Tag: Crypto-Anarchism

Security Is A Growing Threat To Security

Where a person stands on the subject of effective cryptography is a good litmus test for how technically knowledgeable they are. Although any litmus test is limited you can tell immediately that an individual doesn’t understand cryptography if they in any way support state mandated weaknesses. Mike Rogers, a former Michigan politician, expressed his ignorance of cryptography in an editorial that should demonstrate to everybody why his opinion on this matter can be safety discarded:

Back in the 1970s and ’80s, Americans asked private companies to divest from business dealings with the apartheid government of South Africa. In more recent years, federal and state law enforcement officials have asked — and required — Internet service providers to crack down on the production and distribution of child pornography.

You know where it is going when the magical words “child pornography” are being mentioned in the first paragraph.

Take another example: Many communities implement landlord responsibility ordinances to hold them liable for criminal activity on their properties. This means that landlords have certain obligations to protect nearby property owners and renters to ensure there isn’t illicit activity occurring on their property. Property management companies are typically required to screen prospective tenants.

Because of the title of the editorial I know this is supposed to be about encryption. By using the words “child pornography” I know this article is meant to argue against effective cryptography. However, I have no bloody clue how landlords play into this mess.

The point of all these examples?

There’s a point?

That state and federal laws routinely act in the interest of public safety at home and abroad. Yet now, an emerging technology poses a serious threat to Americans — and Congress and our government have failed to address it.

Oh boy, this exercise in mental gymnastics is going to be good. Rogers could be going for the gold!

Technology companies are creating encrypted communication that protects their users’ privacy in a way that prevents law enforcement, or even the companies themselves, from accessing the content. With this technology, a known ISIS bomb maker would be able to send an email from a tracked computer to a suspected radicalized individual under investigation in New York, and U.S. federal law enforcement agencies would not be able to see ISIS’s attack plans.

Child pornography and terrorism in the same editorial? He’s pulling out all the stops! Do note, however, that he was unable to cite a single instance where a terrorist attack would have been thwarted if only effective encryption hadn’t been in the picture. If you’re going to opt for fear mongering it’s best to not create hypothetical scenarios that can be shot down. Just drop the boogeyman’s name and move on otherwise you look like an even bigger fool than you would.

What could a solution look like? The most obvious one is that U.S. tech companies keep a key to that encrypted communication for legitimate law enforcement purposes. In fact, they should feel a responsibility and a moral obligation to do so, or else they risk upending the balance between privacy and safety that we have so carefully cultivated in this country.

Here is where his entire argument falls apart. First he claims “state and federal laws routinely act in the interest of public safety” and now he’s claiming that state and federal laws should work against public safety.

Let’s analyze what a hypothetical golden key would do. According to Rogers it would allow law enforcement agents to gain access to a suspect’s encrypted data. This is true. In fact it would allow anybody with a copy of that key to gain access to the encrypted data of anybody using that company’s products. Remember when Target and Home Depot’s networks were breached and all of their customers’ credit card data was compromised? Or that time Sony’s PlayStation Network was breached and its customers’ credit card data was compromised? How about the recent case of that affair website getting breached and its customers’ personal information ending up in unknown hands? And then there was the breach that exposed all of Hacking Team’s dirty secrets and many of its private keys to the Internet. These are not hypothetical scenarios cooked up by somebody trying to scare you into submission but real world examples of company networks being breached and customer data being compromised.

Imagine the same thing happening to a company that held a golden key that could decrypt any customer’s encrypted data. Suddenly a single breach would not only compromise personal information but also every device every one of the company’s customers possessed. If Apple, for example, were to implement Rogers’ proposed plan and its golden key was compromised every iOS user, which includes government employees I might add, would be vulnerable to having their encrypted data decrypted by anybody who acquired a copy of the key (and let’s not lie to ourselves, in the case of such a compromise the key would be posted publicly on the Internet).

Network breaches aren’t the only risk. Any employee with access to the golden key would be able to decrypt any customer’s device. Even if you trust law enforcement do you trust one or more random employees at a company to protect your data? A key with that sort of power would be worth a lot of money to a foreign government. Do you trust somebody to not hand a copy of the key over to the Chinese government for a few billion dollars?

