A Geek With Guns

Chronicling the depravities of the State.

Archive for the ‘Encrypt Everything’ Category

Avoid E-Mail for Security Communications

with one comment

The Pretty Good Privacy (PGP) protocol was created to provide a means to securely communicate via e-mail. Unfortunately, it was a bandage applied to a protocol that has only increased significantly in complexity since PGP was released. The ad-hoc nature of PGP combined with the increasing complexity of e-mail itself has lead to rather unfortunate implementation failures that have left PGP users vulnerable. A newly released attack enables attackers to spoof PGP signatures:

Digital signatures are used to prove the source of an encrypted message, data backup, or software update. Typically, the source must use a private encryption key to cause an application to show that a message or file is signed. But a series of vulnerabilities dubbed SigSpoof makes it possible in certain cases for attackers to fake signatures with nothing more than someone’s public key or key ID, both of which are often published online. The spoofed email shown at the top of this post can’t be detected as malicious without doing forensic analysis that’s beyond the ability of many users.

[…]

The spoofing works by hiding metadata in an encrypted email or other message in a way that causes applications to treat it as if it were the result of a signature-verification operation. Applications such as Enigmail and GPGTools then cause email clients such as Thunderbird or Apple Mail to falsely show that an email was cryptographically signed by someone chosen by the attacker. All that’s required to spoof a signature is to have a public key or key ID.

The good news is that many PGP plugins have been updated to patch this vulnerability. The bad news is that this is the second major vulnerability found in PGP in the span of about a month. It’s likely that other major vulnerabilities will be discovered in the near future since the protocol appears to be receiving a lot of attention.

PGP is suffering from the same fate as most attempts to bolt security onto insecure protocols. This is why I urge people to utilize secure communication technology that was designed from the start to be secure and has been audited. While there are no guarantees in life, protocols that were designed from the ground up with security in mind tend to fair better than protocols that were bolted on after the fact. Of course designs can be garbage, which is where an audit comes in. The reason you want to rely on a secure communication tool only after it has been audited is because an audit by an independent third-party can verify that the tool is well designed and provides effective security. And audit isn’t a magic bullet, unfortunately those don’t exist, but it allows you to be reasonably sure that the tool you’re using isn’t complete garbage.

Written by Christopher Burg

June 15th, 2018 at 10:00 am

EFAIL

without comments

A vulnerability was announced yesterday that affects both OpenPGP and S/MIME encrypted e-mails. While this was initially being passed off as an apocalyptic discovery, I don’t think that it’s scope is quite as bad as many are claiming. First, like all good modern vulnerabilities, it has a name, EFAIL, and a dedicated website:

The EFAIL attacks exploit vulnerabilities in the OpenPGP and S/MIME standards to reveal the plaintext of encrypted emails. In a nutshell, EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs. To create these exfiltration channels, the attacker first needs access to the encrypted emails, for example, by eavesdropping on network traffic, compromising email accounts, email servers, backup systems or client computers. The emails could even have been collected years ago.

The attacker changes an encrypted email in a particular way and sends this changed encrypted email to the victim. The victim’s email client decrypts the email and loads any external content, thus exfiltrating the plaintext to the attacker.

The weakness isn’t in the OpenPGP or S/MIME encryption algorithms themselves but in how mail clients interact with encrypted e-mails. If your e-mail client is configured to automatically decrypt encrypted e-mails and allows HTML content to be displayed, the encrypted potion of your e-mail could be exfiltrated by a malicious attacker.

I generally recommend against using e-mail for secure communications in any capacity. OpenPGP and S/MIME are bandages applied to an insecure protocol. Due to their nature as a bolted on feature added after the fact, they are unable to encrypt a lot of data in your e-mail (the only thing they can encrypt is the body). However, if you are going to use it, I generally recommend against allowing your client to automatically decrypt your encrypted e-mails. Instead at least require that your enter a password to decrypt your private key (this wouldn’t defend against this attack if your client is configured to display HTML e-mail content but it would prevent malicious e-mails from automatically exfiltrating encrypted content). Better yet, have your system setup in such a manner where you actually copy the encrypted contents of an e-mail into a separate decryption program, such as the OpenPGP command line tools, to view the secure contents. Finally, I would recommend disabling the ability to display HTML e-mails in your client if you are at all concerned about security.

If you perform the above practices, you can mitigate this attack… on your system. The real problem is, as always, other people’s systems. While you may perform the above practices, you can’t guarantee that everybody with whom you communicate will as well. If an attacker can exploit one party, they will generally get the e-mails sent by all parties. This is why I’d recommend using a communication tool that was designed to be secure from the beginning, such as Signal, over e-mail with OpenPGP or S/MIME. While tools like Signal aren’t bulletproof, they are designed to be secure by default, which makes them less susceptible to vulnerabilities created by an improper configuration.

