 2015 11:17:20 -0500 Subject: Fwd: Learning from dpr mistakes In-Reply-To: References: <54D48504.5080306@mehnert.org> <1680857.CAZYUBBF9N@lapuntu> <20150211001214.NWJH32693.eastrmfepo103.cox.net@eastrmimpo210> Message-ID: + cypherpunks http://en.wikipedia.org/wiki/TRESOR - Keys are stored in debug or SSE registers and never leave the CPU. Use of AES-NI gives you solid performance. [side-channel DPA/timing etc vulnerable, though :(] That + trusted boot + dm-verity & FDE. Delicious. [Add Xen bare-metal & qubes-esque setup.] I've never seen TRESOR work, that might be a fun side-project for someone. -Travis On Tue, Feb 10, 2015 at 11:00 PM, grarpamp wrote: > > But yeah, monitoring the environment is a solid idea, as is CPU <-> RAM > > encrypted pipeline. > > Someone was talking about this before, maybe in context of VM's. > Yet it really only works if after cold boot the key held in core for those > address segments luckily happens to be among the nonrecoverable > bits of ram. Who has researched those odds? Though defense in depth > is always good. > > Another way is to introduce a simple XOR hardware mask between > the cpu and ram, keyed via some external token, wrist fob, etc. > Unlikely computer makers respond to little demand for that. And > like AMT you certainly don't want it in your "Intel" chipset. > > Today you might be able to patch a kernel to switch over post bootloader > and consider its address space to now be that provided by an external > block device (sata/usb), which could then be such an encrypted mini > pluggable in the open hardware spirit of the usb RNG devices. It is the > ram, so you don't need a long term key there, random generated per boot > use is fine. Then you have moved keying issues to a smaller, manageable, > quickly blackenable device, like crushing its silicon with a thumbpress. > > >> 1) program to notice his magic bracelet is not near > >> 2) program to notice that vid cam is not a head but a chaotic scene > > Oh noes, my user's fitbit indicates ballistic heartrate / excess > g forces... blacken keys!... :-) > > Support more drunken ideas, btc: 1k2VQNW47wJDmsLCd2xkSjY28twKRah63 > -- Twitter | LinkedIn | GitHub | TravisBiehn.com | Google Plus -- Twitter | LinkedIn | GitHub | TravisBiehn.com | Google Plus -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 3598 bytes Desc: not available URL: From rysiek at hackerspace.pl Wed Feb 11 04:20:53 2015 From: rysiek at hackerspace.pl (rysiek) Date: Wed, 11 Feb 2015 13:20:53 +0100 Subject: Why Should[n't] I Work for the NSA? In-Reply-To: References: Message-ID: <2448014.6V8sk57J5P@lapuntu> Dnia środa, 11 lutego 2015 05:04:15 grarpamp pisze: > Have there been any threads or good public/panel > debates involving one/both sides of this topic? > > (...) > https://www.youtube.com/watch?v=UrOZllbNarw I think the last one summs it up pretty comprehensively. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From s at ctrlc.hu Wed Feb 11 04:43:27 2015 From: s at ctrlc.hu (stef) Date: Wed, 11 Feb 2015 13:43:27 +0100 Subject: Fwd: =?iso-8859-1?Q?=5Bguardian-de?= =?iso-8859-1?B?dl0gUGnxYXRh?= server intrusion bounty In-Reply-To: <54DB28E3.4070704@mehnert.org> References: <54DB28E3.4070704@mehnert.org> Message-ID: <20150211124327.GD9483@ctrlc.hu> On Wed, Feb 11, 2015 at 10:03:15AM +0000, Hannes Mehnert wrote: > Also, it would be neat to think about a good way how the server can > prove that it actually has the private key to the bounty - but I > believe it is impossible (similar to that the server cannot prove it > runs the software we claim it does). couldn't remote attestation be used for this? -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From hannes at mehnert.org Wed Feb 11 07:31:46 2015 From: hannes at mehnert.org (Hannes Mehnert) Date: Wed, 11 Feb 2015 15:31:46 +0000 Subject: Fwd: [guardian-dev] =?UTF-8?B?UGnDsWF0YSBzZXJ2ZXIgaW50cnVzaW8=?= =?UTF-8?B?biBib3VudHk=?= In-Reply-To: <20150211124327.GD9483@ctrlc.hu> References: <54DB28E3.4070704@mehnert.org> <20150211124327.GD9483@ctrlc.hu> Message-ID: <54DB75E2.1030100@mehnert.org> On 02/11/2015 12:43, stef wrote: > On Wed, Feb 11, 2015 at 10:03:15AM +0000, Hannes Mehnert wrote: >> Also, it would be neat to think about a good way how the server >> can prove that it actually has the private key to the bounty - >> but I believe it is impossible (similar to that the server cannot >> prove it runs the software we claim it does). > > couldn't remote attestation be used for this? sure - at least in theory. do you have any concrete implementation/strategy in mind? (I'm not an expert in RA)... hannes From tbiehn at gmail.com Wed Feb 11 12:53:10 2015 From: tbiehn at gmail.com (Travis Biehn) Date: Wed, 11 Feb 2015 15:53:10 -0500 Subject: Fwd: Learning from dpr mistakes In-Reply-To: <1423686791.266162.226330229.5D155D0C@webmail.messagingengine.com> References: <54D48504.5080306@mehnert.org> <1680857.CAZYUBBF9N@lapuntu> <20150211001214.NWJH32693.eastrmfepo103.cox.net@eastrmimpo210> <1423686791.266162.226330229.5D155D0C@webmail.messagingengine.com> Message-ID: You are protecting against hardware attackers with TRESOR. So... it only makes sense at the bare-metal / Hypervisor level. -Travis On Wed, Feb 11, 2015 at 3:33 PM, Alfie John wrote: > On Thu, Feb 12, 2015, at 03:17 AM, Travis Biehn wrote: > > + cypherpunks > > > > http://en.wikipedia.org/wiki/TRESOR - Keys are stored in debug or SSE > > registers and never leave the CPU. Use of AES-NI gives you solid > > performance. [side-channel DPA/timing etc vulnerable, though :(] > > > > That + trusted boot + dm-verity & FDE. Delicious. [Add Xen bare-metal > > & qubes-esque setup.] > > > > I've never seen TRESOR work, that might be a fun side-project for > > someone. > > Wouldn't running TRESOR under Xen be useless as Xen would need to > save/restore SSE registers when switching between VMs (and putting them > in memory)? > > Alfie > > -- > Alfie John > alfiej at fastmail.fm > -- Twitter | LinkedIn | GitHub | TravisBiehn.com | Google Plus -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1990 bytes Desc: not available URL: From grarpamp at gmail.com Wed Feb 11 23:35:03 2015 From: grarpamp at gmail.com (grarpamp) Date: Thu, 12 Feb 2015 02:35:03 -0500 Subject: [tor-talk] REAL-ID Internet Access Coming Soon In-Reply-To: <54DBD10A.3070104@rawbw.com> References: <20150211151746.46572ka7qifqi6g4@www.vfemail.net> <54DBD10A.3070104@rawbw.com> Message-ID: On Wed, Feb 11, 2015 at 5:00 PM, Yuri wrote: > > On 02/11/2015 13:17, goofyzrnssm at vfemail.net wrote: >> >> If a `REAL-ID Internet Access' law were to gain traction in the U.S., how >> would such a law be enforced exactly? Use your imagination. > Real ID enforcement would violate people's anonymity rights, which are very > well protected in US (https://en.wikipedia.org/wiki/Anonymity#United_States). We're not talking about books and soapboxing today, class. We're talking about "papers please" being required for everything you do. Including, among other things, your internet access at home, mobile, in the library, coffee shop and so on. Today you can somewhat preserve your right to be anonymous and bigdata free, by manipulating inputs to some of these things. If you haven't noticed, that's become steadily harder over time. > So there is no > chance of this happening in US. Hah! That's what you think. Pending some games in the Supreme Court (if there are any brave souls left), it's already done... https://en.wikipedia.org/wiki/REAL_ID_Act > The OP was primarily concerned about other countries. No. China and Facebook were referenced as two that were already doing a semantic equivalent of REAL-ID for certain usage contexts of the internet. And it was described what will happen if you don't act. (If you know anything about history, it should be clear that that applies to all places on the planet, and that failure to act gets you what they want, not what you want.) You can add Russia to the list now too... http://yro.slashdot.org/story/15/02/11/2245240/russia-seeking-to-ban-tor-vpns-and-other-anonymizing-tools From alfiej at fastmail.fm Wed Feb 11 12:33:11 2015 From: alfiej at fastmail.fm (Alfie John) Date: Thu, 12 Feb 2015 07:33:11 +1100 Subject: Fwd: Learning from dpr mistakes In-Reply-To: References: <54D48504.5080306@mehnert.org> <1680857.CAZYUBBF9N@lapuntu> <20150211001214.NWJH32693.eastrmfepo103.cox.net@eastrmimpo210> Message-ID: <1423686791.266162.226330229.5D155D0C@webmail.messagingengine.com> On Thu, Feb 12, 2015, at 03:17 AM, Travis Biehn wrote: > + cypherpunks > > http://en.wikipedia.org/wiki/TRESOR - Keys are stored in debug or SSE > registers and never leave the CPU. Use of AES-NI gives you solid > performance. [side-channel DPA/timing etc vulnerable, though :(] > > That + trusted boot + dm-verity & FDE. Delicious. [Add Xen bare-metal > & qubes-esque setup.] > > I've never seen TRESOR work, that might be a fun side-project for > someone. Wouldn't running TRESOR under Xen be useless as Xen would need to save/restore SSE registers when switching between VMs (and putting them in memory)? Alfie -- Alfie John alfiej at fastmail.fm From rysiek at hackerspace.pl Thu Feb 12 02:20:59 2015 From: rysiek at hackerspace.pl (rysiek) Date: Thu, 12 Feb 2015 11:20:59 +0100 Subject: [tor-talk] REAL-ID Internet Access Coming Soon In-Reply-To: References: <20150211151746.46572ka7qifqi6g4@www.vfemail.net> <54DBD10A.3070104@rawbw.com> Message-ID: <1893776.TIxBQ1kjkL@lapuntu> Dnia czwartek, 12 lutego 2015 02:35:03 grarpamp pisze: > On Wed, Feb 11, 2015 at 5:00 PM, Yuri wrote: > > On 02/11/2015 13:17, goofyzrnssm at vfemail.net wrote: > >> If a `REAL-ID Internet Access' law were to gain traction in the U.S., how > >> would such a law be enforced exactly? > > Use your imagination. > > > Real ID enforcement would violate people's anonymity rights, which are > > very > > well protected in US > > (https://en.wikipedia.org/wiki/Anonymity#United_States). > > We're not talking about books and soapboxing today, class. Exactly. And remember that mainstream public and politicians see Teh Intertubes as "something completely different", a "virtual reality" in which laws and regulations do not apply. This includes any local constitution. Example: if you had people on post offices opening and reading all mail, people would revolt; you already have people reading your e-mail, and the public goes "that's bad, but meh". People don't see Internet as a tool, which it is. They see it as a new "domain", new "frontier", in which laws must only be created and human rights protections do not apply. That's why I find any "Internet Bills of Rights" as counter-productive. They promulgate this divided vision and while some might to some extent solve part of the problems with the Internet, come new communications technology and we have the very same problem. Instead of "Internet Bills of Rights" we need to make people and politicians understand that *the* Bill of Rights already pertains to the Internet. But I digress. tl;dr politicians and the general public don't see the anonymity thing the way you do, the Internet is this scary place full of trolls and "cyberhackers" that can take down the electric grid on a whim, and the only thing that can stop them is identifying every connection. For your security! -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From electromagnetize at gmail.com Thu Feb 12 20:34:34 2015 From: electromagnetize at gmail.com (brian carroll) Date: Thu, 12 Feb 2015 22:34:34 -0600 Subject: lab-in-a-box Message-ID: (quantifying and real-time activity auditing in-office) Lab-in-a-box takes aim at doctors' computer activity They call it "the Lab-in-a-Box." According to Nadir Weibel, a research scientist in the Computer Science and Engineering (CSE) department at the University of California, San Diego, inside the box are assorted sensors and software designed to monitor a doctor's office, particularly during consultations with patients. The goal is to analyze the physician's behavior and better understand the dynamics of the interactions of the doctor with the electronic medical records and the patients in front of them. The eventual goal is to provide useful input on how to run the medical practice more efficiently. Read more at: http://phys.org/news/2015-02-lab-in-a-box-aim-doctors.html From shelley at misanthropia.org Fri Feb 13 11:47:49 2015 From: shelley at misanthropia.org (shelley at misanthropia.org) Date: Fri, 13 Feb 2015 11:47:49 -0800 Subject: =?UTF-8?B?UmU6IEhhY2tlcnMgY2Fu4oCZdCBzb2x2ZSBTdXJ2ZWlsbGFuY2U=?= In-Reply-To: <14b8449d858.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> References: <20150213000322.GN9483@ctrlc.hu> <20150213162435.GB2685@sivokote.iziade.m$> <54DE338E.6090608@dyne.org> <20150213175403.GC2685@sivokote.iziade.m$> Message-ID: <14b847b96b8.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> ---------- On February 13, 2015 10:43:21 AM Georgi Guninski wrote: > On Fri, Feb 13, 2015 at 02:25:34PM -0300, hellekin wrote: > > > I am a bit paranoid about HACKERSPACE, since likely the > > > dear NSA might have infiltrated it. > > > > > *** Then terrorists win. > > The paranoid in me is not sure what is considered "terrorist" > nowadays. > > I am pretty sure some of the heroes I studied in high school > are considered "terrorist"s nowadays. Your paranoia may not be without merit. The TLAs consider people who quote the 'founding fathers' or who invoke the Constitution (and not just the NRA-level gun nuts) to be ter'rists. People who use encryption or pay for their daily caffeine fix with cash (or, gods forbid, btc) are deemed worthy of scrutiny. So, yeah... most of us on this list are already screwed (at least the ones who aren't TLA spies and pigkissers themselves.) From hellekin at dyne.org Fri Feb 13 09:25:34 2015 From: hellekin at dyne.org (hellekin) Date: Fri, 13 Feb 2015 14:25:34 -0300 Subject: Hackers =?UTF-8?B?Y2Fu4oCZdCBzb2x2ZSBTdXJ2ZWlsbGFuY2U=?= In-Reply-To: <20150213162435.GB2685@sivokote.iziade.m$> References: <20150213000322.GN9483@ctrlc.hu> <20150213162435.GB2685@sivokote.iziade.m$> Message-ID: <54DE338E.6090608@dyne.org> On 02/13/2015 01:24 PM, Georgi Guninski wrote: > > "I have loans to the bank to pay". > *** There is always a good reason not to act. > > I am a bit paranoid about HACKERSPACE, since likely the > dear NSA might have infiltrated it. > *** Then terrorists win. You're FUD cake. A bit paranoid is fine: you need it for survival. But if it prevents you from trying to stop the train you see on its way to crashing, or if you can, jump off it, then it's suicidal. The current train is going too fast for anyone to jump off, and there's no place to land safely anyway. But the wall is still approaching fast as well. == hk -- _ _ We are free to share code and we code to share freedom (_X_)yne Foundation, Free Culture Foundry * https://www.dyne.org/donate/ From hellekin at dyne.org Fri Feb 13 12:49:04 2015 From: hellekin at dyne.org (hellekin) Date: Fri, 13 Feb 2015 17:49:04 -0300 Subject: Hackers =?windows-1252?Q?can=92t_solve_Surveillance?= In-Reply-To: <20150213175403.GC2685@sivokote.iziade.m$> References: <20150213000322.GN9483@ctrlc.hu> <20150213162435.GB2685@sivokote.iziade.m$> <54DE338E.6090608@dyne.org> <20150213175403.GC2685@sivokote.iziade.m$> Message-ID: <54DE6340.5000501@dyne.org> On 02/13/2015 02:54 PM, Georgi Guninski wrote: > On Fri, Feb 13, 2015 at 02:25:34PM -0300, hellekin wrote: >>> I am a bit paranoid about HACKERSPACE, since likely the >>> dear NSA might have infiltrated it. >>> >> *** Then terrorists win. > > The paranoid in me is not sure what is considered "terrorist" > nowadays. > > I am pretty sure some of the heroes I studied in high school > are considered "terrorist"s nowadays. > *** Sure enough. For me the terrorists are those who impose terror. If you're afraid at a hackerspace because it is infiltrated by spooks, then you're a victim of mass terrorism. FUD is a common tactics of terrorism. Big media propaganda is a good channel for that as well. The TLAs use terrorism constantly. That's how they win: FUD, FUD, FUD, and then pick up. Remember that FBI tactics of finding a potential target and luring them into committing a crime in order to arrest them? That's also a form of terrorism, because it prevents anyone from having sane human relationships. "Maybe this cool stranger I've been opening up to is going to rat me out, or enter my home, or rob my mother". Terrorism is not just suicide bombers blowing up a bus or two guys walking into a building for a massacre. That's the handcrafted level of terrorism. That's the terrorism the industrial terrorists use as an excuse to impose their industrial terror and distill more control across society. FUD, FUD, FUD, and then pick up. In the voice of the terrorists, everyone against them is labeled a terrorist. The more vociferous ones are put on a kill list and droned out, along with all the people around them. If that's not "an evil act of terrorism", I am the Maadi. == hk P.S.: oh shit, I delurked. Hi! -- _ _ We are free to share code and we code to share freedom (_X_)yne Foundation, Free Culture Foundry * https://www.dyne.org/donate/ From guninski at guninski.com Fri Feb 13 08:16:59 2015 From: guninski at guninski.com (Georgi Guninski) Date: Fri, 13 Feb 2015 18:16:59 +0200 Subject: lab-in-a-box In-Reply-To: References: Message-ID: <20150213161659.GA2685@sivokote.iziade.m$> On Thu, Feb 12, 2015 at 10:34:34PM -0600, brian carroll wrote: > (quantifying and real-time activity auditing in-office) > > Lab-in-a-box takes aim at doctors' computer activity > > They call it "the Lab-in-a-Box." According to Nadir Weibel, a research > scientist in the Computer Science and Engineering (CSE) department at > the University of California, San Diego, inside the box are assorted > sensors and software designed to monitor a doctor's office, > particularly during consultations with patients. The goal is to > analyze the physician's behavior and better understand the dynamics of > the interactions of the doctor with the electronic medical records and > the patients in front of them. The eventual goal is to provide useful > input on how to run the medical practice more efficiently. > > Read more at: http://phys.org/news/2015-02-lab-in-a-box-aim-doctors.html If gynaecolists implement this, this might increase the amount of p0rn ;) From guninski at guninski.com Fri Feb 13 08:24:35 2015 From: guninski at guninski.com (Georgi Guninski) Date: Fri, 13 Feb 2015 18:24:35 +0200 Subject: Hackers =?utf-8?B?Y2Fu4oCZ?= =?utf-8?Q?t?