Re: [liberationtech] investing in liberation tech
On 10 November 2014 17:49, J.M. Porup j...@porup.com wrote: Is it possible to make money investing in privacy- or security-focused startups? There is certainly an interest in the related technologies, but the obstacles are the ones you would probably expect: 1. Commercial companies don't want to be associated with regular users of the technologies (dissidents, etc.). So you better be able to supply your own anonymity network if you need one, etc. 2. Commercial investors have issues with open-source code — something that can be alleviated with education on necessity of open source in cybersecurity, and on various licensing approaches (community / enterprise, etc.). 3. Military / security organizations have issues with the development not being under their control, and strive to develop in-house solutions (which might be more primitive / buggy, but that's what they prefer organizationally). Overall, privacy / security is a very difficult investment field, since the end-users don't know the difference between good and only-so-good technologies, they only see the difference in marketing. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Does the White House’s cybersecurity czar need to be a coder? He says no.
On Mon, Aug 25, 2014 at 5:23 PM, Richard Brooks r...@g.clemson.edu wrote: Lack of technical expertise is apparently a plus in the world of federal cybersecurity: Is it an unusual thing in the US? Non-technical people in charge of government / military technical branches and units is the norm in many countries. It seems to work well, as long as they focus on management. Touting lack of domain expertise as a plus is rather silly, but seems like a political necessity in the US. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Breaking Tor for $3K
On Tue, Jul 8, 2014 at 12:20 AM, Maxim Kammerer m...@dee.su wrote: Well, if we estimate total guard node bandwidth at 4GB/s, several controlled guard nodes with two gigabit links allow control of ~6% of Tor traffic, enabling a fair share of opportunistic deanonymization attacks on hidden services and their clients. “Then the second class of attack they used, in conjunction with their traffic confirmation attack, was a standard Sybil attack — they signed up around 115 fast non-exit relays, all running on 50.7.0.0/16 or 204.45.0.0/16. Together these relays summed to about 6.4% of the Guard capacity in the network.” [1] Simultaneously, I would inject arbitrary delays into all client connections to controlled guard nodes, and watch for similar delays on suspected hidden service nodes. “The particular confirmation attack they used was an active attack where the relay on one end injects a signal into the Tor protocol headers, and then the relay on the other end reads the signal. These attacking relays were stable enough to get the HSDir (suitable for hidden service directory) and Guard (suitable for being an entry guard) consensus flags. Then they injected the signal whenever they were used as a hidden service directory, and looked for an injected signal whenever they were used as an entry guard.” [1] So they apparently found a more efficient and reliable way to transmit the signal, at the cost of getting detected after half a year. Too bad the talk was retracted, I was looking towards some actual non-propaganda Tor hidden service statistics. [1] https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Russia offers cash to identify Tor users
On Mon, Jul 28, 2014 at 10:20 PM, fr...@journalistsecurity.net wrote: Here's something a little unexpected...Wonder what people here may think. I answered some questions about this tender for theRunet: http://www.therunet.com/articles/3343-chto-nuzhno-znat-ob-anonimnoy-seti-tor http://www.bbc.com/news/technology-28526021 The Russian interior ministry made the offer, saying the aim was to ensure the country's defence and security. False, that quote relates to restriction on proposals by foreigners. The tender (including all documentation) is only open to Russian organizations with clearance. The contest is only open to Russians and proposals are due by 13 August. It is not a contest (incorrect literal translation), but a tender for performing scientific research on “possibility of recovering technical information about users (user equipment) of anonymous Tor network”. The description has been made much more laconic on July 25, apparently in response to media attention. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Snakeoil and suspicious encryption services
On Mon, Jul 21, 2014 at 12:59 PM, Aymeric Vitte vitteayme...@gmail.com wrote: Unlike obscure elefantesque open source code that you don't even know what it becomes when it gets compiled, it's trivial to see what it is doing. I suggest that you read about the process of just-in-time compilation, which is Javascript engine browser- and version-specific. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Breaking Tor for $3K
On Mon, Jul 7, 2014 at 11:13 PM, Richard Brooks r...@g.clemson.edu wrote: https://www.blackhat.com/us-14/briefings.html#you-dont-have-to-be-the-nsa-to-break-tor-deanonymizing-users-on-a-budget Sounds like hype to me. Anyone else have an opinion? Well, if we estimate total guard node bandwidth at 4GB/s [1], several controlled guard nodes with two gigabit links allow control of ~6% of Tor traffic, enabling a fair share of opportunistic deanonymization attacks on hidden services and their clients. I would approach this by constantly connecting to all known hidden services using a distinct per-service traffic pattern, and this way determine location of hidden services that eventually pick a controlled guard node. Simultaneously, I would inject arbitrary delays into all client connections to controlled guard nodes, and watch for similar delays on suspected hidden service nodes. All in all, sounds feasible to me, and I can't wait for some actual Tor hidden services statistics that are not some boring wishful thinking from “Users of Tor” page [2], but actual data. [1] https://metrics.torproject.org/bandwidth.html [2] https://www.torproject.org/about/torusers.html -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] [tor-talk] messing with XKeyScore
On Sat, Jul 5, 2014 at 12:36 AM, isis i...@torproject.org wrote: Ergo, as Jacob has pointed out to me, the regexes which are released should be assumed to be several years out of date, and also shouldn't be assumed to be representative of the entire ruleset of any deployed XKS system. The rules were written between August 2011 and (likely upper bound) February 2012; they are also rather sloppy: https://mailman.stanford.edu/pipermail/liberationtech/2014-July/013940.html -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] XKeyscore rules probably are from Snowden, after all
There has been some speculation that the recent XKeyscore rule leaks [1] do not come from Snowden — particularly, by Schneier [2]. I believe that there is a good case that the leaks do come from Snowden, since it is possible to pinpoint the date range when the rule sources [3] have been last updated. The earliest possible date is 2011-08-08, when the Linux Journal writeup about Tails [4], referenced by the glob pattern linuxjournal.com/content/linux* has been published. The pattern is not a generic Linux Journal filter, as implied in [1]. The likely latest possible date is 2012-02-28, when maatuska directory authority has changed its IP [5]. A less likely upper bound is 2012-09-21, when Faravahar directory authority has been added [6]. NSA either took the 8 authorities from the actual consensus, or picked them from Tor's sources [7]. However, Tor sources list more than 8 authorities, and are not properly maintained (e.g., see entry for moria1 wrt. its last .34/.39 octet tweaks), so I doubt NSA would use that. Moreover, it is hard to miss the port number in the sources, whereas NSA did miss that some authorities do not (and did not) use ports 80/443. E.g., moria1 (the MIT campus server mentioned in [1]) would not be matched as a Tor authority by the rules. Snowden most likely tried to contact Greenwald at the end of 2012 [8], which is entirely consistent with the above. Another NSA employee leaking XKeyscore rules after being inspired by Snowden's leaks, would have probably downloaded a more up-to-date rules file. Cross-posting to tor-dev, in case I got any historical directory authority changes wrong. [1] http://daserste.ndr.de/panorama/aktuell/nsa230_page-1.html [2] https://www.schneier.com/blog/archives/2014/07/nsa_targets_pri.html [3] http://daserste.ndr.de/panorama/xkeyscorerules100.txt [4] http://www.linuxjournal.com/content/linux-distro-tales-you-can-never-be-too-paranoid [5] https://lists.torproject.org/pipermail/tor-dev/2012-February/003312.html [6] https://trac.torproject.org/projects/tor/ticket/5749 [7] https://gitweb.torproject.org/tor.git/blob/HEAD:/src/or/config.c [8] http://www.nytimes.com/2013/08/18/magazine/laura-poitras-snowden.html -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] NSA targets the privacy-conscious
The appid rule for MixMinion is extremely broad as it matches all traffic to or from the IP address 128.31.0.34, a server located on the MIT campus. That server is operated by the Tor Project's leader Roger Dingledine, an MIT alumnus. The machine at this IP address provides many services besides MixMinion, and it is also one of the above-mentioned Tor directory authorities. Dingledine said That computer hosts many websites, ranging from open source gaming libraries to the Privacy Enhancing Technologies Symposium website. I am yet to see any actual research based on Snowden's leaks, as opposed to publicity by association that is based on exclusive access to the leaks. For instance, the quote above shows reckless attitude of Tor's operators towards side-channel attacks, but it also shows an opportunity to locate an NSA software side-channel attack bug aimed at decrypting directory service traffic. Hopefully, one day we will see some analysis of NSA attacks in the wild. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] TrueCrypt: Status of Community Effort to keep on developments
On Tue, Jun 3, 2014 at 9:03 PM, Fabio Pietrosanti (naif) li...@infosecurity.ch wrote: all of us know that there is some little problem with TrueCrypt software project, with some yet unknown understanding of behind the scene facts. I don't see a problem, I see a logical conclusion to a sequence of events. A bunch of Twitter attention whores easily raise a large sum of money for yet another useless security audit, whereas the apparently lone developer doesn't see a penny of that sum, and probably never saw a fraction of that sum during the whole history of the project. The developer is pissed, decides that dealing with the unwanted attention is not worth his time, and closes the project. Who is going to takeover TrueCrypt project seriously should be an entity (foundation, consortium, coalition, etc) of multiple players coming from a different environments from the civil society. The project was developing well when it was a one-man team. Did you try to contact the guy and offer him at least a similar amount of funding to what was gathered for an audit? I know also about some company willing to provide development effort for such a public public interests project, to keep it maintained in the future. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Overview of projects working on next-generation secure email
On Mon, Apr 28, 2014 at 11:49 AM, carlo von lynX l...@time.to.get.psyced.org wrote: You may remember the OpenTechFund asked us to participate in a survey of next-generation secure email projects. The result of this has materialized on their github including an open invitation to improve it. Are you referring to the survey from Nov 2013 [1]? Because I don't see anything from what I wrote wrt. Cables on that page. [1] https://mailman.stanford.edu/pipermail/liberationtech/2013-November/012255.html -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Overview of projects working on next-generation secure email
On Mon, Apr 28, 2014 at 10:22 PM, carlo von lynX l...@time.to.get.psyced.org wrote: What you see in the document is what I wrote about Cables, hope that's mostly correct. The other version only has a link to your source code and a few claims about P2P which are partially incorrect for Cables as it isn't a P2P system. Well, sure, I understand why the original document is written as it is, as the writer obviously has his own agenda — what I don't understand is where all those extensive survey contributions went to. I expended quite some effort in writing those, and I assume other people did so as well, so it's weird that OTF apparently (unless I misunderstand what happened) simply delegated the contributions to some guy whose project they funded. I hoped that OTF was something more than a router for Asia region CIA money — the survey looked quite professional, and I expected them to do something useful with the results. Oh well. Maybe it would be more useful if OpenTechFund simply made all those contibutions available so people who actually understand the technologies can organize them accordingly. Indeed. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Programming language for anonymity network
