Re: [cryptography] The Compromised Internet
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 09/27/2013 09:35 AM, Eugen Leitl wrote: > I don't see how a ham running a repeater backbone can prevent end > to end encryption other than sniffing for traffic and actively > disrupting it. I'm not sure tampering If enough hams (or one sufficiently angry lone ham operator) decide that this is a problem they'll organize a turkey hunt to triangulate the operator(s) and politely ask them to stop before the feds get called in. The thinking behind this seems to be that the amateur community has been graciously granted a small portion of the RF spectrum to experiment with. People (licensed hams or otherwise) who do specifically prohibited things within the amateur bands (like transmitting encrypted traffic or undocumented digital protocols (which may be indistinguishable from encrypted traffic)) can get some or all of the amateur band taken away. A lot of time and effort are spent every year by ham operators who don't want this, that, or the other sliver of the amateur band reassigned away from amateur use, and someone doing something dodgy within those spectra could have disasterous consequences. When Project Byzantium was adding amateur radio support for ISC milestone #3, these regulations were noted and discussed at length during initial reasearch. We also spoke with the ARRL during development, which expressed similar sentiments about crypto in the amateur bands (and passing traffic from unlicensed network users over the amateur band, incidentally). > with transport is within ham ethics, though they definitely That would probably fall under jamming, which is definitely against ham ethics. > don't understand the actual uses for encryption, at The hams I've spoken to seem to, but they also seem to fall into the camp of "It's on the amateur bands, so if it's something I'd want to encrypt I'm not going to talk about it while chewing the rag anyway." > least the old hands (are there even new hands?). Hello. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ "Be the strange that you want to see in the world." --Gareth Branwyn -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.20 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlJJv54ACgkQO9j/K4B7F8GO0wCeMVOKo1YmC+/8VqUcm4+CGBek fk4AnjiH3UGQ/kqSzmSatwKFpSceISBq =n2mL -END PGP SIGNATURE- ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On 9/27/13, Eugen Leitl wrote: > On Fri, Sep 27, 2013 at 01:12:19PM -0400, grarpamp wrote: >> >> The mentioned tech has nothing to do with traditional 'ham'. >> And without the crypto key they can't see it and can't disrupt > > HamNet/AMPRNet ... > Of course they can see it, it's a TCP/IP network routed Again, I'm not talking about encrypting packets and stuffing them over some simple carrier centered at n-MHz. That's old tech, and possibly dangerous to the well being of users noted in the OP before me. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On Fri, Sep 27, 2013 at 01:12:19PM -0400, grarpamp wrote: > On 9/27/13, Eugen Leitl wrote: > > I don't see how a ham running a repeater backbone can > > prevent end to end encryption other than sniffing for > > traffic and actively disrupting it. I'm not sure tampering > > with transport is within ham ethics, though they definitely > > don't understand the actual uses for encryption, at > > least the old hands (are there even new hands?). > > The mentioned tech has nothing to do with traditional 'ham'. HamNet/AMPRNet is ham-only. http://de.wikipedia.org/wiki/Hamnet http://www.amateurfunk-wiki.de/index.php/Linkstrecken_HAMNET > And without the crypto key they can't see it and can't disrupt Of course they can see it, it's a TCP/IP network routed through their hardware, which is stock (Mikrotik/Ubiquiti etc.). > it, it's background/spectrum noise/power to them. > Traditionally, presumably hams might discover non-in-the-clear > on a specific channel, perhaps triangulate, and report it to some > regulatory body (or DoS it). That's not applicable, by design. signature.asc Description: Digital signature ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On 9/27/13, Eugen Leitl wrote: > I don't see how a ham running a repeater backbone can > prevent end to end encryption other than sniffing for > traffic and actively disrupting it. I'm not sure tampering > with transport is within ham ethics, though they definitely > don't understand the actual uses for encryption, at > least the old hands (are there even new hands?). The mentioned tech has nothing to do with traditional 'ham'. And without the crypto key they can't see it and can't disrupt it, it's background/spectrum noise/power to them. Traditionally, presumably hams might discover non-in-the-clear on a specific channel, perhaps triangulate, and report it to some regulatory body (or DoS it). That's not applicable, by design. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On Wed, Sep 25, 2013 at 08:12:16PM -0400, grarpamp wrote: > The US only applies to itself. Further, over the air, it's noise, the crypto > is undetectable and unprovable. And it's (guerilla) software, not physical > commercial product. Nor is this the old 'FCC says you can't encrypt > ham bands' argument/tech. I don't see how a ham running a repeater backbone can prevent end to end encryption other than sniffing for traffic and actively disrupting it. I'm not sure tampering with transport is within ham ethics, though they definitely don't understand the actual uses for encryption, at least the old hands (are there even new hands?). Not a ham nor IANAL, so this is speculation. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
At 09:16 PM 9/25/2013, you wrote: Fundamentally, what you're asking for doesn't make sense. Threat models are about economics, scale, and mistakes, and even if we don't have security bugs, we still have economics. An NSA technical report says a unit was set up in Bell Laboratories over 50 years ago to research fledgling ideas which the over-militarized NSA staff didn't have time or skill to look into. So it was done at Bell, IBM, MIT, Philco, NCR, RCA, and ilk, back then and as now with today's iconized coms, orgs and edus. Inside of which, then and now, are the cypherpunks playing chess with suits and slicks, manipulating the infrastructure to generate exploits the suits can't, or don't want, to care about so long as quarterlies are fat. Calling upon the sagacity of this forum the question might be answered as you say by developing ways to piggy-back, rig, boot-leg, twist and turn switches and valves, to swipe a little bit of the infrastructure pipelines to use for less controlled purposes. Whatever the infrastructure is, internet, EM spectrum, radio, laser, cable, optics, farts, prayer. Whatever happened to hunches and gut feelings as cover for IP theft and lucky accidents. Pilfering by insiders sold or shared off the market has an ancient history, Snowdens galore forever, the mothers of invention and payback to suits sucking blood of labor. Now then, cough, cough, suppose the internet will continue to be the comms medium of choice for citizens and consumers and their besuited gang of exploiters. Workarounds to exploit the exploiters will flower by avid hackers multiplying like rabbits inside and outside the hegemons. What else besides that healthy pilfering industry which happily generates profits for hackers and cypherpunks to set up their own exploiting ventures? As might have been asked before the internet, before telecoms, before radio, before drums and smoke and yodel and grunts and skull banging. What are lab rats doing when not angling for scale-up capital? Nothing commercial, hopefully, nothing worth feeding to John Markoff, to Glenn Greenwald, to WikiLeaks, to vultures. Probably not worth this all too open call for hot shit swapping. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On Wed, Sep 25, 2013 at 11:19 PM, coderman wrote: > On Wed, Sep 25, 2013 at 1:36 PM, Tony Arcieri wrote: >> ... >> What threat are you trying to prevent that isn't already solved by the use >> of cryptography alone? > > > this is some funny shit right here... LOL someone pointed out that i might be an ass about a legitimate query. here's a subset of all the things crypto alone does not protect: - your source of entropy, upon which all secrets rely. - your crypto implementation, which may leaks keys profusely out the side. - the peers you crypto with; often the most important info. - the complexity of attacking your crypted comms, which may be reduced to a tractable search space due to architectural or design flaws introduced by accident or $250,000,000 malicious intent. - the data in motion or at rest, beyond your crypto boundaries. i could go on... ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On Wed, Sep 25, 2013 at 1:36 PM, Tony Arcieri wrote: > ... > What threat are you trying to prevent that isn't already solved by the use > of cryptography alone? this is some funny shit right here... LOL ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On 9/25/13, Greg Rose wrote: > Even under the much-relaxed export laws of the US, deriving spreading > information cryptographically is a prohibited export. Which isn't to say it > is not a good idea. The US only applies to itself. Further, over the air, it's noise, the crypto is undetectable and unprovable. And it's (guerilla) software, not physical commercial product. Nor is this the old 'FCC says you can't encrypt ham bands' argument/tech. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
Tony Arcieri writes: >What threat are you trying to prevent that isn't already solved by the use of >cryptography alone? The threat of people saying "we'll just throw some cryptography at it and then all our problems will be solved". Peter. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On Sep 25, 2013, at 13:50 , grarpamp wrote: > On 9/25/13, John Young wrote: >> Now that it appears the Internet is compromised what other >> means can rapidly deliver tiny fragments of an encrypted >> message, each unique for transmission, then reassembled >> upon receipt, kind of like packets but much smaller and less >> predictable, dare say random? >> >> The legacy transceiver technologies prior to the Internet or >> developed parallel to it, burst via radio, microwave, EM emanations, >> laser, ELF, moon or planetary bounce, spread spectrum, ELF, >> hydro, olfactory, quanta, and the like. >> >> Presumably if these are possible they will remain classified, kept >> in research labs for advanced study, or shelved for future use. > > There is a spread spectrum radio tech where you broadcast on > essentially all frequencies / wideband at once. To the eavesdropper > it appears as simply a rise in unlocatable background noise levels. > Yet there is a twist... you and your peer posess a crypto key. That > key is used to select and form a broadcast/reception frequency map > over the entire spectrum. You drive it with software radio. Think of the > map as a vertically slotted grille mask over your spectrum analyzer. > The grille spacing/width/overlap is random. What you see is your > distributed signal hidden in the noise. Pass it down your stack > for further processing and decoding. Even under the much-relaxed export laws of the US, deriving spreading information cryptographically is a prohibited export. Which isn't to say it is not a good idea. Greg. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On 9/25/13, Rich Jones wrote: > That kind of technology is already widely deployed in walkie talkies - I > think I remember at HOPE a speaker mentioning that the NYPD used this > technique until they abandoned it due to its inconvenience. > > http://en.wikipedia.org/wiki/Frequency-hopping_spread_spectrum I don't think so, if I recall, it seemed to be a further development of the above linked idea. There might not have been the usual notion of a coded/shared freq hopping sequence in which a carrier transmit data. But more like a continuous parallel broadcast under the mask. Maybe the data was not carried within the freqs but in the choice of freqs themselves. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
At 04:21 PM 9/25/2013, you wrote: About your only choices are hams or (slightly higher budget) microsats with onboard flash and DTN (notice you can deliver packets during flyby). Hams also do launch microsats, so there's some overlap. I've been waiting for consumer phased arrays, just saw Locata VRay today -- perhaps not for much longer now. Prime your phased array with s00per-s3kr1t sat ephemerides, and you're good to go. Really hard to jam, too -- optical ones impossible to jam, even. For very high latency you could just use a global sneakernet. http://what-if.xkcd.com/31/ has some numbers. You could probably already run stock Usenet over uucp over that. Yes, I understand some of these, maybe all, are used for mil-gov-spy communications, likely in pretty advanced versions, and long in use before and with the internet. But not for high-value comsec of the present era. Mil-gov-spy use of and spying on the internet and commercial-grade encryption, https and the like, for low-value communications should indicate much better and more varied means are used for high-value. Smil, intelnet, nsanet, and other intra-IC networks are minimally secure, advertised and touted on internet outlets, thus typical fat food for foodies at lower levels of clearance. Commercial-grade comsec, which is all the public has have access to, appears tailored by standards setting and selective crypto competitons to convince of reliability. Openness promoted as a seal of approval. Fine propaganda that. Now what about what is not known openly. Well, that is what's below Snowden's tip of the iceberg slides, papers and briefings. Where's the hardware specs? ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
Yes, along those lines. Free of the totally seductively entrapping internet and monomanical PK promiscuity. The slew of innovations to milk the internet and crypto are way stations toward surpassing vulns of both used in concert. Both mutually delude. Each might lead to better alone, paired with different and less familiar means. At 04:29 PM 9/25/2013, you wrote: Free and Open 4G radios/base stations are actually quite exciting for this reason. The thing which actually prevents mesh networks from working is mathematical: past a certain network size, path finding becomes too computationally expensive, so wifi based mesh networks can only cover a certain radius before they stop working. With the 4G spectrum, however, the distances between hops vastly increases, meaning that city-wide mesh networks can grow and remain performant. This allows for free communication and file transfer without centralized authorities. Obviously there are still threats, but there is a lot of freedom gained from network autonomy. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
At 04:36 PM 9/25/2013, you wrote: > What threat are you trying to prevent that isn't already solved > by the use of cryptography alone? Transceiver vulnerabilities of the Internet, seemingly inherently insecure by design. So looking for possibilities of moving encrypted goods by other means not betrayed by faulty shipment and addled by ubiquity and familiarity. Not that that is original by any stretch, wizards are jawing about a new internet, secure by design. May take a while, so workarounds of the present piece of carrion might be useful. Not to overlook a new-fangled Snowden loosening the controls of comsec technology beyond his and our PK-packet-tech era comprehension. So beyond mathematically-enthroned encryption what lies awaiting disclosure. Oldies might suffice if dutifully studied and elaborted. Thus the reference to NSA's backroom of pre-internet-PK comsec tech which could be in the forefront, cutting/bleeding edge. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On 9/25/13, John Young wrote: > Now that it appears the Internet is compromised what other > means can rapidly deliver tiny fragments of an encrypted > message, each unique for transmission, then reassembled > upon receipt, kind of like packets but much smaller and less > predictable, dare say random? > > The legacy transceiver technologies prior to the Internet or > developed parallel to it, burst via radio, microwave, EM emanations, > laser, ELF, moon or planetary bounce, spread spectrum, ELF, > hydro, olfactory, quanta, and the like. > > Presumably if these are possible they will remain classified, kept > in research labs for advanced study, or shelved for future use. There is a spread spectrum radio tech where you broadcast on essentially all frequencies / wideband at once. To the eavesdropper it appears as simply a rise in unlocatable background noise levels. Yet there is a twist... you and your peer posess a crypto key. That key is used to select and form a broadcast/reception frequency map over the entire spectrum. You drive it with software radio. Think of the map as a vertically slotted grille mask over your spectrum analyzer. The grille spacing/width/overlap is random. What you see is your distributed signal hidden in the noise. Pass it down your stack for further processing and decoding. It's been a while since I've seen this described, whether formally, or applied. Link to paper[s] covering the topic would be appreciated. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
Carrier-agnostic encrypted mesh routing software: CJDNS. Cantenna, IR-link based RONJA, ethernet/LAN, whatever. If you've got a data link you can use it. It creates an IPv6 network internally in the 'fc' range (private network) where the address is a hash of the node's public key. On Wed, Sep 25, 2013 at 10:07 PM, John Young wrote: > Now that it appears the Internet is compromised what other > means can rapidly deliver tiny fragments of an encrypted > message, each unique for transmission, then reassembled > upon receipt, kind of like packets but much smaller and less > predictable, dare say random? > > The legacy transceiver technologies prior to the Internet or > developed parallel to it, burst via radio, microwave, EM emanations, > laser, ELF, moon or planetary bounce, spread spectrum, ELF, > hydro, olfactory, quanta, and the like. > > Presumably if these are possible they will remain classified, kept > in research labs for advanced study, or shelved for future use. > > Quite a few are hinted at, redacted and partially described in > NSA technical publications from 25-50 or so years ago. Many > developed for military use and the best never shared with the > public. > > A skeptic might suppose the internet was invented and promoted as > a diversion along with public-use digital cryptography. This ruse > has led to immense growth in transmission-breakable ciphers > as well as vulnerable transceivers. Packet techology could hardly > be surpased for tappability as Snowden and cohorts disclose the > tip of the iceberg. Ironically, the cohorts believe encryption protects > their communications, conceals his location and cloaks the > depositories. > > > > ___ > cryptography mailing list > cryptography@randombit.net > http://lists.randombit.net/mailman/listinfo/cryptography ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
Re: [cryptography] The Compromised Internet
On Wed, Sep 25, 2013 at 1:07 PM, John Young wrote: > Now that it appears the Internet is compromised What threat are you trying to prevent that isn't already solved by the use of cryptography alone? -- Tony Arcieri ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
[cryptography] The Compromised Internet
Now that it appears the Internet is compromised what other means can rapidly deliver tiny fragments of an encrypted message, each unique for transmission, then reassembled upon receipt, kind of like packets but much smaller and less predictable, dare say random? The legacy transceiver technologies prior to the Internet or developed parallel to it, burst via radio, microwave, EM emanations, laser, ELF, moon or planetary bounce, spread spectrum, ELF, hydro, olfactory, quanta, and the like. Presumably if these are possible they will remain classified, kept in research labs for advanced study, or shelved for future use. Quite a few are hinted at, redacted and partially described in NSA technical publications from 25-50 or so years ago. Many developed for military use and the best never shared with the public. A skeptic might suppose the internet was invented and promoted as a diversion along with public-use digital cryptography. This ruse has led to immense growth in transmission-breakable ciphers as well as vulnerable transceivers. Packet techology could hardly be surpased for tappability as Snowden and cohorts disclose the tip of the iceberg. Ironically, the cohorts believe encryption protects their communications, conceals his location and cloaks the depositories. ___ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography