You are Responsible for Your Own Anonymity

Reality Leigh Winner (who, despite her name, was not a winner in reality) is currently sitting in a cage for the crime of leaking classified National Security Agency (NSA) documents. Unlike Edward Snowden, Reality didn’t purposely go public. But she made a series of major mistakes that allowed the NSA to identify her after she leaked the documents. Her first mistake was using a work computer to communicate with The Intercept:

Investigators then determined that Ms Winner was one of only six people to have printed the document. Examination of her email on her desk computer further revealed that she had exchanged emails with the news outlet, the indictment said.

By using a work computer to communicate with The Intercept, she made hard evidence against her easily available to her employer.

Her second mistake was physically printing the documents:

When reporters at The Intercept approached the National Security Agency on June 1 to confirm a document that had been anonymously leaked to the publication in May, they handed over a copy of the document to the NSA to verify its authenticity. When they did so, the Intercept team inadvertently exposed its source because the copy showed fold marks that indicated it had been printed—and it included encoded watermarking that revealed exactly when it had been printed and on what printer.

Most major printer manufacturers watermark any pages printed by their printers. The watermarks identify which printer printed the document. In addition to the physical printer, the watermark on the document posted by The Intercept also included a timestamp of when the document was printed.

Reality’s third mistake was trusting a third-party to guard her anonymity. Because of The Intercept’s history of working with leakers it’s easy to assume that the organization takes precautions to guard the identities of its sources. However, a single mistake, posting the printed document without editing out the watermark, gave the NSA enough evidence to narrow down who the leaker could be.

The lesson to be learned from this is that you alone are responsible for maintaining your anonymity. If you’re leaking classified materials you need to do so in a way that even the individual or organization you’re leaking them to is unable to identify you.

What Could Kill Bitcoin

I greatly appreciate Bitcoin. By enabling pseudonymous transactions it has made many forms of commerce, specifically those deemed illegal by various governments, easier. It also offers an opportunity for individuals to conceal at least some of their wealth from the State. However, Bitcoin exists in a market environment, which means a superior competing product could come along at any moment and topple it.

When Bitcoin first came on the scene its community promised low transaction fees. They often compared the transaction fees of, say, Western Union to the miner fees of Bitcoin for sending money across the globe. At the time sending money via Bitcoin was significantly cheaper.

Fast forward to today. The price of sending Bitcoin has skyrocketed. If you want a Bitcoin transaction to clear in a reasonable amount of time you’re looking at a transaction fee of over $2.00 (as of this writing). Why is this? It’s because the Bitcoin network is running into a block size ceiling problem. This problem has created an environment where more transaction are being made then can be processed so convincing miners to process your transaction requires offering a significant reward. No problem, right? It’s just the market at work after all.

It’s true, Bitcoin’s current state is an example of supply and demand. Demand has exceeded the supply of miners so the price to get transactions cleared has increased. But markets are finicky things. If enough people decide that they’re unwilling to spend $2.00 on a transaction fee for a $5.00 coffee they’re going to look for a better solution. Bitcoin isn’t the only cryptocurrency in town so failing to address the block size ceiling problem will likely encourage consumers to find an alternate cryptocurrency.

Considering this you would think that the Bitcoin community is working diligently to solve the problem, right? As it turns out, not so much. Now a lot of the Bitcoin community is changing its tune. Instead of addressing the issue they are denying the fact that low transaction fees were a selling feature of Bitcoin not too long ago. In addition to denying the past they’re trying to explain how high transaction fess are acceptable. I highly doubt most consumers see the “wisdom” in paying a $2.00 transaction fee to buy a $5.00 espresso at Starbucks. And that’s the thing, for a cryptocurrency to succeed it needs to be useful.

I can hear some Bitcoin advocate saying, “But, Chris, Bitcoin will simply become the new gold while another cryptocurrency will become its silver!” Gold and silver run into a divisibility problem. You can only divide gold so far until it becomes difficult to use. Nobody is going to pay for a coffee using gold dust because it’s a pain in the ass. Instead they use a less valuable metal, silver, for smaller payments. Cryptocurrencies don’t have this problem. You can divide a cryptocurrency down to as many decimal places as you want and it’ll be equally easy to use. Whether a cup of coffee costs me 1 Bitcoin or 0.000001 Bitcoin doesn’t make a usability difference to me. This means that any cryptocurrency that takes over Bitcoin’s current task of handling small transactions will likely rise to dominance overall.