On Fri, Apr 18, 2014 at 11:26 AM, Stevens Le Blond stev...@mpi-sws.org wrote: We are a team of researchers working on the design and implementation of a traffic-analysis resistant anonymity network and we would like to request your opinion regarding the choice of a programming language / environment. Are you aiming at a production version from the get go? For an academic setting, I always recommend Java, especially for developing a prototype. The main problems with Java is that it attracts mediocrity (which is probably irrelevant in your present setting, but would be problematic with a community), and that it is difficult to integrate in non-mainstream surroundings (see, e.g., I2P). After the prototype is polished, you could port it to C, or hire professionals to do so. Anyway, your criteria are pretty conflicting, and do not stress the important points, in my opinion. The main problem with C is not security, but being a primitive language with codebases that are hard to maintain. I suggest that you look into Tor codebase, for instance, and compare the amount of code implementing design choices vs. code doing trivial things like linked list search. For potential problems with Java, look in I2P codebase, and try to find the essence of, e.g., time synchronization in this enterprise-grade code that only works reasonably with a certain JDK. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] About Telegram
On Wed, Apr 2, 2014 at 10:33 PM, Steve Weis stevew...@gmail.com wrote: As an epilogue, the Telegram client misused a non-secure random number generator mrand48 for the keys used in their contest. A student, Thijs Alkemade, was able to recover their keys and decrypt the contest message transcripts: https://blog.thijsalkema.de/blog/2014/04/02/breaking-half-of-the-telegram-contest/ Seriously... He took the secret server-side keys published post-contest, and recovered the secret chat key (also published) by exploiting a randomness bug that has been fixed shortly after the context began. Moxie had the same randomness problem in his TextSecure code [1] — does he also “suck at this”, to quote this student? Or does blindly relying on someone else's POS code and primitives suddenly absolve one of responsibility for one's own software quality? Because that's essentially the spirit that I observe in Telegram's criticism. [1] https://github.com/WhisperSystems/TextSecure/commit/b14d9d84 -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] About Telegram
On Thu, Mar 20, 2014 at 4:04 AM, Ximin Luo infini...@pwned.gg wrote: Welcome to 2014. Telegram has more of these, more severe, more obvious, and from further in the past. OTR also did not claim they were secure because it was written by a team of PhDs, and a bunch of other disingenuous marketing gimmicks. Thought I would add the precise quote for other butthurt appreciators on this list: “The team behind Telegram, led by Nikolai Durov, consists of six ACM champions, half of them Ph.Ds in math. It took them about two years to roll out the current version of MTProto. Names and degrees may indeed not mean as much in some fields as they do in others, but this protocol is the result of [thoughtful] and prolonged work of professionals.” [1] This whole story is simply priceless. Where else would a bunch of butthurt self-proclaimed “experts” attack a developer and a product for voluntarily offering a contest for breaking a protocol? With an obvious conflict of interest, no less. Moreover, the “brilliant” attack consists of trivial and obvious accusations that the contest cannot cover certain types of weaknesses, whereas the contest organizers later paid half the sum to some guy who found a weakness that was actually not covered by the contest. I am actually laughing while typing this. The theme of Ph.Ds also reminds me of some QA of Nadim that I watched, where he referred to potential “people with Ph.Ds” performing a product review with such reverence that I thought: “Wait, I thought these guys dismiss education, because they usually don't have any.” I guess it depends on whether you agree with the Ph.Ds! [1] https://news.ycombinator.com/item?id=6916860 -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] About Telegram
On Wed, Mar 19, 2014 at 5:25 PM, Tony Arcieri basc...@gmail.com wrote: Rather than admitting their mistake, Telegram doubled down on their bad crypto, and began making claims that it's the cryptographic community, not themselves, who don't know what they're talking about. Then they published that silly contest which Moxie made a brilliant mockery of. They also “declined [Moxie's] suggestions for collaboration of any kind”, and then some guy who actually got his hands dirty instead of writing brilliant mockeries won $100k from Telegram. I can only imagine the butthurt in the “crypto community” — I laugh every time when rereading this story. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] About Telegram
On Thu, Mar 20, 2014 at 12:09 AM, Tony Arcieri basc...@gmail.com wrote: The only thing I'm butthurt about is how much attention Telegram is getting versus more well-engineered solutions Well, I didn't mean you personally, but I have observed threads advertising Telegram chats, whereas Skype would have been used previously. I guess that the reason is, like always, usability. Durov, after all, cloned Facebook 1-for-1, and then turned the resulting VK into something much more usable and useful. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] About Telegram
On Fri, Feb 21, 2014 at 2:52 AM, Steve Weis stevew...@gmail.com wrote: Hi Maxim. There was a man-in-the-middle attack against Telegram's algorithm published back in December: http://habrahabr.ru/post/206900/ (Russian) That's interesting, thanks. I now remember reading that writeup at the time, as well. If I understand the translation of this link, Telegram gave him $100,000 for the break: http://vk.com/wall-52630202_7858 (Russian) Yes, Pavel Durov gave him the money, sort of outside the contest. That's an expensive crypto lesson, but apparently Telegram put their money where their mouth is. Exactly, that's something to respect. This approach also goes both ways — note how Durov refers to “respectable American cryptographers on HackerNews” with contempt, as contrasted with some guy who got his hands dirty. Words are cheap. All I see is snobbishness of people who have typical Western fear of steering from “authorized” engineering approaches. The people are quick to judge some unknown foreign developers incompetent, whereas, for instance, a company like Google didn't even manage to properly fix their Android security fiasco, for instance — they still ship the garbage PRNG code, because apparently no one there can understand how that code (which they copied as-is from another project without any tests) works, or is integrated into anything. [1] Yet, Google products (like chat) are often recommended as secure enough for activists. [1] https://android.googlesource.com/platform/libcore/+/master/luni/src/main/java/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] About Telegram
On Thu, Feb 20, 2014 at 8:38 PM, Tony Arcieri basc...@gmail.com wrote: Their contest is a farce: It's total snake oil. They created a bespoke encryption scheme rather than using off-the-shelf components like MACs or (EC)IES. Avoid avoid. Go ahead and describe an attack, then, I'm sure Pavel Durov (creator of VK, who originated this project on ideological principles) will take care of the issues, if any. The protocol is open, and the security trade-offs are outlined in the FAQ [1]. Not using off-the-shelf components is not an argument, since the project is apparently not developed by some hobbyists learning about crypto. [1] https://core.telegram.org/techfaq -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] About Telegram
On Fri, Feb 21, 2014 at 12:24 AM, Tony Arcieri basc...@gmail.com wrote: That would be shifting the burden of proof. The goal of a well-designed cryptosystem should be to demonstrate why attacks aren't possible. Just because I personally can't demonstrate a particular attack against this system is not a measure of its security. It is, since there are automatic tools which will show you attack scenarios after you encode the communication protocol. You called the contest a farce and the product a snake oil based on what, inadequate threat modeling in a contest where the backer indicated willingness to adapt the contest to more advanced threat models? Ignore the contest, then. Can you demonstrate a practical attack Moxie's obviously broken cryptosystem described in his blog post? If you can't, does that mean it's secure? I didn't write “a practical attack”, I wrote “describe an attack” — you are substituting terms in order to support your point. Even experts make mistakes, and Telegram's developers are clearly not experts as they seem to have ignored all of the developments that have occurred in the past 20 years (or more) in cryptography, most notably authenticated encryption. Maybe, so what? The limitations are outlines in the FAQ — the product is clearly not a snake oil. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] uVirtus Linux, encrypted OS for Syria: a security review
On Fri, Feb 7, 2014 at 2:37 AM, Sahar Massachi sa...@brandeis.edu wrote: The fact that there's a naked sudo hole is brutal. Forgive me if I misunderstand the problem, but how could *anyone* ship a distribution with a passwordless sudo? That seems like it requires deliberate malice to even set up. Careful here: Tails had passwordless sudo prior to v0.11, less than 2 years ago. So either unlimited local root access is not such a big deal, or recommendation to use Tails is short-sighted — in either case the report has a problem. I suggest that the report author sweeps both issues under the carpet simultaneously using a politically correct language referencing problems that were taken care of a long time ago, and are not that critical to begin with. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Catch-22: When Government Tells Professors What Not to Teach
http://chronicle.com/article/A-Catch-22/144285/ He argues that since foreign scholars are carefully examining these materials (including revelations regarding American spying on allies) That is correct. For instance, I have assigned documents leaked by Snowden (e.g., MJOLNIR paper, and various presentations) to military officers doing a degree project. Hopefully, these projects will assist in developing better capabilities than those developed by the NSA. I find it satisfying that the American military-industrial complex is not only unable to keep its cleared personnel and employees sufficiently loyal and motivated (i.e., resulting in whistleblowers), but that regular citizens like academics also lack the backbone to resist self-censorship (ironically, one of frequent criticisms of USSR in the past), further hurting the quality of said personnel and employees. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] LUKS Self-Destruct feature introduced in Kali Linux
On Sat, Jan 18, 2014 at 5:02 AM, Pranesh Prakash pran...@cis-india.org wrote: This above description seems to me to be an extreme case of 2FA. Is it actually useful? As noted in Liberté Linux FAQ [1]: NOTE: Modern flash memory devices with wear leveling (as well as modern HDDs with automatic bad sectors remapping) cannot guarantee that the original OTFE header and its backup have been erased. Also, the developers implemented the functionality by finding some old cryptsetup patch and applying it. I can't think of a scenario where this functionality would be useful. Reminds me of Greenwald using his boyfriend as a data mule — simultaneously trusting and mistrusting cryptography due to lack of understanding of the concepts involved. If you want to move data safely, encrypt it with an automatically-generated password of sufficient entropy, and transmit the password separately — there is no need to transmit the whole LUKS keyslot, which is large, and is just a technical detail. [1] http://dee.su/liberte-faq -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Browser extensions or native application for crypto? Was: Whiteout OpenPGP.js encrypted mail client (Chrome HML5 App)
Operating systems have decades of research into privilege separation between users and processes. Browsers are a nice interface for viewing websites. If you want signed executables and cross-platform support, you can use e.g., Java Web Start (which is what Android apps essentially boil down to). -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Techbrats Goldberg, Shih and Gopman Do Not Represent Technology
On Mon, Jan 6, 2014 at 5:17 AM, Yosem Companys compa...@stanford.edu wrote: Second, if you are lucky enough to be absurdly rewarded as compared to the rest of society, a solid default position is to shut up and enjoy your epic rewards -- not to taunt and abuse those less fortunate than yourself. Isn't that the whole point of capitalism? And shouldn't this guy celebrate capitalism instead of taunting his peers? After all: Jason McCabe Calacanis is an American Internet entrepreneur and blogger. His first company was part of the dot-com era in New York, and his second venture, Weblogs, Inc., a publishing company that he co-founded together with Brian Alvey, capitalized on the growth of blogs before being sold to AOL. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
[liberationtech] Website censorship in the US
The server farm where Liberté Linux site is hosted is apparently blocked by ATT in the USA. Isn't this unusual? I was under impression that ISP censorship in the USA is limited to SMTP ports and such. “We have recently received numerous reports from att users regarding connection problems. It appears that att has blocked our entire IP range for yet unknown reasons. We have contacted att requesting to unblock it, but have not received any positive reply yet. You could try to contact att support regarding this issue in hopes to retrieve some more details or speed the process up. Thank you for your patience and understanding.” https://forum.dee.su/topic/site-down -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Website censorship in the US
On Wed, Dec 18, 2013 at 7:17 PM, Steve Weis stevew...@gmail.com wrote: Hi Maxim. As another data point, the site works in the US via T-Mobile 4G. However, I get a certificate warning on your forum link. Yes, it's due to a CNAME — I would need to pay to Zoho to add forum.dee.su to the list of alternative names to disable the warning. It's harmless otherwise. Maxim, do you any evidence that there is intentional censorship due to site content? I doubt very much it's due to my site — it's a free hosting, and there is probably some malware on one of the virtual hosts on one of the IPs in the block. Before jumping to conclusions, I would first look for abuse originating from your servers. If they were compromised and being used to attack others, it's reasonable for a service provider to block them. These are not dedicated servers, at least where my site is hosted. In any case, you are saying “reasonable”, as if it's normal to block IPs on ISP side in the USA. I didn't know it's normal, but times might have changed. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Website censorship in the US
On Wed, Dec 18, 2013 at 8:31 PM, Brian Conley bri...@smallworldnews.tv wrote: Sure, it's clear you're not looking for a constructive outcome, just crying foul. I get that. No, I was trying to figure out whether blocking by IP at ISP level is par the course in the USA now. In my experience contacting service providers works wonders. Again, I posted a link to an ATT forum where customers are complaining about the issue for nearly a month. Try not to ignore what is written to you specifically. I'm more interested to know what the cause was, and whether it was due to malicious intent. As written previously ITT and in the ATT forum link above, it is pretty clear that the reason is malware hosted on the same IP block. Your initial email starting this thread implies malicious intent No, it does not, it implies censorship at ISP level. Of course ISPs censor content, particularly if the site is rightly or wrongly listed as a source of malware. I don't think that is unusual at all. In the USA, perhaps — it's not normal where I live, more so if the block is at the IP level, and not e.g., some kind of DNS redirection. Look, I understand that you are some kind of journalist, and as such probably have issues with critical thinking skills and with biased reading comprehension, but do try to understand that this is a thread about technical issues of Internet censorship in the US, and not about what should / should not be considered important propaganda-wise. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Website censorship in the US
On Wed, Dec 18, 2013 at 9:28 PM, Brian Conley bri...@smallworldnews.tv wrote: As far as I can understand, of course ISPs block IP addresses they deem malicious, I'm not sure why that's bad practice? ISPs usually block their clients' IPs due to malware, although apparently it has become more common to block non-client IPs as well. Usually it is done in a user-friendly fashion — e.g., in June I have received a report that Shaw ISP in Canada blocked access to my site with a message similar to the following (but remote- instead of local-oriented): http://shaw.ca/virusprotection/. The problems with ATT's block above are obvious: 1. It is done stealthily, similar to GFC, and there is no message to the user. 2. ATT support is incompetent and blames DNS misconfiguration. 3. Blockage is too broad, big IP blocks are censored. 4. IPs are not unblocked even after the hoster fixes the issue. 5. There is no oversight (e.g., like with registry-based censorship in Russia), and ISPs can lie to / ignore their clients. 6. It is easy to use malware as an excuse for, e.g., authorities forcing some target site to move to a non-free provider, where the target can be traced via payments. How do you know it is not the case here? Of course, the country in question being the USA, everything is better explained by omnipresent incompetence, but this is still a possibility. Free hostings probably attract radical forums. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Secure Email Survey
On Mon, Nov 25, 2013 at 11:06 PM, carlo von lynX l...@time.to.get.psyced.org wrote: I would add liberte' cables (http://dee.su/cables) I did fill out the survey, actually — by request, so no idea why Cables does not appear in the list above. The survey was clearly composed by a domain expert, so props for the effort, and I look forward to reviewing the outcome. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] dark mail alliance
On Fri, Nov 1, 2013 at 5:44 PM, Sacha van Geffen sa...@greenhost.nl wrote: “Together our mission is simple: To bring the world a unique end-to-end encrypted protocol and architecture that is the ‘next-generation’ of private and secure email. What we call ‘Email 3.0.’ is an urgent replacement for today’s decades old email protocols (‘1.0’) and mail that is encrypted but still relies on vulnerable protocols leaking metadata (‘2.0’),” they said in a blog post announcing the alliance. Does their mission also include making their service offerings redundant? E.g., anyone who does not need SMTP interoperability (let's call this innovative concept “Email 3.0”) can use cables communication [1], which is serverless. [1] http://dee.su/cables -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] dark mail alliance
On Sat, Nov 2, 2013 at 12:47 AM, Tony Arcieri basc...@gmail.com wrote: tl;dr: a Bitcoin-like global append-only log can enable the secure mapping of human-meaningful names to cryptographic keys You are still trusting a third party — a P2P network and the computational effort it represents, in this case — and in addition have a non-trivial monetary cost of entry once the system resembles anything scalable. So you have to both pay money (with all the implications on anonymity and ease of use, among other things) to have a meaningful name, and reduce your address security to one of exploit resistance of some buggy DHT implementation running on nodes you have no control of. “Proof of work” is a great academic pastime of theoretical hand-waving over hard problems, but if anyone thinks that something like Tor bug #4666 [1] has any future, they are delusional. [1] https://trac.torproject.org/projects/tor/ticket/4666 -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] RiseUp
On Fri, Oct 18, 2013 at 8:54 PM, Yosem Companys compa...@stanford.edu wrote: On Fri, Oct 18, 2013 at 10:53 AM, Sahar Massachi say...@gmail.com wrote: As Elijah wrote, the point of riseup is to serve a specific constituency. The point is not to help the general public encrypt their email. Exactly, and they do that quite well. Those who use RiseUp's mailing lists rave about the service. First, users raving about a service typically has very little to do with quality of the service as a security product. I believe that's why you posted the original question, after all. Second, the unusual stress of ideology in such a service is very relevant to product's security in this case. When I read RiseUp's social contract page [1] some time ago, I found the mild creepiness and passive-aggressiveness quite amusing, but immediately thought the following: these guys seem pretty radicalized in whatever hippie ideology they seem to be adepts of. This probably indicates that in their closed group, they value ideological loyalty at least as highly as technical expertise. It means that one of them could be incompetent and still have administrative access to security-critical systems, or that one of them could be recruited at some point under a suitable ideological pretense — compromising the service in either case. [1] https://www.riseup.net/en/social-contract -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] NSA-GCHQ meeting on Tor (with slides!)
On Sun, Oct 6, 2013 at 10:19 PM, Kyle Maxwell ky...@xwell.org wrote: NSA culture discourages employees from being open about where they work. Most will say Department of Defense or, in some cases, Ft Meade. So the fact that you've not met people who openly disclose their affiliation with NSA doesn't *necessarily* mean that you've not met any NSA engineers / CS types. I wrote “someone collaborating with GCHQ”, not “someone working at GCHQ”. For instance, I have seen an NSA internship listed on an acquaintance's grad student's CV, but his work didn't strike me as particularly impressive. Which is my point. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] NSA-GCHQ meeting on Tor (with slides!)
On Fri, Oct 4, 2013 at 6:42 PM, Griffin Boyce grif...@cryptolab.net wrote: There are some questions in my mind as to the legitimacy of this document -- particularly given that a slide is marked 2007, but references 2012. (In particular, neither Torservers nor TorButton existed in 2007). Both Tor Button and Tor Browser Bundle existed in 2007. https://gitweb.torproject.org/torbrowser.git/commit/4633a99 https://gitweb.torproject.org/torbutton.git/commit/74cd0da -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] NSA-GCHQ meeting on Tor (with slides!)
On Fri, Oct 4, 2013 at 7:20 PM, Griffin Boyce grif...@cryptolab.net wrote: I didn't mention the browser bundle ;P It is referenced in slide 7, together with Torbutton. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] NSA-GCHQ meeting on Tor (with slides!)
After going over the presentation, it seems as if GCHQ did all the work. Does NSA actually have good computer scientists working for it (not including mathematicians / cryptographers)? E.g., I have been to a workshop in London a few months ago (in an unrelated field), and instantly met someone collaborating with GCHQ. Never met someone working with NSA, however. NSA's CAE CO program, which could perhaps be considered their vanguard of academic CS cooperation, is just four little-known universities / colleges. I wonder what the current state of affairs is, though. The slides suggest that the global passive interception infrastructure is not suitable for correlation-based deanonymization, so NSA/GCHQ need “access to nodes”. But that was 6 years ago. On Fri, Oct 4, 2013 at 7:23 PM, Maxim Kammerer m...@dee.su wrote: On Fri, Oct 4, 2013 at 7:20 PM, Griffin Boyce grif...@cryptolab.net wrote: I didn't mention the browser bundle ;P It is referenced in slide 7, together with Torbutton. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] NSA-GCHQ meeting on Tor (with slides!)
I wonder what the current state of affairs is, though. The slides suggest that the global passive interception infrastructure is not suitable for correlation-based deanonymization, so NSA/GCHQ need “access to nodes”. But that was 6 years ago. See also my analysis from last year [1]. Sniffing ~25 selected C-class networks with Tor relays gives your ~25% end-to-end correlation capability. Surely NSA would be able to install 25 designated probes in 6 years. My guess is that they have the capability, but reserve it for high-profile national security targets (see last slide). [1] https://lists.torproject.org/pipermail/tor-talk/2012-August/025254.html -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Random number generation being influenced - rumors
On Sat, Sep 7, 2013 at 6:21 PM, Maxim Kammerer m...@dee.su wrote: Personally, I wouldn't trust an embedded engineer to implement bubble sort correctly, and see no reason to trust them with security-critical implementations, even if one assumes no malice or subversion of production process. By the way, that Android PRNG fiasco? Intel's job, originally. Meet Yuri: https://issues.apache.org/jira/browse/HARMONY-872 -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] The battle for your digital soul
On Thu, Sep 12, 2013 at 7:49 PM, spider spi...@spiderwebz.nl wrote: I spent a good portion of my adult life in Special Operations –it’s an environment of innovation, A+ talent, self-sufficiency, and zero tolerance for bureaucracy. It’s about small teams of highly talented and dedicated people with skill and daring outwitting huge clunky armies. The NSA and the world’s government’s surveillance organizations are huge, bloated clunky armies. If you ever worked in a large corporation or government agency, then you know what I mean. It’s like the movie “Office Space” all over again. Well, that was awkward, almost like a beauty pageant. Also, someone should tell this guy that Charlie Miller is ex-NSA. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Random number generation being influenced - rumors
On Sat, Sep 7, 2013 at 8:24 AM, Andy Isaacson a...@hexapodia.org wrote: That's the claimed design, yes. I see no particular reason to believe that the hardware in my server implements the design. I can't even test that the AES whitening does what it is documented to do, because Intel refused to provide access to the prewhitened input. I agree; I misread the Intel documentation previously, and inferred that CTR_DRBG and other high-level algorithms are implemented in microcode, with ES being accessible to it (and to reverse engineers) directly. Personally, I wouldn't trust an embedded engineer to implement bubble sort correctly, and see no reason to trust them with security-critical implementations, even if one assumes no malice or subversion of production process. In Google+ thread referenced above, David Johnston (Intel engineer in charge of RDRAND) claimed that all the specs are open and accessible; when I mentioned that the AES block size in CTR_DRBG is not even specified, I received no response (of course). Also, proponents of feeding RDRAND directly into /dev/[u]random ignore the AES-reducibility of any cryptosystem that uses RDRAND in that fashion. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] NYTimes and Guardian on NSA
On Fri, Sep 6, 2013 at 7:18 PM, Michael Rogers mich...@briarproject.org wrote: Yes, that anecdote often accompanied the argument that NSA wouldn't risk peddling weak crypto. Clearly the balance of priorities within the agency has shifted since DES. I don't see any evidence of said shift in priorities. NSA supported escrowed encryption in the 90's, and the alleged subversion of standards is most likely similar to escrowed encryption, but at the algorithmic level [1], where an adversary gaining access to key escrow requires computational / cryptanalysis effort that's equivalent to breaking the cryptosystem in question. [1] https://en.wikipedia.org/wiki/Dual_EC_DRBG -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Recommend consultant to discuss pen test?