= solve Surveillance In-Reply-To: <20150213000322.GN9483@ctrlc.hu> References: <20150213000322.GN9483@ctrlc.hu> Message-ID: <20150213162435.GB2685@sivokote.iziade.m$> On Fri, Feb 13, 2015 at 01:03:22AM +0100, stef wrote: > i think this is related and relevant to recent discussions. > > src: http://www.dmytri.info/hackers-cant-solve-surveillance/ > > quoted in full for your convenience: > > > Hackers can’t solve Surveillance > > ..snip... > > communications. In order to achieve a society where we can expect privacy > > we need more hackers and This appears utopia to me. We need more JUSTICE as well. There is a principle GIGO ~ Garbage In Garbage Out. Last time I tried to explain to a sheeple she is a sheeple she asked something like "You crazy anti-establishment? I have loans to the bank to pay". > > hackerspaces to embrace the broader political > > challenges of building a more equal society. I am a bit paranoid about HACKERSPACE, since likely the dear NSA might have infiltrated it. From l at odewijk.nl Fri Feb 13 11:43:02 2015 From: l at odewijk.nl (=?UTF-8?Q?Lodewijk_andr=C3=A9_de_la_porte?=) Date: Fri, 13 Feb 2015 19:43:02 +0000 Subject: =?UTF-8?Q?Re=3A_Hackers_can=E2=80=99t_solve_Surveillance?= References: <20150213000322.GN9483@ctrlc.hu> Message-ID: The fun began with the implication that healthcare for everyone is a must. Good healthcare means not dying in good health. Assuming mental health (too tricky to deal with for this argument) that leaves people that wish to die in a precarious position. And what do with so many people? That might seem a strange argument, but it is not at all. Healthcare is yet imperfect because it's damn hard and expensive. Less surveillance is easier, not harder. The problem is that the general public WANTS surveillance. They want to give away their liberties for the safety it may bring them. Marx had a huge audience. I do not believe the hackers do. "Solving" surveilance for me means aligning it with justice, dignity, freedom and most significantly, tirrany prevention. With the cost of surveilance only going down we must consider the endgame. The endgame is full and continuous surveillance. It is inevitable as long as more surveillance has any advantage. I am not yet sure how to deal with this properly, and think it a political question. As for claiming your own privacy: we're far behind in the game for reasons beyond me. Most likely some modern variant of imperialism, where money is stolen from the weak and thrown at surveillance (see also the American budget for the department of unconsitutionality). To compare these issues with healthcare is meaningless. Although the conclusion is correct. If there is not far more effort (=money) expanded on feature-and-convenience parity for privacy-protecting solutions; we're all royally fucked. And no violent revolution will beat back the drone armies that already in flight. The time that a revolution was feasible was already ending when the founding fathers decreed Americans must bear arms in militias. Without similar class weaponry there is no chance, regardless of combatant quantity. The assault rifle cannot match the helicopter, the APC, the drone, and is not readily available either. The people's organization (intelligence and command and control infrastructure) will never again match that of the army. There will be no more violent revolutions. That is over now. So, if everyone would be so kind as to think of what to do about a world steepled in dysfunctional markets ... Well that would probably solve the privacy thing as well. We'd know to buy safe. And we'd spend a lot more on healthcare, too, I'm sure. But perhaps before everyone lived indefinitelt, we should fix democracy, or adopt whatever *cracy does work. Although, who's first to shoot me when I suggest no person knows what's best even for himself, or should be left the freedom to make the wrong choice? Besides, isn't government merely a product on a less free market? P.S.: i take back everything i stated in this rant. It's the only way anyone could make a statement nowadays ;) -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 3048 bytes Desc: not available URL: From guninski at guninski.com Fri Feb 13 09:54:03 2015 From: guninski at guninski.com (Georgi Guninski) Date: Fri, 13 Feb 2015 19:54:03 +0200 Subject: Hackers =?utf-8?B?Y2Fu4oCZ?= =?utf-8?Q?t?= solve Surveillance In-Reply-To: <54DE338E.6090608@dyne.org> References: <20150213000322.GN9483@ctrlc.hu> <20150213162435.GB2685@sivokote.iziade.m$> <54DE338E.6090608@dyne.org> Message-ID: <20150213175403.GC2685@sivokote.iziade.m$> On Fri, Feb 13, 2015 at 02:25:34PM -0300, hellekin wrote: > > I am a bit paranoid about HACKERSPACE, since likely the > > dear NSA might have infiltrated it. > > > *** Then terrorists win. The paranoid in me is not sure what is considered "terrorist" nowadays. I am pretty sure some of the heroes I studied in high school are considered "terrorist"s nowadays. From aestetix at aestetix.com Fri Feb 13 22:05:41 2015 From: aestetix at aestetix.com (aestetix) Date: Fri, 13 Feb 2015 22:05:41 -0800 Subject: Security/Privacy Tradeoff - Dave DeWalt of Mandiant In-Reply-To: References: Message-ID: <54DEE5B5.5050106@aestetix.com> I will simply say that most people making speeches about privacy these days don't actually understand what privacy is or why it's important. On 2/13/15 9:08 PM, Travis Biehn wrote: > From the article > http://www.cbsnews.com/news/obamas-cybersecurity-plan-why-the-government-cant-protect-us/ > > "Dave DeWalt, CEO of security firm Mandiant, a participant in Friday's > summit, hopes that fear of privacy invasion won't get in the way of the > work that needs to get done. He pointed to the way the way public > backlash to government surveillance programs revealed by former NSA > contractor Edward Snowden stymied previous efforts to effectively open > the lines of communication. > > "This balance between privacy and security ebbs and flows and > unfortunately that was a huge setback -- a setback to the tune of > several years," he said. > " > > This is the first that I've ever heard of a tradeoff between privacy and > security in the context of 'cyber security'. > It's interesting to see this common trope for justifying widespread > erosion of privacy in meatspace applied to 'cyber', where it is even > more egregiously wrong. > > Travis > -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 513 bytes Desc: OpenPGP digital signature URL: From s at ctrlc.hu Fri Feb 13 14:12:01 2015 From: s at ctrlc.hu (stef) Date: Fri, 13 Feb 2015 23:12:01 +0100 Subject: Hackers =?utf-8?B?Y2Fu4oCZ?= =?utf-8?Q?t?= solve Surveillance In-Reply-To: <20150213162435.GB2685@sivokote.iziade.m$> References: <20150213000322.GN9483@ctrlc.hu> <20150213162435.GB2685@sivokote.iziade.m$> Message-ID: <20150213221201.GX9483@ctrlc.hu> On Fri, Feb 13, 2015 at 06:24:35PM +0200, Georgi Guninski wrote: > > > communications. In order to achieve a society where we can expect privacy > > > we need more hackers and > > This appears utopia to me. > > We need more JUSTICE as well. accountability i like. there's so much talk about transparency, but none about accountability. i mean, transparency without accountability is like being raped, when you have accountability that's like you have a chance to kick the fucker in the balls. but transparency is like "enjoying" the "act" in the mirror.... > There is a principle GIGO ~ Garbage In Garbage Out. what does that principle tell us, and how is this relevant here? > Last time I tried to explain to a sheeple she is a sheeple > she asked something like "You crazy anti-establishment? I > have loans to the bank to pay". ah, the stockholm syndrome. i really like some research on psychological effects on victims of blue collar crimes, and then published widely in msm (i know another utopia, but then i'm writing mails not code). i have no clue but if there is a research community around this topic, but it should be goldrush times for them now. ;/ > > > hackerspaces to embrace the broader political > > > challenges of building a more equal society. > > I am a bit paranoid about HACKERSPACE, since likely the > dear NSA might have infiltrated it. well i believe this is a reference to maxigas' paper about the political and social differences between hacklabs, hackerspaces and other maker/fab/etc-labs. this is a bit in conflict with the opening argument (medicines sans frontiers not healing the world, but it being a societal responsibility) and here it the argumentation falls back to the "hackers have to save us all". i agree with maxigas, hackerspaces should take more responsibility though. -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From tbiehn at gmail.com Fri Feb 13 21:08:56 2015 From: tbiehn at gmail.com (Travis Biehn) Date: Sat, 14 Feb 2015 00:08:56 -0500 Subject: Security/Privacy Tradeoff - Dave DeWalt of Mandiant Message-ID: >From the article http://www.cbsnews.com/news/obamas-cybersecurity-plan-why-the-government-cant-protect-us/ "Dave DeWalt, CEO of security firm Mandiant, a participant in Friday's summit, hopes that fear of privacy invasion won't get in the way of the work that needs to get done. He pointed to the way the way public backlash to government surveillance programs revealed by former NSA contractor Edward Snowden stymied previous efforts to effectively open the lines of communication. "This balance between privacy and security ebbs and flows and unfortunately that was a huge setback -- a setback to the tune of several years," he said. " This is the first that I've ever heard of a tradeoff between privacy and security in the context of 'cyber security'. It's interesting to see this common trope for justifying widespread erosion of privacy in meatspace applied to 'cyber', where it is even more egregiously wrong. Travis -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1174 bytes Desc: not available URL: From kyboren at riseup.net Fri Feb 13 16:59:20 2015 From: kyboren at riseup.net (Andrew) Date: Sat, 14 Feb 2015 00:59:20 +0000 Subject: Russians--including BU CompSci Professor--Propose Limiting Access to Tor & Anonymizers Message-ID: <54DE9DE8.5020806@riseup.net> http://inform-24.com/4114-leonid-levin-zasluzhivaet-vnimaniya-vopros-o-dosudebnoy-blokirovke-anonimizatorov-i-sredstv-dostupa-v-anonimnye-seti-tipa-tor.html Summary: Leonid Levin, notable professor at Boston University, who themselves run a heavily-trafficked Tor exit node, attacks Tor and supports state control of information. English translation: > Leonid Levin: "we should pay attention" to the question about pre-trial[?] blocking of anonymizers and ways to access anonymizing networks such as Tor. > > The committee chair of the State Duma (parliament) on Information Policy, Information Technologies and Communications, Leonid Levin, suggested to consider the question about limiting access to the Tor anonymizer internet-network. He said it during "Infoforum2015". > > By his words, this restriction would allow not only limiting access via anonymizing networks to information forbidden for distribution, but also would "extend the potential" for counteraction to the distribution of malicious programs. Besides, that would prevent illegal access to [hacking of?] computer information. > > At the same time Levin believes that the system of information control in the country "leaves much to be desired". He explains that "International tension, technologization and internalization of delinquency[?] make us put serious additional funds into military forces and law enforcement agencies. This is completely logical and justified, but for some reason the system of information control is [not in this series/not like this] yet." > > Levin mentioned that while Roscomnadzor (Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications) is successfully solving problems within its powers/limits, "it is obvious that it lacks people (staff units) and resources". ---------- https://vk.com/liga?w=wall-26121341_9052 Summary: Denis Davydov, Executive Director of the "League of Safe Internet" attacks Tor and its use in leading 'political struggle' English translation: > #anonymizers #tor #leagueOfSafeInternet > > In continuation of the theme of anonymizers > > League of Safe Internet: "Anonymous networks are used primarily to commit crimes" > > "We strongly support the idea of limiting Russia's access to anonymous networks, including Tor. "Invisible" Internet has made it possible for criminals of all stripes to hide their intentions from the state and use it to commit crimes: to acquire drugs and weapons, to distribute child pornography, to trade in human beings, including sex slaves, and to lead a political struggle. Do not forget that Tor is an American development and is used as well by the US intelligence agencies to expand the hegemony of the United States all around the world: agents and collaborators of the US State Department are engaged in illegal activities against countries while remaining anonymous to the authorities of that country. > > This is a very serious problem and it is bad that our government distanced itself from it and does not deal with it. > > I am convinced that the restriction on the use of anonymous networks will have a positive impact on us in every sense, will increase the trust of users to the network [Internet], and people will use it more actively and openly. This will lead to a specific economic effect and benefit to the state,"- the Executive Director of the League of Safe Internet Denis Davydov. From grarpamp at gmail.com Fri Feb 13 22:15:58 2015 From: grarpamp at gmail.com (grarpamp) Date: Sat, 14 Feb 2015 01:15:58 -0500 Subject: Hackers CAN Solve Surveillance Message-ID: Hackers can't solve Surveillance? No, hack*ing* can't solve surveillance. Hacking is a bandaid that carries no political or legal weight whatsoever. All of it can be brushed aside with the simple stroke of a pen. Yet hack*ers* CAN solve surveillance. However currently, they simply are not doing anything useful there. Here's some examples of what hackers are doing in just the news from today... They're giggity about features... http://tech.slashdot.org/story/15/02/12/2323200/facebook-adds-legacy-contact-feature-in-case-you-die-before-it-does Trying to get hired at companies that have questionable loyalties to their users... http://apple.slashdot.org/story/15/02/13/2338234/apple-hiring-automotive-experts Putting the wrong spin on their own inventions... http://it.slashdot.org/story/15/02/13/1548202/new-encryption-method-fights-reverse-engineering And masturbating over version numbers as usual... http://linux.slashdot.org/story/15/02/13/1341213/torvalds-polls-desire-for-linuxs-next-major-version-bump Meanwhile... Since hackers weren't speaking up as to what they wanted politically and steering the decisions there, Corp and Gov tired of waiting for their leadership and decided to come up with their own plans in the vacuum... http://yro.slashdot.org/story/15/02/13/1711225/tech-industry-in-search-of-leadership-at-white-house-cyber-summit Nations are now asking them for their "papers please"... http://tech.slashdot.org/story/15/02/13/1821249/eu-preparing-vast-air-passenger-database Figuring out more ways to collect and share your privates and rape your devices... http://tech.slashdot.org/story/15/02/13/141215/iowa-wants-to-let-you-carry-your-drivers-license-on-your-phone And the whole world is conspiring to royally fuck them and their ideas... http://yro.slashdot.org/story/15/02/13/2259255/trans-pacific-partnership-enables-harsh-penalties-for-filesharing Today's freedom score is, ZERO for you, and FOUR for them. Hackers among you... hacking is NOT just about what comes out of your keyboard while heads down staring at it. It is, and now must be, more about what comes out of your mouth while standing up in the political arena. Code is a byproduct of and requires the freedom to write and use it. Those freedoms are being ripped out from under you while you sleep off your last all night coding session. It's time to wake up and get out from behind your keyboards. No one is going to do it for you. From kyboren at riseup.net Fri Feb 13 18:26:11 2015 From: kyboren at riseup.net (Andrew) Date: Sat, 14 Feb 2015 02:26:11 +0000 Subject: [corrected] Re: Russians Propose Limiting Access to Tor & Anonymizers In-Reply-To: <54DE9DE8.5020806@riseup.net> References: <54DE9DE8.5020806@riseup.net> Message-ID: <54DEB243.1020007@riseup.net> Note: Appears to be the wrong Leonid Levin. My apologies. Andrew: > http://inform-24.com/4114-leonid-levin-zasluzhivaet-vnimaniya-vopros-o-dosudebnoy-blokirovke-anonimizatorov-i-sredstv-dostupa-v-anonimnye-seti-tipa-tor.html > > Summary: Leonid Levin, notable professor at Boston University, who > themselves run a heavily-trafficked Tor exit node, attacks Tor and > supports state control of information. > > English translation: >> Leonid Levin: "we should pay attention" to the question about > pre-trial[?] blocking of anonymizers and ways to access anonymizing > networks such as Tor. >> >> The committee chair of the State Duma (parliament) on Information > Policy, Information Technologies and Communications, Leonid Levin, > suggested to consider the question about limiting access to the Tor > anonymizer internet-network. He said it during "Infoforum2015". >> >> By his words, this restriction would allow not only limiting access > via anonymizing networks to information forbidden for distribution, but > also would "extend the potential" for counteraction to the distribution > of malicious programs. Besides, that would prevent illegal access to > [hacking of?] computer information. >> >> At the same time Levin believes that the system of information control > in the country "leaves much to be desired". He explains that > "International tension, technologization and internalization of > delinquency[?] make us put serious additional funds into military forces > and law enforcement agencies. This is completely logical and justified, > but for some reason the system of information control is [not in this > series/not like this] yet." >> >> Levin mentioned that while Roscomnadzor (Federal Service for > Supervision in the Sphere of Telecom, Information Technologies and Mass > Communications) is successfully solving problems within its > powers/limits, "it is obvious that it lacks people (staff units) and > resources". > > > ---------- > > > https://vk.com/liga?w=wall-26121341_9052 > > Summary: Denis Davydov, Executive Director of the "League of Safe > Internet" attacks Tor and its use in leading 'political struggle' > > English translation: >> #anonymizers #tor #leagueOfSafeInternet >> >> In continuation of the theme of anonymizers >> >> League of Safe Internet: "Anonymous networks are used primarily to > commit crimes" >> >> "We strongly support the idea of limiting Russia's access to anonymous > networks, including Tor. "Invisible" Internet has made it possible for > criminals of all stripes to hide their intentions from the state and use > it to commit crimes: to acquire drugs and weapons, to distribute child > pornography, to trade in human beings, including sex slaves, and to lead > a political struggle. Do not forget that Tor is an American development > and is used as well by the US intelligence agencies to expand the > hegemony of the United States all around the world: agents and > collaborators of the US State Department are engaged in illegal > activities against countries while remaining anonymous to the > authorities of that country. >> >> This is a very serious problem and it is bad that our government > distanced itself from it and does not deal with it. >> >> I am convinced that the restriction on the use of anonymous networks > will have a positive impact on us in every sense, will increase the > trust of users to the network [Internet], and people will use it more > actively and openly. This will lead to a specific economic effect and > benefit to the state,"- the Executive Director of the League of Safe > Internet Denis Davydov. > From grarpamp at gmail.com Fri Feb 13 23:55:41 2015 From: grarpamp at gmail.com (grarpamp) Date: Sat, 14 Feb 2015 02:55:41 -0500 Subject: =?UTF-8?Q?Re=3A_Hackers_can=E2=80=99t_solve_Surveillance?