Governments have been unable to destroy Bitcoin but the unwillingness of its community to address technical problems very well could lead to its destruction.

CryptoPartyMN Meeting Tonight

For those of you who don’t know, CryptoPartyMN is a group that focuses on teaching individuals how to utilize secure communication tools. We meet every other week and host a few hands-on workshops each year. With the sudden concern about privacy as it related to Internet Service Providers (ISP) tonight’s meeting will discuss Virtual Private Networks (VPN).

If you’re interested in learning about defending your privacy against your ISP please feel free to join us.

Private Solutions to Government Created Problems

Earlier this week the United States Congress decided to repeal privacy protection laws that it had previous put into place on Internet Service Providers (ISP). While a lot of people have been wasting their time begging their representatives masters with phone calls, e-mails, and petitions, private companies have begun announcing methods to actually protect their users’ privacy. In the latest example of this, Pornhub announced that it will turn on HTTPS across its entire site:

On April 4, both Pornhub and its sister site, YouPorn, will turn on HTTPS by default across the entirety of both sites. By doing so, they’ll make not just adult online entertainment more secure, but a sizable chunk of the internet itself.

The Pornhub announcement comes at an auspicious time. Congress this week affirmed the power of cable providers to sell user data, while as of a few weeks ago more than half the web had officially embraced HTTPS. Encryption doesn’t solve your ISP woes altogether—they’ll still know that you were on Pornhub—but it does make it much harder to know what exactly you’re looking at on there.

As the article points out, your ISP will still be able to tell that you accessed Pornhub, since Domain Name Server (DNS) lookups are generally not secured, but it won’t be able to see what content you’re accessing. As for DNS lookups, solutions are already being worked on to improve their security. Projects like DNSCrypt, which provides encrypted DNS lookups, are already available.

If you want to protect your privacy you can’t rely on the State’s regulations. First, the State is the worst offender when it comes to surveillance and the consequences of its surveillance are far worse. Sure, your ISP might sell some of your data but the State will send men with guns to your home to kidnap you and probably shoot your dog. Second, as this situation perfectly illustrates, government regulations are temporary. The government implemented the privacy regulations and then took them away. It may restore them again in the future but there’s no guarantee it won’t repeal them again. Any government solution is temporary at best.

Cryptography offers a permanent solution that can protect Internet users from both their snoopy ISP and government. HTTPS and DNSCrypt will continue to work regardless of the state of privacy regulations.

Vault 7 isn’t the End of Privacy

There has been a lot of bad stories and comments about Vault 7, the trove of Central Intelligence Agency (CIA) documents WikiLeaks recently posted. Claims that the CIA has broken Signal, can use any Samsung smart television to spy on people, and a whole bunch of other unsubstantiated or outright false claims have been circulating. Basically, idiots who speak before they think have been claiming that Vault 7 is proof that privacy is dead. But that’s not the case. The tools described in the Vault 7 leak appear to be aimed at targeted surveillance:

Perhaps a future cache of documents from this CIA division will change things on this front, but an admittedly cursory examination of these documents indicates that the CIA’s methods for weakening the privacy of these tools all seem to require attackers to first succeed in deeply subverting the security of the mobile device — either through a remote-access vulnerability in the underlying operating system or via physical access to the target’s phone.

As Bloomberg’s tech op-ed writer Leonid Bershidsky notes, the documentation released here shows that these attacks are “not about mass surveillance — something that should bother the vast majority of internet users — but about monitoring specific targets.”

The threats of mass surveillance and targeted government surveillance are very different. Let’s consider Signal. If the CIA had broken Signal it would be able to covertly collect Signal packets as they traveled from source to destination, decrypt the packets, and read the messages. This would enable mass surveillance like the National Security Agency (NSA) has been doing. But the CIA didn’t break Signal, it found a way to attack Android (most likely a specific version of Android). This type of attack doesn’t lend itself well to mass surveillance because it requires targeting specific devices. However, if the CIA wants to surveil a specific target then this attack works well.