On Fri, Sep 6, 2013 at 8:03 AM, Tom O winterfi...@gmail.com wrote: Posting a news article without context or response from Veracode is weak. That was just a reminder for a topic that has already been discussed on this list. My main intention was to provide an example (in the form of a post similar to yours) for Jonathan Wilkes' remark wrt. affected reputation. Chris Wysopal stated the static crypto checks were run to check if the API's were implemented correctly, not implementation of custom keygen. I am sure there are after-the-fact excuses. Since you didn't provide a reference, I assume that this specific excuse if not something worthy of attention. Veracode's report is here, if you are interested: https://blog.crypto.cat/wp-content/uploads/2013/02/Cryptocat_Attestation_Veracode_20130222_final.pdf Looking at the code is indeed not mentioned in the report, so it's all fine, I guess — just make sure something like that is in the next contract. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] getting past that first turtle
On Sat, Aug 31, 2013 at 2:08 AM, Jonathan Wilkes jancs...@yahoo.com wrote: For example, if it turns out that Bitcoin has a backdoor in it, a lot of people (some on this list) would take a big reputation hit. That's most certainly not what would happen in that case. People will just find excuses — see e.g. people defending Veracode after it failed to detect basic incompetence in Cryptocat code. The reason is that those who are most equipped to affect someone's reputation are also those most likely to have professional relationships with affected people / companies. The thread continued from [1] clearly illustrates that — there is no lack of people who can professionally criticize Veracode's failure, yet they carefully avoid that. Reputation might suffer, of course, but you would not be aware of that from laymen discussions. [1] https://mailman.stanford.edu/pipermail/liberationtech/2013-July/009774.html -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Recommend consultant to discuss pen test?
On Thu, Sep 5, 2013 at 4:48 AM, Tom O winterfi...@gmail.com wrote: Veracode will gladly pwn you. https://blog.crypto.cat/2013/02/cryptocat-passes-security-audit-with-flying-colors/ http://tobtu.com/decryptocat-old.php -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Open Letter To US Customs
On Wed, Sep 4, 2013 at 11:03 PM, Travis McCrea m...@travismccrea.com wrote: http://falkvinge.net/2013/09/04/open-letter-to-us-border-patrol-cbp/ My understanding of the relevant laws is clearly lacking, but the common theme of these border detentions is that apparently one is being held for questioning, yet is not detained/arrested. In that case, the threats to cooperate or be arrested otherwise do not make any sense, since the border agents have no power to arrest you in present situation anyway - is that correct? I.e., Miranda was just passing through UK, so what prevented him from simply staring blankly at the agents for 9 hours? It's certainly less exhausting than answering silly questions of some failures equipped with a crash course on basic interrogation techniques? -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Other distros like Ubuntu Privacy Remix?
On Tue, Sep 3, 2013 at 7:46 PM, The Doctor dr...@virtadpt.net wrote: In TAILS, networking is disabled until you use the NetworkManager applet to specifically enable it. Not really — Ethernet connects automatically, and Wireless will do so as well, if your credentials are saved across reboot. These are NetworkManager's defaults. Disclaimer: the statement above should not be construed as a suggestion for a 50-emails-long serious discussion on tails-dev ML wrt. proper NetworkManager default settings. In case Tails developers are nevertheless compelled to discuss NetworkManager, I instead suggest the exciting topic of: “Why launching user applications like Iceweasel and Vidalia from NetworkManager events dispatcher via su is wrong, and how can we do it right.” By the way, in Debian one can just blacklist the relevant modules via boot parameters. E.g., virtio_net.blacklist=yes. http://www.debian.org/releases/stable/i386/ch05s03.html -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] scrambler
On Fri, Aug 30, 2013 at 9:38 PM, Andy Isaacson a...@hexapodia.org wrote: This is incorrect. A one-time pad needs to be the same size as the message being encrypted, not 256 times as large. OTP implementations such as onetime (http://red-bean.com/onetime/) implement this properly, using one byte of pad to encrypt one byte of plaintext. Making such a fundamental mistake in the basic definition of the cipher you're promoting is not a good sign that you're capable of implementing it securely. Not to imply that this guy understands what he is doing, but this is not a “fundamental mistake” — it is a peculiar suboptimal (and pointless) generalization of OTP when viewed as a stream of substitution ciphers over {0,1}^n (assuming alphabet of {0,1} here, although this can be generalized, too). The real OTP specifies a permutation for each bit (n=1), and you need one bit to specify such a permutation: the bit to which bit 0 is mapped. Coincidentally, this is equivalent to addition in Z_2 (XOR). Scrambler uses n=8, and optimally you would need log_2(2^n) + log_2(2^n-1) + ... + log_2(2) = log_2((2^n)!) = 1684 bits to represent a permutation, whereas Scrambler uses 2048 bits. While it is recommended that you do not reuse one-time cypher pads, Scrambler will do so. Well, that's a really bad idea, because reusing a OTP makes it completely trivial to break. Not “completely trivial”. Reusing OTP lets you know the distance between corresponding letters in a pair of plaintexts for given ciphertexts — XOR for alphabet of {0,1}. So you gather 1 bit of information from 2 corresponding bits in ciphertexts. However, for the {0,1}^n generalization above you would only know whether n corresponding bits of plaintexts are same or different given 2n bits in ciphertexts — cryptanalysis would be much trickier, although in the end you would probably be able to extract the same amount of information (ignoring correlation differences) for a given (repeating) key length. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Scramble.io, Round Two
On Wed, Aug 28, 2013 at 9:49 AM, Travis McCrea m...@travismccrea.com wrote: I think my only complaint (that doesn't seem to be mentioned, though I could have missed it) is that the email address is generated with your key. This means that you have to create a whole new email account every 6 - 12 months for optimal security. I would suggest that you should allow people to alias their username to their email address, but also realize that doing so would kill one of your security advantages. A compromise is not necessary — in cables, the hash is based on root certificate, whereas DH peer keys are signed with a lower-level certificate's private key, which may have different lifetime. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Deterministic Builds Part One: Cyberwar and Global Compromise
On Fri, Aug 23, 2013 at 12:21 AM, phree...@yandex.ru wrote: [1] http://nixos.org/nixos/ A very interesting project! Does the following: Packages are never overwritten after they have been built; instead, if you change the build description of a package (its ‘Nix expression’), it’s rebuilt and installed in a different path in /nix/store so it doesn’t interfere with the old version. mean that upgrading a library due to e.g. security fixes requires recompiling all packages that depend on it? -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Open Whisper Systems' neat asynch FPS pre-keying
On Thu, Aug 22, 2013 at 9:03 PM, Joseph Lorenzo Hall j...@cdt.org wrote: TextSecure’s upcoming iOS client (and Android data channel client) uses a simple trick to provide asynchronous messaging while simultaneously providing forward secrecy. Not sure if I understand all iOS-related issues described, but this seems like overcoming engineering problems with a synchronous protocol like OTR on iOS at the expense of exposing the clients to a DOS attack of exhausting the prekeys. However, an asynchronous protocol does not mean that all information must be delivered in one push. In cables communication [1], I chose simple asynchronous messages because I don't trust complex SSL handshakes or the cumbersome OTR protocol, and because I believe that reliable delivery receipts and resilience to DOS attacks are as important as the message itself. The exchange goes similar to the following (each line describes what is sent by sender (s) / receiver (r)) [2]: (s) peer request (r) certificate, signed peer key (s) certificate, signed peer key, encrypted message+MAC (r) receipt+MAC (s) acknowledgement+MAC and is similar to a state machine where each state is retried in sender / receiver until a new state is reached. The exchange above is somewhat implementation-specific for short requests followed by long fetches (implementation is HTTP-based and targeted for .onions), and for generic messages it can be reformulated as: (s) certificate, signed peer key (r) certificate, signed peer key (s) encrypted message+MAC (r) receipt+MAC (s) acknowledgement+MAC (In cables, username is certificate's fingerprint, so MITM'ing the certificate is not an issue.) So, with a centralized DB / prekeys I guess it's possible to shave off the first two messages, but does it really matter if the protocol is asynchronous to begin with? [1] http://dee.su/cables [2] https://github.com/mkdesu/cables/blob/master/doc/cable.txt -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Bradley Manning's sentence: 35 years for exposing us to the truth
On Wed, Aug 21, 2013 at 11:59 PM, Shelley shel...@misanthropia.info wrote: Sure, but I think Manning has a zero chance of obtaining a pardon. Col. Morris Davis: “Military has detailed regs on confinement credits parole eligibility. My best est is he'll do about 8-9 yrs, out by age 33-34.” https://twitter.com/ColMorrisDavis/status/370223513400913920 https://en.wikipedia.org/wiki/Morris_Davis If true, a pretty fitting sentence, I think, for indiscriminately publishing huge amount of classified information that potentially endangered many people, and considering that USA has unusually harsh sentences for a developed country. An interesting comment on Reddit, of all places: “Significant amounts of foreign service agent names were released. These are civilians working for their government in some official capacity (think spies, except not all of them are cloak and dagger types). These were people stationed in hostile countries (Pakistan, SE Asia, Middle East, Africa) and if their cover had been blown while in country they could have been sought out. Luckily, as I understand it most of the people that were exposed were notified by their handlers in advance (basically as soon as word go out that diplomatic cables had been compromised) and were extracted. A friend of mine works in a field that draws a lot of foreign service agents to it due to the nature of the work, and they were camped out in northern Pakistan with her crew. She woke up one morning (the morning after the diplomatic cables were released) and half her crew was gone. They got word in the middle of the night and left. They couldn't even tell the people they were with why they were gone, and I imagine it was quite unsettling to be there and be missing people all of the sudden.” http://www.reddit.com/r/news/comments/1kszc9/bradley_manning_sentenced_to_35_years_in_jail/cbsg58x -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Google confirms critical Android crypto flaw
On Thu, Aug 15, 2013 at 3:38 PM, Maxim Kammerer m...@dee.su wrote: On Thu, Aug 15, 2013 at 2:34 PM, Nathan of Guardian nat...@guardianproject.info wrote: The best description is here: http://armoredbarista.blogspot.ch/2013/03/randomly-failed-weaknesses-in-java.html Unbelievable… It seems that PRNG implementers suffer from NIH syndrome. If you are going to use /dev/urandom, then use it all the time, and rely on code that's reviewed and maintained by thousands of kernel people, not just your favorite buggy seeded PRNG du-jour. And even sans the bugs, consider something like the following in Apache Harmony (precursor of Dalvik's class library) [1, p. 131]: iv = sha1(iv,concat(state, cnt)); cnt = cnt + 1; return iv; So they're essentially constructing a state-based bit stream that varies in each block, and hash it with SHA-1 — exposing each intermediate hash value in the middle. Who the hell told them it's safe from cryptanalysis POV? E.g., SP800-90A's Hash_DRBG [2, p. 40] resembles nothing of the sort. [1] http://dx.doi.org/10.1007/978-3-642-36095-4_9 [2] http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf I have looked at (what I believe is) the code, finally: git clone https://android.googlesource.com/platform/libcore git blame luni/src/main/java/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java Long story short — unbelievable POS monstrosity (of course), and Google shares the blame. The paper authors are completely right — seed[BYTES_OFFSET] is not assigned anywhere where it matters, and the initial seed gets continuously partly overwritten with the counter at the same offset 0. The funny part is that even if Apache Harmony people were to get that part right, the PRNG would still possibly have entropy issues due to this gem (slightly simplified below): lastWord = seed[BYTES_OFFSET] == 0 ? 0 : (seed[BYTES_OFFSET] + 7) 3 - 1; They didn't notice that subtraction takes precedence over bitshift, so this last word (8 bytes — just to confuse with 4-byte words in SHA-1, I presume) is taken from the wrong place in the array. How did I notice the precedence blunder? Why, there is a commit: Author: Nick Kralevich n...@google.com Date: Wed Oct 20 13:53:55 2010 -0700 fix operator precedence bug when calculating bits. -bits = seedLength 3 + 64; // transforming # of bytes into # of bits +bits = (seedLength 3) + 64; // transforming # of bytes into # of bits So this Google guy noticed a precedence bug in one place, but left the one a few lines above it (dating to Apache Harmony) intact. Not his problem, probably — corporate programming at its finest. Had he fixed the bug above as well, he might have noticed (or not) that the output stream for a given seed remained completely unchanged. In short, don't use Google's security-related code for anything important. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Google confirms critical Android crypto flaw
On Thu, Aug 15, 2013 at 7:14 AM, Nathan of Guardian nat...@guardianproject.info wrote: The only silver lining from their post was that HTTP/SSL connections were not affected, so this only really affects apps that are generating keys at the Java layer, which include apps like Android Privacy Guard (APG) and our own Gibberbot. I have a hard time trying to figure out from Alex Klyubin's blog post [1] just what the problem in affected Android class libraries was. Did they forget to include a urandom-backed SecureRandom provider? Or set it as one with highest priority? Or they did it include it, but it wasn't registered as SHA1PRNG that people used? Did Google implement its Java standard library subset from scratch (i.e., not based on GNU Classpath or similar)? [1] http://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Google confirms critical Android crypto flaw
On Thu, Aug 15, 2013 at 2:34 PM, Nathan of Guardian nat...@guardianproject.info wrote: The best description is here: http://armoredbarista.blogspot.ch/2013/03/randomly-failed-weaknesses-in-java.html Unbelievable… It seems that PRNG implementers suffer from NIH syndrome. If you are going to use /dev/urandom, then use it all the time, and rely on code that's reviewed and maintained by thousands of kernel people, not just your favorite buggy seeded PRNG du-jour. And even sans the bugs, consider something like the following in Apache Harmony (precursor of Dalvik's class library) [1, p. 131]: iv = sha1(iv,concat(state, cnt)); cnt = cnt + 1; return iv; So they're essentially constructing a state-based bit stream that varies in each block, and hash it with SHA-1 — exposing each intermediate hash value in the middle. Who the hell told them it's safe from cryptanalysis POV? E.g., SP800-90A's Hash_DRBG [2, p. 40] resembles nothing of the sort. [1] http://dx.doi.org/10.1007/978-3-642-36095-4_9 [2] http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Google confirms critical Android crypto flaw
On Thu, Aug 15, 2013 at 7:33 PM, Doug Chamberlin chamberlin.d...@gmail.com wrote: Are you really saying THOUSANDS have reviewed and maintain the RNG? For real? You are right — I didn't take the possibility of useless tongue-in-cheek remarks into account when using that expression in order to support a technical argument. Why don't you check the 20-year commit history of the relevant code [1], make an educated guess wrt. reviewers/committers ratio, account for developer attrition rate, and return to us with a hopefully better estimate. Good luck! [1] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/char/random.c -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Google confirms critical Android crypto flaw
On Thu, Aug 15, 2013 at 8:39 PM, Steve Weis stevew...@gmail.com wrote: $ git log --pretty=format:%an drivers/char/random.c | sort | uniq | wc Guys, I assumed you knew that kernel history was reset a few times. If you want to approach it thoroughly, you start with all names at [1] since 2010. Then, download the .tar at [2] and run something like: git log --stat | sed -n '\@^\(Author: \| drivers/char/random\.c\)@p' | sed -n '/^Author/h; /^ drivers/{x; p}' | sed 's/Author: //; s/.*//' Sort the names, remove variations, and 54 are left [3]. These are just the authors (not even signed-offs), non-trivial commits are typically posted to linux-kernel mailing list, where they are reviewed and commented on by anyone who wishes to do so. Moreover, many companies and developers customize the kernel to suit their own needs. Number of people who went over random.c over the last 20 years is most likely in the thousands. I know I applied a patch to get entropy from the sound card in the 90's myself — this is not some dead code, and this is definitely not some Java class library project that got lifted into some corporate JVM spinoff. In any case, I find this bikeshedding of side remarks pretty annoying, it is quite pointless. [1] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/char/random.c [2] http://archive.org/download/git-history-of-linux/full-history-linux.git.tar [3] Adam Buchbinder Adrian Bunk Alexander Viro Alexey Dobriyan Andi Kleen Andrea Righi Andrew Morton Andy Shevchenko Anton Blanchard Arjan van de Ven Arnaldo Carvalho de Melo Arnd Bergmann Art Haas Bálint Márton Brian Gerst Christoph Hellwig Christoph Lameter Chris Wedgwood Dave Jones Dave Maietta David Howells David S. Miller Dmitry Torokhov Eric Dumazet Eric W. Biederman Herbert Xu H. Peter Anvin Ingo Molnar Jarod Wilson Jeff Dike Jiri Kosina Joe Perches Jörn Engel Josef Sipek Kai Germaschewski Linus Torvalds Lucas De Marchi Manfred Spraul Mathieu Desnoyers Matthew Wilcox Matt Mackall Neil Horman Olof Johansson Richard Kennedy Robert Love Rusty Russell Sam Ravnborg Serge E. Hallyn Stephen Hemminger Tejun Heo Theodore Ts'o Thomas Gleixner Tony Luck Yinghai Lu -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech is a public list whose archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Freedom Hosting, Tormail Compromised // OnionCloud
On Tue, Aug 6, 2013 at 12:30 PM, Jacob Appelbaum ja...@appelbaum.netwrote: Please feel free to answer the question, we're happy to learn from an example. Are either of you involved in such an example? Might we learn from your example? If so, where might we see it? Tails references upstream advisories, or at least did so in the past. https://tails.boum.org/security/Numerous_security_holes_in_0.18/ I actually think they are going overboard with those, but it's an example. The whole situation is pretty funny, by the way, since Mike Perry (TBB dev) was accused of maintaining Freedom Hosting by those OpDarknet clowns two years ago: http://pastebin.com/qWHDWCre -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Freedom Hosting, Tormail Compromised // OnionCloud
On Tue, Aug 6, 2013 at 1:07 PM, Jacob Appelbaum ja...@appelbaum.net wrote: Somewhere there is a line and clearly, we failed to meet the high standards of a few folks on this list. I'm mostly curious if that high standard will be expressed in a cohesive manner where we might learn from it. Well, in the end, it's all done for the users. Keeping software up-to-date is easier than following advisories, even more so if there is an auto-update functionality. So I don't understand the big deal about not reissuing advisories for upstream projects, which takes a lot of time for dubious effect. Although the point becomes moot once you are talking about libraries that are not directly used, unlike major Firefox-level applications. E.g.: https://blog.torproject.org/blog/new-openssl-vulnerability-tor-not-affected http://pastebin.com/qWHDWCre It is awful for Mike and I can't even begin to find it funny in the least. Though I'll take your point that it is rich with awful irony. I don't think anyone took those guys seriously back then (or anyone whose opinion matters, at least). -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Liberationtech list is public and archives are searchable on Google. Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] DecryptoCat
On Tue, Jul 9, 2013 at 4:45 PM, Jacob Appelbaum ja...@appelbaum.net wrote: I think he very clearly stated it: Interviewer: What happens after the NSA targets a user? Snowden: They're just owned. An analyst will get a daily (or scheduled based on exfiltration summary) report on what changed on the system, PCAPS 9 of leftover data that wasn't understood by the automated dissectors, and so forth. It's up to the analyst to do whatever they want at that point -- the target's machine doesn't belong to them anymore, it belongs to the US government. Indeed, after rereading this excerpt I see that he meant exploitation. Perhaps I was too influenced by the first automatic translation from German. Are there any known examples of such NSA-grade exploits being used to own targets? I.e., besides one-of-a-kind events like Stuxnet/Flame. E.g., Chinese attacks are being mentioned all the time, but even those seem to rely on spearfishing attacks. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Cables! (was Re: DecryptoCat)
On Tue, Jul 9, 2013 at 5:10 PM, Nathan of Guardian nat...@guardianproject.info wrote: What is the state of the project, and is there a good primer to get started on developing around it? Hi, you may want to start here: https://github.com/mkdesu/cables/wiki https://github.com/mkdesu/cables/wiki/deployment My interest is primarily in using or porting it to a mobile environment, and not within Liberte Linux itself. That's what I have been meaning to do for quite some time (I even got myself an Android smartphone instead of an old Nokia brick). I actually started Liberté Linux as a safe environment for cables communication (even before developing cables), but got carried away somewhat. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] In his own words: Confessions of a cyber warrior
On Wed, Jul 10, 2013 at 4:43 PM, Jacob Appelbaum ja...@appelbaum.net wrote: I couldn't disagree more. This sounds consistent with the current arms race and also relates directly to the 0day markets that have been active for many many years. Remember though: buying 0day bugs or exploits for 0day is just one part of a much larger picture. The interview is either a hoax or an exaggerated “hunting story”, for two primary reasons: number of employees, and number of exploits. Militiaries have a huge problem recruiting cyber ops specialists at present, and most of the recruited are not even remotely good. At the moment, the whole of USA has just 4 colleges certified by NSA to teach offensive security (CAE-CO) [1]. USCYBERCOM has “close to 750 employees” [2]. For the level of skill described, all of US military might have, I don't know, 50 senior specialists? Why would this guy work via a staffing company, in a team of 5000, in an unmarked building? What's there to protect by obscuring their work? They need to reside inside some TEMPEST-resistant installation at a military base, especially if they work with classified equipment, etc. The number of 0-days and rate of their production don't make sense either. Unless 0-days are purchased exclusively in order to deny them to the enemy (which doesn't seem to be the case), the exploits wouldn't cost hundreds of thousands of USD each. [1] http://www.nsa.gov/academia/nat_cae_cyber_ops/index.shtml [2] http://abcnews.go.com/Technology/pentagon-cyber-command-unit-recommended-elevated-combatant-status/story?id=16262052 -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] In his own words: Confessions of a cyber warrior
On Thu, Jul 11, 2013 at 2:28 AM, Richard Brooks r...@acm.org wrote: 1. The NSA center of excellence program is not really that important. If you look carefully, they are mainly 2 year community colleges located near Army bases that give basic sysadmin training. This is good and necessary, but don't get fooled into thinking that they are training the highly skilled cyber operations people. They are training low level IT support mainly. I have no illusions wrt. quality of higher education in USA, but these colleges definitely do not aim for “basic sysadmin training”. You can read more about their approach here: [1]. Maybe you are thinking about NSA Information Assurance programs [2], with many participating colleges. [1] http://dx.doi.org/10.1109/MSP.2012.117 [2] http://www.nsa.gov/ia/academic_outreach/nat_cae/institutions.shtml 2. There is a growing outsourcing of intel and cyber work. You could look at some of the Washington Post articles on the large number of companies and facilities doing classified work. Northern Virginia has more tech workers now than silicon valley. There are lots of SCIFS available for cyber work. If I understand correctly, expansion of outsourcing in NSA started post-9/11. The guy in the interview is supposed to have been doing this for much longer. But it's a possibility, sure, although I still find a team of 5000 expert exploit writers hardly a believable figure. 3. 0-days are not bought to deny them to the enemy. They are bought for integration into things like stuxnet. Which had four 0-days. With the outstanding importance assigned to the project, I would expect them to lose count of 0-days stuffed inside if they really had “tens of thousands” of those. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] In his own words: Confessions of a cyber warrior
On Thu, Jul 11, 2013 at 3:22 AM, Shava Nerad shav...@gmail.com wrote: So perhaps the journalist is giving you as the reader a little credit for reading between the lines, intelligently (that being the root of the word: inter for between, and legens for reading), to figure out what exactly you can draw as credible or not, but the point may be -- omg, this is what we're grabbing for our cream of the crop? The problem is that when you try to read between the lines, the whole story looks like it was sucked out of author's index finger, after reading the Wikipedia article on NSA and viewing a few YouTube videos about hacker communities. He would learn about backdoors in encryption equipment by ordering their manuals? Where from, exactly, would he order such classified material? How would he search for backdoors if all radios since 70's are modularized, and manuals for sensitive equipment certainly wouldn't contain schematics for the modules inside? Does the writer have any idea how rare it is for someone to be really good at both hardware and software hacking? Or how unlikely it is for a high-school dropout to be able to break even the simplest frequency hopping encryption? Etc. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] DecryptoCat
On Tue, Jul 9, 2013 at 11:39 AM, Michael Rogers mich...@briarproject.org wrote: Google and Mozilla wouldn't have to run competitions to find holes in their own browsers. There wouldn't be a multi-million-dollar 0day black market. You are talking about huge projects with complex design, where the architecture itself is a source of security issues. Not to mention that WebKit and Mozilla weren't engineered for security to begin with. It wouldn't be possible for the NSA (according to Snowden) to simply own the computer of any person of interest. Offtopic, but I didn't see any indication in that last paragraph of Jacob's interview that Snowden talks about exploiting computers. In general, Snowden for some reason is usually terribly vague for someone who apparently exhibits excellent command of English language (from my non-native speaker's POV). Writing secure software is much, much harder than simply writing comments, writing tests and coding defensively. This is a thread about Cryptocat. Cryptocat is a web frontend for a couple of protocols. Yes, it is that easy. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] DecryptoCat
On Mon, Jul 8, 2013 at 4:34 AM, Tom Ritter t...@ritter.vg wrote: As one of the people on this list who does paid security audits, I both want to, and feel obligated to, weigh in on the topic. Thanks for your insight into code review process. Besides perhaps insinuating that Veracode didn't do their job properly, I don't see how it is in any way relevant to the Cryptocat incident discussed ITT. So, not avoid the hard problem, let's take this particular bug. What I would say is MOAR ABSTRACTION. […] Each of these classes is pretty modular, and is unit tested up the wazoo. That's all very interesting. Meanwhile, in the real world: https://github.com/cryptocat/cryptocat/tree/master/test If you think this bug could never happen to you or your favorite pet project; if you think there's nothing you can learn from this incident - you haven't thought hard enough about ways it could have been prevented, and thus how you can prevent bugs in your own codebase. I think you forgot that you are not in a presentation to PHBs. There is absolutely nothing I can learn from this incident. I know basic programming principles, and my job is not in providing consulting to software companies in a mess. I understand the unwillingness to accept criticism and the white-knighting, but look at it this way. If I told you that I found another vulnerability in Cryptocat, and am in a process of selling it to an intelligence agency, would you still proceed to lecture me on my thinking processes, and on best software practices? -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] DecryptoCat
On Sun, Jul 7, 2013 at 3:25 PM, CodesInChaos codesinch...@gmail.com wrote: So introductory-level programming course mistakes are right out. In my experience it's quite often a really simple mistake that gets you, even when you're an experienced programmer. I'm quite afraid of simple off-by-one bug, This thread started off with discussion of peer review, so I have shown that even expensive, well-qualified peer review (and I am sure that Veracode people are qualified) didn't help in this case. There is a misconception as to what peer review is supposed to achieve, and what it can't deal with, and I believe this misconception is similarly true for both academia and engineering. Academic peer review is not supposed to deal with fraud. Engineering peer review will have a hard time dealing with incompetence (unless talking about a specific notion of peer review where e.g. a team lead seats with a junior programmer, closely reviewing every commit after thorough discussion). The examples you have given are either algorithmic mistakes (nonce reuse) or frequent mistakes due to lack of attention (off-by-one). Both can be handled with during peer review — expert analysis in the first case, and e.g. automatic static analysis using proprietary tools and extensive testing in the second case (which I guess was partly what Veracode did). But if you do something stupid, peer review probably won't help, unless the reviewer is ready to do something akin to implementing everything from scratch himself, and thoroughly comparing the implementations. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] DecryptoCat
On Thu, Jul 4, 2013 at 12:36 PM, KheOps khe...@ceops.eu wrote: Just came accross this: http://tobtu.com/decryptocat.php Any comment? Clearly false, since Cryptocat earned “[leading application security team] Veracode Level 2 classification highlighted by a Security Quality Score of 100/100” [1] during the related time period. So introductory-level programming course mistakes are right out. [1] https://blog.crypto.cat/2013/02/cryptocat-passes-security-audit-with-flying-colors/ -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] PrivateCore and secure hosting
Hi Steve, a technical (and perhaps stupid) question: On Sat, Jun 22, 2013 at 1:49 AM, Steve Weis stevew...@gmail.com wrote: The host H will have a trusted platform module (TPM). When H boots up, it will measure all software state into platform control registers (PCRs) in the TPM. See Intel Trusted Execution Technology (TXT) for more info how this works. Does TXT provide any benefit over UEFI Secure Boot? I remember looking into integrating TXT, and it seemed like something not too well-supported, and essentially superseded by better-established standards like Secure Boot. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] U.S. Agencies Said to Swap Data With Thousands of Firms
On Fri, Jun 14, 2013 at 11:01 AM, Eugen Leitl eu...@leitl.org wrote: http://www.bloomberg.com/news/2013-06-14/u-s-agencies-said-to-swap-data-with-thousands-of-firms.html Microsoft Corp., the world’s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. An interesting article, showing why “responsible disclosure” of exploitable bugs is a bad idea. While companies are offered powerful inducements to cooperate with U.S. intelligence, many executives are motivated by patriotism or a sense they are defending national security, the people familiar with the trusted partner programs said. Since this is essentially recruitment (wonder why Bloomberg doesn't use the term), it makes sense for non-US intelligence services to recruit disgruntled lower-ranking managers to provide the same information, as well. Should be easy, since no treason / classified information is involved. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Boundless Informant: the NSA's secret tool to track global surveillance data
On Mon, Jun 10, 2013 at 12:01 PM, x z xhzh...@gmail.com wrote: Occam's razor would give us the following is what has actually happened in the past three days: a semi-clueless whistle blower fed an overzealous journalist a low-quality powerpoint deck, which met the privacy-paranoia and exploded. I agree. I also don't understand what's the big deal. It is well-known that the NSA (with cooperation with SIGINT agencies of other countries) scans all communication channels it can get to. By reaching popular communication methods like webmail and social media, it is just doing its job. What apparently is at the core of the hysterical public reaction is that the NSA spies on Americans, who think that they are special, and should be treated differently. The reason they think they are special is that the huge geopolitical / economic / military-industrial complex influence of the United States elevates and accustoms them to a position that's completely out of proportion with their actual value to the world — utterly un-democratic, if you think about it. Well, your spy agencies are more democratic than you guys — they spy on you, too. If that wouldn't have been the case, it would mean that your military-industrial complex is not that powerful, which would imply that you are not special anymore, which, ironically, rejects the original premise. Hopefully someone else can appreciate the irony as well (hence writing this). -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Liberte Linux
On Fri, Apr 26, 2013 at 2:12 AM, Richard Brooks r...@clemson.edu wrote: I have a student trying to make a modified build of the Liberte Linux distribution. If anyone would have time and be willing to give her some pointers, please send me an email and I will forward to her. Hi Richard, I saw her email, but was abroad during the week, sorry — will send her some pointers tomorrow. There is also a build-time issue with the outdated kernel, will try to update it by then as well. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Liberte Linux
On Fri, Apr 26, 2013 at 11:14 PM, Jacob Appelbaum ja...@appelbaum.net wrote: Thanks for working on Liberte Linux and helping people to build it from source. Even if there are no changes, I find it very important to be able to build the final product from source. I agree completely, that's why I see using Gentoo as something so critical to the project. Without actually building binaries from source, one does not really take advantage of open source. Besides the obvious benefits, you get e.g., the ability to use hardened toolchain, apply functionality or security-extending patches, etc. I wonder - have you thought about doing gitian builds? It seems like an insanely complicated task for some programs (eg: Firefox) but other programs could be straight forward... I didn't know about Gitian actually, but looking at it right now, it seems that using it for a distribution like Liberté would require at least implementing support for “frozen” builds — i.e., working with specific Gentoo stage3 and portage snapshots instead of the latest ones. I considered this in the past, but didn't find it very useful for development, although it would be useful for people who want to build an image identical to a given release. After asking around, it seemed to me that most people want to have the latest updates as well (in Liberté or in portage packages). Anyway, in addition to “frozen” builds, you would probably need to disable parallel make completely, and somehow make sure that file timestamps do not creep into binaries. No idea how difficult the latter is, although it's probably not that difficult for Liberté, since there is already a process at hand that prevents e.g. using hostname and other details during emerge (“uname” substitution), or current timestamp during kernel build, etc. Some packages (like Perl) insist on creating text configuration files with gathered host information, but those packages are currently not included in Liberté (previously I had to include cleanup for such files into the build process). So, in summary, deterministic builds are probably possible, but the devil is in the details, especially for a distribution image that contains many packages inside. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] And right on cue, the flush our civil liberties down the toilet boys rear their ugly heads
On Fri, Apr 19, 2013 at 10:55 PM, Jacob Appelbaum ja...@appelbaum.net wrote: I find it telling that the local news papers in Seattle referred to their photos as 'potential suspects' on the front page. The use of language is telling - it suggests that to be suspect is to be guilty. I wouldn't be surprised if we saw people using the word potential as a subtle replacement for suspect in the near future again and again. I am not a native English speaker, but even if I do something as simple as going to http://en.wikipedia.org/wiki/Suspect, I immediately find a verbose explanation concluding with: “Possibly because of the misuse of suspect to mean perpetrator, police in the early 21st century began to use person of interest, possible suspect, and even possible person of interest, to mean suspect.” So I don't understand your objection to language being something that evolves. This reminds me of this hilarious tweet: https://twitter.com/evacide/status/264438312675201025 — “Phishing is not hacking. End of story.” — I guess that pointing out that hacking is anything but cracking ceased to be fashionable a decade ago. Now, closer to the subject of this thread. US homeland security is a joke, as is clear from the latest events (that were, like usual, blown outside of all proportions in the US however one looks at them, hence those little armies running around your suburbia — but that's beside the point). So it's no surprise that e.g. DHS will try to put the blame on something it needs but apparently lacks, like more surveillance. The way to oppose that is not to provide arguments that the present amount of surveillance is already too much (you will probably lose), but to expose the incompetence of your homeland security by forcing it to face two simple questions: (1) Why did it fail to profile two Muslim extremists as potential grassroots Jihadists via social media analysis that is already available to the relevant services (e.g., see @AndreiSoldatov's tweets and writeup); and (2) Why did the huge homeland security apparatus fail to prevent the bombing at the tactical level (e.g., is your Police force capable of doing something actually useful, like detecting suspicious people in a mass gathering and checking them, or is that intellectual capacity only reserved to Secret Service and the like). Of course, I am not holding my breath, since asking such questions will require forgoing the usual calming excuse of a “disturbed individual” any time a Muslim in a Western country takes Jihadist preachings too close to heart, but I do believe the incompetence exposing approach could be effective in this case. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Here Come the Encryption Apps
On Thu, Apr 18, 2013 at 4:04 PM, Katrin Verclas kat...@mobileactive.org wrote: Unfortunately contradicted by the evidence that shows frequent partial (regional or specific lines) or (less frequent) total cell phone shutdowns. Happens all the time and clear to those who track this systematically. Please note that cell network shutdowns is only one aspect of my reply above. I am mainly concerned with dismissing smartphone (an extremely useful and capable communication device) as a tool for civil engagement. I don't view cell phone shutdowns as a serious obstacle to such engagement. If anything, I would expect a boost in use of circumvention methods (such as mesh networks) in places where such shutdowns do become an obstacle. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] SUBSCRIPTION
On Wed, Apr 3, 2013 at 3:23 PM, Griffin Boyce griffinbo...@gmail.com wrote: My suggestion is to remove the dash-dash-space that precedes the unsubscribe notice. Should I remind that this was *also* the result of a vote on 21.8.2012? 3. Eliminate signature, modify, or leave as is? a. Eliminate 20.7% b. Modify 62.1% c. As is 17.2% By the way, -- was added as a signature separator instead of -- , which I guess is a mistake. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Vote results on Reply to Question
On Fri, Mar 29, 2013 at 4:41 PM, Eugen Leitl eu...@leitl.org wrote: Failure, actually. It shows that democratic decisions tend to produce technically suboptimal results. The vote in this case shows that majority of subscribers value their convenience more than cool stories of someone's past stupidity or settings guidelines from, of all things, GNU software. To most people, it is pretty clear that convenience * number of users some contrived case of someone getting hurt due to not thinking before doing something — an intuitive economic argument that somehow eludes people who value SMTP headers over what users actually want. That the whole list was spammed with voting traffic just adds insult to injury -- Dunning-Kruger in action. It is pretty clear that people wanted their opinion to be known. Just asking for something (individual replies in case of this vote) doesn't mean that everyone will comply. Don't assume that you are smarter than everyone else just because you are better versed in technical aspects of some issue. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] I-Power : Using Crowd Support, Not Bribes, to Redress Public Grievances
On Sun, Mar 24, 2013 at 11:01 PM, Yosem Companys compa...@stanford.edu wrote: From: V Nath vikas.n...@gmail.com I am looking for feedback on the I-Power platform. I - Power plans on - Using Crowd Support, Not Bribes, to Redress Public Grievances. People feel powerless when Governments fail to act on their grievances. I-Power web + mobile platform will provide people with online legal tools and crowd support to resolve their public grievances quickly. No more bribes! Hi, this seems similar to the Russian «Демократор» platform: http://democrator.ru/ https://ru.wikipedia.org/wiki/Демократор I have no experience with it, so can't comment further. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] list reply-all
On Wed, Mar 20, 2013 at 9:36 AM, Michael Allan m...@zelea.com wrote: But it now appears that safety is a concern (as Matt points out), which wasn't originally understood. Since it's a question of safety vs. convenience, then maybe it's better to revert immediately to the default setting (the safer one). How about no? Any decent mailing list uses reply-to-list as a default. The original survey stated: Reply to entire list or individual sender: - Advantage of replying to individual sender includes preventing personal replies from being inadvertently sent to the entire list. Advantages of replying to entire list include: - Preventing people who forward emails from the list from unnecessarily exposing subscribers' email addresses - Preventing list server from having to filter email to subscribers who are in To: or Cc: (if anything goes wrong, they get an email twice) - Reducing both the strain on the server and the risk of triggering spam filters So no new information has been brought in this thread. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] list reply-all
On Wed, Mar 20, 2013 at 11:48 AM, Michael Allan m...@zelea.com wrote: Maxim Kammerer said: ... Any decent mailing list uses reply-to-list as a default. ... Pardon me, but that's not true. GNU Mailman is a decent list server and it ships with reply-to-sender. I wrote “mailing list”, not “mailing list software”. I am on quite a few mailing lists, and they all use reply-to-list. ... no new information has been brought in this thread. That seems unlikely. I think the new information is that *this* ... preventing personal replies from being inadvertently sent to the entire list. is now recognized to be a safety issue. Matt Mackall said: It's quite easy to imagine extremely embarassing private matter being replaced by career-ending aside on most lists, but on this one in particular it might be replaced by potentially life-endangering datum. ... How many... minor inconveniences equal one job lost or life endangered? ... Isn't that a valid point? No, it's a useless imaginary construct. A valid point would be an example (preferably, more than one) of such an email on this list, where it would be possible to debate whether the person actually deserved losing his job / life for hastily sending said email. Otherwise, my imaginary friend here says that his convenience is more important than your imaginary construct. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Here Come the Encryption Apps
On Fri, Mar 15, 2013 at 6:22 PM, Rich Kulawiec r...@gsp.org wrote: Sixth, and let me encapsulate it as a principle: If you need a GUI to overthrow your government... you're probably not going to overthrow your government. That's harsh, condescending, snarky...but I think it's probably true. Not really (and I disagree with nearly everything else you wrote). Communication is a critical component (some say the most critical) of any military operation, and there is no reason why it would be less critical for e.g. a successful civil uprising. Cellphones today provide the most viable mobile duplex communication channel for civilians, and any third-world government will be most reluctant to shut down cellphone communication, since it will cause major disruptions for its own military, which heavily relies on using cellphones instead of unreliable radios. Risks, including traffic analysis, can be mitigated or simply accepted, and even government's ability to shutdown the cellular network in case of force majeure is not a given, if there is (like usual) some first-world country or multinational extremist organization behind / supporting the grassroots uprising that can supply the necessary equipment on the ground. Your post is condescending for the wrong reasons — Twitter drama queens cannot make a revolution with or without smartphones, but it does not mean that smartphones, and their relevant applications, are not the most suitable communication channel for people on the ground who actually do things (good or bad). -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Fwd: [g...@pryzby.org: Ubuntu, Dash, Shuttleworth and privacy]
On Wed, Feb 20, 2013 at 6:46 PM, Julian Oliver jul...@julianoliver.com wrote: Yes, just after sending the email I 'apt-cache search htpdate', returning nothing. It seems Maxim might have confused Debian with another distribution of GNU/Linux. No, I didn't — I know what Debian is. I remember it not being able to even install properly somewhere in the 90's. I just quoted the developer verbatim, FWIW. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Chromebooks for Risky Situations?
On Tue, Feb 12, 2013 at 10:01 AM, Andreas Bader noergelpi...@hotmail.de wrote: So why not create a own OS that is really small because of its security? http://dee.su/liberte-build -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Why Al-Qaida Hates the Internet: Trust Problems on Jihadi Discussion Forums
On Tue, Jan 22, 2013 at 8:45 PM, Julian Oliver jul...@julianoliver.com wrote: I must say I find the subject of this post a little ridiculous. You need to read between the lines. Mining jihadist forums was all the rage approx. 7 years ago. Recently it fell out of fashion, and the new fashionable thing is censorship circumvention. People are still vested in the previous thing, though, and need to publish based on data acquired so far. However, they try to present it as something usable for the new thing, hence the last sentence of the abstract, and the weird title. Of course, “fashion” above is just an euphemism for money (grants in academia). Follow the money (e.g., the BBG — RFA — OTF link with its ridiculous sums thrown at whatever seems suitable to whoever is in charge), and you will see that Western governments decided that subverting hostile regimes (e.g., via sponsoring dissidents) is more effective than prevention of hostile behavior (e.g., via catching wannabe terrorists). -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype letter strategy
On Thu, Jan 17, 2013 at 4:09 PM, Andre Rebentisch tabe...@gmail.com wrote: Definitely not. It is an organisation that does not care at all about its public image in the field of public policy. Quite exceptional, I may add. Could you please be more specific? For instance, from what I remember, whenever someone sets up an interview with a Microsoft employee, that person is briefed by a team of professional PR people whose purpose is to dig any information they can find on the interviewer, and design a complete interview behavior / answers strategy based on that. That doesn't come across as a behavior of a company that does not care about its public image in some area. Of course there are exceptions to the scheme, e.g. an ip enforcement case in Russia a few years ago to which the company applied very professional damage control. Are you referring to the the time when police would accuse people and companies of using pirated Microsoft software, and Microsoft would then distance itself from the investigation and claim they don't have direct demands against the accused? I think all companies do that, it's a win-win for them. Even Adobe “withdrew its support for the criminal complaint against Dmitry Sklyarov” in 2001. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Removing watermarks from pdfs
On Wed, Jan 16, 2013 at 2:43 PM, Eugen Leitl eu...@leitl.org wrote: For instance, here's a line that IEEE Xplore once added to a paper that I was reading: Authorized licensed use limited to: University of Getting Schooled. Downloaded on July 39, 2009 at 15:10 from IEEE Xplore. Restrictions apply. I have removed such lines in the past via a simple “pdftk uncompress | sed | pdftk compress” filter. IIRC, file size needs to stay the same. I guess this approach applies to all added extra text. Added pages can be removed using pdftk just the same. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Tragic News: Aaron Swartz commits suicide
On Sun, Jan 13, 2013 at 11:09 PM, Andrew Lewis m...@andrewlew.is wrote: So what needs to be done? Um... Didn't I just describe what needs to be done? Or you don't know about gigapedia? Motivation: http://www.aljazeera.com/indepth/opinion/2012/02/2012227143813304790.html Method: an .onion site (no need for external links, just keep the articles / book on-site). Implementers: no newbies. I think it would be a good project, with tremendous impact (read the article above). -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Google Bows Down To Chinese Government On Censorship
On Sat, Jan 12, 2013 at 1:14 AM, Hal Roberts hrobe...@cyber.law.harvard.edu wrote: I'd like to back this up. I haven't done any research on circumvention usage for a couple of years, but it doesn't pass the sniff test to claim that a majority of the 500 million Chinese Internet users are on VPNs. Such widespread VPN usage would have large, obvious impacts on the basic structure of the Internet. All you are doing is pointing out obvious flaws in the Wired report. I can just the same present the obvious counter-argument that regular non-VPN users very rarely search for terms related to whatever revolutionary movements are currently considered sexy in the West. I have only quoted Wired and TechCrunch as two sources that did a bit more than rewriting GreatFire's blog post. This says nothing about user experiences. It is certainly possible that Google pulling out the censored words warning was due to something done by the Chinese in the days prior to that, where that something resulted in user experience being worse (e.g.: users being blocked despite using synonyms, or presented with unusable results that will get them blocked anyway). I don't see any reason to trust GreatFire's judgement on the matter, because it took them a month to notice the change, which goes contrary to claims about user experience getting worse. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Google Bows Down To Chinese Government On Censorship
On Thu, Jan 10, 2013 at 11:51 AM, Martin Johnson greatf...@greatfire.org wrote: Even in theory, I don't understand how the GFW could block the function while still typing the words. Perhaps this is not the correct technical explanation. The point is that users would still find themselves blocked, rendering the system ineffective and possibly detrimental. Unless you can show me otherwise - in practice, or in theory - I stand by our original story. The function was working well until Google decided to disable it. The question is what do you call “working well”. If it was me on the Chinese side, the first thing I would do given Google's alternative suggestions system is use some ontology-based Bayesian network to determine sets of words in subsequent searches that would be used to block users. Perhaps that's what the Chinese did (or, more likely, something much more primitive yet working by the same principle). -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Google Bows Down To Chinese Government On Censorship
