[Home] [Headlines] [Latest Articles] [Latest Comments] [Post] [Mail] [Sign-in] [Setup] [Help] [Register]
|
Status: Not Logged In; Sign In
Science-Technology Title: When Strong Encryption Isn't Enough to Protect Our Privacy “None of the claims of what comsec works is to be taken saltless: Tor, OTR, ZTRP are lures.” —Cryptome 3, Dec. 30, 2014 In the aftermath of Edward Snowden's disclosures, the American public has been deluged with talking points that advocate strong encryption as a universal solution for protecting our privacy. Unfortunately the perception of strong encryption as a panacea is flawed. In this report I’ll explain why strong encryption isn’t enough and then present some operational guidelines which can be used to enhance your online privacy. Nothing worthwhile is easy. Especially sidestepping the Internet’s global Eye of Providence. Anyone who reads through privacy recommendations published by the Intercept 4 or the Freedom of the Press Foundation 5 will encounter the same basic lecture. In a nutshell they advise users to rely on open source encryption software, run it from a CD-bootable copy of the TAILS operating system, and route their Internet traffic through the TOR anonymity network. This canned formula now has a degree of official support from, of all places, the White House. A few days ago during an interview with Re/Code, President Obama assured 6 listeners that “there’s no scenario in which we don’t want really strong encryption.” It’s interesting to note how this is in stark contrast to public admonishments 7 by FBI director James Comey this past October for key escrow encryption, which is anything but strong. So it would appear that POTUS is now towing a line advocated by none other than whistler-blower Snowden who asserted 8 that “properly implemented strong crypto systems are one of the few things that you can rely on.” Only there’s a problem with this narrative and its promise of salvation: When your threat profile entails a funded outfit like the NSA, cyber security is largely a placebo. Down To the Metal A report 9 released by Moscow-based anti-virus vendor Kaspersky Lab proves that, despite the self-congratulatory public relations messaging of Google or Apple, strong encryption might not be the trendy cure-all it’s cracked up to be. The NSA has poured vast resources into hacking hardware platforms across the board, creating firmware modifications 10 that allow 11 U.S. spies to “capture a machine’s encryption password, store it in ‘an invisible area inside the computer’s hard drive’ and unscramble a machine’s contents.” On a side note, Kaspersky Lab is one of two companies authorized 12 by Russian security service to provide anti-virus technology to the Russian government. The company’s founder, Eugene Kaspersky, a former 13 Soviet intelligence officer himself, has links to the Russian Federal Security Service, or FSB. So it makes sense that the one company with the audacity and skill to publicly showcase a global espionage program by the NSA would also be a company aligned with a countervailing power center outside of the United States. Anyway, when it comes to bare-metal skullduggery there are plenty 14 of proof-of-concept 15 examples available in the public domain. But these experiments are nothing compared to the slick production-level malware deployed by NSA spies. When the Pentagon aims for information dominance 16 it doesn't screw around. Hence blind trust in encryption software is exposed as a sort of magical thinking. Some people would argue that the NSA’s hardware hacks aren’t a big deal because they’re used selectively for targeted intrusions. One problem with this stance is that spy gear has a habit of filtering down into the underworld because spies and crooks are kindred spirits who often work together. Another problem is that the NSA is actively working to industrialize 17 attacks so that they can be pulled off on a mass scale against large swathes 18 of users. The recent discovery of pre-installed malware 19 on Lenovo PCs should offer an unsettling hint 20 of where spies and their front companies are taking things. Face it, an intelligence agency that makes off 21 with the encryption keys from a large multinational company that manufactures billions of SIM cards each year is an agency that’s doing much more than just small-scale targeted hardware attacks. They want to “collect it all.” OPSEC Is Law “Iraqi Assault to Retake Mosul from Islamic State Is Planned for Spring” —New York Timesheadline, Feb. 20, 2015 Given the sorry state of software engineering and the sheer scope of clandestine subversion programs, if spies want to root your machine they’ll probably find a way. The Internet is akin to a vast swamp in the Deep South. Users wade through a hostile murky environment surrounded by alligators prowling silently just below the surface. And don’t think that tools like Tor 22 will protect you. The FBI has demonstrated repeatedly that it can unmask 23 Tor users with exploits. The FBI’s collection of cyber scalps includes 24 a high-ranking cyber security director who probably thought his game was tight. The litany of Tor’s failures have led security researchers to conclude 25 that, “Tor makes you stick out as much as a transgender Mongolian in the desert.” Hence when going toe-to-toe with spies from the NSA’s Office of Tailored Access Operations 26 or, heaven forbid, its more daunting CIA brethren 27 in the Special Collection Service 28, operational security (OPSEC) becomes essential. This isn’t cynical “privacy nihilism” but rather clear-headed contingency planning. Once the NSA owns a computer the only things that stands between the user and spies is OPSEC. It takes groundwork, patience and (most of all) discipline. Even the professionals get this wrong. And when they do the results can be disastrous. For a graphic illustration of this contemplate the case of Ross Ulbricht, the creator of Silk Road. The celebrated Tor anonymity network did very little 29 to stop the feds from getting a bead on him. To make matters worse you’d think Ulbricht would know better 30 to work with his back to the room so the feds could sneak up on him before he could log off, leaving his encrypted laptop in a decidedly vulnerable state. It didn’t help that the Silk Road’s servers were configured to auto-login certain client machines and that Ulbricht’s laptop just happened to be connected to the Silk Road servers as a full administrator. Ditto that for Bitcoin wallets on the aforementioned laptop which allowed law enforcement agents to trace 31 over $13 million in Bitcoins to Ulbricht. When professionals get operational security right they sometimes look a bit silly. Close circuit TVs are cheap and ubiquitous. Let’s just say that Snowden wasn’t being paranoid when he covered himself with a red blanket (the so-called 32 “magic mantle of power”) while entering his laptop password. For the sake of maintaining cover, simply obscuring your keyboard may be a wiser option in public as it’s less conspicuous. The last thing you want to do in a crowd is draw attention to yourself. Anti-Forensics in Theory and Practice “The only protection against communication systems is to avoid their use.” —Cryptome 33, Communications Privacy Folly, June 13, 2012 A researcher like the Grugq 34 will inform listeners, when he’s not out scoring 35 zero-day exploits, that anti-forensics 36 is all about reducing both the quantity and quality of information that adversaries acquire. In other words, if spies succeed in breaching your computer then give them as little useful information as possible. One way to achieve this is through compartmentalization, a technique honed to a fine edge by intelligence outfits like the KGB. In the years following World War II the Soviet nuclear program was targeted heavily by U.S. spies. To counter this effort, the Soviets employed sophisticated, multi-level, denial and deception strategies. According to Mikhail Gladyshev 37, who was in charge of the plutonium enrichment station at the Mayak complex in the city of Ozersk, compartmentalization of information was pervasive: “[W]e put the [plutonium] paste in a box and transferred it to the consumer plant. How much plutonium was in that box we didn’t know and it was not recommended for us to know. Even later, when I was the plant’s chief engineer, the plans for plutonium production were known only to the facility’s director, and all documents were prepared in single copies” Given the reality of mass interception let’s look at mobile phones as a case study. They’re essentially portable Telescreens 21, glorified tracking 38 beacons that double as walkie-talkies. In private, when NSA spies feel comfortable enough to speak candidly with each other, iPhone users are referred to 39 as zombies who literally pay for their own surveillance. This is not an exaggeration and it speaks yards about how intelligence officers view society. You’ve been warned. The best option is to follow the example of WikiLeaks activist Sarah Harrison 40 and simply not carry a cellphone. Jihadists in the Middle East have learned this lesson the hard way and use hand couriers 41 for sensitive messages. Other organization like Los Zetas in Mexico have built private radio networks 42 to avoid official communication channels. Lebanon’s Hezbollah went so far as to set up its own covert fiber optic 43 data network in an effort to elude conventional eavesdropping. Listen to John Young of the web site Cryptome. The only sure-fire way to protect yourself against monitoring on a given communication system is not to use it. If having a cellphone is an absolute necessity there are shielding cases 44 available. Though removing the battery works just fine in a pinch as does sticking a cellphone in a sealed metal container like a refrigerator. Another thing to remember is that “dumb phones” lacking in bells and whistles tend to accumulate far less information 45 than more elaborate smartphones. Compromised mobile devices should be smashed and dumped in a remote location. Make sure the SIM card is completely destroyed. Recall how methodically the GCHQ officials disposed 46 of hardware belonging to the Guardian newspaper. This is another area where $10 dumb phones have an advantage. Once a cell phone is out in the open with its battery in place, consider the following recommendations. First, it’s extremely unwise for someone to power on a “secure” cell phone where they normally live and work. This includes recharging the phone! While traveling to a remote site to communicate be aware that automated license plate readers, traffic cameras, facial recognition software and built-in vehicle GPS units are becoming more commonplace. Avoid patterns (geographic, chronological, etc.). Arbitrarily relocate to new spots during the course of a phone call. Stay in motion. Phone calls should be as short as possible so that the amount of data collected by surveillance equipment 47 during the call’s duration is minimized. This will make it more difficult for spies to make accurate predictions. Another aim should be to maintain a closed communication network at all costs. Secure cell phones should not be used casually to call friends or relatives. Dial only other cell phones intended specifically for sensitive communication. Also remember that calling a landline may end up exposing the person who answers. Carrying additional mobile devices (e.g. surface tablet, second cell phone) creates the risk that the peripheral hardware may undermine anonymity through correlation. Finally, pay for items using cash when operational. Credit card transactions are like a big red flag. If spies somehow captures a secure cell phone and are able to siphon data off of it, one potential countermeasure is to flood the device with false information. Skillful application of this technique can lead spies on a goose chase. When Edward Snowden was fleeing Hong Kong he intentionally bought a plane ticket to India with his own credit card in an effort to throw pursuers off his track. Final Words Ultimately there’s no ironclad formula for protecting your identity. No guarantees. Privacy isn’t something I can give you, it’s something you must attain on your own through hard work. In summary, expect security tools to fail, compartmentalize to contain damage and apply the Grugq’s core tenets of anti-forensics. Don’t put blind faith in technology. Focus your resources on maintaining rigorous procedures. When things get dicey it’ll be your training and preparation that keep you secure. Bill Blunden is the author of several books, including “The Rootkit Arsenal” and “Behold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” He is the lead investigator at Below Gotham Labs. Links: Poster Comment: Some sobering reminders of what real security measures entail, especially in the global spy society. I reformatted the footnotes to make them less annoying than the usual AlterNet articles.
Post Comment Private Reply Ignore Thread Top • Page Up • Full Thread • Page Down • Bottom/Latest
#1. To: TooConservative (#0)
Good Post! Thanks!
I picked up on the mention of Tor. Too many people don't understand that it really does make you look “stick out as much as a transgender Mongolian in the desert.” And even the so-so FBI techs are capable of cooking up doctored distros of Firefox Tor Edition or using Javascript exploits to unmask Tor users. Someone asked about how secure Tor was a few years back at LP. So I liked this article because it emphasizes classic espionage countermeasures and reducing your exposure across the board.
|
|
|
[Home] [Headlines] [Latest Articles] [Latest Comments] [Post] [Mail] [Sign-in] [Setup] [Help] [Register]
|