Written by Christopher Burg

May 15th, 2018 at 11:00 am

Set a Strong Password on Your Phone

without comments

My girlfriend and I had to take our cat to the emergency vet last night so I didn’t have an opportunity to prepare much material for today. However, I will leave you with a security tip. You should set a strong password on your phone:

How long is your iPhone PIN? If you still use one that’s only made by six numbers (or worse, four!), you may want to change that.

Cops all over the United States are racing to buy a new and relatively cheap technology called GrayKey to unlock iPhones. GrayShift, the company that develops it, promises to crack any iPhone, regardless of the passcode that’s on it. GrayKey is able to unlock some iPhones in two hours, or three days for phones with six digit passcodes, according to an anonymous source who provided security firm Malwarebytes with pictures of the cracking device and some information about how it works.

The article goes on to explain that you should use a password with lowercase and upper case letters, numbers, and symbols. Frankly, I think such advice is antiquated and prefer the advice given in this XKCD comic. You can create more bits of entropy if you have a longer password that is easier to remember. Instead of having something like “Sup3r53cretP@5sw0rd” you could have “garish-bethel-perry-best-finale.” The second is easier to remember and is actually longer. Moreover, you can increase your security by tacking on additional words. If you want a randomly generated password, you can use a Diceware program such as this one (which I used to generate the latter of the two passwords.

Written by Christopher Burg

April 19th, 2018 at 10:00 am

The Beginning of the End for Unsecured Websites

without comments

Chrome looks to be the first browser that is going to call a spade a spade. Starting in July 2018, Chrome will list all websites that aren’t utilizing HTTPS as unsecured:

For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018 with the release of Chrome 68, Chrome will mark all HTTP sites as “not secure”.

I think Let’s Encrypt was the catalyst that made this decision possible. Before Let’s Encrypt was released, acquiring and managing TLS certificates could be a painful experience. What made matters worse is that the entire process had to be redone whenever the acquired TLS certificates expired. Let’s Encrypt turned that oftentimes annoying and expensive process into an easy command. This made it feasible for even amateur website administrators to implement HTTPS.

The Internet is slowly moving to a more secure model. HTTPS not only prevents third parties from seeing your web traffic but, maybe even more importantly, it also prevents third parties from altering your web traffic.

Written by Christopher Burg

February 16th, 2018 at 10:00 am

Open Whisper Systems Released Standalone Desktop Client

without comments

Signal is my favorite messaging application. It offers very good confidentiality and is easy to use. I also appreciate the fact that a desktop client was released, which meant I didn’t have to pull out my phone every time I wanted to reply to somebody. What I didn’t like though was the fact that the Signal desktop client was a Chrome app. If you use a browser besides Chrome you had to install Chrome just to use Signal’s desktop client. Fortunately, Google announced that it was deprecating Chrome apps and that forced Open Whisper Systems to release a standalone desktop client.

Now you can run the Signal desktop client without having to install Chrome.

Written by Christopher Burg

November 1st, 2017 at 10:00 am

The FBI’s Performance Issues

without comments

When the Federal Bureau of Investigations (FBI) isn’t pursuing terrorists that it created, the agency tends to have a pretty abysmal record. The agency recently announced, most likely as propaganda against effective encryption, that it has failed to obtain the contents of 7,000 encrypted devices:

Agents at the US Federal Bureau of Investigation (FBI) have been unable to extract data from nearly 7,000 mobile devices they have tried to access, the agency’s director has said.

Christopher Wray said encryption on devices was “a huge, huge problem” for FBI investigations.

The agency had failed to access more than half of the devices it targeted in an 11-month period, he said.

The lesson to be learned here is that effective cryptography works. Thanks to effective cryptography the people are able to guarantee their supposed constitutional right to privacy. The restoration of rights should be celebrated but politicians never do because our rights are directly opposed to their goals. I guarantee that this announcement will lead to more political debates in Congress that will result in more bills being introduced to ban the plebs (but not the government, of course) from having effective cryptography. If one of the bills is passed into law, the plebs will have to personally patch their devices to fix the broken cryptography mandated by law (which, contrary to what politicians might believe, is what many of us plebs will do).

If you don’t want government goons violating your privacy, enable the cryptographic features on your devices such as full disk encryption.

Written by Christopher Burg

October 24th, 2017 at 10:00 am

The Future is Bright

without comments

A writer at The Guardian, which seems to be primarily known for propagating left-wing statist propaganda, has shown a slight glimmer of understanding. While neoconservatives and neoliberals fight for power over other people, crypto-anarchists have been busy working in the shadows to develop technology that allows individuals to defend themselves from the State:

The rise of crypto-anarchism might be good news for individual users – and there are plenty working on ways of using this technology for decent social purposes – but it’s also bad news for governments. It’s not a direct path, but digital technology tends to empower the individual at the expense of the state. Police forces complain they can’t keep up with new forms of online crime, partly because of the spread of freely available encryption tools. Information of all types – secrets, copyright, creative content, illegal images – is becoming increasingly difficult to contain and control. The rash of ransomware is certainly going to get worse, exposing the fragility of our always connected systems. (It’s easily available to buy on the dark net, a network of hidden websites that are difficult to censor and accessed with an anonymous web browser.) Who knows where this might end. A representative from something called “Bitnation” explained to Parallel Polis how an entire nation could one day be provided online via an uncontrollable, uncensorable digital network, where groups of citizens could club together to privately commission public services. Bitnation’s founder, Susanne Tarkowski Tempelhof, hopes Bitnation could one day replace the nation state and rid us of bureaucrats, creating “a world of a million competing digital nations”, as she later told me.

The biggest threat to statism is individual empowerment. While technology is a two-edged sword, serving both the State and individuals without concern for either’s morality, it is difficult to argue that it hasn’t greatly helped empower individuals.

A combination of Tor hidden services and cryptocurrencies have done a great deal to weaken the State’s drug war by establishing black markets where both buyers and sellers remain anonymous. Weakening the drug war is a significant blow to the State because it deprives it of slave labor (prisoners) and wealth (since the State can’t use civil forfeiture on property it can’t identify).

Tor, Virtual Private Networks (VPN), Hypertext Transfer Protocol Secure (HTTPS), Signal, and many other practical implementations of encryption have marvelously disrupted the State’s surveillance apparatus. This also cuts into the State’s revenue since it cannot issue fines, taxes, or other charges on activities it is unaware of.

3D printers, although still in their infancy, are poised to weaken the State’s ability to restrict objects. For example, the State can’t prohibit the possession of firearms if people are able print them without the State’s knowledge.

But if the State disables the Internet all of these technologies fall apart, right? That would be the case if the Internet was a centralized thing that the State could disable. But the Internet is simply the largest network of interconnected networks. Even if the State shutdown every Internet Service Provide (ISP) in the world and cut all of undersea cables, the separated networks will merely have to be reconnected. That is where a technology like mesh networking could come into play. Guifi.net, for example, is a massive mesh network that spans Catalonia. According to the website, there are currently 33,191 operating nodes in the Guifi.net mesh. Shutting down that many nodes isn’t feasible, especially when they can be quickly replaced since individual nodes are usually cheap off-the-shelf Wi-Fi access points. Without the centralized Internet a span of interconnected mesh networks could reestablish global communications and there isn’t much the State could do about it.

Statism has waxed and waned throughout human history. I believe we’re at a tipping point where statism is beginning to wane and I believe advances in individual empowering technologies are what’s diminishing it. Voting won’t hinder the State. The Libertarian Party won’t hinder the State. Crypto-anarchists, on the other hand, have a proven track record of hindering the State and all signs point to them continuing to do so.

Keybase Client

without comments

Keybase.io started off as a service people could use to prove their identity using Pretty Good Privacy (PGP). I use it to prove that I own various public accounts online as well as this domain. Back in February the Keybase team announced a chat client. I hadn’t gotten around to playing with it until very recently but I’ve been impressed enough by it that I feel the need to post about it.

Keybase’s chat service has a lot of similarities to Signal. Both services provided end-to-end encrypted communications, although in slightly different ways (Keybase, for example, doesn’t utilize forward secrecy except on “self-destructing” messages). However, one issue with Signal is that it relies on your phone number. If you want to chat on Signal with somebody you have to give them your phone number and they have to give you theirs. This reliance on phone numbers makes Signal undesirable in many cases (such as communicating with people you know online but not offline).

Keybase relies on your proven online identities. If you want to securely talk to me using Keybase you can search for me by using the URL for this website since I’ve proven my ownership of it on Keybase. Likewise, if you want to securely talk to somebody on Reddit or Github you can search for their user names on those sites in Keybase.

Another nice feature Keybase offers is a way to securely share files. Each user of the Keybase client gets 10GB of storage for free. Any data added to your private folder is encrypted in such a way that only you can access the files. If you want to share files amongst a few friends the files can be encrypted in a way that only you and those designated friends can access them.

On the other hand, if you’re into voice and video calls, you’re out of luck. Keybase, unlike Signal, currently supports neither and I have no idea if there are plans to implement them in the future. I feel that it’s also important to note that Keybase, due to how new it is, hasn’t undergone the same level of rigorous testing as Signal has so you probably don’t want to put the same level of trust in it yet.

Written by Christopher Burg

June 8th, 2017 at 11:00 am

Private Solutions to Government Created Problems

without comments

Earlier this week the United States Congress decided to repeal privacy protection laws that it had previous put into place on Internet Service Providers (ISP). While a lot of people have been wasting their time begging their representatives masters with phone calls, e-mails, and petitions, private companies have begun announcing methods to actually protect their users’ privacy. In the latest example of this, Pornhub announced that it will turn on HTTPS across its entire site:

On April 4, both Pornhub and its sister site, YouPorn, will turn on HTTPS by default across the entirety of both sites. By doing so, they’ll make not just adult online entertainment more secure, but a sizable chunk of the internet itself.

The Pornhub announcement comes at an auspicious time. Congress this week affirmed the power of cable providers to sell user data, while as of a few weeks ago more than half the web had officially embraced HTTPS. Encryption doesn’t solve your ISP woes altogether—they’ll still know that you were on Pornhub—but it does make it much harder to know what exactly you’re looking at on there.

As the article points out, your ISP will still be able to tell that you accessed Pornhub, since Domain Name Server (DNS) lookups are generally not secured, but it won’t be able to see what content you’re accessing. As for DNS lookups, solutions are already being worked on to improve their security. Projects like DNSCrypt, which provides encrypted DNS lookups, are already available.

If you want to protect your privacy you can’t rely on the State’s regulations. First, the State is the worst offender when it comes to surveillance and the consequences of its surveillance are far worse. Sure, your ISP might sell some of your data but the State will send men with guns to your home to kidnap you and probably shoot your dog. Second, as this situation perfectly illustrates, government regulations are temporary. The government implemented the privacy regulations and then took them away. It may restore them again in the future but there’s no guarantee it won’t repeal them again. Any government solution is temporary at best.

Cryptography offers a permanent solution that can protect Internet users from both their snoopy ISP and government. HTTPS and DNSCrypt will continue to work regardless of the state of privacy regulations.

Written by Christopher Burg

March 31st, 2017 at 10:00 am

Secure E-Mail is an Impossibility

with 2 comments

A while back I wrote a handful of introductory guides on using Pretty Good Privacy (PGP) to encrypt the content of your e-mails. They were well intentioned guides. After all, everybody uses e-mail so we might as well try to secure it as much as possible, right? What I didn’t stop to consider was the fact that PGP is a dead end technology for securing e-mails not because the initial learning curve is steep but because the very implementation itself is flawed.

I recently came across a blog post by Filippo Valsorda that sums up the biggest issue with PGP:

But the real issues I realized are more subtle. I never felt confident in the security of my long term keys. The more time passed, the more I would feel uneasy about any specific key. Yubikeys would get exposed to hotel rooms. Offline keys would sit in a far away drawer or safe. Vulnerabilities would be announced. USB devices would get plugged in.

A long term key is as secure as the minimum common denominator of your security practices over its lifetime. It’s the weak link.

Worse, long term keys patterns like collecting signatures and printing fingerprints on business cards discourage practices that would otherwise be obvious hygiene: rotating keys often, having different keys for different devices, compartmentalization. It actually encourages expanding the attack surface by making backups of the key.

PGP, in fact the entire web of trust model, assumes that your private key will be more or less permanent. This assumption leads to a lot of implementation issues. What happens if you lose your private key? If you have an effective backup system you may laugh at this concern but lost private keys are the most common issue I’ve seen PGP users run into. When you lose your key you have to generate a new one and distribute it to everybody you communicate with. In addition to that, you also have to resign people’s existing keys. But worst of all, without your private key you can’t even revoke the corresponding published public key.

Another issue is that you cannot control the security practices of other PGP users. What happens when somebody who signed your key has their private key compromised? Their signature, which is used by others to decide whether or not to trust you, becomes meaningless because their private key is no longer confidential. Do you trust the security practices of your friends enough to make your own security practices reliant on them? I sure don’t.

PGP was a jury rigged solution to provide some security for e-mail. Because of that it has many limitations. For starters, while PGP can be used to encrypt the contents of a message it cannot encrypt the e-mail headers or the subject line. That means anybody snooping on the e-mail knows who the parties communicating are, what the subject is, and any other information stored in the headers. As we’ve learned from Edward Snowden’s leaks, metadata is very valuable. E-mail was never designed to be a secure means of communicating and can never be made secure. The only viable solution for secure communications is to find an alternative to e-mail.

With that said, PGP itself isn’t a bad technology. It’s still useful for signing binary packages, encrypting files for transferring between parties, and other similar tasks. But for e-mail it’s at best a bandage to a bigger problem and at worst a false sense of security.

Written by Christopher Burg

December 8th, 2016 at 11:00 am