= In-Reply-To: <14b847b96b8.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> References: <20150213000322.GN9483@ctrlc.hu> <20150213162435.GB2685@sivokote.iziade.m$> <54DE338E.6090608@dyne.org> <20150213175403.GC2685@sivokote.iziade.m$> <14b8449d858.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> <14b847b96b8.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> Message-ID: >> I am pretty sure some of the heroes I studied in high school > people who [think and create...] scrutinized... What depth are there to those studies? And what of kids who write their own independant analysis and stories, on any subject or position really? Some are marked and scheduled for counseling and more training... https://www.youtube.com/watch?v=Q2BfqDUPL1I There is no progress for society without free thought. From jya at pipeline.com Sat Feb 14 06:15:02 2015 From: jya at pipeline.com (John Young) Date: Sat, 14 Feb 2015 09:15:02 -0500 Subject: Business Wants Accessible Crypto from Business In-Reply-To: <54DE6046.4040900@yahoo.co.uk> References: <54DE6046.4040900@yahoo.co.uk> Message-ID: http://www.cbsnews.com/news/obamas-cybersecurity-plan-why-the-government-cant-protect-us/ "Dave DeWalt, CEO of security firm Mandiant, a participant in Friday's summit, hopes that fear of privacy invasion won't get in the way of the work that needs to get done. He pointed to the way the way public backlash to government surveillance programs revealed by former NSA contractor Edward Snowden stymied previous efforts to effectively open the lines of communication. "This balance between privacy and security ebbs and flows and unfortunately that was a huge setback -- a setback to the tune of several years," he said. via cypherpunks -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 818 bytes Desc: not available URL: From jya at pipeline.com Sat Feb 14 06:29:50 2015 From: jya at pipeline.com (John Young) Date: Sat, 14 Feb 2015 09:29:50 -0500 Subject: Security/Privacy Tradeoff - Dave DeWalt of Mandiant In-Reply-To: References: Message-ID: Well, it has been a generation since this standard business practice was challenged. And then went to covert cooperation to placate consumer anger. Why would a new generation not do the same as their mentors? Even here, among hackers, in universities, in corporations, in government, hats change colors, as heads and wallets and guts fatten. Hellman has said he regrets releasing PKC, succumbing to a young man's and scholar's desire for publicity over bland government secrecy. Now thinks national security is bigger than individual desire. This is the arc of maturity, especially from those who did gain publicity early on and now welcome invitations to serve as official advisors. Our cpunk heros Whit Diffie and David Wagner are serving as reviewers for NSA best cybersecurity paper. Others are invited to NSA and Congress to provide counsel to policymakers. Others peddle crypto to governments and corporations as if RSA, Google, Apple, Facebook, Twitter, the AV hustlers are the required standard of duplicity demanded by investors. At 12:08 AM 2/14/2015, Travis Biehn wrote: > From the article > http://www.cbsnews.com/news/obamas-cybersecurity-plan-why-the-government-cant-protect-us/ > >"Dave DeWalt, CEO of security firm Mandiant, a participant in >Friday's summit, hopes that fear of privacy invasion won't get in >the way of the work that needs to get done. He pointed to the way >the way public backlash to government surveillance programs revealed >by former NSA contractor Edward Snowden stymied previous efforts to >effectively open the lines of communication. > >"This balance between privacy and security ebbs and flows and >unfortunately that was a huge setback -- a setback to the tune of >several years," he said. >" > >This is the first that I've ever heard of a tradeoff between privacy >and security in the context of 'cyber security'. >It's interesting to see this common trope for justifying widespread >erosion of privacy in meatspace applied to 'cyber', where it is even >more egregiously wrong. > >Travis -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2346 bytes Desc: not available URL: From guninski at guninski.com Sat Feb 14 04:34:41 2015 From: guninski at guninski.com (Georgi Guninski) Date: Sat, 14 Feb 2015 14:34:41 +0200 Subject: Hackers =?utf-8?B?Y2Fu4oCZ?= =?utf-8?Q?t?= solve Surveillance In-Reply-To: <54DE6340.5000501@dyne.org> References: <20150213000322.GN9483@ctrlc.hu> <20150213162435.GB2685@sivokote.iziade.m$> <54DE338E.6090608@dyne.org> <20150213175403.GC2685@sivokote.iziade.m$> <54DE6340.5000501@dyne.org> Message-ID: <20150214123440.GA2496@sivokote.iziade.m$> On Fri, Feb 13, 2015 at 05:49:04PM -0300, hellekin wrote: > *** Sure enough. For me the terrorists are those who impose terror. If > you're afraid at a hackerspace because it is infiltrated by spooks, then > you're a victim of mass terrorism. FUD is a common tactics of > terrorism. Big media propaganda is a good channel for that as well. To clarify I am not against hackerspaces. Not afraid to join them so far if I find good ones. Probably Occupy Wallstreet had more impact than just chatting on this list. From rysiek at hackerspace.pl Sat Feb 14 13:27:37 2015 From: rysiek at hackerspace.pl (rysiek) Date: Sat, 14 Feb 2015 22:27:37 +0100 Subject: Hackers CAN Solve Surveillance In-Reply-To: References: Message-ID: <2615774.muDO3KceC4@lapuntu> Dnia sobota, 14 lutego 2015 01:15:58 grarpamp pisze: > Hackers can't solve Surveillance? > > No, hack*ing* can't solve surveillance. Hacking is a bandaid that > carries no political or legal weight whatsoever. All of it can be > brushed aside with the simple stroke of a pen. > > Yet hack*ers* CAN solve surveillance. > However currently, they simply are not doing anything useful there. This. Very much this. -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From list at sysfu.com Sun Feb 15 05:01:57 2015 From: list at sysfu.com (Seth) Date: Sun, 15 Feb 2015 05:01:57 -0800 Subject: [tor-talk] REAL-ID Internet Access Coming Soon In-Reply-To: References: <20150211151746.46572ka7qifqi6g4@www.vfemail.net> <54DBD10A.3070104@rawbw.com> Message-ID: On Wed, 11 Feb 2015 23:35:03 -0800, grarpamp wrote: > We're not talking about books and soapboxing today, class. We're talking > about "papers please" being required for everything you do. Including, > among other things, your internet access at home, mobile, in the library, > coffee shop and so on. If the current trend of requiring govt slave papers for everything continues apace I don't think this statement can be dismissed as alarmist. Look at the inroads the control grid has made in the past 20 years, 40 year and over olds being carded to enter any place serving alcohol or buy a goddamn beer, 'ID' to get on a plane, (now includes intercity buses and trains), SSNs (Slave Surveillance Numbers) practically mandatory to obtain a drivers license or open a bank account, license plate readers everywhere, small planes flying overhead slurping and mapping yer wifi device IDs, it would take me all night just to list all the new surveillance bullshit we've been assaulted with during this time frame. > Today you can somewhat preserve your right to be > anonymous and bigdata free, by manipulating inputs to some of these > things. If you haven't noticed, that's become steadily harder over time. I imagine 'they' are going to have to criminalize unlicensed encryption, wireless/SDR etc to really nail you down, but after a few well targeted 'dem dere terrists wuz fixin' on using X to kill muhricans!' psychological warfare ops everyone seeking privacy will be the subject of a vicious witch hunt, after which just insert the well worn script of a rabid public foaming at the mouth and hell bent on revenge, just like after 9/11, the war drums will start beating again, people rounded up, nobody has learned a fucking thing. Clueless hordes of deranged television-addled submitizen jackasses will be wildly cheering it all on, maniacally deep-throating the big cock of the corporate media government propaganda war machine, begging for a yet another massive load of disease ridden yellow journalism, eyes bulging with out-of-body-experience ecstasy during climax as they hungrily gulp down each injection of toxic lies, licking the shaft hungrily for every last drop, eager for more, looking for the next scapegoat to project their own pathological insecurities and fears onto. From grarpamp at gmail.com Sun Feb 15 10:23:22 2015 From: grarpamp at gmail.com (grarpamp) Date: Sun, 15 Feb 2015 13:23:22 -0500 Subject: List Administrivia Message-ID: Can you add the To: and Cc: headers to the list of headers that eventually end up in the 'Downloadable version' of the archives linked below. Along with the already included Messsage-ID, In-Reply-To, and References... that should make those versions more fully threadable, sortable and searchable by MUA's and provide more understandable participant context. Thanks. https://cpunks.org/pipermail/cypherpunks/ From guninski at guninski.com Sun Feb 15 06:55:01 2015 From: guninski at guninski.com (Georgi Guninski) Date: Sun, 15 Feb 2015 16:55:01 +0200 Subject: Hackers =?utf-8?B?Y2Fu4oCZ?= =?utf-8?Q?t?= solve Surveillance In-Reply-To: <20150213221201.GX9483@ctrlc.hu> References: <20150213000322.GN9483@ctrlc.hu> <20150213162435.GB2685@sivokote.iziade.m$> <20150213221201.GX9483@ctrlc.hu> Message-ID: <20150215145501.GA2443@sivokote.iziade.m$> On Fri, Feb 13, 2015 at 11:12:01PM +0100, stef wrote: > ah, the stockholm syndrome. i really like some research on psychological > effects on victims of blue collar crimes, and then published widely in msm (i > know another utopia, but then i'm writing mails not code). i have no clue but > if there is a research community around this topic, but it should be goldrush > times for them now. ;/ > Why not write one? Say multiple choice test "Sheepleness score?" Or short paper "Sheeple for dummies". It ain't rocket science or writing reliable remote linux kernel TCP sploit ;) Doubt the majority of mainstream "researches" will risk their job on the sheeple topic. Darknets and http://vixra.org/ likely will "publish" it ;). From companys at stanford.edu Mon Feb 16 12:27:19 2015 From: companys at stanford.edu (Yosem Companys) Date: Mon, 16 Feb 2015 12:27:19 -0800 Subject: [liberationtech] At Stanford on Friday, Feb. 20 -- Vitalik Buterin: Ethereum & Cryptoeconomic Mechanisms & Security Message-ID: From: David Wu via security-seminar at lists.stanford.edu at https://mailman.stanford.edu/mailman/listinfo/security-seminar Introduction to Ethereum, and Cryptoeconomic Mechanisms and Security Vitalik Buterin Friday, February 20, 2015 Talk at 4:15pm Gates 463 Abstract: The presentation will provide an introduction to the Ethereum protocol from a technical perspective, including the high-level operation of the blockchain protocol, contract calling and gas mechanics, use of Patricia Merkle trees and other cryptography and light client proofs. I will then discuss some of the interplay between economics/game theory and cryptography both in consensus algorithm design (eg. proof of work, proof of stake) as well higher-level protocols like sidechains, challenge-response protocols and SchellingCoin, and will attempt to define and dissect different interpretations of the concept of "cryptoeconomic assurance". -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu. ----- End forwarded message ----- From jya at pipeline.com Mon Feb 16 09:34:35 2015 From: jya at pipeline.com (John Young) Date: Mon, 16 Feb 2015 12:34:35 -0500 Subject: Encryption used to secure transports is used to hide data exfiltration Message-ID: "The very encryption used to secure transports is used to hide data exfiltration." http://46qasb3uw5yn639ko4bz2ptr8u.wpengine.netdna-cdn.com/files/2015/02/IMG_6926.jpg http://blog.kaspersky.com/kaspersky-security-analyst-summit-2015-the-live-blog/ From tbiehn at gmail.com Mon Feb 16 12:40:30 2015 From: tbiehn at gmail.com (Travis Biehn) Date: Mon, 16 Feb 2015 15:40:30 -0500 Subject: Encryption used to secure transports is used to hide data exfiltration In-Reply-To: References: Message-ID: If only there were some sort of 'master key' that could decrypt all the traffic so "friendly neighborhood analysts" can inspect it. Those pesky developers and their insistence on having open protocols without backdoors.... The clean-up crews all want to design better mops and detect spills faster - not prevent the mess in the first place. "You can't make a spill-resistant cup - spend all your money on spill detection." "Irradiate the stuff so we can detect it as it splashes with our sensor arrays." -Travis On Mon, Feb 16, 2015 at 12:34 PM, John Young wrote: > "The very encryption used to secure transports is used to hide data > exfiltration." > > http://46qasb3uw5yn639ko4bz2ptr8u.wpengine.netdna-cdn.com/files/ > 2015/02/IMG_6926.jpg > > http://blog.kaspersky.com/kaspersky-security-analyst- > summit-2015-the-live-blog/ > > > -- Twitter | LinkedIn | GitHub | TravisBiehn.com | Google Plus -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2007 bytes Desc: not available URL: From grarpamp at gmail.com Tue Feb 17 15:38:30 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 17 Feb 2015 18:38:30 -0500 Subject: [cryptography] [Cryptography] Equation Group Multiple Malware Program, NSA Implicated In-Reply-To: <54E37074.3080208@iang.org> References: <54E32788.9030108@iang.org> <54E37074.3080208@iang.org> Message-ID: >>>> Here's an interesting comparison. Most academic cryptographers believe >>>> that the NSA has lost its lead: While for years they were the only ones >>>> doing cryptography, and were decades ahead of anyone on the outside, but >>>> now we have so many good people on the outside that we've caught up to, >>>> and perhaps even surpassed, the NSA. I've always found this reasoning a >>>> bit too pat. But getting actual evidence has been impossible. >>> >> What evidence is there for this? > > Snowden saying "encryption works." This is probably quite true... from his particular vantage/access point and social network. Yet however much we may know about that side being relatively open and shary and the capabilities there, it is not an exclusive answer to the crypto question. None of the Snowden docs to date are or show any real details about the crypto side of the house. He either had no interest (unlikely), had no time, found it too risky (whether to pull off without being caught, or over concern about some element of grave damage), or simply had no access. > FBI complaining about going dark, we need backdoors - they only ever > complain at that level as proxy for NSA, and same complaint is repeated in > rapid succession in UK, DE. These sort of things may be important indicators. Yet to prove them as such you'd also have to analyse the history of FUD making, grab attempts and so on to interpret. It could be that selective crypto is not dark, but merely expensive to scale into being "see all" as desired with the old in clear. So you would have to analyse the costs there. Electricity, rainbow disk storage, real estate, cooling. How do you know the disk makers and their suppliers do not have black wing budgets. Or that there is not a multi billion fab lab buried under some mountain powered by a ground radiator / aquifer cooled nuke reactor? > This is exactly how organizations win over smart individuals: > They build a database of expertise over many years, and they are > patient and can keep at it indefinitely. Yes, that's one... who is tracking where all the brilliant maths and others go after high school? The student names in known friendly colleges and programs? The ones that seem to drop from the public scene? What media is publishing interviews with them? Where are known adversary retirees that may have something to say when invited? >> It's not that I have evidence the other way. We just don't know. > At one level, this all comes down to your model of science. > ... > thinking of the question as a murder investigation - clues, hypotheses, > correlations, etc. To know the adversary you must continual analyse all potential aspects, and not just aspect itself but their inputs, dependencies and output/result chains. Then maybe you can answer some questions. After all, the adversary is doing analysis upon you. > Right. I'm surprised Android sells any phones in USA market. It's surprising that maybe no one has yet reverse engineered the binary blobs/drivers in android to provide a fully open software stack there. And although more difficult, same goes for the firmware blobs. Regardless of effectiveness, it would show market demand. >> New models for large >> corporations only started to arise in the late 1960's, with the development >> of so-called "knowledge organizations". Knowledge, and knowledge dichotomy within capacity of biology as a whole to adapt evenly, seems quite a potential for scary outcomes... http://yro.slashdot.org/story/15/02/17/2229240/oregon-residents-riled-over-virtually-staff-free-data-centers-getting-tax-breaks http://science.slashdot.org/story/15/02/17/030208/game-theory-calls-cooperation-into-question http://yro.slashdot.org/story/15/02/17/0025237/att-to-match-google-fiber-in-kansas-city-charge-more-if-you-want-privacy