There is no way a scenario involving a golden key can end well, which brings us to our next point.

Unfortunately, the tech industry argues that Americans have an absolute right to absolute privacy.

How is that unfortunate? More to the point, based on what I wrote above, we can see that the reason companies don’t implement cryptographic backdoors isn’t because they believe in some absolute right to privacy but because the risks of doing so are too great of a liability.

The only thing Rogers argued in his editorial was his complete ignorance on the subject of cryptography. Generally the opinions of people who are entirely ignorant on a topic are discarded and this should be no exception.

The Future Of Warfare

There are two common predictions regarding the future of warfare. First, the arms race between military powers necessitates a continuous adoption of improving technologies. Second, the focus will increasingly be on attacking your opponents technology as opposed to their soldiers.

TrackingPoint, an optical system that automates almost all of the previously specialized knowledge usually required to accurately hit a target at long distances with a rifle, is an example of this. Such a system could greatly increase the accuracy of the average soldier while cutting training costs. Militaries that adopt such technology would have a distinct advantage over those that didn’t. The tradeoff is that the technology can be attacked and potentially render it useless:

At the Black Hat hacker conference in two weeks, security researchers Runa Sandvik and Michael Auger plan to present the results of a year of work hacking a pair of $13,000 TrackingPoint self-aiming rifles. The married hacker couple have developed a set of techniques that could allow an attacker to compromise the rifle via its Wi-Fi connection and exploit vulnerabilities in its software. Their tricks can change variables in the scope’s calculations that make the rifle inexplicably miss its target, permanently disable the scope’s computer, or even prevent the gun from firing. In a demonstration for WIRED (shown in the video above), the researchers were able to dial in their changes to the scope’s targeting system so precisely that they could cause a bullet to hit a bullseye of the hacker’s choosing rather than the one chosen by the shooter.

I’m sure somebody is going to claim this as a reason why merging firearms and technology is stupid. Such criticisms can be dismissed entirely because any military that fails to take advantage of this type of technology will be at a tremendous disadvantage. Merging technology and firearms is inevitable so we need to address the weaknesses.

TrakingPoint has stated that it will work with the researches to fix the vulnerabilities and that’s the proper response. This should also serve as a lesson to any organization creating military technology that software security, which will eventually become the primary target of enemy forces, must be a primary consideration.

As an aside it will be interesting to see if the death tolls in future wars decrease as focus on attacking technology increases. If one side can disable the other side’s ability to wage war it could lead to a bloodless surrender or an immediate retreat.

It’ll also be interesting to see how this plays out in the ancient battle of the state versus the people. Traditionally states, being centralized bureaucracies, have responded poorly to change whereas humanity as a whole has responded very well to change. In the future states will be entirely dependent on technology to both wage war and exploit its people. That could give the people a strong advantage since you could have the creativity of the entire world focused on rendering the technology and these centralized exploiters impotent. Imagine a world where a police cruiser pursuing a nonviolent drug dealer could be turned off with the push of a button. Suddenly the dangerous high-speed chase initiated by the officer could be made into a very safe getaway for the dealer. Family pets could be saved from police kicking in a door at oh dark thirty by merely using an exploit that would cause the officer’s identification friend or foe (IFF) to identify all of the house’s inhabitants as friendly and therefore prevent their weapons from discharging at them. Admittedly that is a farfetched vision but not one outside of the realm of possibility.

CryptoPartyMN Meeting Next Tuesday

As some of you may be aware I’ve been working with a group of individuals on an initiative we call CrytoPartyMN. The idea is to have an organization that meets regularly to help people learn how to use secure communication tools. So far we’ve held two CrytoParties and have been trying to regularly hold meetings every other week. Next Tuesday we’ll be having a meeting at the Wedge Table (it’s kind of like the Wedge Co-op but with sit down space, you still have to dodge hipsters on fixies to get there though).

During the meeting we’ll be discussing our upcoming CryptoParty slated for the second or third weekend in August (depending on venue availability and such). If you’re interested helping with the event feel free to stop by. The meeting starts at 18:30 and we’re usually there until the place closes down.

Why You Should Be Concerned About Wi-Fi Sense

Windows 10 has a feature, dubbed Wi-Fi Sense, that allows you to share any Wi-Fi pre-shared keys with your friends. Needless to say the security community hasn’t received this feature with open arms. Just because you trust a friend to connect to your wireless network doesn’t mean you trust all of their friends. But a lot of people have been trying to argue that this feature isn’t a big deal and people should stop being so worried about it. Some are even claiming that this feature is beneficial to security because it makes it easier for people to find encrypted Wi-Fi networks to join.

My focus when it comes to security is the individual. From my vantage point I see this feature as a risk to individuals who want to control who has access to their wireless networks. Ars Technica, while trying to argue that Wi-Fi Sense isn’t that big of a deal, inadvertently made the best case against it:

For a start, when a Wi-Fi passkey is shared with your PC via Wi-Fi Sense, you never actually see the password: it comes down from a Microsoft server in encrypted form, and is decrypted behind the scenes. There might be a way to see the decrypted passkeys if you go hunting through the registry, or something along those lines, but it’s certainly not something that most people are likely to do.

Emphasis mine. You can’t base your security model on the assumption that so long as something isn’t easy to do it won’t be done. Although Wi-Fi Sense encrypts pre-shared keys before transmitting them they have to be decrypted before they can be used. Once they’re decrypted they’re fair game for anybody who knows where to look. To make matters worse once somebody finds where the unencrypted keys are stored it will be trivial to write an automated tool for extracting and displaying them.

The biggest problem with Wi-Fi Sense it makes it extremely easy to lose any control over who has access to your pre-shared key. While it’s true that you potentially lose control over who has your pre-shared key the second you share it with somebody else this makes the problem worse because even a trustworthy person may inadvertently shard the key with all of their friends.

As with anything there are pros and cons. I’m not saying Wi-Fi Sense doesn’t offer any benefits. But I think a lot of people are sweeping major security concerns about the feature under the rug. You should be fully aware of the risks involved in using the feature and you especially can’t assume just because something is potentially difficult nobody is going to do it.

Use WPA-AES To Secure Your Wireless Network

Wired Equivalent Privacy (WEP) was the first standard implemented for securing wireless networks. As the weakness of the RC4 algorithm, which WEP relied on, became better known Wi-Fi Protected Access (WPA) was created as a successor. WPA has two modes: Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).

TKIP was a bandage created for devices that could implement AES. It used WEP but with four rotating keys that raised the challenge of attacking the network significantly. But it was never meant to be a long-term replacement. Nowadays everything has support for AES, which was a good enough reason to move away from TKIP. In addition to that the weaknesses in RC4 are now bad enough where breaking TKIP is easy:

Almost a third of the world’s encrypted Web connections can be cracked using an exploit that’s growing increasingly practical, computer scientists warned Wednesday. They said the attack technique on a cryptographic cipher known as RC4 can also be used to break into wireless networks protected by the Wi-Fi Protected Access Temporal Key Integrity Protocol.

Researchers have long known statistical biases in RC4 make it possible for attackers to predict some of the pseudo-random bytes the cipher uses to encode messages. In 2013, a team of scientists devised an attack exploiting the weakness that required about 2,000 hours to correctly guess the characters contained in a typical authentication cookie. Using refinements, a separate team of researchers is now able to carry out the same feat in about 75 hours with a 94 percent accuracy. A similar attack against WPA-TKIP networks takes about an hour to succeed. The researchers said the only reliable countermeasure is to stop using RC4 altogether.

A wireless network secured with TKIP can now be broken in an hour. If you haven’t already setup your access point to exclusively use AES it’s time to do so. If you’re administering a web server and haven’t already disabled RC4 you’ve failed. But there’s no reason you can’t redeem yourself by disabling it now.

I spend a lot of time advocating for people to encrypt their data. One caveat I try to point out but sometimes forget is that all encryption isn’t made the same. Some encryption algorithms and implementations are far better than others. Even poor encryption is better than no encryption but usually not by a lot. Effective encryption is what you need if you want to keep your data private.