Avoiding mass surveillance is much easier to deal with than defending yourself against an organization with effectively limitless funds and a massive military to back it up that specifically wants your head on a platter. But unlike mass surveillance, very few people have to actually deal with the latter. And so far the data released as part of Vault 7 indicates the surveillance tools the CIA has developed are aimed at targeted surveillance so you most likely won’t have to deal with them.

Privacy isn’t dead, at least so long as you’re not being specifically targeted by a three letter agency.

Vault 7

WikiLeaks dropped a large archive of Central Intelligence Agency (CIA) leaks. Amongst the archive are internal communications and documents related to various exploits the CIA had or has on hand for compromising devices ranging from smartphones to smart televisions.

I haven’t had a chance to dig through the entire archive yet but there’s one thing that everybody should keep in mind.

The government that claims to protect you, that many people mistakenly believe protects them, has been hoarding vulnerabilities and that has put you directly in harm’s way. Instead of reporting discovered vulnerabilities so they could be patched, the CIA, like the NSA, kept them secret so it could exploit them. Since discovery of a vulnerability doesn’t grant a monopoly on its use, the vulnerabilities discovered by the CIA may very well have been discovered by other malicious hackers. Those malicious hackers could, for example, be exploiting those vulnerabilities to spread a botnet that can be used perform distributed denial of service attacks against websites to extort money from their operators.

Remember this the next time some clueless fuckstick tells you that the government is there to keep you safe.

While I haven’t had a chance to read through the archive, I have had a chance to read various comments and reports regarding the information in the archive. By doing this I’ve learned two things. First, the security advice posted by most random Internet denizens is reminiscent of the legal advice posted by most sovereign citizens. Second, the media remains almost entirely clueless about information security.

Case in point, a lot of comments and stories have said that the archive contains proof that the CIA has broken Signal and WhatsApp. But that’s not true:

It’s that second sentence that’s vital here: It’s not that the encryption on Signal, WhatsApp (which uses the same encryption protocol as Signal), or Telegram has been broken, it’s that the CIA may have a way to break into Android devices that are using Signal and other encrypted messaging apps, and thus be able see what users are typing and reading before it becomes encrypted.

There is a significant difference between breaking the encryption protocol used by a secure messaging app and breaking into the underlying operating system. The first would allow the CIA to sit in the middle of Signal or WhatsApp connections, collect packets being sent to and from Signal and WhatsApp clients, and decrypting the packets and reading the contents. This would allow the CIA to potentially surveil every WhatsApp and Signal user. The second would allow the CIA to target individual devices, compromise the operating system, and surveil everything the user is doing on that device. Not only would this compromise the security of Signal and WhatsApp, it would also compromise the security of virtual private networks, Tor, PGP, and every other application running on the device. But the attack would only allow the CIA to surveil specific targeted users, not every single user of an app.

The devil is in the details and a lot of random Internet denizens and journalists are getting the details wrong. It’s going to take time for people with actual technical knowhow to dig through the archive and report on the information they find. Until then, don’t panic.

Social Media for Activists

After eight years of unexplained absence, neoliberals who are critical of the State have returned. I’m not sure where they were hiding but I’m glad to see that they’re safe and sound. But a lot has change in eight years so I’m sure many of them are out of the loop when it comes to online security. For example, what if you’re a federal employee who was told by your employer to shut up and you wanted to criticize them for it but didn’t want to be fired from your parasitic job? This isn’t as easy as opening a Twitter account and blasting criticisms out 140 characters at a time. Your employer has massive surveillance powers that would allow it to discover who you are and fire you for disobedience. Fortunately, The Grugq has you covered.

The information in his post regarding Twitter is applicable to any activist who is utilizing social media and might raise the ire of the State. I think the most important piece of information in that article though is that you shouldn’t immediately jump in with the sharks:

These are a lot of complicated operational rules and guides you’ll have to follow strictly and with discipline. If you “learn on the job” your mistakes will be linked to the account that you’re trying to protect. It would be best that you go through the steps and practice these rules on a non sensitive account. Make sure you’re comfortable with them, that you know how to use the tools, that you understand what you’re supposed to do and why.