http://tech.slashdot.org/story/15/02/16/2332217/the-software-revolution >>> In sum, I'd say they are ahead in the pure math, but you'd be hard >>> pressed to find an area where it mattered. >> >> Maybe. It's really impossible to say. Two days ago, I would probably >> have agreed with you. Now ... I'm not so sure. As with Google, they hire a lot of Maths and others, and have been at it for decades longer. Even generations of maths born into now. There is too much silence from these workers. Especially when society could probably get along just as well without so many organizational level secrets everywhere (wars), and now potentially against peoples if you believe that sort of thing. More Snowdens Please. From grarpamp at gmail.com Tue Feb 17 16:36:06 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 17 Feb 2015 19:36:06 -0500 Subject: [cryptography] [Cryptography] Equation Group Multiple Malware Program, NSA Implicated In-Reply-To: References: <54E32788.9030108@iang.org> <54E37074.3080208@iang.org> Message-ID: >From someone failing to send to list: > Or he actually got those docs ... Possible, but you would expect crypto research to be well compartmented from legal, sigint and offensive ops that appear to be the sole scope of the known docs. If research does posess a break, maintaining that secret while producing politically/operationally useful decrypts would be harder to manage. > but the journalists he entrusted them to have decided not to release them. You can always bury / escrow multiple copies in multiple locations known only to you in case you need them later. Hard to believe this was not forseen and done given history of media with prior leaks. From grarpamp at gmail.com Tue Feb 17 18:03:48 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 17 Feb 2015 21:03:48 -0500 Subject: Extracting Equation Group's malware from hard drives In-Reply-To: <1424220975.3438110.229002373.02319FA1@webmail.messagingengine.com> References: <1424220975.3438110.229002373.02319FA1@webmail.messagingengine.com> Message-ID: > Does anyone know of any tools to extract the Equation Group's malware > from hard drive firmware? You can pull firmware and even get a shell on most drives with jtag and other pin headers. Search for it. From grarpamp at gmail.com Tue Feb 17 21:30:15 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 18 Feb 2015 00:30:15 -0500 Subject: Broad coalition pushes for Minnesota data privacy amendment Message-ID: A move to change the Minnesota Constitution to protect text messages, e-mails and other electronic data from warrantless searches is getting enthusiastic support from a broad coalition of lawmakers and privacy advocates, but could face roadblocks from key DFL Senate leaders. The “My Life, My Data” movement would make Minnesota the second state to amend its Constitution by adding the words “electronic communications and data” to Section 10 of the document, which guarantees “the right of the people to be secure in their persons, houses, papers and effects against unreasonable searches and seizures.” If approved, the amendment would appear on the November 2016 election ballot. A similar measure passed in Missouri last year with 75 percent of voter support... Continues at... http://www.startribune.com/politics/statelocal/292136831.html http://yro.slashdot.org/story/15/02/18/0046200/mn-legislature-introduces-amendment-to-protect-electronic-communications From grarpamp at gmail.com Tue Feb 17 22:57:22 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 18 Feb 2015 01:57:22 -0500 Subject: Face Recognition Breakthrough - Why develop nukes? Message-ID: http://tech.slashdot.org/story/15/02/18/0024203/breakthrough-in-face-recognition-software Face recognition software underwent a revolution in 2001 with the creation of the Viola-Jones algorithm. Now, the field looks set to dramatically improve once again: computer scientists from Stanford and Yahoo Labs have published a new, simple approach that can find faces turned at an angle and those that are partially blocked by something else. The researchers "capitalize on the advances made in recent years on a type of machine learning known as a deep convolutional neural network. The idea is to train a many-layered neural network using a vast database of annotated examples, in this case pictures of faces from many angles. To that end, Farfade and co created a database of 200,000 images that included faces at various angles and orientations and a further 20 million images without faces. They then trained their neural net in batches of 128 images over 50,000 iterations. ... What's more, their algorithm is significantly better at spotting faces when upside down, something other approaches haven't perfected." ... Why, like nukes, does society insist on developing tech whose primary purpose upon analysis seems only to be destructive, or of control, or in removing rights from individuals and groups, or just plain [ab]using them for profit? What possible quantifiable significant individualized benefit would a single human have from such things, when in fact they are pointed at them, instead of being wielded in their own hands? This isn't crypto or a weapon a human can also use to protect themselves beforehand. Do you really need to facial recognize your friends, your boss, doctor, or even to seek justice [aka: revenge] after someone's already done damage to you? Do you really care if another face has your name so long as if the cops come, society, laws and process are done right such that you are declared as innocent error and formally expunged from all db's and news and even compensated? Where is the FR in your hands? For that matter, do any individuals in your network really need to FR you either? In individual paired contexts, FR seems pointless. And any benefit when used to say hunt in a group seems thoroughly washed out by negatives on balance. When the camera comes to your face, instinct tells to put a mask to protect yourself. So there's something obviously wrong with the "picture" being developed here. Maybe it is the developers that need more cameras in their face to get a feel for the more likely uses. From grarpamp at gmail.com Tue Feb 17 23:09:30 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 18 Feb 2015 02:09:30 -0500 Subject: Firmware exploits summary Message-ID: http://spritesmods.com/?art=hddhack http://s3.eurecom.fr/~zaddach/ https://www.ibr.cs.tu-bs.de/users/kurmus/ https://www.schneier.com/blog/archives/2014/01/iratemonk_nsa_e.html http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/ https://srlabs.de/badusb/ https://en.wikipedia.org/wiki/NSA_ANT_catalog http://inertiawar.com/microcode/ https://wiki.archlinux.org/index.php/microcode http://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-vol-3a-part-1-manual.pdf https://en.wikipedia.org/wiki/Intel_Active_Management_Technology http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/files/2015/02/Equation_group_questions_and_answers.pdf http://arstechnica.com/security/2015/02/how-omnipotent-hackers-tied-to-the-nsa-hid-for-14-years-and-were-found-at-last/ From ryacko at gmail.com Wed Feb 18 02:32:23 2015 From: ryacko at gmail.com (Ryan Carboni) Date: Wed, 18 Feb 2015 02:32:23 -0800 Subject: [cryptography] [Cryptography] Equation Group Multiple Malware Program, NSA Implicated In-Reply-To: References: <54E32788.9030108@iang.org> <54E37074.3080208@iang.org> Message-ID: Can't trust anything, except the mail. Only solution: personally encrypt messages by hand, using computers and GPG only for transmitting master keys if the keys cannot be delivered in person. https://en.wikipedia.org/wiki/PGP_word_list Oddly there isn't as much outcry over this as compared to FBI black bag jobs, even though this is literally the same. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 499 bytes Desc: not available URL: From list at sysfu.com Wed Feb 18 03:45:32 2015 From: list at sysfu.com (Seth) Date: Wed, 18 Feb 2015 03:45:32 -0800 Subject: [qubes-users] Persistent firmware backdoors possible across major hard drive brands In-Reply-To: <20150217151114.GB10743@leitl.org> References: <20150217151114.GB10743@leitl.org> Message-ID: On Tue, 17 Feb 2015 07:11:14 -0800, Eugen Leitl wrote: > Affected HDD brands include[2] (but are probably not limited to): > * Western Digital > * Maxtor > * Seagate > * Hitachi > * Micron > * OCZ > * OWC > * Corsair > * Mushkin > * Samsung > * Toshiba I thought I remembered reading somewhere that malicious firmware replacement for Intel drives was either difficult or nigh impossible due to their practice of code-signing updates. Perhaps that could explain their absence from this list. From juan.g71 at gmail.com Tue Feb 17 23:35:41 2015 From: juan.g71 at gmail.com (Juan) Date: Wed, 18 Feb 2015 04:35:41 -0300 Subject: Face Recognition Breakthrough - Why develop nukes? In-Reply-To: References: Message-ID: <54e4402a.44da8c0a.7f2a.6f8a@mx.google.com> On Wed, 18 Feb 2015 01:57:22 -0500 grarpamp wrote: > Why, like nukes, does society insist on developing > tech whose primary purpose upon analysis seems > only to be destructive, Society? What 'society'? You are talking about particular individuals who happen to be shitbags. In a sense, 'society' doesn't do anything. Some ideas may be shared by different groups of people or even majorities, but the 'building block' is still the individual so to speak. >or of control, or in removing rights > from individuals and groups, or just plain [ab]using them > for profit? What possible quantifiable significant individualized > benefit would a single human have from such things, when > in fact they are pointed at them, instead of being wielded > in their own hands? > > This isn't crypto or a weapon a human can also use to > protect themselves beforehand. Do you really need to > facial recognize your friends, your boss, doctor, or even to > seek justice [aka: revenge] after someone's already done > damage to you? Do you really care if another face has > your name so long as if the cops come, society, laws and > process are done right such that you are declared as > innocent error and formally expunged from all db's and news > and even compensated? Where is the FR in your hands? For > that matter, do any individuals in your network really need to > FR you either? In individual paired contexts, FR seems > pointless. And any benefit when used to say hunt in a > group seems thoroughly washed out by negatives on balance. > > When the camera comes to your face, instinct tells > to put a mask to protect yourself. So there's something > obviously wrong with the "picture" being developed here. > Maybe it is the developers that need more cameras > in their face to get a feel for the more likely uses. From cypherpunks at cheiraminhavirilha.com Tue Feb 17 22:32:24 2015 From: cypherpunks at cheiraminhavirilha.com (Virilha) Date: Wed, 18 Feb 2015 06:32:24 +0000 Subject: BitTorrent, VPS and no DMCA Message-ID: <20150218063224.Horde.TX6IIJVVYA1YD9u8JVIAVg1@127.0.0.1> just had found being able to run a torrent seed box (in a medium bandwidth VPS, cheap) without getting DMCA requests, restarting daemon every 240 seconds - new randomized port on each restart. Using Deluge as torrent program and 8 lines of bash script to do the restart job. i forgot the restart script once and, next day, DMCA arrived. didnt bothered to found the optimal value since 240 seconds is ok for my needs. any other experiences? -Virilha From cypherpunks at cheiraminhavirilha.com Tue Feb 17 23:48:42 2015 From: cypherpunks at cheiraminhavirilha.com (Virilha) Date: Wed, 18 Feb 2015 07:48:42 +0000 Subject: Extracting Equation Group's malware from hard drives In-Reply-To: References: <1424220975.3438110.229002373.02319FA1@webmail.messagingengine.com> Message-ID: <20150218074842.Horde.1VoxbEE9tb6x6u3frj6hZQ1@127.0.0.1> From page 18 of paper (https://securelist.com/files/2015/02/Equation_group_questions_and_answers.pdf) ... 'The disk is targeted by a specific serial number and reprogrammed by a series of ATA commands. For example, in the case of Seagate drives, we see a chain of commands: “FLUSH CACHE” (E7) → “DOWNLOAD MICROCODE” (92) → “IDENTIFY DEVICE” (EC) → WRITE “LOG EXT” (3F). Depending on the reflashing request, there might be some unclear data manipulations written to the drive using “WRITE LOG EXT” (3F)' ... This 3-letters-agency did it with software, mostly using undocumented ATA commands. A software approach would reach a larger audience, assuming not everyone knows eletronics and/or can pull his/her HDD off. Assuming no one knows the specifications for the ATA commands, or has the time/knowledge/samples to analyze and reverse engineer it, a request of such a tool for the Kaspersky guys seems the best approach. -Virilha ----- Message from grarpamp --------- Date: Tue, 17 Feb 2015 21:03:48 -0500 From: grarpamp Subject: Re: Extracting Equation Group's malware from hard drives To: cpunks Cc: Cryptography Mailing List >> Does anyone know of any tools to extract the Equation Group's malware >> from hard drive firmware? > > You can pull firmware and even get a shell on most > drives with jtag and other pin headers. Search for it. ----- End message from grarpamp ----- From blibbet at gmail.com Wed Feb 18 08:46:16 2015 From: blibbet at gmail.com (Blibbet) Date: Wed, 18 Feb 2015 08:46:16 -0800 Subject: Extracting Equation Group's malware from hard drives In-Reply-To: <1424220975.3438110.229002373.02319FA1@webmail.messagingengine.com> References: <1424220975.3438110.229002373.02319FA1@webmail.messagingengine.com> Message-ID: <54E4C1D8.7030604@gmail.com> On 02/17/2015 04:56 PM, Alfie John wrote: > Hi lists, > > Does anyone know of any tools to extract the Equation Group's malware > from hard drive firmware? FlashROM should be able to help. Does anyone know if these are BIOS-era OptionROM- based, or UEFI-based drivers? If they are UEFI drivers, the UEFI Dev Kit (UDK) tools can help. > Also, are there any public registries online to report and view > infections? RANT: This recent event is an example of why OEMs/IHVs/IBVs need to treat firmware more like software and not like silicon. We *NEED* SCAP OVAL definitions SCAP CVEs, ChangeLogs/ReadMes with feature/bug deltas. These days, there is no excuse, CoreBoot and UEFI(TianoCore.org) are open source projects, not the ancient monolithic BIOS codebase with ancient OpROM blobs. All existing blobs that OEMs/IHVs release should be signs, and have a CRL/OSCP URL for updates. There needs to be a public registry of these BIOS OpROM blobs and UEFI binaries. We need a vendor neutral logo that lists detalis about firmware, not rely on MSFT to drive Windows OEMs to only do what MSFT wants; and we need Consumer Reports to track this data about systems. Most importantly, OEMs need to build systems which enable users to install their own firmware, like users do today with OS software. From drwho at virtadpt.net Wed Feb 18 10:45:38 2015 From: drwho at virtadpt.net (The Doctor) Date: Wed, 18 Feb 2015 10:45:38 -0800 Subject: Extracting Equation Group's malware from hard drives In-Reply-To: <1424220975.3438110.229002373.02319FA1@webmail.messagingengine.com> References: <1424220975.3438110.229002373.02319FA1@webmail.messagingengine.com> Message-ID: <54E4DDD2.2050403@virtadpt.net> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 02/17/2015 04:56 PM, Alfie John wrote: > Does anyone know of any tools to extract the Equation Group's > malware from hard drive firmware? - From talking with some folks who've dumped and reverse engineered other kinds of firmware, the JTAG interface (http://www.corelis.com/education/JTAG_Tutorial.htm) seems like it'd be a good place to start. That, and digging up the datasheets on as many of the integrated circuits on the boards in question. > Also, are there any public registries online to report and view > infections? Not offhand. I'd be curious, too. - -- The Doctor [412/724/301/703/415] [ZS] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ Covalent bonding: Sharing is caring! -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJU5N3NAAoJED1np1pUQ8RkQzsP/2gApXEcFml+SX+9P5CVpAhT MAhnQHxtJ53Pk44WL+/bt2+QcejfyK+PjNmcFHtAXOyr86vnqCv6OsHVcnTEuJZ9 6HvR3n06bEDy1g/OzuO8RlmYsmkNaHrLb1keou26rtthFBBvqD5VRJQQyD7xi+mu 89466rdtdDqPEcBxivqmJp8Rx4NU/V9vXXQ1pE76t13CfbFUMPRIZwQs6SVlvS2+ Jc16k9JSO+rbj9ciHn4nBq3eq6p4ZMK95m235Okn4SkuKc9vJGNWHrOme9tP9qXa 3EpABQsL7bbT+kL0lFNB0jQj0Bb44KIuMCje89k9GO7LbOr/775p12q/v6G4oE1X EQ5KIQmZLNUx2P+QChAW3AYuNoVqIkLMKOd7M/bqu9KnQrrpWtQ5G+eskMOvRToA 2guj8nyIrqniVCqr4dQVZKF2f75CGd1tw46t4NCV5xHJRK5gBuJIGSnZ06WYQVRB 0L87/fLw4faZNLPlJ0mMg98Q0sZYlnQUREPkStVX+ZB2hw22h3x2lPsMppPTolkA tvv7oEtZsBRGT+bhrEO5Apz3Aa7JMkVjn7j2i8K7IrQBUTPOVLiSAgAMen2IKj/G ks+drxLjPKSamMHlP5ycAdOBgiz4/9PI7WiKsU0BrI4b98OrxPmlnCghKOyCMHFc qJIEby0Ch6YPvAbvBmGC =LN8k -----END PGP SIGNATURE----- From alfiej at fastmail.fm Tue Feb 17 16:56:15 2015 From: alfiej at fastmail.fm (Alfie John) Date: Wed, 18 Feb 2015 11:56:15 +1100 Subject: Extracting Equation Group's malware from hard drives Message-ID: <1424220975.3438110.229002373.02319FA1@webmail.messagingengine.com> Hi lists, Does anyone know of any tools to extract the Equation Group's malware from hard drive firmware? Also, are there any public registries online to report and view infections? Alfie -- Alfie John alfiej at fastmail.fm From grarpamp at gmail.com Wed Feb 18 13:20:05 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 18 Feb 2015 16:20:05 -0500 Subject: Extracting Equation Group's malware from hard drives In-Reply-To: <20150218074842.Horde.1VoxbEE9tb6x6u3frj6hZQ1@127.0.0.1> References: <1424220975.3438110.229002373.02319FA1@webmail.messagingengine.com> <20150218074842.Horde.1VoxbEE9tb6x6u3frj6hZQ1@127.0.0.1> Message-ID: On Wed, Feb 18, 2015 at 2:48 AM, Virilha wrote: > > This 3-letters-agency did it with software, mostly using undocumented ATA > commands. > > Assuming no one knows the specifications for the ATA commands All the non vendor specific command specs are documented at t10, t13, serialata ... https://ata.wiki.kernel.org/index.php/Developer_Resources Which you can bitbash for fun from userland with the likes of ... http://www.freebsd.org/cgi/man.cgi?query=camcontrol From grarpamp at gmail.com Wed Feb 18 14:05:43 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 18 Feb 2015 17:05:43 -0500 Subject: =?UTF-8?Q?Fwd=3A_=5Btor=2Dtalk=5D_Call_for_Participation_=E2=80=93_ACM_SigCo?= =?UTF-8?Q?mm2015_=E2=80=93_Workshop_on_Ethics_in_Networked_Systems_Research?= In-Reply-To: References: Message-ID: ---------- Forwarded message ---------- From: Bendert Zevenbergen Date: Wed, Feb 18, 2015 at 6:20 AM Subject: [tor-talk] Call for Participation – ACM SigComm2015 – Workshop on Ethics in Networked Systems Research Call for Participation – ACM SigComm2015 – Workshop on Ethics in Networked Systems Research Co-located with ACM SIGCOMM’15 August 21st 2015 London, UK A full day workshop titled “Ethics in Networked Systems Research” will be held at the ACM SIGCOMM 2015 in London. This multidisciplinary workshop will bring together two distinct groups of researchers: - Computer scientists, network scientists and other technical researchers who are interested in the ethical and legal aspects of their work; - Researchers studying the various ethical, social scientific and legal aspects of data-driven projects in the field of computer and data communication networks. This workshop seeks 1 to 4 page summaries, focussing on ethical considerations of papers, publications and projects from the two disciplines, for example: - Technical research in the field of computer and data communication networks that either operates in an ethical grey zone, collects and processes personal data/personal identifiable information, or has been rejected from another venue on ethical grounds; - Ethical, social scientific or legal research that reflects on – or aims to guide – technical research and projects in the field of computer and data communication networks, especially an analysis to minimise the potential harm whilst enabling a broad range of Internet research to be conducted. Selected authors and invited speakers will present their work, which will be followed by a structured discussion. The workshop will also facilitate an interactive session in which participants will split into multidisciplinary groups and address emerging ethical dilemmas in Internet measurement and information controls research, partly based on the submitted summaries. This session will be informed by a website (currently under development), that presents ethical guidelines for the fields of Internet measurement and information control. Papers submitted to this workshop will not be archived in the formal sense, so authors can submit papers elsewhere, or submit summaries of previously accepted papers. Important Dates Paper submission deadline – March 31st, 2015 Paper acceptance notification – April 30th, 2015 Organisers Prof. Ian Brown – Oxford Internet Institute Dr. Joss Wright – Oxford Internet Institute Bendert Zevenbergen – Oxford Internet Institute Erin Kenneally – University of California San Diego, Center for Applied Internet Research & Elchemy, Inc. Dr. Malavika Jayaram – Berkman Center for Internet & Society, Harvard + Centre for Internet & Society, India Allen Gunn – Aspiration Tech Meredith Whittaker – Measurement Lab Christopher Wilson – the engine room Stuart Schechter – Microsoft Research Please email papers to bendert.zevenbergen at oii.ox.ac.uk Workshop website: http://conferences.sigcomm.org/sigcomm/2015/netethics.php -- https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk From grarpamp at gmail.com Wed Feb 18 15:12:07 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 18 Feb 2015 18:12:07 -0500 Subject: [Cryptography] trojans in the firmware In-Reply-To: References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> Message-ID: On Wed, Feb 18, 2015 at 5:16 PM, Tom Mitchell wrote: > The critical stage is the boot ROM (BIOS) and the boot device. > Once Linux has booted a lot is possible but too much has already taken > place. > A BIOS that allows booting from a Flash memory card must be trusted. > > Virtual machines may help or hinder. > > The VM is sitting where the man in the middle wants to be and if it wants > can protect or expose > the OSs that it hosts. A VM can protect a hard drive from being infected > by blocking vendor > codes that might try to update or corrupt modern disks of boot flash memory. Afaik, all vm's today simply pass through all drive commands. It seems a move all the BSD's and Linux could make today, without waiting on untrustable hardware vendors to roll out signature verification in hardware, is to simply kernel block all commands unnecessary to actual production use of the disk. Permit only from a list of READ, WRITE, ERASE, INQ, TUR, RST, and so on. Thus every other command component, including firmware update, vendor specific, and binary fuzzing, gets dropped and logged. It could be done as a securelevel, or compiled in. It's definitely not bulletproof, but it does force adversaries to add that much more exploit code and effort to get root and go around the driver interface to access the hardware directly. Defense in depth. Similar tactics could be applied to other areas where firmware and vendor/fuzzable opcodes are involved... usb, bios and cpu. From grarpamp at gmail.com Wed Feb 18 15:31:49 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 18 Feb 2015 18:31:49 -0500 Subject: Obama believes in strong encryption Message-ID: http://recode.net/2015/02/13/obama-theres-no-scenario-in-which-we-dont-want-really-strong-encryption/ https://www.youtube.com/watch?v=yaylQmnXztU http://it.slashdot.org/story/15/02/17/2230257/obama-says-hes-a-strong-believer-in-strong-encryption Contrast with many recent US administration and agency statements all on the record as well. Is this a mindshift, or a case of FUD then false savior? From rsw at jfet.org Wed Feb 18 17:03:34 2015 From: rsw at jfet.org (Riad S. Wahby) Date: Wed, 18 Feb 2015 20:03:34 -0500 Subject: List Administrivia In-Reply-To: References: Message-ID: <20150219010334.GA17700@antiproton.jfet.org> grarpamp wrote: > Can you add the To: and Cc: headers to the > list of headers that eventually end up in the > 'Downloadable version' of the archives linked below. I've rebuilt the archives, adding the To: and Cc: headers and (finally!) disabling the rudimentary obscuring of email addresses that had previously been enabled. I was surprised to learn that (at least in the version I'm running) Mailman has no options for retaining extra headers in the text archives. Fortunately, adding it wasn't too annoying. Please let me know if I've unwittingly broken anything, and thank you, grarpamp, for suggesting the various improvements to the archive. -=rsw From cpunks at martin-studio.com Wed Feb 18 20:39:23 2015 From: cpunks at martin-studio.com (Anthony Martin) Date: Wed, 18 Feb 2015 20:39:23 -0800 Subject: Obama believes in strong encryption In-Reply-To: References: Message-ID: He said that the private sector is a problem. On Wed, Feb 18, 2015 at 3:31 PM, grarpamp wrote: > > http://recode.net/2015/02/13/obama-theres-no-scenario-in-which-we-dont-want-really-strong-encryption/ > https://www.youtube.com/watch?v=yaylQmnXztU > > http://it.slashdot.org/story/15/02/17/2230257/obama-says-hes-a-strong-believer-in-strong-encryption > > Contrast with many recent US administration > and agency statements all on the record as well. > > Is this a mindshift, or a case of FUD then false savior? > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 1409 bytes Desc: not available URL: From grarpamp at gmail.com Wed Feb 18 20:13:18 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 18 Feb 2015 23:13:18 -0500 Subject: [Cryptography] trojans in the firmware In-Reply-To: References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> Message-ID: On Wed, Feb 18, 2015 at 8:57 PM, Henry Baker wrote: > At 03:12 PM 2/18/2015, grarpamp wrote: >>Afaik, all vm's today simply pass through all drive commands. >> >>It seems a move all the BSD's and Linux could make today, >>without waiting on untrustable hardware vendors to roll out signature >>verification in hardware, is to simply kernel block all commands >>unnecessary to actual production use of the disk. Permit only >>from a list of READ, WRITE, ERASE, INQ, TUR, RST, and so on. >>Thus every other command component, including firmware update, >>vendor specific, and binary fuzzing, gets dropped and logged. > > ???? If the disk drive or flash drive firmware has already > been compromised, none of this will work, because the firmware > simply waits for the appropriate "legitimate" read & write > commands, and does its thing. Obviously. This is only meant to help protect clean systems, or prevent subsequent malicious commands if they happen to go through a user to kernel path that has for some reason not yet been compromised (say through the usual /dev to driver to hardware path). > BTW, what happens with "emulated" disks -- e.g., .vdi files -- > in vm's ? Presumably these emulated disks have no firmware to > update, so any attempt would either be ignored or crash the > system. Depends on how the vm is coded. My guess is vm's that emulate say disk devices, munge those opcodes too. Yes, looking at how virtualbox and even lightweight instances like jails code/handle it could be useful. Try it and see :) In all cases, having the logging capability for non production opcodes without having to postfilter them out of some debugging stream would be nice. Obviously again caveat parts of the system that have not been compromised, and defense in depth. From mirimir at riseup.net Wed Feb 18 23:17:10 2015 From: mirimir at riseup.net (Mirimir) Date: Thu, 19 Feb 2015 00:17:10 -0700 Subject: [Cryptography] trojans in the firmware In-Reply-To: References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> Message-ID: <54E58DF6.2020802@riseup.net> On 02/18/2015 09:13 PM, grarpamp wrote: > On Wed, Feb 18, 2015 at 8:57 PM, Henry Baker wrote: >> At 03:12 PM 2/18/2015, grarpamp wrote: >>> Afaik, all vm's today simply pass through all drive commands. >>> >>> It seems a move all the BSD's and Linux could make today, >>> without waiting on untrustable hardware vendors to roll out signature >>> verification in hardware, is to simply kernel block all commands >>> unnecessary to actual production use of the disk. Permit only >> >from a list of READ, WRITE, ERASE, INQ, TUR, RST, and so on. >>> Thus every other command component, including firmware update, >>> vendor specific, and binary fuzzing, gets dropped and logged. >> >> ???? If the disk drive or flash drive firmware has already >> been compromised, none of this will work, because the firmware >> simply waits for the appropriate "legitimate" read & write >> commands, and does its thing. > > Obviously. This is only meant to help protect clean > systems, or prevent subsequent malicious commands if > they happen to go through a user to kernel path that has > for some reason not yet been compromised (say through > the usual /dev to driver to hardware path). > >> BTW, what happens with "emulated" disks -- e.g., .vdi files -- >> in vm's ? Presumably these emulated disks have no firmware to >> update, so any attempt would either be ignored or crash the >> system. > > Depends on how the vm is coded. My guess is vm's that emulate > say disk devices, munge those opcodes too. Yes, looking at how > virtualbox and even lightweight instances like jails code/handle it > could be useful. Try it and see :) In the VirtualBox manual, I see: | Starting with version 1.4, as an alternative to using virtual | disk images (as described in detail in Chapter 5, Virtual | storage), VirtualBox can also present either entire physical | hard disks or selected partitions thereof as virtual disks | to virtual machines. | | With VirtualBox, this type of access is called "raw hard | disk access"; it allows a guest operating system to access | its virtual hard disk without going through the host OS | file system. ... Given that, I'm assuming that when using VDIs, the host OS doesn't allow VMs to directly access physical disks. And I don't see how a VM could reconfigure itself for raw hard disk access to the host disk, because doing so would such access to its own config. But if anyone can manage it, the NSA arguably can. > In all cases, having the logging capability for non production > opcodes without having to postfilter them out of some > debugging stream would be nice. Obviously again caveat > parts of the system that have not been compromised, > and defense in depth. > From grarpamp at gmail.com Wed Feb 18 22:00:26 2015 From: grarpamp at gmail.com (grarpamp) Date: Thu, 19 Feb 2015 01:00:26 -0500 Subject: Twitter v. DOJ-FBI, Google to FBI Message-ID: https://freedom.press/blog/2015/02/our-brief-support-twitters-lawsuit-against-us-government-violating-first-amendment https://gigaom.com/2015/02/18/tech-and-media-firms-join-twitter-in-key-test-of-fbi-gag-orders/ http://www.nationaljournal.com/tech/google-calls-fbi-s-plan-to-expand-hacking-power-a-monumental-constitutional-threat-20150218 From grarpamp at gmail.com Thu Feb 19 00:01:40 2015 From: grarpamp at gmail.com (grarpamp) Date: Thu, 19 Feb 2015 03:01:40 -0500 Subject: List Administrivia In-Reply-To: <20150219010334.GA17700@antiproton.jfet.org> References: <20150219010334.GA17700@antiproton.jfet.org> Message-ID: On Wed, Feb 18, 2015 at 8:03 PM, Riad S. Wahby wrote: > > Please let me know if I've unwittingly broken anything I briefly diffed the diffed one mbox month from the old and new and didn't see anything but don't take my word. I did notice better preservation of encoded chars when viewing the new under UTF-8, so that's good. One ongoing processing issue seems to be we send less and greater than chars, various quoting, etc in From:/To:/Cc: ... From: grarpamp ... but the list is imparting its own formatting ideas to the mbox... From: grarpamp at gmail.com (grarpamp) > various improvements to the archive Another would be to keep the attachments in the downloadable mbox text/gz versions. For similar reasons, and it would help support efficient mirroring. And would preserve the authors attached gpg signatures over their messages. Otherwise some various messages appear when read by MUA's (probably all findable by egrep '^URL: <')... " -------------- next part -------------- A... attachment was scrubbed... URL: //attachment.html> " From grarpamp at gmail.com Thu Feb 19 12:11:16 2015 From: grarpamp at gmail.com (grarpamp) Date: Thu, 19 Feb 2015 15:11:16 -0500 Subject: Disastrous privacy consequences of Canada's terrorism bill Message-ID: http://yro.slashdot.org/story/15/02/19/1633223/the-disastrous-privacy-consequences-of-canadas-anti-terrorism-bill http://www.michaelgeist.ca/2015/02/total-information-awareness-disastrous-privacy-consequences-bill-c-51/ http://www.parl.gc.ca/HousePublications/Publication.aspx?Language=E&Mode=1&DocId=6932136 From rsw at jfet.org Thu Feb 19 12:25:03 2015 From: rsw at jfet.org (Riad S. Wahby) Date: Thu, 19 Feb 2015 15:25:03 -0500 Subject: List Administrivia In-Reply-To: References: <20150219010334.GA17700@antiproton.jfet.org> Message-ID: <20150219202503.GA1866@antiproton.jfet.org> grarpamp wrote: > ... but the list is imparting its own formatting ideas > to the mbox... >[SNIP] > Another would be to keep the attachments in the > downloadable mbox text/gz versions. Well, there's one really straightforward way of addressing these requests: the archive page now links to a gzipped mbox file with all messages in original format. Enjoy! -=rsw From grarpamp at gmail.com Thu Feb 19 13:47:25 2015 From: grarpamp at gmail.com (grarpamp) Date: Thu, 19 Feb 2015 16:47:25 -0500 Subject: [cryptography] OT: THE GREAT SIM HEIST In-Reply-To: References: Message-ID: On Thu, Feb 19, 2015 at 3:50 PM, Jeffrey Walton wrote: > https://firstlook.org/theintercept/2015/02/19/great-sim-heist/ > > AMERICAN AND BRITISH spies hacked into the internal computer network > of the largest manufacturer of SIM cards in the world, stealing > encryption keys used to protect the privacy of cellphone > communications across the globe > On January 17, 2014, President Barack Obama gave a major address on the NSA spying scandal. “The bottom line is that people around the world, regardless of their nationality, should know that the United States is not spying on ordinary people who don’t threaten our national security and that we take their privacy concerns into account in our policies and procedures,” he said. > adding that the agency’s work is conducted within a “strict legal and policy framework” ... The agency also said, “[T]he UK’s interception regime is entirely compatible with the European Convention on Human Rights.” The NSA declined to offer any comment. > The monitoring of the lawful communications of employees of major international corporations shows that such statements by Obama, other U.S. officials and British leaders — that they only intercept and monitor the communications of known or suspected criminals or terrorists — were untrue. “The NSA and GCHQ view the private communications of people who work for these companies as fair game,” says the ACLU’s Soghoian. “These people were specifically hunted and targeted by intelligence agencies, not because they did anything wrong, but because they could be used as a means to an end.” > “It is governments massively engaging in illegal activities,” says Sophie in’t Veld, a Dutch member of the European Parliament. “If you are not a government and you are a student doing this, you will end up in jail for 30 years.” Veld, who chaired the European Parliament’s recent inquiry into mass surveillance exposed by Snowden, told The Intercept: “The secret services are just behaving like cowboys. Governments are behaving like cowboys and nobody is holding them to account.” > The U.S. represents Gemalto’s single largest market, accounting for some 15 percent of its total business. This raises the question of whether GCHQ, which was able to bypass encryption on mobile networks, has the ability to access private data protected by other Gemalto products created for banks and governments. > “It would mean that with a few antennas placed around Washington DC, the Chinese or Russian governments could sweep up and decrypt the communications of members of Congress, U.S. agency heads, reporters, lobbyists and everyone else involved in the policymaking process and decrypt their telephone conversations,” says Soghoian. > “I can only imagine how much money you could make if you had access to the calls made around Wall Street,” You're all being raped and used... how does it feel? From grarpamp at gmail.com Thu Feb 19 13:56:36 2015 From: grarpamp at gmail.com (grarpamp) Date: Thu, 19 Feb 2015 16:56:36 -0500 Subject: List Administrivia In-Reply-To: <20150219202503.GA1866@antiproton.jfet.org> References: <20150219010334.GA17700@antiproton.jfet.org> <20150219202503.GA1866@antiproton.jfet.org> Message-ID: On Thu, Feb 19, 2015 at 3:25 PM, Riad S. Wahby wrote: > Well, there's one really straightforward way of addressing these > requests: the archive page now links to a gzipped mbox file with all > messages in original format. Enjoy! That works too. If someday the file gets big, or costly to zip, it could be monthlied / update interval only daily. Thanks. From grarpamp at gmail.com Thu Feb 19 14:11:07 2015 From: grarpamp at gmail.com (grarpamp) Date: Thu, 19 Feb 2015 17:11:07 -0500 Subject: LEA should not amass giant databases of genetic material they find lying around Message-ID: https://www.eff.org/press/releases/eff-supreme-court-fourth-amendment-covers-dna-collection https://www.youtube.com/results?search_query=gattaca From rsw at jfet.org Thu Feb 19 14:13:19 2015 From: rsw at jfet.org (Riad S. Wahby) Date: Thu, 19 Feb 2015 17:13:19 -0500 Subject: List Administrivia In-Reply-To: References: <20150219010334.GA17700@antiproton.jfet.org> <20150219202503.GA1866@antiproton.jfet.org> Message-ID: <20150219221319.GA3502@antiproton.jfet.org> grarpamp wrote: > That works too. If someday the file gets big, or costly to zip, > it could be monthlied / update interval only daily. Thanks. In truth, the .gz files are only regenerated every few hours via cron; the HTML archives are updated approximately in sync with mail arrival. -=rsw From blibbet at gmail.com Thu Feb 19 17:26:52 2015 From: blibbet at gmail.com (Blibbet) Date: Thu, 19 Feb 2015 17:26:52 -0800 Subject: [Cryptography] trojans in the firmware In-Reply-To: <54E6815F.1050402@riseup.net> References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> <54E58DF6.2020802@riseup.net> <54E6815F.1050402@riseup.net> Message-ID: <54E68D5C.7030806@gmail.com> > How would I test that? I suppose that I could setup a VM to boot from an > HDD, and then see if I can flash the HDD's firmware. If this firmware trojan is EFI-based: For PCI-based devices, use an Intel Tunnel Mountain box, an EFI dev box. You can install a debug version of the firmware with symbols or full-source level debug info, and debug it with a second machine using GDB or Windbg. http://tunnelmountain.net/ For USB-based devices, use an Intel Minnowboard MAX, a low-end dev board for 'hobbiests'/'hackers' for Yocto and UEFI. Much cheaper than the Tunnel Mtn box. http://www.minnowboard.org/ Consider trying to use QEMU to test a virtual drivers for native passthru. QEMU has the best diagnostic options for UEFI, it is the UEFI Forum's main virtualization option for EFI dev. You can build the same kind of debug firmware image for QEMU (called OVMF) as with live box. VirtualBox has some EFI support, especially when you build it with custom flags and set some environment variables. But AFAIK, VirtualBox's EFI support is less powerful than QEMUs. http://www.tianocore.org/ovmf/ If malware vendor provided ARM OpROMs in addition to Intel ones, use one of Linaro's target ARM dev boards. They have a fork of TianoCore EFI for each of these boards, and you can use that OVMF with QEMU as well. https://wiki.linaro.org/LEG/Engineering/Kernel/UEFI From mirimir at riseup.net Thu Feb 19 16:35:43 2015 From: mirimir at riseup.net (Mirimir) Date: Thu, 19 Feb 2015 17:35:43 -0700 Subject: [Cryptography] trojans in the firmware In-Reply-To: References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> <54E58DF6.2020802@riseup.net> Message-ID: <54E6815F.1050402@riseup.net> On 02/19/2015 03:58 PM, grarpamp wrote: > On Thu, Feb 19, 2015 at 2:17 AM, Mirimir wrote: >> https://www.virtualbox.org/manual/ch09.html#rawdisk >> >> Given that, I'm assuming that when using VDIs, the host OS doesn't allow >> VMs to directly access physical disks. And I don't see how a VM could >> reconfigure itself for raw hard disk access to the host disk, because >> doing so would such access to its own config. > > The link is saying different than that. > VM VDI is just a backing file on the host OS FS, opcodes likely fail here, > note in link how VM supplies fake disk VPD to guest OS. > Host OS often runs VM as root and even may assist by loading VM kernel module. VirtualBox in Linux doesn't require root rights. I just checked htop on the host, and all VM processes are running as user. And visudo shows nothing about VirtualBox. > VM's can thus passthrough host OS devices to guest OS if so configured, > and if so, VM probably does not filter any opcodes, particularly if > passing an entire physical disk. How would I test that? I suppose that I could setup a VM to boot from an HDD, and then see if I can flash the HDD's firmware. But I'm not the NSA, and so only success would be probative. But hey, I'll take a shot. > Also consider what VT-d is doing regarding sharing physical devices. > So you'd still want opcode filtering in kernel in those cases. I see that VirtualBox can use VT-d passthrough for PCI devices, such as NICs, and maybe displays. But don't see any mention of VT-d for disks and CD/DVD. I do see that QEMU can do more of that, however. From grarpamp at gmail.com Thu Feb 19 14:58:15 2015 From: grarpamp at gmail.com (grarpamp) Date: Thu, 19 Feb 2015 17:58:15 -0500 Subject: [Cryptography] trojans in the firmware In-Reply-To: <54E58DF6.2020802@riseup.net> References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> <54E58DF6.2020802@riseup.net> Message-ID: On Thu, Feb 19, 2015 at 2:17 AM, Mirimir wrote: > https://www.virtualbox.org/manual/ch09.html#rawdisk > > Given that, I'm assuming that when using VDIs, the host OS doesn't allow > VMs to directly access physical disks. And I don't see how a VM could > reconfigure itself for raw hard disk access to the host disk, because > doing so would such access to its own config. The link is saying different than that. VM VDI is just a backing file on the host OS FS, opcodes likely fail here, note in link how VM supplies fake disk VPD to guest OS. Host OS often runs VM as root and even may assist by loading VM kernel module. VM's can thus passthrough host OS devices to guest OS if so configured, and if so, VM probably does not filter any opcodes, particularly if passing an entire physical disk. Also consider what VT-d is doing regarding sharing physical devices. So you'd still want opcode filtering in kernel in those cases. From juan.g71 at gmail.com Thu Feb 19 13:54:27 2015 From: juan.g71 at gmail.com (Juan) Date: Thu, 19 Feb 2015 18:54:27 -0300 Subject: Disastrous privacy consequences of Canada's terrorism bill In-Reply-To: References: Message-ID: <54e65b1c.cce78c0a.2eea.ffffc056@mx.google.com> On Thu, 19 Feb 2015 15:11:16 -0500 grarpamp wrote: > http://yro.slashdot.org/story/15/02/19/1633223/the-disastrous-privacy-consequences-of-canadas-anti-terrorism-bill > http://www.michaelgeist.ca/2015/02/total-information-awareness-disastrous-privacy-consequences-bill-c-51/ "At first glance, expanding information sharing within government seems like a good idea since the consequences of failing to head-off a terrorist attack because one government institution was unaware of what another knew could be devastating. " LMAO From juan.g71 at gmail.com Thu Feb 19 13:56:47 2015 From: juan.g71 at gmail.com (Juan) Date: Thu, 19 Feb 2015 18:56:47 -0300 Subject: Obama believes in strong encryption In-Reply-To: References: Message-ID: <54e65ba8.a5138c0a.0eff.40d5@mx.google.com> "Obama believes in strong encryption" please besides, that worthless shitbag is just a figurehead, like any other president. > http://recode.net/2015/02/13/obama-theres-no-scenario-in-which-we-dont-want-really-strong-encryption/ > https://www.youtube.com/watch?v=yaylQmnXztU > http://it.slashdot.org/story/15/02/17/2230257/obama-says-hes-a-strong-believer-in-strong-encryption > > Contrast with many recent US administration > and agency statements all on the record as well. > > Is this a mindshift, or a case of FUD then false savior? From eugen at leitl.org Thu Feb 19 11:22:30 2015 From: eugen at leitl.org (Eugen Leitl) Date: Thu, 19 Feb 2015 20:22:30 +0100 Subject: [liberationtech] At Stanford on Friday, Feb. 20 -- Vitalik Buterin: Ethereum & Cryptoeconomic Mechanisms & Security Message-ID: <20150219192229.GN10743@leitl.org> ----- Forwarded message from Yosem Companys ----- From mirimir at riseup.net Fri Feb 20 04:39:07 2015 From: mirimir at riseup.net (Mirimir) Date: Fri, 20 Feb 2015 05:39:07 -0700 Subject: [Cryptography] trojans in the firmware In-Reply-To: References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> <54E58DF6.2020802@riseup.net> <54E6815F.1050402@riseup.net> Message-ID: <54E72AEB.3030405@riseup.net> On 02/20/2015 03:50 AM, grarpamp wrote: > On Thu, Feb 19, 2015 at 7:35 PM, Mirimir wrote: >>>> https://www.virtualbox.org/manual/ch09.html#rawdisk >> >> VirtualBox in Linux doesn't require root rights. I just checked htop on >> the host, and all VM processes are running as user. And visudo shows >> nothing about VirtualBox. > > It may be setuid and switching users, or kernel module > or helper program or something, otherwise vbox > docs about pointing at /dev/sdx are bogus because > the raw devices aren't available to non root users. > I didn't read vbox docs closely. OK, I'll dig. It might be that mounting physical disks on the host requires root rights. But that's obviously insecure. What concerns me is guest access to the host's disk firmware when using VDIs. >> How would I test that? I suppose that I could setup a VM to boot from an >> HDD, and then see if I can flash the HDD's firmware. But I'm not the >> NSA, and so only success would be probative. But hey, I'll take a shot. > > http://www.t13.org/documents/UploadedDocuments/docs2008/d1699r6a-ata8-acs.pdf > With whatever windows tools you find. Probably sdparm hdparm on linux. > camcontrol's cmd capabilities and cam(4) debug options on freebsd. > I wouldn't try to flash or fuzz a drive you can't afford to brick. Not a problem. I have a bunch of retired disks. From grarpamp at gmail.com Fri Feb 20 02:50:06 2015 From: grarpamp at gmail.com (grarpamp) Date: Fri, 20 Feb 2015 05:50:06 -0500 Subject: [Cryptography] trojans in the firmware In-Reply-To: <54E6815F.1050402@riseup.net> References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> <54E58DF6.2020802@riseup.net> <54E6815F.1050402@riseup.net> Message-ID: On Thu, Feb 19, 2015 at 7:35 PM, Mirimir wrote: >>> https://www.virtualbox.org/manual/ch09.html#rawdisk > > VirtualBox in Linux doesn't require root rights. I just checked htop on > the host, and all VM processes are running as user. And visudo shows > nothing about VirtualBox. It may be setuid and switching users, or kernel module or helper program or something, otherwise vbox docs about pointing at /dev/sdx are bogus because the raw devices aren't available to non root users. I didn't read vbox docs closely. > How would I test that? I suppose that I could setup a VM to boot from an > HDD, and then see if I can flash the HDD's firmware. But I'm not the > NSA, and so only success would be probative. But hey, I'll take a shot. http://www.t13.org/documents/UploadedDocuments/docs2008/d1699r6a-ata8-acs.pdf With whatever windows tools you find. Probably sdparm hdparm on linux. camcontrol's cmd capabilities and cam(4) debug options on freebsd. I wouldn't try to flash or fuzz a drive you can't afford to brick. From s at ctrlc.hu Fri Feb 20 02:30:21 2015 From: s at ctrlc.hu (stef) Date: Fri, 20 Feb 2015 11:30:21 +0100 Subject: writing code and mails at the same time! woohooo - one-way encryption Message-ID: <20150220103021.GA6813@ctrlc.hu> apparently on mailing lists it's common to write mails, even cypherpunks do that instead of code. allow me to combine the two things. i thought it trough, and figured, that with openssl i have no AD crypto, with gpg i have this MDC thingy and the rfc4880 strongselector beacon strongselector, and with nacl and it's key derivation using ecdh make them all unsuitable on first sight for the use-case. re my 7 rules, i think i need to work on the threat model to have 100% score pls enjoy (also as contributions to the copyleft/permissive licensing thread) and comment: #!/usr/bin/env python # # implements simple one-way encryption pipe using rsa and keccak-based # spongewrap # # useful at least in the following use-case: you have an untrusted # host on which plaintext data arrives, which you want to encrypt # before it is forwarded in a hostile environment to the final # recipient holding a private key in a safe location. In this one-way # setting the recipient is never talking to the host doing the # encryption. # # Example: take photos in a hostile situation, encrypt the the photos # and being unable to recover them until arrival in the save location # with the the private key. (note, this does not protect against # forensics!) # # crypto: a random 32 byte message key is encrypted with the public # key of the recipient in oaep padded RSA, then this message key is # fed into SpongeWrap, which is then used to authenticated encrypt the # message. # # output format: # 2 bytes - the length of the RSA encrypted message key # n bytes - the RSA encrypted message key # m bytes - the encrypted message # 16 bytes - the "MAC" # # depends: `pip install m2crypto spongeshaker SecureString` # # create keys using openssl: # `openssl genrsa -out my.key 4096` # `openssl rsa -in my.key -pubout >> my.pub` # `cat my.key my.pub >>my.pem` # `srm -fll my.key` # # deploy my.pub on the encrypting host, secure my.pem in a safe # location for decryption. # # test with: # # for i in {0..42} {8170..8210} 1000000; do # echo -ne "\r$i " # dd if=/dev/zero bs=$i count=1 2>/dev/null | # ./ondir.py e my.pub | # ./ondir.py d my.pem >/dev/null || # break # done # # (C) 2015 by Stefan Marsiske, , GPLv3 import M2Crypto as m2c from spongeshaker.spongewrap import SpongeWrap from SecureString import clearmem import sys, struct TAGLEN = 16 BUFLEN = 8192 def encrypt(to): # load recipient pk key = m2c.RSA.load_pub_key(to) # gen message key mkey = m2c.Rand.rand_bytes(32) # encrypt message key cmkey = key.public_encrypt(mkey, m2c.RSA.pkcs1_oaep_padding) # output message key sys.stdout.write(struct.pack("H", len(cmkey))) sys.stdout.write(cmkey) # encrypt message ctx = SpongeWrap(1536) # with mkey ctx.add_header(mkey) # mkey not needed anymore clearmem(mkey) # buffered encrypt of stdin to stdout while 1: buf = sys.stdin.read(BUFLEN) if not buf: break sys.stdout.write(ctx.encrypt_body(buf)) # calculate tag tag=ctx.digest(TAGLEN) # output tag sys.stdout.write(tag) def decrypt(to): # load recipient pk key = m2c.RSA.load_key(to) # read msg key klen = struct.unpack('H', sys.stdin.read(2))[0] if klen>1024: print >>sys.stderr, "probably corrupt file" sys.exit(1) cmkey = sys.stdin.read(klen) # decrypt message key try: mkey = key.private_decrypt(cmkey, m2c.RSA.pkcs1_oaep_padding) except: # twarth timing attacks mkey = 'couldntdecryptkey' # todo clear private RSA key from memory # decrypt with mkey ctx = SpongeWrap(1536) ctx.add_header(mkey) # mkey not needed anymore clearmem(mkey) zero = True # to detect empty files rest = '' # buffered reading of stdin, since we need to catch the last # bytes for the tag, we always retain the last n bytes for # this purpose in rest while 1: buf = sys.stdin.read(BUFLEN) if zero and len(buf)>TAGLEN: zero=False tag=buf[-TAGLEN:] if len(buf)>TAGLEN: # prepend the retained last bytes to the next decrypt, if # there's enough more bytes read sys.stdout.write(ctx.decrypt_body(rest+buf[:-TAGLEN])) elif len(buf)>0: if len(tag)==TAGLEN: # we have exactly the tag read in buf, decrypt the # rest sys.stdout.write(ctx.decrypt_body(rest)) else: # truncate the last bytes, as we have a boundary # spanning tag sys.stdout.write(ctx.decrypt_body(rest[:-TAGLEN+len(tag)])) if len(buf)>sys.stderr, "couldn't decrypt message" sys.exit(1) break rest=tag if __name__ == '__main__': if sys.argv[1]=='e': encrypt(sys.argv[2]) elif sys.argv[1]=='d': decrypt(sys.argv[2]) else: print "usage: %s " -- otr fp: https://www.ctrlc.hu/~stef/otr.txt From jon at callas.org Fri Feb 20 14:36:55 2015 From: jon at callas.org (Jon Callas) Date: Fri, 20 Feb 2015 14:36:55 -0800 Subject: [Cryptography] trojans in the firmware In-Reply-To: References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> Message-ID: <711B69EB-1CBF-4F03-9336-AFEBE0B857A0@callas.org> On Feb 19, 2015, at 8:12 AM, Henry Baker wrote: > I would love to be able to program this device myself, instead of relying on Samsung's firmware. > > BTW, what's the point of AES encryption on this pre-p0wned device? More security theatre? NAND memory runs faster when the hamming weight of the data is approximately even between zeroes and ones. You can speed up NAND flash by running the data through a suitable whitening function. AES is a great whitening function. If you then go to the extra effort to do key management, you have security. It's a simple matter of architecture and programming. :) Jon From grarpamp at gmail.com Fri Feb 20 13:52:52 2015 From: grarpamp at gmail.com (grarpamp) Date: Fri, 20 Feb 2015 16:52:52 -0500 Subject: [Cryptography] trojans in the firmware In-Reply-To: <54E72AEB.3030405@riseup.net> References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> <54E58DF6.2020802@riseup.net> <54E6815F.1050402@riseup.net> <54E72AEB.3030405@riseup.net> Message-ID: On Fri, Feb 20, 2015 at 7:39 AM, Mirimir wrote: > On 02/20/2015 03:50 AM, grarpamp wrote: >> On Thu, Feb 19, 2015 at 7:35 PM, Mirimir wrote: >>>>> https://www.virtualbox.org/manual/ch09.html#rawdisk >>> >>> VirtualBox in Linux doesn't require root rights. I just checked htop on >>> the host, and all VM processes are running as user. And visudo shows >>> nothing about VirtualBox. >> >> It may be setuid and switching users, or kernel module >> or helper program or something, otherwise vbox >> docs about pointing at /dev/sdx are bogus because >> the raw devices aren't available to non root users. >> I didn't read vbox docs closely. > > OK, I'll dig. It might be that mounting physical disks on the host > requires root rights. But that's obviously insecure. What concerns me is > guest access to the host's disk firmware when using VDIs. > >>> How would I test that? I suppose that I could setup a VM to boot from an >>> HDD, and then see if I can flash the HDD's firmware. But I'm not the >>> NSA, and so only success would be probative. But hey, I'll take a shot. >> >> http://www.t13.org/documents/UploadedDocuments/docs2008/d1699r6a-ata8-acs.pdf >> With whatever windows tools you find. Probably sdparm hdparm on linux. >> camcontrol's cmd capabilities and cam(4) debug options on freebsd. >> I wouldn't try to flash or fuzz a drive you can't afford to brick. > > Not a problem. I have a bunch of retired disks. From grarpamp at gmail.com Fri Feb 20 13:59:11 2015 From: grarpamp at gmail.com (grarpamp) Date: Fri, 20 Feb 2015 16:59:11 -0500 Subject: [Cryptography] trojans in the firmware In-Reply-To: <54E72AEB.3030405@riseup.net> References: <54E2B04C.9080707@av8n.com> <54E436FB.9000709@deadhat.com> <54E58DF6.2020802@riseup.net> <54E6815F.1050402@riseup.net> <54E72AEB.3030405@riseup.net> Message-ID: On Fri, Feb 20, 2015 at 7:39 AM, Mirimir wrote: >> I wouldn't try to flash or fuzz a drive you can't afford to brick. > > Not a problem. I have a bunch of retired disks. Annex A or B have historical references which may be useful for expectation with older disks. SCSI has parallel doc sets you can find. .../docs2014/di529r06-ATAATAPI_Command_Set_-_4.pdf From Thomas_Serre at brown.edu Sat Feb 21 01:21:00 2015 From: Thomas_Serre at brown.edu (Thomas Serre) Date: Sat, 21 Feb 2015 04:21:00 -0500 Subject: [Comp-neuro] RA position – Computer vision and automated behavioral analysis – Brown University (Providence, RI) Message-ID: RA position – Computer vision and automated behavioral analysis – Brown University (Providence, RI) Computational (Thomas Serre) and developmental (Dima Amso) labs in the Department of Cognitive, Linguistic, & Psychological Sciences at Brown university are seeking an NIH-funded research assistant to work on the development of machine learning and computer vision tools, appropriate to examining naturalistic interactions in typical and atypical development. Candidates are expected to have some knowledge of computer vision and/or machine learning methods. The initial appointment is for 12 months, renewable for another year, and potentially longer depending on funding. The start date is negotiable though an early start is strongly preferred. Salary is commensurate with experience and is competitive. Research groups: Our research groups are located within the Department of Cognitive Linguistic & Psychological sciences at Brown University. We maintain strong ties with the computer science, engineering and applied math departments as part of the Brain Institute. Through Brown’s Center for Computation and Visualization (https://www.ccv.brown.edu), our groups have access to a state-of-the-art computing facility with includes over 300K GPU cores and over 500 Teraflops of GPU computing power. Information about Dr. Serre and his research group can be found at http://serre-lab.clps.brown.edu. Information about Dr. Amso and her research group can be found at http://research.clps.brown.edu/dcnl. Requirements: Applicants are expected to have finished, or be about to finish a BS or MSc in computer science or related discipline. They must have some background in computer vision and/or machine learning. Excellent programming skills are required (C/C++/Matlab/Python). Application: Please send your applications by email to dima_amso at correct_university_name.edu where correct_university_name should be replaced by ‘brown'. Please include a brief statement of interests, a curriculum vita and contact details for 2-3 letters of reference (no letters required at this stage). There is no deadline for the application but applicants are encouraged to apply as soon as possible as the position will be filled as soon as a suitable applicant is found. _______________________________________________ Comp-neuro mailing list Comp-neuro at neuroinf.org http://www.neuroinf.org/mailman/listinfo/comp-neuro ----- End forwarded message ----- From eugen at leitl.org Sat Feb 21 05:28:14 2015 From: eugen at leitl.org (Eugen Leitl) Date: Sat, 21 Feb 2015 14:28:14 +0100 Subject: [Comp-neuro] RA position =?utf-8?B?4oCT?= =?utf-8?Q?_Computer_vision_and_automated_behavioral_analysis_?= =?utf-8?B?4oCT?= Brown University (Providence, RI) Message-ID: <20150221132814.GC10743@leitl.org> ----- Forwarded message from Thomas Serre ----- From grarpamp at gmail.com Sat Feb 21 15:05:54 2015 From: grarpamp at gmail.com (grarpamp) Date: Sat, 21 Feb 2015 18:05:54 -0500 Subject: Crypto Museum Message-ID: http://cryptomuseum.com/ From rysiek at hackerspace.pl Sun Feb 22 05:10:08 2015 From: rysiek at hackerspace.pl (rysiek) Date: Sun, 22 Feb 2015 14:10:08 +0100 Subject: [cryptography] OT: THE GREAT SIM HEIST In-Reply-To: References: Message-ID: <1560840.39fc32PcuH@lapuntu> Dnia czwartek, 19 lutego 2015 16:47:25 grarpamp pisze: > On Thu, Feb 19, 2015 at 3:50 PM, Jeffrey Walton wrote: > > https://firstlook.org/theintercept/2015/02/19/great-sim-heist/ In case anybody missed it: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - In order for the cards to work and for the phones’ communications to be secure, Gemalto also needs to provide the mobile company with a file containing the encryption keys for each of the new SIM cards. These master key files could be shipped via FedEx, DHL, UPS or another snail mail provider. More commonly, they could be sent via email or through File Transfer Protocol, FTP, a method of sending files over the Internet. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Wait, does that mean master keys were being sent in cleartext via open Internet? Yes. Yes it does. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The document noted that many SIM card manufacturers transferred the encryption keys to wireless network providers “by email or FTP with simple encryption methods that can be broken … or occasionally with no encryption at all.” To get bulk access to encryption keys, all the NSA or GCHQ needed to do was intercept emails or file transfers as they were sent over the Internet — something both agencies already do millions of times per day. A footnote in the 2010 document observed that the use of “strong encryption products … is becoming increasingly common” in transferring the keys. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -- Pozdrawiam, Michał "rysiek" Woźniak Zmieniam klucz GPG :: http://rys.io/pl/147 GPG Key Transition :: http://rys.io/en/147 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 931 bytes Desc: This is a digitally signed message part. URL: From pgut001 at cs.auckland.ac.nz Sun Feb 22 15:45:02 2015 From: pgut001 at cs.auckland.ac.nz (Peter Gutmann) Date: Mon, 23 Feb 2015 12:45:02 +1300 Subject: [Cryptography] trojans in the firmware In-Reply-To: Message-ID: Henry Baker writes: >BTW, what's the point of AES encryption on this pre-p0wned device? More >security theatre? Almost. Its sole use is for very fast "drive erasure", i.e. you change the key and the data on it becomes inaccessible. Have a look at this presentation: http://www.snia.org/sites/default/education/tutorials/2012/spring/security/MichaelWillett_Implementing%20Stored-Data_Encryption_2.pdf which describes what Samsung (and others) are doing, in particular slide 18. The decryption key (DEK) is stored in the drive, and is unlocked using a password (and "authentication key", AK). So to decrypt the drive you extract the encrypted DEK, brute-force the password (AK), and you're in. In any case though it doesn't protect against an attack that occurs when the drive is mounted since it looks like an unencrypted drive at that point (and presumably the AK is hardcoded into a startup script or something similar in order to survive power outages, so you can grab that if you really need it). It's actually hard to see what purpose this "encryption" is serving (the vendors studiously avoid providing a threat model), it doesn't protect live data, it barely protects data at rest (say if you decide to Fedex the contents of your data centre across town), the only thing it really does is allow for fast erasure of contents, and protect against casual snooping of the "buy a batch of drives on ebay and see what's on them" kind. So I guess if ebay is your threat, it's good enough. OTOH a BIOS password set for the drive will do the same thing. As a more general response to "what's the point", regulatory compliance ("our drives were encrypted so we don't have to disclose the 40M credit card breach from last week"), buzzword-compliance, CYA, it's not a bad idea from a marketing point of view. Peter. From grarpamp at gmail.com Tue Feb 24 01:29:43 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 24 Feb 2015 04:29:43 -0500 Subject: I Spy With My Little Eye Message-ID: https://www.youtube.com/watch?v=U0HDxoTmQe4 https://www.youtube.com/watch?v=_o2djiZOxyA From shelley at misanthropia.org Tue Feb 24 14:03:33 2015 From: shelley at misanthropia.org (shelley at misanthropia.org) Date: Tue, 24 Feb 2015 14:03:33 -0800 Subject: REAL-ID Phone Access Coming Soon In-Reply-To: References: Message-ID: <14bbd9dcf38.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> On February 24, 2015 12:35:12 PM grarpamp wrote: --snip-- > In other news... > http://motherboard.vice.com/read/looking-up-symptoms-online-these-companies-are-collecting-your-data > > Pissed off yet? Or still a sheeple? I am plenty pissed off; have been taking action for a while now. I take more steps than many people to try to block a lot of this data spying and siphoning (for which a few of even you have teased me!), yet I know it's never enough. I have de-googled my phone as much as I possibly can. I use no google products, have never used the google play store nor associated a google account with it (F-Droid & sideloading ftw) and use DDG or ixquick for search. I use a good firewall and limit which apps can have root. I use Ad Away and have modified my hosts file to block/loopback every analytics and tracking URL I can find, anything to do with google or Assbook (and many other popular sites that I personally do not use), all social media and sharing buttons, even gravatars. I monitor logs to see what inter-app calls are being made. I use FOSS, change app permissions and recompile .apks so they don't use permissions they don't need/shouldn't have. Always blocking images in email is handy to stop web beacons. I never click on links with a bunch of tracking info or when I can't see the exact target. I don't use social media of any kind. I don't allow Flash (ever) nor JavaScript or cookies except when temporarily necessary on sites I trust (my credit union and email provider), use private browsing with Flash/plug-ins disabled by defult and clear everything upon exit. Use HTTPS everywhere possible. Block or spoof my browser string, don't allow referrers...and probably more things I'm forgetting. Like proxies. No, I do not notice any appreciable delays as I browse; most pages actually load faster without all that tracking crap. Yes, it means I can't access some sites. No, I don't care that my browsing experience looks more like 1995 than 2015. I prefer it, actually (and I have no flashing .gifs or 'punch the monkey and win!' banners, but I do miss the dancing baby ;) ) While that is much, much more than the average person does (even amongst some cypherpunks I know), it's never enough. My only alternative is probably ditching the damn phone, and I have considered it more than once. What about you (plural)? What are you all doing to make it a little bit tougher for these bastards to track you? From grarpamp at gmail.com Tue Feb 24 11:43:31 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 24 Feb 2015 14:43:31 -0500 Subject: REAL-ID Phone Access Coming Soon Message-ID: http://mobile.slashdot.org/story/15/02/24/0537219/pakistanis-must-provide-fingerprints-or-give-up-cellphone http://www.washingtonpost.com/world/asia_pacific/pakistanis-face-a-deadline-surrender-fingerprints-or-give-up-cellphone/2015/02/23/de995a88-b932-11e4-bc30-a4e75503948a_story.html First it was your name, face, age, height, weight, address, SSN, phone and email, birth location, parents names, ages, etc... just for Internet Access, now it's your fingerprints for Phone Access. And by the way, also your DNA for Access to prove your innocence... http://www.nytimes.com/2013/06/04/us/supreme-court-says-police-can-take-dna-samples.html?_r=0 More things coming soon. What are you going to do? In other news... http://motherboard.vice.com/read/looking-up-symptoms-online-these-companies-are-collecting-your-data Pissed off yet? Or still a sheeple? From juan.g71 at gmail.com Tue Feb 24 11:58:52 2015 From: juan.g71 at gmail.com (Juan) Date: Tue, 24 Feb 2015 16:58:52 -0300 Subject: I Spy With My Little Eye In-Reply-To: References: Message-ID: <54ecd74f.452c8c0a.b056.1f05@mx.google.com> On Tue, 24 Feb 2015 04:29:43 -0500 grarpamp wrote: > https://www.youtube.com/watch?v=U0HDxoTmQe4 who ho ho - the government is spying on AMERICANS! God's chosen people!!! How is such horrible crime even possible? "we knew the government was spying on our ENEMIES" (that's cool) As usual reality is its own parody. Oh and the icing on the cake "we the people own the government" =) =) =) Surely you can find something a little better grarpamp? =) > https://www.youtube.com/watch?v=_o2djiZOxyA From grarpamp at gmail.com Tue Feb 24 17:34:43 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 24 Feb 2015 20:34:43 -0500 Subject: I Spy With My Little Eye In-Reply-To: <54ecd74f.452c8c0a.b056.1f05@mx.google.com> References: <54ecd74f.452c8c0a.b056.1f05@mx.google.com> Message-ID: On Tue, Feb 24, 2015 at 2:58 Juan wrote: > On Tue, 24 Feb 2015 4:29 grarpamp wrote: > >> https://www.youtube.com/watch?v=U0HDxoTmQe4 >> https://www.youtube.com/watch?v=_o2djiZOxyA > > Surely you can find something a little better It's probably quite hard for people to find some combination of concise, well presented, and even research backed arguments against surveillance (or for it, if you lean that way), or even definitions of spying, among all the vague words soundbited from transcripts and then flooded through the evening news... https://www.youtube.com/watch?v=q2riOiBaZrg http://justsecurity.org/20304/transcript-nsa-director-mike-rogers-vs-yahoo-encryption-doors/ http://it.slashdot.org/story/15/02/24/1924234/nsa-director-wants-legal-right-to-snoop-on-encrypted-data So when news hits, on occaision and invariably either you or they bump into people who want to know what it is and what it all means. What do you tell them? Where do you point them? What are the results of their own independant internet search queries? https://www.youtube.com/results?search_query=nsa+spying https://www.youtube.com/results?search_query=surveillance Which channels are unbiased and show the correct path? And then more news comes along... http://www.theguardian.com/us-news/2015/feb/24/chicago-police-detain-americans-black-site https://www.youtube.com/watch?v=kV44uHlXnx8 And the same questions arise each time. Is there information overload leading people to a tuned out don't care situation? https://www.youtube.com/watch?v=ybBa_Ygg1rE Yet access to the various tubes for that is apparently now being real-id'd and prioritized in various countries... different than original internet. Will this affect ability to speak, share, and discern? https://www.youtube.com/results?search_query=censorship How can people interpret? Where do they turn to? By asking the God you mentioned? Demanding more quality from news media? Or enjoying the front page diversion instead? https://www.youtube.com/ Something better? If you find such an interpretation there's a world out there that would like to know. From grarpamp at gmail.com Tue Feb 24 18:23:29 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 24 Feb 2015 21:23:29 -0500 Subject: REAL-ID Phone Access Coming Soon In-Reply-To: <14bbd9dcf38.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> References: <14bbd9dcf38.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> Message-ID: On Tue, Feb 24, 2015 at 5:03 PM, shelley at misanthropia.org wrote: > On February 24, 2015 12:35:12 PM grarpamp wrote: >> In other news... >> Pissed off yet? Or still a sheeple? >> What are you going to do? > > I am plenty pissed off; have been taking action for a while now. I take > more steps than many people to try to block a lot of this data spying and > siphoning (for which a few of even you have teased me!), yet I know it's > never enough. It seems maybe lots of people on the tubes are, subconsciously or not, taking such measures and actions here and there in internet, and in life. A natural reaction of sorts. But are they not largely defensive and never enough? Where among their list of technical defenses are the political measures and actions needed to actually stop or reduce that which they are trying to defend against in the first place? After all, adblock isn't going to stop the ads. DNT isn't going to stop the cookies. Crypto isn't going to stop the metamining surveillance. And as in the subject, standing in line to happily get and show their papers please isn't going to stop that either. Where are that mass of geeks, cryptos, internets... those making such technical measures... where are they acting in politics? Running for office, bringing issues to their councils, donating, and so on. > [snipped list of technical defenses] From jp054227 at gmail.com Tue Feb 24 21:47:06 2015 From: jp054227 at gmail.com (JP) Date: Tue, 24 Feb 2015 21:47:06 -0800 Subject: Dollar Value of a Datamined "Free" Service User? In-Reply-To: References: Message-ID: <20150225054706.GA5775@darkside> Interesting topic, I did read about something similar before... but I couldn't find the link now... As far as I remember they calculated $80/per_user last year only in gmail but I believe is debatable because I believe there are implicit and explicit revenue. For example, if you do a google-search about gmail-revenues you will find a lot of people saying that gmail doesn't make money at all..However, they are weighting the whole thing as standalone...and they must consider Google as a whole...not only gmail...because it wouldn't be fair...and in the end is kind simple the idea: whatever the app is drive, gmail, youtube... they are just channels for data-collection in different-forms...you can later crunched/mined/metadata for selling to advertisers... On Tue, 24 Feb 2015, grarpamp wrote: > Many companies do not charge users of their services. > They say things like "It's free and always will be." > > Pick any "free" service... Facebook, Google, Yahoo, Match, Reddit, > the list goes on and on. > > Only the smallest of free services can be supported by someone's > personal funds. So for larger services it's well understood that if > their users aren't paying them, the money must come from somewhere. > > The old model answer of former years was advertising through page > ads, clickstreams, referrals and those sorts of obvious and observable > things. Combined with burning off stock market offerings. > > The new model answer includes all the former ways, plus much deeper > profiling and analysis of users, their pictures, messages, interests, > locations, etc... all done on the secret unobservable corporate > backend, and selling off that metadata to the highest bidders. > > And perhaps more dollars from simply lying, violating their publicly > posted hole ridden privacy policies, and selling directly identifiable > user data as well. Or say taking immunity from prosecution from > having given/sold it away to cozy governments. > > All of which have monetary values associated with them. > > Companies also hide their revenue, costs, and their "active in last > three months" vs "dead user" numbers. > > Some usable public statements and government/market filings are > available. And datacenter and employee costs can be approximated. > > There is current value analysis, such as in selling what's hot by > this months clicks. And future/lifetime value analysis, such as > Target datamining for pregnant women to own. There are also dataset > specific values, such as names and addresses vs political alignments. > > The values could be represented in $dollars per month per user. > > > Anyway, question... > > Anyone have links to studies made within the last five years that > have attempted to calculate the dollar value of datamined users? From grarpamp at gmail.com Tue Feb 24 20:41:46 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 24 Feb 2015 23:41:46 -0500 Subject: =?UTF-8?Q?Fwd=3A_=5BCryptography=5D_Why_the_Internet_could_be_the_ne?