Focusing On Softer Targets

In regards to the Office of Personnel Management (OPM) breach I noted that the federal government’s networks are only as secure as the weakest link. While it’s likely federal agencies such as the Department of Defense (DoD) and National Security Agency (NSA) have much more secure networks than the OPM or Internal Revenue Service (IRS) the fact that all these federal agencies share data amongst each other means an attack only needs to breach the weakest network. Apparently that’s what China has been doing:

WASHINGTON — After years of cyberattacks on the networks of high-profile government targets like the Pentagon, Chinese hackers appear to have turned their attention to far more obscure federal agencies.

Law enforcement and cybersecurity analysts in March detected intrusions on the computer networks of the Government Printing Office and the Government Accountability Office, senior American officials said this week.

It’s a smart move. Just as much valuable information can be gleamed from lesser known agencies as more famous agencies. The fact is federal agencies have so much data on both individuals and government operations that they’re all prime targets. Herein again lies the fallacy of the “nothing to hide” crowd. They believe the only eyes that will be looking at the data the federal government has collected on them is the federal government. Truth be told other eyes such as foreign governments and malicious hackers will also be looking at their data.

The reason it’s important to keep as much data away from the federal government as possible is not just because of what the federal government will do with it but also because of the likelihood it will lose control of that data in the future.

When The Only Thing You Have Is Legislation Every Problem Looks Like It Can Be Solved By Passing A Law

Politicians are trying to infringe on both the rights of self-defense and free speech in their latest attempt at the impossible. With the 3D printing revolution taking place many politicians see the writing on the wall and realize their power to regulate manufacturing is waning. Hoping to head this technology off at the pass they’re trying to find a justification that people will fall for to pass regulations against 3D printing. Their betting everything on the populace finding the prospect of 3D printed firearms scary enough that they’ll support laws restricting what individuals can print on their 3D printers. But the rhetoric is especially amusing:

The notion of a 3-D printable gun has become the perfect flashpoint in a new conflict between digital arms control and free speech. Should Americans be allowed to say and share whatever they want online, even if that “speech” is a blueprint for a gun? The State Department has now answered that question with a resounding “no.”

That isn’t even the correct question. What everybody should be asking is if it’s even possible to enforce a law restricting what individuals can do with their 3D printers. The answer is no. Computer technology is far too pervasive to control anymore. Information can be shared amongst individuals around the world almost instantly. Anonymity tools allow individuals to share information without being identifiable. And even if people in the United States comply with a law against sharing 3D printer designs for firearms the rest of the world isn’t bound by such nonsense.

Censorship is dead and the Internet killed it. Any restriction against the sharing of ideas is unenforceable and therefore shouldn’t even be a consideration for politicians.

Gun Control And Cryptography Control: Same Idea With The Same Outcome

Crypto War II is heating up. David Cameron has vowed to make effective cryptography illegal in the Britain, the Federal Bureau of Investigations (FBI) has been uging Congress to pass a ban on effective cryptography, and Australia has been ahead of the curve by not just prohibiting the use of strong cryptography but also learning about it. I’ve spent a good deal of time fighting against attempts to restrict or prohibit gun ownership. From my experience there I can say that attempts to restrict or prohibit effective cryptography is the exact same thing with the same outcome.

First, let’s consider what restricting or prohibiting gun ownership does. Gun restriction laws prohibit non-state individuals from having legal access to certain types of firearms and what they can do with their firearms. The National Firearms Act (NFA), for example, places heavy restrictions on purchasing machine guns, suppressors, and several other categories of firearms. Adding to the NFA’s restrictions on machine guns the Hughes Amendment to the Firearm Owners Protection Act outright prohibited non-state entities from legally owning machine guns manufactured after 1986. In addition to these restrictions the Gun Control Act of 1968 also created a list of individuals prohibited from owning any type of firearm. The list includes anybody who has been labeled a felon, which means simply failing to abide by the entire tax code could make it illegal for you to own a firearm. Most states have laws restricting individuals from lawfully carrying a firearm without state permission. In other words most states restrict individuals’ options for self-defense. Those laws, like all laws, only apply to individuals acting within the law. Criminals, by definition, do not have to abide by these restrictions and prohibitions so the ultimate outcome is that non-state individuals can be outgunned by violent criminals (both the state and non-state variety).

Now let’s consider what restricting or prohibiting effective cryptography does. Restrictions against effective cryptography create a legal requirement that all cryptographic systems be weakened in such a way that they can be easily bypassed by the state. In reality cryptographic systems cannot be weakened in such to allow only one entity to bypass them without also allowing other entities to bypass them. We learned this lesson during the Clipper chip fiasco. When you purposely introduce weaknesses into cryptographic systems those weaknesses can be targeted by anybody, including run of the mill criminals and foreign states. In the case of key escrow, the system being proposed where all encrypted data can be decrypted by a key held by the state, the focus would likely be in either creating or stealing a copy of the state’s key. Once that happened, and it would only be a matter of time until it did happen, the encrypted data would be available to anybody with a copy of the key to read. Imagine the day, and it would happen, where that master key was widely distributed across the Internet. Suddenly everything that was lawfully encrypted would be easily decrypted by anybody. Your personal information, including credit card and Social Security numbers, would be accessible to every identify thief in the world. Any communications you had that could imply you were participating in an unlawful activity, even if you weren’t, would suddenly be accessible not only to law enforcement agents but also individuals interested in blackmailing you. All future communications with online stores would be vulnerable, which means your credit card and shipping information could be snapped up by anybody surveiling the network you’re using. Any information you entered into state and federal online tax systems would be viewable to anybody with a copy of the master key. Effectively everything you communicated would be transmitted in plaintext and viewable to anybody.

Cryptography, like a firearm, is a means of self-defense. Where firearms are used to defend your physical self cryptography is used to defend your data. If your phone or laptop is stolen encryption can defend all of the information stored on it from the thief. When you make a purchase online encryption defends your credit card number and shipping address from identify thieves. Your Social Security number is also defended against identify thieves by encryption when you fill out your taxes online. There are a lot of bad individuals who want to steal personal information about you and the only thing you have to defend against them is effective cryptography. Any restriction against effective cryptography necessarily inhibits the ability of individuals to defend themselves.

The fight against restricting cryptography is the same fight against restricting firearm ownership. Both fights are against attempts by the state to restrict the ability of individuals to protect themselves from harm.

The Deplorable State Of The Government’s Network Security

“I’ve got nothing to hide,” is a phrase commonly spoken by supporters of government surveillance and those too apathetic to protect themselves against it. It’s a phrase only spoken by the ignorant. With each working professional committing an average of three felonies a day there are no grounds for anybody to claim they have nothing to hide from the government. But even those who don’t believe they have anything to hide from the government likely feel as though they have something to hide from the general public. With the breach of the Office of Personnel Management’s (OPM) network we were shown another important fact: the government’s network security is in such a poor state that any data it collects could be leaked to the general public.

Now we’re learning that the OPM wasn’t the only government agency with deplorable network security. It’s a chronic problem within the government:

Under a 2002 law, federal agencies are supposed to meet a minimum set of information security standards and have annual audits of their cybersecurity practices. OPM’s reviews showed years of problems.

But the issue is far more widespread than with just one agency. According to the Government Accountability Office, 19 of 24 major agencies have declared cybersecurity a “significant deficiency” or a “material weakness.” Problems range from a need for better oversight of information technology contractors to improving how agencies respond to breaches of personal information, according to GAO.

“Until federal agencies take actions to address these challenges—including implementing the hundreds of recommendations GAO and agency inspectors general have made—federal systems and information will be at an increased risk of compromise from cyber-based attacks and other threats,” the watchdog agency said in a report earlier this month.

A large majority of major agencies have declare their network security to be unfit. In addition to general network security there are also concerns about overseeing contractors; which is pretty legitimate after Edward Snowden, an at the time contractor, walked off with a lot of National Security Agency (NSA) secrets; and abilities to respond to breaches.

Many mass surveillance apologists have pointed out that the OPM isn’t exactly the NSA because they assume the latter has far better security. As I mentioned above, Edward Snowden proved otherwise. And even if some agencies do have effect network security the problem of inter-agency sharing is a real concern. Assume the Internal Revenue Service (IRS) actually has adequate network security but it shares information with the OPM. In the end the data held by the IRS is still acquired by malicious hackers because they were able to compromise an agency that also held the data. Security is only as strong as the weakest link.

The next time somebody claims they have nothing to hide from the government ask them to post all of their personal information to Pastebin. If they’re not willing to do that then they should be concerned about government surveillance considering the state of its networks.