On Thu, Jan 10, 2013 at 1:03 PM, Martin Johnson greatf...@greatfire.org wrote: Yes, the question is what you call working well. The censorship-warning feature added last year was clearly improving the user experience. Removing it worsened the user experience again. Is this backed up by actual user experiences from China? “When Wired.co.uk spoke to a few Chinese residents about the disabled Google feature, they were not even aware of it because they used VPNs, demonstrating Google might not be taking into account just how savvy its users are at all.” [1] “Sources close to the matter suggest Google pulled the feature because it was making it more difficult for users to access its search services. […] However, since the notification feature was implemented, access to Google’s search engine in China has been blocked more often than usual […] meaning even fewer users were able to use Google search.” [2] [1] http://www.wired.co.uk/news/archive/2013-01/04/google-china-anti-censorship-fail [2] http://techcrunch.com/2013/01/04/google-quietly-removes-censorship-warning-feature-for-search-users-in-china/ -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Google Bows Down To Chinese Government On Censorship
On Fri, Jan 4, 2013 at 8:50 AM, Martin Johnson greatf...@greatfire.org wrote: This latest move was fully controlled by Google and can as such only be described as self-censorship. The impression I am getting from my contacts at Google is that this is not true. That is, Google apparently lost to Chinese Cyber experts in being able to keep this censored keywords system up, and decided to drop it altogether. PR team then, for whatever other reasons, decided to keep complete silence on the subject. Of course, one can then ask why didn't Google simply force HTTPS on Chinese users to begin with, but they probably considered complete block of Google by GFC too real a possibility, and were too afraid to lose market share. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Travel with notebook habit
On Fri, Dec 28, 2012 at 10:49 AM, Julian Oliver jul...@julianoliver.com wrote: I've been extensively questioned at the border on a few occassions over the years /because/ my laptops don't have a Desktop as such, no icons either. Both my arms were grabbed at the Australian border as I reached to type 'firefox' in a terminal, to start the browser in an attempt to show them a normal looking environment. I think that in such a discussion, it is necessary to distinguish between border guards wanting to look at your data, and border guards wanting to make sure that your laptop is not a bomb (given the limited training they receive on the subject). The situation that you describe looks more like the latter than the former (although clearly there might be omitted details). -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Why Skype (real-time) is losing out to WeChat (async)
On Mon, Dec 24, 2012 at 8:10 AM, Nathan of Guardian nat...@guardianproject.info wrote: Why is a text messaging/push-to-talk model winning out over an instant messaging/VoIP model, in places like Africa and Asia, regardless of known increased risk and decreased privacy and safety? I think that the reason is simple and obvious: society shifts to preferring more impersonal communication. Same reason that teenagers prefer texting to talking on phone, and hanging out to dating. Other than the typical users are dumb answer, Users (on average) are not dumb, but they are irrational and lazy, like people in general. So they will do what's most straightforward (insecure communications, web apps). I am guilty of the same, but at least I don't care (most of the time) if I am under surveillance. When I do, I have the tools I trust (see signature). But the reason I am aware of the dangers is relevant experience, not propaganda. That's why firms hire “red teams” — execs are forced to stop irrationally dismissing intrusion dangers after being shown how it is done on their turf. What follows is that for an anarchist group of activists / regular people, you probably cannot do much. If a group forms an orders-following hierarchy, it's a different thing — you only need to convince the leaders. Why Skype/real-time is losing Opinions wrt. your hypotheses below: 1) Noticeable impact on mobile battery life if left logged in all the time (holding open sockets to multiple servers? less efficient use of push?) No, unless the difference is drastic. 2) Real-time, full duplex communications requires constant, decent bandwidth; degradation is very noticeable, especially with video Doubt it. 3) App is very large (a good amount of native code), and a bit laggy during login and contacts lookup No. Just a reason to buy faster devices with more memory. 4) Old and tired (aka not shiny) perception of brand; too much push of pay services No. (Don't see people throwing out their iPhones just yet.) 5) Requires new username and password (aka not based on existing phone number), and lookup/adding of new contacts No. 6) US/EU based super-nodes may increase latency issues; vs China/Asia based servers People shift to impersonal communication everywhere, not just in Asia. Why WeChat (and WhatsApp, Kakao, etc) async are winning 1) Push-to-talk voice negates nearly all bandwidth, throughput and latency issues of mobile. Doubt that's the reason. 2) Push-to-talk is better than instant messaging for low literacy, mixed-written language communities; The bootstrap process for Skype is very text heavy still Push-to-talk is an alternative to interactive calls, not IM. 3) Apps feel more lightweight both from size, and from network stack (mostly just using HTTPS with some push mechanism) No. 5) Shiny, new hotness, with fun themes, personalization, and focus on free Unless WeChat are the first to think about those things, no. 6) Picture, video, file sharing made very easy - aka a first order operation, not a secondary feature; chats are a seamless mix of media Doubt it. 7) Persistent, group chat/messaging works very well (since its just async/store and forward, its very easy to send many-to-many) Maybe. 8) Identity often based on existing phone number, so signup is easy, and messaging to existing contacts is seamless I think there are many similar services that do that. 9) More viral - you can message people not on the service, and they will be spammed to sign up for the service LOL, no. Is my thinking headed in the right direction? I think that you are missing key societal changes that drive the new offerings. Should we try to turn Gibberbot into a more-secure WhatsApp/WeChat clone? You can try, but I doubt that anyone except a minority of security enthusiasts will use it instead of established solutions. Best regards, Maxim -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Censorship hardware - BLUECOAT IN SYIA
On Tue, Dec 4, 2012 at 7:38 PM, liberationt...@lewman.us wrote: A few people started to dig through the data, and then either gave up when they realized the volume of it, or didn't publish their analysis widely. Here's one example, http://picviz.blogspot.com/2012/01/syrian-bluecoat-logs-analysis-part-1.html Blue Coat logs are just ELFF format, nearly anything can parse them and make pretty reports good enough for enterprise bosses. The value comes from understanding what's missing in the logs, what's being tracked overall, and who is communicating with whom. 500GB isn't that much data. One could just take the raw logs, parse and import them into a SQL database and then generate queries until the cows come home. I doubt you will find anything useful, besides maybe reverse-engineering the rules for forwarding requests to the Blue Coat devices. Only the first six short SG-42 files [1] contain requests with hashed user IPs (436 MiB, 6.4M entries), and the rest have c-ip=0.0.0.0, apparently generated by some anti-virus software [2]. Think you can use User-Agent to distinguish between the boring users who have parental control software? Good luck: for an (arbitrary) file with 25M requests, there are just 65K distinct User-Agent strings (looks like enough, but distribution will be far from uniform). So you can find out, from the short SG-42 files, that user 30a5f2f9049b9981 watched a really impressive amount of porn in one day. Amazing! And boring. About the only useful thing that can be done with the dataset is reverse engineering the rules for filtering and blocking URLs. [1] http://project-bluesmote.s3-website-us-east-1.amazonaws.com/raw_logs/SG-42/SG_main__4207{22212535,2039,22231541,23002434,23084209,23153411}.log.gz [2] http://reflets.info/bluecoats-presence-in-syria-finally-uncovered/ -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Comments on Internews new information security guide
On Wed, Nov 14, 2012 at 2:02 AM, Eric S Johnson cra...@oneotaslopes.org wrote: Alternatively, since (like OTR) no Skype communication is known to have ever been successfully in-line-intercepted […] I guess it depends on your definition of “in-line interception”, but there is a topic making rounds in Russian blogosphere today about hijacking Skype accounts based on knowledge of victim's email. You can download chat history from conversation partners (or possibly even from the victim who is logged in elsewhere) after that. Apparently, Skype was vulnerable to the method for at least several months (with many users hijacked), and ignored reports by the blogger in question. It seems that they put in some crude temporary fix today, partially disabling users' ability to reset passwords. http://habrahabr.ru/post/158545/ (Russian, with details and noise) http://en.ria.ru/world/20121114/177453756.html (English, summary) -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] MJM as Personified Evil Says Spyware Saves Lives Not Kills Them
On Mon, Nov 12, 2012 at 10:49 PM, Bernard Tyers - ei8fdb ei8...@ei8fdb.org wrote: It saddens me that someone who is clearly talented is so delusional, or puts a price on his personal life. 15% of the company, and hefty salary. Reading this thread and corresponding Twitter comments, I don't understand why anyone would take the dating remark as anything but tongue-in-cheek. I am sure that his work can be very exciting (myself, I still remember the thrill of writing a fully polymorphic virus as a teenager), and not everyone needs appreciation from journalists or their bored readers to feel accomplished. And I find it very hard to believe that any sizable proportion of his acquaintances or dating pool care about the details of the software that he produces or who is it sold to. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] issilentcircleopensourceyet.com
On Wed, Nov 7, 2012 at 3:17 AM, Griffin Boyce griffinbo...@gmail.com wrote: Has anyone asked Tim Berners-Lee about child pornography lately? Cell phones are used by drug dealers, and my dicing knife doubles as a deadly weapon. There's a world of difference between the inventor's intended use and those secondary uses. How are these ramifications in any way relevant to the conflict of interest analogy I have made? Pointing out the obvious fact that Tor hidden services are most popular in drug dealing and pedophilia circles gets someone's panties in a twist, and the supposedly factual “Tor users” page containing mostly upgraded old promotional writeup [1] conflicts with the official party line? Fine, let's look at something recent and authoritative, Thus spake Mike Perry [2]: I am deeply opposed to shipping an always-on universal adblocker with the default TBB. I think it would be political suicide in terms of accomplishing our goals with acceptance of Tor users by sites, lobbying for private browsing origin changes, and convincing the world that privacy by design is possible without resorting to filtering schemes and/or DNT-style begging. So here you have it: an employee of the non-profit Tor project admits to producing an inferior product due to political reasons. No drugs, CP, or other forbidden subjects are involved either, so Americans among us can breathe a sigh of relief. [1] https://lists.torproject.org/pipermail/tor-talk/2012-August/025151.html [2] https://lists.torproject.org/pipermail/tor-talk/2012-November/026354.html -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Large amounts of spam
On Wed, Oct 31, 2012 at 10:14 PM, Greg Norcie g...@norcie.com wrote: Maybe I'm paranoid, but I wonder if this is an effort to disrupt the list (as opposed to the usual economic incentives associated w/ spam.) I didn't see any spam from the list in Google Apps, except for the two messages from a hijacked account. Are you sure the spam comes via the list? Or does Google Apps delete spam with malware attachments altogether (i.e., skipping the Spam folder stage)? -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Security / reliability of cryptoheaven ?
, the most he can expect (unless doing something explicitly illegal) is some harassment at the border. A political activist in UAE (taking a recent example posted on this mailing list) knows that his country is incapable of sophisticated US-style mass surveillance, and does not pay too much attention to computer security, besides some simple guidelines. Then, his country deploys the most sophisticated individual surveillance technology money can buy against him, and he is beaten and/or killed after being confirmed as a danger to the regime. Maybe if he knew this could happen, he wouldn't use regular non-authenticated and non-encrypted email at all? -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] best practices - roundup
On Tue, Oct 9, 2012 at 9:03 PM, Lindsay Beck lb...@ndi.org wrote: Disclosure: TAILS relies on BIOS for operability, and thus can have challenges functioning on newer computers that utilize UEFI without legacy support for BIOS. For anyone interested: Liberté Linux already has full UEFI support for all installation types (USB, CD, OVF), and is also the first Linux distribution to use Secure Boot as a trusted boot chain mechanism. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech