Re: re:constant encryped stream
On Wed, 1 Jan 2003, Eugen Leitl wrote: On Tue, 31 Dec 2002, Thomas Shaddack wrote: Is there a way to RELIABLY find the mail was opened? I have a related question. I have a little server sitting in a wall closet. Does anyone have an easy solution (preferably low tech) for figuring out that the closet door has been opened? Yes, provided you don't mind opening the door damages the server so that it is no longer operating, and the time frame it is left alone is not too long (ie longer than the repair time). -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
Re: re:constant encryped stream
On Fri, 3 Jan 2003, Thomas Shaddack wrote: I have a related question. I have a little server sitting in a wall closet. Does anyone have an easy solution (preferably low tech) for figuring out that the closet door has been opened? A switch that shutdowns the server, and a passphrase on the startup. A simple optical cable under the door (or through a itty bitty hole in the ceiling) spots the switch. A remote manipulator or robot disables it via a jumper. Accessing the drive with the power up in this case may not be that hard since you can VanEck it or do a direct physical attack via Hi-Z devices for connection that then go 'active' after connection (hence bypassing electrical effects like shorts and such). Once you've got the control board in there put the cpu in a wait state and DMA the rest of the hardware, or just sit on the bus and snoop the bits via wireless card to a receiver in the ceiling that then re-transmits it. Remote logging of the power-ups, using the S.M.A.R.T. power-up count register on the hard-drive as an arbiter (if the adversary wants to access the disk, they have to power it up, even if they take the disk out of the machine and read it in another machine); of course they can unmount the disk's circuitboard and use their own, but they would first have to be aware about that possibility. Never underestimate your adversary, never assume -you- have technology -they- don't. Chances are they do, they may even have technology -you- don't. This is really what makes this problem so hard, for you to be able to reliably detect them there are two components; - you have to have technology they are ignorant of and even if they observe it won't recognize it. - even if they do detect the technology they don't have an access window great enough to do anything about it. Lot of mighty big 'if's' in there...better to go with simple one-way detection mechanisms since they already have you under scrutiny. They will be able to determine you know of it by changes in behavior (ie traffic and signature analysis). So why even bother trying to hide your knowledge? The second one is probably the most usefull. One approach might be to send images off-site in near real-time. Assume any loss of signal as a breach (better to be safe than sorry). -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
re:constant encryped stream
I have a related question. I have a little server sitting in a wall closet. Does anyone have an easy solution (preferably low tech) for figuring out that the closet door has been opened? A switch that shutdowns the server, and a passphrase on the startup. Remote logging of the power-ups, using the S.M.A.R.T. power-up count register on the hard-drive as an arbiter (if the adversary wants to access the disk, they have to power it up, even if they take the disk out of the machine and read it in another machine); of course they can unmount the disk's circuitboard and use their own, but they would first have to be aware about that possibility. Now if the system detects dysparity between the number of system boot-ups and the disk power-ups, an alert is raised. (Of course, it can also indicate just a blackout shortly later followed by another blackout, sooner than the PC manages to start up. Solution: UPS.) Can be spiced up by using a wireless remote control, sending an unlock signal into the box, then it will allow you in without raising the ceiling. Otherwise each door opening can switch on a REALLY loud alarm siren. Same result can be achieved by using an encrypted remote connection over the network connection. A battery-backed-up computer-powered X-10 wireless camera, with a receiver somewhere nearby. Advantage: will see the one who opened the box. Can be switched on by the door switch, then the VCR recording its image can be controlled by the presence of the carrier wave from the cam. A microcontroller (ie, my favorite PIC16F84, or one of its numerous successors) with a battery backup and an array of sensors (switches, light sensors...) and an EEPROM to which you record the events. Hidden in the closet itself, built either concealeed or tamperproof (or both). Possibly recording the events to a chip like AT24RF08C, so you could read the event RAM remotely without opening the closet. The trick with the marbles someone came up with, and related methods. However, I don't know how to secure it against a careful adversary who knows the trap is waiting, and at the same time make it possible for you to open the box without spilling the marbles. Except if you'd put the X10 minicam (or jsut a plain webcam) into the box and watch the marbles. Encrypt the access, so the adversary can't learn about the position of the black one in advance. Be creative. Keep in mind the adversary can cut both the power and the network connection before accessing the object (burglars with GSM jammers, cutting off wireless outdial systems after cutting the phone line, appeared here already). If your data are high-profile, think about an autodestruction system. Be aware such system can be used against you as a denial-of-service attack. Have luck :)
Re: re:constant encryped stream
On Wed, 1 Jan 2003, Eugen Leitl wrote: On Tue, 31 Dec 2002, Thomas Shaddack wrote: Is there a way to RELIABLY find the mail was opened? I have a related question. I have a little server sitting in a wall closet. Does anyone have an easy solution (preferably low tech) for figuring out that the closet door has been opened? Yes, provided you don't mind opening the door damages the server so that it is no longer operating, and the time frame it is left alone is not too long (ie longer than the repair time). -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