= =?UTF-8?Q?xt_=E2=80=9Cfailed_state=E2=80=9D?= In-Reply-To: <54ED3A44.3060900@mykolab.com> References: <54ED3A44.3060900@mykolab.com> Message-ID: ---------- Forwarded message ---------- From: Paul Ferguson Date: Tue, Feb 24, 2015 at 9:58 PM Subject: [Cryptography] Why the Internet could be the next “failed state” To: Cryptography Mailing List -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I encourage you to read this very thought-provoking article on the "state of the Internet" insofar as security, inclusiveness, and usability is concerned. Well worth the read. And also very interesting opinion (apropos?) as to where we are as a society right now in the evolution of the Internet, a crossroads where our daily personal & professional lives meet: "If you think the Internet can go on being just like it is, here's some bad news." "...the Internet might soon look less like 1970s New York and more like 1990s Mogadishu: warring factions destroying the most fundamental of services, 'security zones' reducing or eliminating free movement, and security costs making it prohibitive for anyone but the most well-funded operations to do business without becoming a 'soft target' for political or economic gain." http://arstechnica.com/information-technology/2015/02/fear-in-the-digital-city-why-the-internet-has-never-been-more-dangerous/ - - ferg - -- Paul Ferguson VP Threat Intelligence, IID PGP Public Key ID: 0x54DC85B2 Key fingerprint: 19EC 2945 FEE8 D6C8 58A1 CE53 2896 AC75 54DC 85B2 "I am tormented with an everlasting itch for things remote. I love to sail forbidden seas." - Herman Melville -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iF4EAREIAAYFAlTtOkQACgkQKJasdVTchbIdpwEAkmxxKO0Buzun3yW6k7SRDXPr 2/ENJW5l07th7f/adwAA/j7wodKw29nHFTW4EUARSbyZBiNfAGNTAfstFrT5oV3h =75sd -----END PGP SIGNATURE----- _______________________________________________ The cryptography mailing list cryptography at metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography From grarpamp at gmail.com Tue Feb 24 20:51:52 2015 From: grarpamp at gmail.com (grarpamp) Date: Tue, 24 Feb 2015 23:51:52 -0500 Subject: Dollar Value of a Datamined "Free" Service User? Message-ID: Many companies do not charge users of their services. They say things like "It's free and always will be." Pick any "free" service... Facebook, Google, Yahoo, Match, Reddit, the list goes on and on. Only the smallest of free services can be supported by someone's personal funds. So for larger services it's well understood that if their users aren't paying them, the money must come from somewhere. The old model answer of former years was advertising through page ads, clickstreams, referrals and those sorts of obvious and observable things. Combined with burning off stock market offerings. The new model answer includes all the former ways, plus much deeper profiling and analysis of users, their pictures, messages, interests, locations, etc... all done on the secret unobservable corporate backend, and selling off that metadata to the highest bidders. And perhaps more dollars from simply lying, violating their publicly posted hole ridden privacy policies, and selling directly identifiable user data as well. Or say taking immunity from prosecution from having given/sold it away to cozy governments. All of which have monetary values associated with them. Companies also hide their revenue, costs, and their "active in last three months" vs "dead user" numbers. Some usable public statements and government/market filings are available. And datacenter and employee costs can be approximated. There is current value analysis, such as in selling what's hot by this months clicks. And future/lifetime value analysis, such as Target datamining for pregnant women to own. There are also dataset specific values, such as names and addresses vs political alignments. The values could be represented in $dollars per month per user. Anyway, question... Anyone have links to studies made within the last five years that have attempted to calculate the dollar value of datamined users? From grarpamp at gmail.com Wed Feb 25 02:42:09 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 25 Feb 2015 05:42:09 -0500 Subject: [Cryptography] trojans in the firmware In-Reply-To: <591A0ED4-FEE7-4190-9836-15E151D01B80@lrw.com> References: <591A0ED4-FEE7-4190-9836-15E151D01B80@lrw.com> Message-ID: On Tue, Feb 24, 2015 at 10:48 AM, Kay Rydyger wrote: > > The question was [... firmware spies] > The answer is [...] to encrypt data. No, reading bits from platters or the bus is a partial analysis of the whole firmware question. It's already been suggested in links how firmware can hook the users unencrypted boot binaries through to the users kernel. For that matter, a modified boot chain could be stored in the service area. A user would have to use SecureBoot, TPM, IOMMU, TXT, GELI and perhaps other things, all of them properly, having no holes, together, right now, at least three of which they are unlikely to have ubiquitous access to until a couple hardware generations or personal refresh cycles into the future. An ideal full solution for which is yet to come. Not to mention needing to install it all cleanly (from BTW, an install image which has no reproducible build and no cryptographic chain back to the insecure unsigned source repo anyways). But yeah, let's talk circular instead of about possible actually coding defense in depth such as maybe blocking the most common easiest path a malicious opcode will likely take to irrepairably infect clean hardware in the first place... through the drivers ... > There is no threat to freebsd ... because at least Unix is said to be immune to threat... http://www.freebsd.org/security/advisories.html http://www.openbsd.org/errata56.html http://web.nvd.nist.gov/view/vuln/search-results?query=linux+kernel&search_type=last3years&cves=on > Weaknesses of this measure are remote and highly costly for the > attacker. If one is such a person of interest It's already been talked how this tech will be integrated into everyday run of the mill malware. And how users will be subject to infected drives via second purchase, inheritance (both from other people and from other operating systems), use of hosting services, trading, booting CD's, etc. Persistant malware in users boot chains is nasty, users don't have to be of interest or be targeted, the code doesn't care, grandma's surfbox could get it. Please learn to email... trim the original to the minimum needed for context, reply inline below, and stop copying 400 line digests with meaningless digest subject lines out to everyone on the list. On whenever, someone else wrote: > Since the chip holding the firmware has > leads through which it is loaded with the firmware, > is it not possible to disable or burn (with laser) or cut > just the leads through which the chip is WRITTEN to > (in order to re-program it)? Depends on the design. The hacking links or docs from the drive/chip vendors would be more helpful there. From grarpamp at gmail.com Wed Feb 25 04:07:19 2015 From: grarpamp at gmail.com (grarpamp) Date: Wed, 25 Feb 2015 07:07:19 -0500 Subject: [Cryptography] trojans in the firmware In-Reply-To: <591A0ED4-FEE7-4190-9836-15E151D01B80@lrw.com> References: <591A0ED4-FEE7-4190-9836-15E151D01B80@lrw.com> Message-ID: On Tue, Feb 24, 2015 at 8:53 PM, Jerry Leichter wrote: > On Feb 24, 2015, at 2:24 AM, Ryan Carboni wrote: >> Fighting against a nation state using equipment you cannot design >> yourself or anyone you know could design... don't. > But in fact you can't design or manufacture *everything*. Do you > need control of your chips all the way back to mining the sand? Aren't there really only a couple ways to solve this? A) Somewhat similar to the IAEA, everyone pick their own trusted and knowledgeable people, then assemble everyone's people together with orders: 1) Respect whatever soverign secrets you see [profits, design advantages, etc] 2) Just tell us what we want to know [do the chips that come out of the fab equal the designs that went into it, and are those designs free of trust issues] This is complicated by needing to insert yourself into those legacy areas, as well as verify essentially that of B below. B) Contact your favorite billionaires and pitch the case for a truly open fab. And yes, that could include starting from ... > Do you need control of your chips all the way back to mining the > sand? [...] build a computer out of [...] simple logic gates > JK-flipflops Since that tech is already discovered, it would just be an open rapid physical rebuild of history from transistor to today. Maybe that would take 10 years of dedicated work to create a trusted fab that matches todays tech and can replicate itself. And if you think about it, it could be a profitable venture because if you did it right, you'd be able to openly and certifiably create trusted Orange Book / CC style hardware... something governments, large entities and even users have always wanted but haven't been able to obtain in affordable quantites and purposes. This may be easier because there's no legacy to remediate. And there's no reason you couldn't manufacture private chips too, the only restriction being that terms that would compromise the fab are not allowed. https://en.wikipedia.org/wiki/International_Atomic_Energy_Agency https://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria https://en.wikipedia.org/wiki/Trusted_computing_base http://cm.bell-labs.com/who/ken/trust.html https://en.wikipedia.org/wiki/Backdoor_(computing) https://en.wikipedia.org/wiki/Open-source_hardware From komachi at openmailbox.org Wed Feb 25 06:22:29 2015 From: komachi at openmailbox.org (Anton Nesterov) Date: Wed, 25 Feb 2015 14:22:29 +0000 Subject: Belarus just banned Tor and other censorship circumvention tools Message-ID: <54EDDAA5.20906@openmailbox.org> "11. If government inspection find Internet resources or anonymity tools (proxy servers, anonymous networks like Tor, and so on), which can be used to get access for Internet resources with limited access, they should add identifier of that Internet resources or anonymity tools to the list of limited access." http://pravo.by/main.aspx?guid=12551&p0=T21503059&p1=1&p5=0 text (Russian) -- https://nesterov.pw GPG key: 0CE8 65F1 9043 2B11 25A5 74A7 1187 6869 67AA 56E4 https://keybase.io/komachi/key.asc From ryacko at gmail.com Thu Feb 26 04:18:51 2015 From: ryacko at gmail.com (Ryan Carboni) Date: Thu, 26 Feb 2015 04:18:51 -0800 Subject: Dollar Value of a Datamined "Free" Service User? Message-ID: The marginal cost of providing an additional account to the average user is pretty cheap. It is my understanding that the business models of most "cloud" companies is to provide a little free service to get users accustomed to their UIs, so that they would purchase a business license or equivalent. Dropbox does not make it's money through data mining or advertising. Correct me if I'm wrong. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 462 bytes Desc: not available URL: From jp054227 at gmail.com Thu Feb 26 09:18:55 2015 From: jp054227 at gmail.com (JP) Date: Thu, 26 Feb 2015 09:18:55 -0800 Subject: Dollar Value of a Datamined "Free" Service User? In-Reply-To: References: Message-ID: <20150226171855.GA662@darkside.ucsd.edu> Yep, this is more the freemium model part.. https://en.wikipedia.org/wiki/Freemium On Thu, 26 Feb 2015, Ryan Carboni wrote: > The marginal cost of providing an additional account to the average user is > pretty cheap. It is my understanding that the business models of most > "cloud" companies is to provide a little free service to get users > accustomed to their UIs, so that they would purchase a business license or > equivalent. > > Dropbox does not make it's money through data mining or advertising. > Correct me if I'm wrong. From snehan.kekre612 at protonmail.ch Fri Feb 27 08:08:15 2015 From: snehan.kekre612 at protonmail.ch (Snehan Kekre) Date: Fri, 27 Feb 2015 11:08:15 -0500 Subject: Dollar Value of a Datamined "Free" Service User? Message-ID: <0134044311c1afe73045d74de957bae9@protonmail.ch> -------- Original Message -------- Subject: cypherpunks Digest, Vol 20, Issue 36 Time (GMT): Feb 26 2015 17:05:36 From: cypherpunks-request at cpunks.org To: cypherpunks at cpunks.org When replying, please edit your Subject line so it is more specific than "Re: Contents of cypherpunks digest..." Today's Topics: 1. Re: Dollar Value of a Datamined "Free" Service User? (Ryan Carboni) ---------------------------------------------------------------------- Message: 1 Date: Thu, 26 Feb 2015 04:18:51 -0800 From: Ryan Carboni To: cpunks Subject: Re: Dollar Value of a Datamined "Free" Service User? Message-ID: Content-Type: text/plain; charset="utf-8" The marginal cost of providing an additional account to the average user is pretty cheap. It is my understanding that the business models of most "cloud" companies is to provide a little free service to get users accustomed to their UIs, so that they would purchase a business license or equivalent. Dropbox does not make it's money through data mining or advertising. Correct me if I'm wrong. -------------- next part -------------- An HTML attachment was scrubbed... URL: ------------------------------ Subject: Digest Footer _______________________________________________ cypherpunks mailing list cypherpunks at cpunks.org https://cpunks.org/mailman/listinfo/cypherpunks ------------------------------ End of cypherpunks Digest, Vol 20, Issue 36 ******************************************* Yes, you are right. Most companies give free services analogous to starters. They reel in the money by limiting some ascpect of the product and ask the end user to buy their premium services. I'm not sure about Dropbox's business model. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: text/html Size: 2210 bytes Desc: not available URL: From politynews at gmx.com Fri Feb 27 08:20:40 2015 From: politynews at gmx.com (Polity News) Date: Fri, 27 Feb 2015 11:20:40 -0500 Subject: Governments Covertly Fund Internet Freedom Activists Message-ID: <54F09958.1080901@gmx.com> When asked for public records about internet freedom funding, the governments of the Netherlands and Sweden classified and redacted documents about the contracts. http://piratetimes.net/governments-covertly-fund-internet-freedom-activists/ From juan.g71 at gmail.com Sat Feb 28 14:08:40 2015 From: juan.g71 at gmail.com (Juan) Date: Sat, 28 Feb 2015 19:08:40 -0300 Subject: more self parody In-Reply-To: <54D8A405.10707@jpunix.net> References: <54D8A405.10707@jpunix.net> Message-ID: <54f23bb8.0858e00a.6065.ffffe067@mx.google.com> http://en.wikipedia.org/wiki/Linux_Security_Modules From shelley at misanthropia.org Sat Feb 28 19:17:03 2015 From: shelley at misanthropia.org (shelley at misanthropia.org) Date: Sat, 28 Feb 2015 19:17:03 -0800 Subject: Governments Covertly Fund Internet Freedom Activists In-Reply-To: <54F260E0.1070808@headstrong.de> References: <54F09958.1080901@gmx.com> <54F260E0.1070808@headstrong.de> Message-ID: <14bd35643c8.276e.4d489027c0c4d0c1b1ca03a1f48f1ffb@misanthropia.org> On February 28, 2015 5:36:14 PM mo wrote: > Does really /everything/ have to be The Reptilian Conspiracy? > They're not *all* Reptilian; some are Grays! Source: David Icke's posterior From moritz at headstrong.de Sat Feb 28 16:44:16 2015 From: moritz at headstrong.de (mo) Date: Sun, 01 Mar 2015 01:44:16 +0100 Subject: Governments Covertly Fund Internet Freedom Activists In-Reply-To: <54F09958.1080901@gmx.com> References: <54F09958.1080901@gmx.com> Message-ID: <54F260E0.1070808@headstrong.de> Well. Duh. As a happy recipient of this totally laundered crazy government money, and, yes, if you don't read any of the documents these entities provide it may come as a complete surprise to you, I am quite happy about them having to preserve some privacy. Can't we be happy that government money can actually (try to) do good? Does really /everything/ have to be The Reptilian Conspiracy? On 02/27/2015 05:20 PM, Polity News wrote: > When asked for public records about internet freedom funding, the > governments of the Netherlands and Sweden classified and redacted > documents about the contracts. > > http://piratetimes.net/governments-covertly-fund-internet-freedom-activists/ > From juan.g71 at gmail.com Sat Feb 28 23:22:15 2015 From: juan.g71 at gmail.com (Juan) Date: Sun, 1 Mar 2015 04:22:15 -0300 Subject: Governments Covertly Fund Internet Freedom Activists In-Reply-To: <54F260E0.1070808@headstrong.de> References: <54F09958.1080901@gmx.com> <54F260E0.1070808@headstrong.de> Message-ID: <54f2bd7b.041e8c0a.022a.14e9@mx.google.com> On Sun, 01 Mar 2015 01:44:16 +0100 mo wrote: > Can't we be happy that government money can actually (try to) do good? Ah yes. 0.01% of the money the government steals is used to allegedly fix some of the damage....caused by government itself? How clever is that? You think the government is 'protecting' a tiny amount of the privacy it destroys? No, even that isn't true. It's just propaganda. > Does really /everything/ have to be The Reptilian Conspiracy? You wouldn't be trying to mock anti-government people? Cause if that is the case, you are only mocking yourself. > > On 02/27/2015 05:20 PM, Polity News wrote: > > When asked for public records about internet freedom funding, the > > governments of the Netherlands and Sweden classified and redacted > > documents about the contracts. > > > > http://piratetimes.net/governments-covertly-fund-internet-freedom-activists/ > >