Some underground organisations have something they call “the first and last mistake,” which is when you break a security rule and it leads to discovery and exposure. You’re the resistance, you need to make sure you can use the tools of resistance without mistakes – so practice where it is safe, get the newbie mistakes out of the way, and then implement and operate safely where it matters.

If you’re planning to partake in activism you should do a few trail runs of creating and maintaining pseudonymous social media accounts. Maintaining the discipline necessary to avoid detection is no easy feat. It’s best to screw up when it doesn’t matter than to screw up when you could face real world consequences.

Bypassing the Censors

What happens when a government attempts to censor people who are using a secure mode of communication? The censorship is bypassed:

Over the weekend, we heard reports that Signal was not functioning reliably in Egypt or the United Arab Emirates. We investigated with the help of Signal users in those areas, and found that several ISPs were blocking communication with the Signal service and our website. It turns out that when some states can’t snoop, they censor.

[…]

Today’s Signal release uses a technique known as domain fronting. Many popular services and CDNs, such as Google, Amazon Cloudfront, Amazon S3, Azure, CloudFlare, Fastly, and Akamai can be used to access Signal in ways that look indistinguishable from other uncensored traffic. The idea is that to block the target traffic, the censor would also have to block those entire services. With enough large scale services acting as domain fronts, disabling Signal starts to look like disabling the internet.

Censorship is an arms race between the censors and the people trying to communicate freely. When one side finds a way to bypass the other then the other side responds. Fortunately, each individual government is up against the entire world. Egypt and the United Arab Emirates only have control over their own territories but the people in those territories can access knowledge from anywhere in the world. With odds like that, the State is bound to fail every time.

This is also why any plans to compromise secure means of communication are doomed to fail. Let’s say the United States passes a law that requires all encryption software used within its borders to include a government backdoor. That isn’t the end of secure communications in the United States. It merely means that people wanting to communicate securely need to obtain tools developed in nations where such rules don’t exist. Since the Internet is global access to the goods and services of other nations is at your fingertips.

Using Bitcoin in Venezuela

State socialism is quickly reaching its inevitable conclusion in Venezuela. The economy is in shambles. The nation’s currency, the bolivar, is in a state of hyperinflation, which makes buying even a loaf a bread with it difficult. While the Venezuelan government scrambles to maintain its control over the people the people are adapting. One of the adaptions they’re making is using an alternative currency, one that is effectively impossible for the Venezuelan government to control. That currency is, of course, Bitcoin:

Amid growing economic chaos, and the highest inflation rate in the world, some Venezuelans are swapping bolivars for bitcoins in order to buy basic necessities or pay their employees

The digital currency is free from central bank or government controls, and users in Venezuela see it as a safe alternative in an economy where the government has enforced strict foreign exchange controls, and inflation is running at an estimated 500%.

This week, Venezuelans rushed to unload 100-bolivar bills – the largest denomination – after the government announced that it would be withdrawn from circulation on Wednesday in what it described as a move against profiteering.

Mainstream economists have been decrying Bitcoin since it started becoming popular. Since the currency isn’t issued by a central bank the mainstream economists have declared it worthless. But the value of Bitcoin continues to rise. When I last checked it was around $800 per Bitcoin. Why does Bitcoin continue to succeed in spite of mainstream economists? Because mainstream economists are fools.

All of the things mainstream economists criticize Bitcoin for are actually important features. Not being controlled by a central bank means that a government can control it. Venezuela can’t just decide to withdraw Bitcoin or print more of it. The fact that there is a cap on the total amount of Bitcoin that will ever exist is also an important feature. Without the ability to print an infinite amount of Bitcoin no government can inflate it. The lack of inflation means that Bitcoin can be a safe method of preserving one’s purchasing power over time (a fancy way of saying savings). Bitcoin’s pseudoanonymity can protect users from the prying eyes of the State, which means it can be used in countries where the State would rather see people starve to death than utilize a currency it isn’t issuing.

Bitcoin’s popularity will likely continue to increase as more national currencies collapse. As its popularity continues to increase the technical limitations, the only valid criticisms against Bitcoin, will continue to be addressed and addressed more rapidly.