re:constant encryped stream
I have a related question. I have a little server sitting in a wall closet. Does anyone have an easy solution (preferably low tech) for figuring out that the closet door has been opened? A switch that shutdowns the server, and a passphrase on the startup. Remote logging of the power-ups, using the S.M.A.R.T. power-up count register on the hard-drive as an arbiter (if the adversary wants to access the disk, they have to power it up, even if they take the disk out of the machine and read it in another machine); of course they can unmount the disk's circuitboard and use their own, but they would first have to be aware about that possibility. Now if the system detects dysparity between the number of system boot-ups and the disk power-ups, an alert is raised. (Of course, it can also indicate just a blackout shortly later followed by another blackout, sooner than the PC manages to start up. Solution: UPS.) Can be spiced up by using a wireless remote control, sending an unlock signal into the box, then it will allow you in without raising the ceiling. Otherwise each door opening can switch on a REALLY loud alarm siren. Same result can be achieved by using an encrypted remote connection over the network connection. A battery-backed-up computer-powered X-10 wireless camera, with a receiver somewhere nearby. Advantage: will see the one who opened the box. Can be switched on by the door switch, then the VCR recording its image can be controlled by the presence of the carrier wave from the cam. A microcontroller (ie, my favorite PIC16F84, or one of its numerous successors) with a battery backup and an array of sensors (switches, light sensors...) and an EEPROM to which you record the events. Hidden in the closet itself, built either concealeed or tamperproof (or both). Possibly recording the events to a chip like AT24RF08C, so you could read the event RAM remotely without opening the closet. The trick with the marbles someone came up with, and related methods. However, I don't know how to secure it against a careful adversary who knows the trap is waiting, and at the same time make it possible for you to open the box without spilling the marbles. Except if you'd put the X10 minicam (or jsut a plain webcam) into the box and watch the marbles. Encrypt the access, so the adversary can't learn about the position of the black one in advance. Be creative. Keep in mind the adversary can cut both the power and the network connection before accessing the object (burglars with GSM jammers, cutting off wireless outdial systems after cutting the phone line, appeared here already). If your data are high-profile, think about an autodestruction system. Be aware such system can be used against you as a denial-of-service attack. Have luck :)
Re: re:constant encryped stream
On Fri, 3 Jan 2003, Thomas Shaddack wrote: I have a related question. I have a little server sitting in a wall closet. Does anyone have an easy solution (preferably low tech) for figuring out that the closet door has been opened? A switch that shutdowns the server, and a passphrase on the startup. A simple optical cable under the door (or through a itty bitty hole in the ceiling) spots the switch. A remote manipulator or robot disables it via a jumper. Accessing the drive with the power up in this case may not be that hard since you can VanEck it or do a direct physical attack via Hi-Z devices for connection that then go 'active' after connection (hence bypassing electrical effects like shorts and such). Once you've got the control board in there put the cpu in a wait state and DMA the rest of the hardware, or just sit on the bus and snoop the bits via wireless card to a receiver in the ceiling that then re-transmits it. Remote logging of the power-ups, using the S.M.A.R.T. power-up count register on the hard-drive as an arbiter (if the adversary wants to access the disk, they have to power it up, even if they take the disk out of the machine and read it in another machine); of course they can unmount the disk's circuitboard and use their own, but they would first have to be aware about that possibility. Never underestimate your adversary, never assume -you- have technology -they- don't. Chances are they do, they may even have technology -you- don't. This is really what makes this problem so hard, for you to be able to reliably detect them there are two components; - you have to have technology they are ignorant of and even if they observe it won't recognize it. - even if they do detect the technology they don't have an access window great enough to do anything about it. Lot of mighty big 'if's' in there...better to go with simple one-way detection mechanisms since they already have you under scrutiny. They will be able to determine you know of it by changes in behavior (ie traffic and signature analysis). So why even bother trying to hide your knowledge? The second one is probably the most usefull. One approach might be to send images off-site in near real-time. Assume any loss of signal as a breach (better to be safe than sorry). -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
re:constant encryped stream
On Wed, 1 Jan 2003, Eugen Leitl wrote: I have a related question. I have a little server sitting in a wall closet. Does anyone have an easy solution (preferably low tech) for figuring out that the closet door has been opened? from a kids cartoon a couple weeks ago: put a bowl of marbles next to the door. All but one the same color. Whoever spills the marbles doesn't know where you put the wrong one (nor how many there were if you can put a few holes in the floor :-) Patience, persistence, truth, Dr. mike
re:constant encryped stream
On Tue, 31 Dec 2002, Thomas Shaddack wrote: Is there a way to RELIABLY find the mail was opened? I have a related question. I have a little server sitting in a wall closet. Does anyone have an easy solution (preferably low tech) for figuring out that the closet door has been opened?
re:constant encryped stream
On Wed, 1 Jan 2003, Eugen Leitl wrote: I have a related question. I have a little server sitting in a wall closet. Does anyone have an easy solution (preferably low tech) for figuring out that the closet door has been opened? from a kids cartoon a couple weeks ago: put a bowl of marbles next to the door. All but one the same color. Whoever spills the marbles doesn't know where you put the wrong one (nor how many there were if you can put a few holes in the floor :-) Patience, persistence, truth, Dr. mike
Re: re:constant encryped stream
On Tue, 31 Dec 2002, Thomas Shaddack wrote: Is there a way to RELIABLY find the mail was opened? There are a variety of plastics and such that will change color and break-down; the new time-limited DVD's that become unplayable after some short period of days after opening the air tight container. You could in effect put an air tight envelope around whatever you wanted to protect, with a slice of this stuff in there as well. If it's opened then when you get it...this of course assumes that the MITM attack doesn't have access or knowledge of the trick. Would work a handfull of times and then a bypass would be reasonably trivial. You could put stamps and such on the tabs to make the job harder, but again once the resources were focused... In the case of your example of a OTP on a CD, simply use one of the time release CD's that go breakdown. Assumes of course you can get them and have the hardware to burn and seal them. If the envelope is light-tight you could put some film in there and then review it for exposure upon receipt (same questions of 'is this piece the same piece that was put in there?' though). -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
re:constant encryped stream
On Tue, 31 Dec 2002, Thomas Shaddack wrote: Is there a way to RELIABLY find the mail was opened? I have a related question. I have a little server sitting in a wall closet. Does anyone have an easy solution (preferably low tech) for figuring out that the closet door has been opened?
re:constant encryped stream
hi, Thank you for the reply. they didn't really explain why; I think it was leftover regulations from wartime censorship during World War II or the Korean Police Action. I think so. Also, in the US, the police can request a mail cover (which means recording who all your snail mail is from) with much less legal formality than a search warrant, and if they get a warrant to open all your incoming mail, I don't think they're required to notify you. We don't have such a system in india-it is pretty transparent. But at the slightest at the use of encryption will raise their brows. This issue can only be fully solved when the vast majority of people begin using encryption. Encrypted spam wouldn't be a bad idea either. (Ideally they'd encrypt all of the spam :-) Actually, if you insisted on all your mail being encrypted, that would cut down significantly on spam, because the amount of individual work per message required to encrypt something is significantly higher than the work required to just email it, which can scale badly and can also increase the traceability of spam (by watching who downloads large numbers of keys from keyservers, for instance.) What about just making your own key pair and not putting it on any key server.The govt will have enough reason that the keys were communicated by other means than putting it on a key server and they will still have be interested in it,making key pairs is not a hard task,if spammers have utilities like pgp,even spammers can do that.So spammers don't have to worry *more* of getting traced.It should give the govt. enough work. :) it is better that every one start encrypting their mail-the idea would be then half of the world policing will have to watch the other half of the world which are civilians-which is not very feasible,thats what I think. The extent to which obtaining keys is a traceable activity depends a lot on the type of public key infrastructure that's being used, and to some extent on the amount of accuracy that you need - spammers selling lists to each other probably wouldn't mind a 5-10% inaccuracy rate if it meant they didn't have to use keyservers, while people who want to preserve their privacy are much more likely to download mass quantities of keys from servers to avoid having it be obvious which ones they care about. Happy New Year. Regards Sarath. __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
re:constant encryped stream
Also, in the US, the police can request a mail cover (which means recording who all your snail mail is from) with much less legal formality than a search warrant, and if they get a warrant to open all your incoming mail, I don't think they're required to notify you. Is there a way to RELIABLY find the mail was opened? Reason: If the mail sent is eg. a CD with a set of OTP keys, then the adversary gains next to nothing by intercepting it IF the interception is detected (the keys just get discarded and new set is sent to another address). Then it could be possible to securely send large volumes of confidential data by mail; you prepare the pairs of CDs - one with cryptographically random data, one with the real data XORed by the first set. You send the first set. If it arrives unopened (which can be communicated safely even over an unsecured channel), you send the second set; if it arrives opened, you generate the CD pairs again and send the new first set. If the adversary intercepts only one half of the transported data, they gain nothing more than the fact some amount of data was sent. (Of course, hand-to-hand exchange is more secure, but it is suitable for operative handling of keys in urban setting, not when an overseas flight would come to question.) One of my ideas was to put a small piece of film or photographic paper, detect that it was exposed to light, but then the adversary can put in a new piece of the light-sensitive material and reseal the package. The same problem goes with the various kinds of seals. Comments, hints, keywords to look up?
Re: re:constant encryped stream
On Tue, 31 Dec 2002, Thomas Shaddack wrote: Is there a way to RELIABLY find the mail was opened? There are a variety of plastics and such that will change color and break-down; the new time-limited DVD's that become unplayable after some short period of days after opening the air tight container. You could in effect put an air tight envelope around whatever you wanted to protect, with a slice of this stuff in there as well. If it's opened then when you get it...this of course assumes that the MITM attack doesn't have access or knowledge of the trick. Would work a handfull of times and then a bypass would be reasonably trivial. You could put stamps and such on the tabs to make the job harder, but again once the resources were focused... In the case of your example of a OTP on a CD, simply use one of the time release CD's that go breakdown. Assumes of course you can get them and have the hardware to burn and seal them. If the envelope is light-tight you could put some film in there and then review it for exposure upon receipt (same questions of 'is this piece the same piece that was put in there?' though). -- We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, Plan 9 from Outer Space [EMAIL PROTECTED][EMAIL PROTECTED] www.ssz.com www.open-forge.org
re:constant encryped stream
hi, Thank you for the reply. they didn't really explain why; I think it was leftover regulations from wartime censorship during World War II or the Korean Police Action. I think so. Also, in the US, the police can request a mail cover (which means recording who all your snail mail is from) with much less legal formality than a search warrant, and if they get a warrant to open all your incoming mail, I don't think they're required to notify you. We don't have such a system in india-it is pretty transparent. But at the slightest at the use of encryption will raise their brows. This issue can only be fully solved when the vast majority of people begin using encryption. Encrypted spam wouldn't be a bad idea either. (Ideally they'd encrypt all of the spam :-) Actually, if you insisted on all your mail being encrypted, that would cut down significantly on spam, because the amount of individual work per message required to encrypt something is significantly higher than the work required to just email it, which can scale badly and can also increase the traceability of spam (by watching who downloads large numbers of keys from keyservers, for instance.) What about just making your own key pair and not putting it on any key server.The govt will have enough reason that the keys were communicated by other means than putting it on a key server and they will still have be interested in it,making key pairs is not a hard task,if spammers have utilities like pgp,even spammers can do that.So spammers don't have to worry *more* of getting traced.It should give the govt. enough work. :) it is better that every one start encrypting their mail-the idea would be then half of the world policing will have to watch the other half of the world which are civilians-which is not very feasible,thats what I think. The extent to which obtaining keys is a traceable activity depends a lot on the type of public key infrastructure that's being used, and to some extent on the amount of accuracy that you need - spammers selling lists to each other probably wouldn't mind a 5-10% inaccuracy rate if it meant they didn't have to use keyservers, while people who want to preserve their privacy are much more likely to download mass quantities of keys from servers to avoid having it be obvious which ones they care about. Happy New Year. Regards Sarath. __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
re:constant encryped stream
At 03:07 AM 12/21/2002 -0800, Sarad AV wrote: hi, Don't encrypt, post it by snail mail. I remember reading this in pgp's help document. It addresses why we glue over our envelope and seal it. It ofcourse is concealing (for the govt) and privacy (for the user). The govt. never asks letters not to be glued and sealed because of the vast majority of people using it. When I was young, the US Postal Service charged less money for unsealed envelopes than for sealed envelopes. I think the year was about 1962 or 1963, and the price was 5 cents for sealed envelopes and 4 cents for unsealed and for post cards. Since this was elementary school and we were learning about community things like the Post Office and the Fire Department, they didn't really explain why; I think it was leftover regulations from wartime censorship during World War II or the Korean Police Action. Also, in the US, the police can request a mail cover (which means recording who all your snail mail is from) with much less legal formality than a search warrant, and if they get a warrant to open all your incoming mail, I don't think they're required to notify you. But at the slightest at the use of encryption will raise their brows. This issue can only be fully solved when the vast majority of people begin using encryption. Encrypted spam wouldn't be a bad idea either. (Ideally they'd encrypt all of the spam :-) Actually, if you insisted on all your mail being encrypted, that would cut down significantly on spam, because the amount of individual work per message required to encrypt something is significantly higher than the work required to just email it, which can scale badly and can also increase the traceability of spam (by watching who downloads large numbers of keys from keyservers, for instance.) The extent to which obtaining keys is a traceable activity depends a lot on the type of public key infrastructure that's being used, and to some extent on the amount of accuracy that you need - spammers selling lists to each other probably wouldn't mind a 5-10% inaccuracy rate if it meant they didn't have to use keyservers, while people who want to preserve their privacy are much more likely to download mass quantities of keys from servers to avoid having it be obvious which ones they care about.
re:constant encryped stream
Also, in the US, the police can request a mail cover (which means recording who all your snail mail is from) with much less legal formality than a search warrant, and if they get a warrant to open all your incoming mail, I don't think they're required to notify you. Is there a way to RELIABLY find the mail was opened? Reason: If the mail sent is eg. a CD with a set of OTP keys, then the adversary gains next to nothing by intercepting it IF the interception is detected (the keys just get discarded and new set is sent to another address). Then it could be possible to securely send large volumes of confidential data by mail; you prepare the pairs of CDs - one with cryptographically random data, one with the real data XORed by the first set. You send the first set. If it arrives unopened (which can be communicated safely even over an unsecured channel), you send the second set; if it arrives opened, you generate the CD pairs again and send the new first set. If the adversary intercepts only one half of the transported data, they gain nothing more than the fact some amount of data was sent. (Of course, hand-to-hand exchange is more secure, but it is suitable for operative handling of keys in urban setting, not when an overseas flight would come to question.) One of my ideas was to put a small piece of film or photographic paper, detect that it was exposed to light, but then the adversary can put in a new piece of the light-sensitive material and reseal the package. The same problem goes with the various kinds of seals. Comments, hints, keywords to look up?
re:constant encryped stream
At 03:07 AM 12/21/02 -0800, Sarad AV wrote: Don't encrypt,post it by snail mail.I remember reading this in pgp's help document. It addresses why we glue over our envelope and seal it.It ofcourse is concealing(for the govt) and privacy (for the user).The govt. never asks letters not to be glued and sealed because of the vast majority of people using it. But at the slightest at the use of encryption will raise their brows. Find a readily-OCR-able font and encrypt your message before printing mailing it... A (twisted) form of stego if your envelope is textured/opaque. (A friend once sent me a PGP msg on a *postcard* but the fucker used a font that required lots of manual corrections... using only PGP's griping as feedback.) -- Intended only for lawful uses. -HP Computer Advert
re:constant encryped stream
At 03:07 AM 12/21/02 -0800, Sarad AV wrote: Don't encrypt,post it by snail mail.I remember reading this in pgp's help document. It addresses why we glue over our envelope and seal it.It ofcourse is concealing(for the govt) and privacy (for the user).The govt. never asks letters not to be glued and sealed because of the vast majority of people using it. But at the slightest at the use of encryption will raise their brows. Find a readily-OCR-able font and encrypt your message before printing mailing it... A (twisted) form of stego if your envelope is textured/opaque. (A friend once sent me a PGP msg on a *postcard* but the fucker used a font that required lots of manual corrections... using only PGP's griping as feedback.) -- Intended only for lawful uses. -HP Computer Advert
re:constant encryped stream
hi, Nothing serious, just throwing a quick thought out... It has been mentioned that you should always use crypto. If you wait until you actually have something private to send, then an adversary will know exactly which message is important. Don't encrypt,post it by snail mail.I remember reading this in pgp's help document. It addresses why we glue over our envelope and seal it.It ofcourse is concealing(for the govt) and privacy (for the user).The govt. never asks letters not to be glued and sealed because of the vast majority of people using it. But at the slightest at the use of encryption will raise their brows. This issue can only be fully solved when the vast majority of people begin using encryption. Encrypted spam wouldn't be a bad idea either. Regards Sarath. Encrypting everything gives equal suspicion to each message and nobody has the resources to attack all of your mail. So, I was thinking that rather than just encrypt each message, why not just keep a constant encrypted stream open? So, even when you are asleep, computers at each node are bombarding each other with encrypted junk files. Your noise to signal ratio would be phenomenal. Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com