History of Crypto War I

In its zeal to preserve the power to spy on its citizens members of the United States government have begun pushing to prohibit civilians from using strong cryptography. While proponents of this prohibition try to scare you with words such as terrorists, drug cartels, and pedophiles let’s take a moment to remember the last time this war was waged:

Encryption is a method by which two parties can communicate securely. Although it has been used for centuries by the military and intelligence communities to send sensitive messages, the debate over the public’s right to use encryption began after the discovery of “public key cryptography” in 1976. In a seminal paper on the subject, two researchers named Whitfield Diffie and Martin Hellman demonstrated how ordinary individuals and businesses could securely communicate data over modern communications networks, challenging the government’s longstanding domestic monopoly on the use of electronic ciphers and its ability to prevent encryption from spreading around the world. By the late 1970s, individuals within the U.S. government were already discussing how to solve the “problem” of the growing individual and commercial use of strong encryption. War was coming.

The act that truly launched the Crypto Wars was the White House’s introduction of the “Clipper Chip” in 1993. The Clipper Chip was a state-of-the-art microchip developed by government engineers which could be inserted into consumer hardware telephones, providing the public with strong cryptographic tools without sacrificing the ability of law enforcement and intelligence agencies to access unencrypted versions of those communications. The technology relied on a system of “key escrow,” in which a copy of each chip’s unique encryption key would be stored by the government. Although White House officials mobilized both political and technical allies in support of the proposal, it faced immediate backlash from technical experts, privacy advocates, and industry leaders, who were concerned about the security and economic impact of the technology in addition to obvious civil liberties concerns. As the battle wore on throughout 1993 and into 1994, leaders from across the political spectrum joined the fray, supported by a broad coalition that opposed the Clipper Chip. When computer scientist Matt Blaze discovered a flaw in the system in May 1994, it proved to be the final death blow: the Clipper Chip was dead.

The battlefield today reflects the battlefield of Crypto War I. Members of the government are again arguing that all civilian cryptography should be weakened by mandating the use of key escrow that allows the government to gain access to any device at any time. As with the last war, where the government proposed Clipper Chip was proven to be completely insecure, this war must be looked at through the eye of government security practices or, more specifically, lack of security practices. It was only last week that we learned some of the government’s networks are not secure, which lead to the leaking of every federal employee’s personal information. How long do you think it would take before a hack of a government network lead to the leaking of every escrow key? I’d imagine it would take less than a week. After that happened every device would be rendered entirely insecure by anybody who downloaded the leaked escrow keys.

What everybody should take away from this is that the government is willing to put each and every one of us at risk just so it can maintain the power to spy on use with impunity. But its failure to win Crypto War I proved that the world wouldn’t come to an end if the government couldn’t spy on us with impunity. Since Crypto War I the power of law enforcement agents to acquire evidence of wrongdoing (according to the state) didn’t suddenly stop, terrorist attacks didn’t suddenly become a nightly occurrence, and children being abducted by pedophiles didn’t suddenly become a fact of everyday life.

Crypto War II is likely inevitable but it can be won just as the last one was. The first step to victory is not allowing yourself to be suckered by government lies.

The Sorry State of E-Mail

As I briefly mentioned last week I’ve been spending time setting up a new e-mail server. For years I’ve been using OS X Server to run my e-mail server because it was easy to setup. But there are a lot of things I dislike about OS X Server. The biggest problem was with the change from 10.6 to 10.7. With that update OS X Server went from being a fairly serious piece of server software that a small business could use to being almost completely broken. Apple slowly improved things in later released of OS X but its server software remains amateur hour. Another thing that I dislike about OS X Server is how unstable it becomes the moment you open a config file and make some manual changes. The graphical tool really doesn’t like that but it also don’t give you the options necessary to fine tune your security settings.

My e-mail server has grown up and now runs on CentOS. I’ve tried to tighten up security as much as possible but I’ve quickly learned how sorry of a state e-mail is in. One of my goals was to disable broken Transport Layer Security (TLS) settings. However this presents a sizable problem because there are a lot of improperly configured e-mail servers out there. Unlike web servers where you can usually safely assume clients will be able to establish a connection with a sever using properly configured TLS no such assumptions can be made with e-mail servers. Some e-mail servers don’t support any version of TLS or Secure Socket Layer (SSL) and those that do often have invalid (expired, self-signed, etc.) certificates. In other words you can’t disable unsecured connections without being unable to communicate with a large number of e-mail servers out there. Let me just say that as much as I hate how everybody uses Google because it makes the government’s surveillance apparatus cheaper to implement I appreciate that the company actually has properly configured e-mail servers.

Another problem with securing e-mail servers is that they rely on the STARTTLS protocol. I say this is a problem because the first part of establishing a secure connection via STARTTLS is asking the server if it supports it through an unsecured connection. This has allowed certain unscrupulous Internet service providers (ISPs) to intercept and edit out the mention of STARTTLS support from a server’s reply, which causes the client to revert to an unsecured connection for the entire communication. This wouldn’t be a problem if we could safely assume all e-mail servers support TLS because then you could configure servers to only use TLS.

What’s the answer? Ultimately I would say it is to move away from e-mail as we currently know it. But that’s easier said than done so I will continue to strong urge people to utilize Pretty Good Privacy (PGP) to encrypt and sign their e-mails. Even if a PGP encrypted e-mail is transmitted over an unsecured connection the amount of data a snoop can collect on you is far less (but since PGP can only really encrypt the contents of the e-mail a great deal of metadata is still available to anybody observing the communication between e-mail servers).

I also urge people to learn how to setup their own e-mail servers and to do it. Ars Technica and Sealed Abstract have good guides on how to setup a pretty secure e-mail server. However there is the problem that many ISPs block the ports used by e-mail server on their residential packages. So implementing an e-mail server out of your home could require getting a business account (as well as a static Internet protocol (IP) address). A slightly less optimal (because your e-mail won’t be stored on a system you physically control) option of setting up your e-mail server on a third-party host is a way to bypass this problem. Unless people stop relying on improperly configured e-mail servers there isn’t a lot of hope for salvaging e-mail as a form of secure communication (this should give people involved in professions that require confidentiality, such as lawyers, a great deal of concern).

Many people will probably become discouraged after reading this post and tell themselves that securing themselves is impossible. That’s not what you should take away from this post. What you should take away from this post is that the problem requires us to roll up our sleeves, further our knowledge, and fix it ourselves. Securing e-mail isn’t hopeless, it just requires us to actually do something about it. For my part I am willing to answer questions you have regarding setting up an e-mail server. Admittedly I won’t know the answer to every question but I will do my best to provide you with the knowledge you need to secure yourself.

Is Your App a Benedict Arnold

Most smartphone users rely on apps to access much of their online data. This can be problematic though since many app developers have little or no knowledge about security. A research project has unveiled a number of Android apps, many of which are developed by companies with deep enough pockets to hire dedicated security personnel, that communicate user credentials over plaintext:

Researchers have unearthed dozens of Android apps in the official Google Play store that expose user passwords because the apps fail to properly implement HTTPS encryption during logins or don’t use it at all.

The roster of faulty apps have more than 200 million collective downloads from Google Play and have remained vulnerable even after developers were alerted to the defects. The apps include the official titles from the National Basketball Association, the Match.com dating service, the Safeway supermarket chain, and the PizzaHut restaurant chain. They were uncovered by AppBugs, a developer of a free Android app that spots dangerous apps installed on users’ handsets.

By communicating your credentials over plaintext these apps are betraying your account security to anybody listening on the network. What makes this particular problem especially worrisome is that it’s difficult for the average user to detect. How many users are going to connect their phone to their wireless network, open up Wireshark, and ensure all of their apps are communicating over HTTPS?

Developers should be expected to understand HTTPS if they’re communicating user credentials back to a server. But the real source of this problem is the fact plaintext is still allowed at all. We’re well beyond the point where HTTP should be deprecated, in fact Mozilla is planning to do exactly that, in favor of HTTPS only. If HTTP is no longer allowed then we don’t have to worry about apps communicating data over it (we still have to worry about improperly configured HTTPS but that’s something we have to worry about currently).

Government Networks Are too Old to Secure

The quest for answers regarding the recent breach that put every federal employee’s personal information at risk has begun. As with most government investigations into government screw ups this one is taking the form of public questionings of mid-level federal employees. Buried within the extensive waste of time that was the most recent public hearing were a few nuggets of pure gold. For starters the Office of Personnel Management (OPM) Director, Katherine Archuleta, let some information slip that should be very concerning to everybody:

During testimony today in a grueling two-hour hearing before the House Oversight and Government Reform Committee, Office of Personnel Management (OPM) Director Katherine Archuleta claimed that she had recognized huge problems with the agency’s computer security when she assumed her post 18 months ago. But when pressed on why systems had not been protected with encryption, she said, “It is not feasible to implement on networks that are too old.” She added that the agency is now working to encrypt data within its networks.

Apparently government networks are too old to secure. The only conclusion one could draw from this is that involved the government networks are running on unsupported software. Perhaps most of the computers in its networks are still running Windows XP or something older. Perhaps the hardware they’re using is so ancient that it cannot actually encrypt and decrypt data without a noticeable performance hit. What is clear is that somebody really screwed up. Whether it was network administrators failing to update software and hardware or bean counters failing to set aside funding for modernization the network that holds the personal information for every federal employee was not properly maintained. And this is the same organization that has a great deal of personal information about every American citizen. The federal government has your name, address, phone number, Social Security Number, date of birth, and more sitting in its janky-ass network. Think about that for a moment while you contemplate the importance of privacy from the government.

But old networks aren’t the only problem with the government’s networks:

But even if the systems had been encrypted, it would have likely not mattered. Department of Homeland Security Assistant Secretary for Cybersecurity Dr. Andy Ozment testified that encryption would “not have helped in this case” because the attackers had gained valid user credentials to the systems that they attacked—likely through social engineering. And because of the lack of multifactor authentication on these systems, the attackers would have been able to use those credentials at will to access systems from within and potentially even from outside the network.

Gaining valid user credentials shouldn’t allow one to obtain personal information on every government employee. This admission indicates that every user on the network must either have administrative rights or the data isn’t protected in any way against unauthorized access from internal users. Any network administrator worth a damn knows that you only give users the privileges they require. Developers of systems that handle sensitive personal information should know that any access to said information would require approval from one or more higher ups. If I’m a user and want to access somebody’s Social Security Number there should be some kind of overseer that must approve the request.

Many network administrators haven’t implemented multifactor authentication but this omission is inexcusable for a network that contained so much personal information. Relying on user names and passwords to protect massive databases of personal information is gross negligence. With options such as YubiKey, RSA Secure ID, and Google Authenticator there is no excuse for not implementing multifactor authentication on networks with so much sensitive information.

Well all know governments love oversight and this is no exception. The systems in question were inspected by a government overseer, were deemed to not be properly secure, and nothing was done about it:

He referred to OPM’s own inspector general reports and hammered Seymour in particular for the eleven major systems out of 47 that had not been properly certified as secure—which were not contractor systems but systems operated by OPM’s own IT department. “They were in your office, which is a horrible example to be setting,” Chaffetz told Seymour. In total, 65 percent of OPM’s data was stored on those uncertified systems.

Chaffetz pointed out in his opening statement that for the past eight years, according to OPM’s own Inspector General reports, “OPM’s data security posture was akin to leaving all your doors and windows unlocked and hoping nobody would walk in and take the information.”

Here we see one of the biggest failures with government oversight, the lack of enforcement. When an inspector deems systems to be unfit those systems should be made fit. If they’re not made fit people charged with maintaining them should be replaced. There is no point in oversight without follow through.

When people claim they have nothing to hide from the government they seldom stop to consider who can gain access to its data. It’s not just the law enforcers. Due to general incompetence when it comes to security it’s potentially anybody with valid user credentials. And valid user credentials are obtainable by exploiting the weakest link in any computer network, the user. According to Dr. Andy Ozment the credentials were likely obtained through social engineering, which is something most people can fall prey to. Because of the lack of multifactor authentication that means anybody who can social engineer user credentials from a government employee potentially has access to all of the data collected by the government on yourself. Is that something you’re honestly OK with? Do you really want a government this incompetent at protecting the personal data of its own employees holding a lot of personal data about you?

Lazy Libertarians

This weekend several of my friends and I had the privilege of running the CryptoParty for B-Sides MSP. It wasn’t the first CryptoParty I’ve either hosted or helped host but all of the previous ones were for various libertarian groups. I cannot properly express the difference between being a part of a CryptoParty with security professionals versus libertarians. Unlike the libertarian CryptoParties I’ve been involved with, none of the people at B-Sides MSP went on a tirade about how the otherwise entirely incompetent government can magically crack all crypto instantly.

Libertarians like to consider themselves the paragons of personal responsibility. However, time and again, I see that a lot of libertarians putting more effort into making excuses for their laziness than doing anything productive. Using secure communication tools is one of these areas where supposedly responsible libertarians like to be entirely irresponsible. This is kind of ironic because libertarians tend to be the ones bitching about government surveillance the loudest.

It was during the CryptoParty at B-Sides MSP that I made a decision. From now on I’m going to call out lazy libertarians. Whenever I host or otherwise participate in a CryptoParty for libertarians and one of them goes off about the incompetent government suddenly being incredibly competent I’m just going to tell them to shut the fuck up so the adults can continue talking. If you are a libertarian and you sincerely oppose government surveillance then prove your sincerity by utilizing the really awesome and very effective tools we have available to secure our communications. Use Pretty Good Privacy (PGP) to encrypt your e-mails, call people with Red Phone or Signal, send text messages with TextSecure or Signal, and encrypt your computer and mobile device’s storage. Unless you’re doing these things I can’t take any claims you make about hating government surveillance seriously. If you want to be lazy and make up conspiracy theories that’s your thing but I am going to call your ass out for it.

Actual security professionals, some of whom knew a hell of a lot more about cryptography than me (not that that’s very hard), took these tools seriously and so should as well. The only people claiming that the government can break all cryptography instantly are conspiracy theorists who know absolutely dick about cryptography and people wanting to justify their laziness. Don’t be either of those. Instead embrace the personal responsibility libertarians like to tout and take measures to make government surveillance more expensive.

Anything the Private Sector can Screw Up the Government can Screw Up Better

There have been numerous major data breaches in recent times that have compromised a lot of credit card numbers. The reaction from those breeches ranged from anger to outright demands that the government get involved to ensure another one never happens. As if trying teach that last crowd a valuable lesson fate has shown us once again that anything the private sector can screw up the government can screw up better (which is impressive because the private sector and really fuck some shit up):

A giant hack of millions of government personnel files is being treated as the work of foreign spies who could use the information to fake their way into more-secure computers and plunder U.S. secrets.

Millions of personnel files, including Social Security numbers, were acquired by an unknown attacker. This makes the compromise of credit card numbers look like amateur hour by comparison! But it gets better!

Federal employees were told in a video Friday to change all their passwords, put fraud alerts on their credit reports and watch for attempts by foreign intelligence services to exploit them. That message came from Dan Payne, a senior counterintelligence official for the Director of National Intelligence.

Emphasis mine. How in the hell is a regular low-level federal employee supposed to watch for attempts by foreign intelligence agencies trying to exploit them? Does the United States government honestly think other intelligence agencies are so inept as to have a guy with a strong foreign accent call up federal employees and say, “Hello, I’m a Nigerian prince…”? The average person has no idea how to defend themselves against a specialized spook (if they did spooks wouldn’t be very effective at their job).

Both the breach and the response are ridiculous. However this points to something more concerning. If the government can’t keep its personnel files safe or detect a major breach for months (the story notes the breach occurred in December but wasn’t discovered until this month) then why should we have any confidence in its ability to keep our personal information secure? Everything from tax records to our phone calls (thanks National Security Agency) are being held by the federal government and could be up for grabs by any competent attacker. Imagine the wealth of information that could be acquired if an attacker managed to breach one of the NSA’s databases. This is another reason why allowing the government to store personal information is so dangerous.

If You’re Not Paying for the Service You’re the Product

There ain’t no such thing as a free lunch (TANSTAAFL) is a phrase made famous by Heinlein’s The Moon is a Harsh Mistress. In the book the people who inhabit the moon periodically say “TANSTAAFL,” as a reminder that nothing comes for free. The Internet has become the biggest embodiment of this fact. Most Internet services are “free.” Gmail, Facebook, and Twitter are just a handful of examples of services that cost users nothing and are therefore advertised as free. Anybody who understands the concept behind TANSTAAFL knows that these services aren’t free. In fact if you’re not paying for a service then there’s a very good chance that you’re the product. Normally this means your personal information is sold to advertisers but sometimes an Internet company takes things to the next level. Hola, a virtual private networks (VPN) provider that offered its service for “free”, is an example of this:

Hola is easy-to-use browser plugin available in the Google Chrome Store with currently more than 6 Million downloads. But, unfortunately, Hola could be used by hackers to maliciously attack websites, potentially putting its users at risk of being involved in illegal or abusive activities.

Hola uses a peer-to-peer system to route users’ traffic. So, if you are in Denmark and wants to watch a show from America, you might be routed through America-based user’s Internet connections.

However, Hola is not leaving a chance to make money out of a free service. It has been selling access to users’ bandwidth for profit to a third-party service called Luminati, which then re-sells the connections, Hola founder Ofer Vilenski confirmed.

I would never trust a free service provider that required me to install special client software because of the threat of shit like this. Facebook and Twitter are limited in the damage they can do by the fact that their service doesn’t rely on local software (unless you use their apps on your mobile device). Neither service can, for example, sell your bandwidth. Hola, which relied on a Chrome plugin, could because it had software resident on its users’ systems. If somebody is offering a “free” service but requires the installation of special software just remember TANSTAAFL. Since it’s free you’re the product and with resident software on your system the service provider can offer its real customers a lot more than a mere web page can.

Thwarting Cellular Interceptors

The United States government has been using planes equipped with cell phone interceptors to surveil large areas. Recently planes have been spotted around the Twin Cities circling areas of interest for hours and it appears that they’re equipped with surveillance equipment:

The plane’s flight path, recorded by the website flightradar24.com, would eventually show that it circled downtown Minneapolis, the Mall of America and Southdale Center at low altitude for hours starting at 10:30 p.m., slipping off radar just after 3 a.m.

“I thought, ‘Holy crap,’ ” said Zimmerman.

Bearing the call sign N361DB, the plane is one of three Cessna 182T Skylanes registered to LCB Leasing of Bristow, Va., according to FAA records. The Virginia secretary of state has no record of an LCB Leasing. Virtually no other information could be learned about the company.

Zimmerman’s curiosity might have ended there if it weren’t for something he heard from his aviation network recently: A plane registered to NG Research — also located in Bristow — that circled Baltimore for hours after recent violent protests there was in fact an FBI plane that’s part of a widespread but little known surveillance program, according to a report by the Washington Post.

[…]

Zimmerman, who spotted the plane over Bloomington, said he pored through FAA records to find the call letters for each plane and then searched for images of them. He found photographs that show the planes outfitted with “external pods” that could house imagery equipment. He also found some of the planes modified with noise-muffling capability. That’s not common for a small plane, he said.

[…]

Other devices known as “dirtboxes,” “Stingrays” or “IMSI catchers” can capture cellphone data. Stanley said it’s still unclear what technologies have been used in the surveillance flights.

It’s unknown if these planes are surveillance craft or equipped with cell phone interceptors but the evidence of the former is great and the government’s program to use such craft for cell phone interception indicates the latter is likely. That being the case I feel it’s a good time to discuss a few tools you can use to communicate more securely with your cell phone.

Modern cellular protocols utilize cryptography. What many people don’t realize is that, at least in the case of Global System for Mobile (GSM), the cryptography being used is broken, which is why cell phone interceptors work. Furthermore cryptography is only used between cell phones and towers. This means your cellular provider, and therefore law enforcement agents, can listen to and read your calls and text messages.

What you really want is end-to-end encryption for your calls. Fortunately tools that do that already exist. Three tools I highly recommend are Signal, RedPhone, and TextSecure from Open Whisper Systems. Signal is an iOS application that encrypts both voice calls and text communications. RedPhone is an Android app for encrypting calls and TextSecure is an Android app for encrypting text communications. Signal, RedPhone, and TextSecure are all compatible with one another so iOS users can securely communication with Android users. All three applications are also easy to use. When you install the applications you register your number with Open Whisper System’s servers. Anybody using the applications will be able to see you have the applications installed and can therefore communicate with you securely. Since the encryption is end-to-end your cellular provider cannot listen to or read your calls and text messages. It also means cell phone interceptors, which rely on the weak algorithms used between cell phones and towers, will be unable to surveil your communications.

As the world becomes more hostile towards unencrypted communications we must make greater use of cryptographic tools. It’s the only defense we have against the surveillance state. Fortunately secure communication tools are becoming easier to use. Communicating securely with friends using iOS and Android devices is as simple as installing an app (granted, these apps won’t protect your communications if the devices themselves are compromised but that’s outside of the threat model of planes with cell phone interceptors).

Markets Versus the State

States throughout the world try to restrict markets. These attempts never succeed because the handful of individuals that comprise the state are up against the creativity of very person living under it. This is what so-called “black” markets exist.

Russia decided to place an embargo on foods from the European Union and United States in response to sanctions created against it by those regions. The embargo hasn’t stopped the importation of food from either region. But the embargo makes it risky for importers of these now illicit goods to openly advertise. In the past “black” market actors have relied on limited forms of advertising such as word of mouth. One advertisement agency has come up with a solution that allows “black” market providers to advertise their goods more widely and protects them from state agents:

Last summer, Russia imposed a full embargo on food imports from the European Union (as well as the U.S.) in retaliation for sanctions over Ukraine. This left authentic European food merchants in Moscow in a bit of a bind.

But one Italian grocery store there, Don Giulio Salumeria, kept selling its real Italian food—and came up with a bizarre out-of-home stunt to advertise to consumers without tipping off the police.

With help from agency The 23, the store developed a unique outdoor ad that could recognize police uniforms. Whenever the cops would appear, the ad would cycle out of its rotating display—in essence, physically hiding from the authorities.

Here’s a video showing the sign in action:

Obviously this solution isn’t perfect. Since it relies on recognizing police uniforms it won’t hide the advertisement from off-duty officers walking around in their regular clothes. However it is a demonstration of market innovation and could easily be expanded. In the next iteration they should have the sign store a facial picture of anybody recognized as an officer. Then have it compare faces of anybody passing by with known police officers and hide the advertisement if there’s a match. That way the sign would be able to hide its advertisement from off-duty and on-duty officers.

Innovative ideas such as this one are why the state will always fail when it attempts to restrict markets.

Watching Cronies Fail

A major benefit of providing solutions to government meddling is watching as the government’s cronies fail. Cab drivers in Mexico, as cab drivers in much of the world, are unhappy with ride-sharing services such as Uber and Lyft. Their unhappiness is understandable since they’ve been shielded from competitors by their government for decades. When you haven’t had to compete in a market it can be scary facing competition because it makes you realize that you have to actually provide a superior service if you want to thrive.

On Monday cab drivers in Mexico went on strike to protest Uber. The protest was a plea for the Mexican government to ban Uber. The end result was to give Uber a great dead of publicity and convince a lot of people to try Uber since they couldn’t get around using traditional cabs:

Monday’s protest from Mexican Taxi drivers, against ride-sharing mobile apps such as Uber, has proved a boon for the San Francisco-based company. After offering a protest-edition special with two free 10-dollar rides, downloads of the app rose by 800 percent, Uber Communications Director for Mexico Luis de Uriarte said on Tuesday.

Unlike Uber, the signs of regulated taxis were off in Mexico on May 25, as some 5,000 drivers took to the streets of Mexico City. Chanting “Get out Uber!” union leaders demanded the government impose a ban on the smartphone-based service.

With the hashtags #UberNoPara (Uber doesn’t stop) and #MexicoNoPara (Mexico doesn’t stop), Uber launched a campaign offering two MEX$150 (US$9.8) fares for free between 7:00 a.m. and 9:59 p.m. on Monday. The initiative not only have become a commercial success, it brought PR blowback on the taxi drivers.

Uber and Lyft are providing a solution to a market that has been crippled by government regulations for decades. Many localities put an artificial cap on the number of legal taxi cabs that can operate. Other localities, while not putting an artificial cap in place, require potential taxicab drivers to pay a licensing fee, which adds a barrier to entry. The result has been lackluster taxicab services in much of the world. With ride-sharing services such as Uber and Lyft anybody can act as a taxicab. Suddenly cronies that have been protected from competition are facing the competition of anybody with a vehicle and they’re floundering.

Providing solutions to government create problems weakens its grip by showing how unnecessary it is. While government protected taxicab drivers were refusing to provide services ride-sharing swooped in to save the day. Because of this people are unlikely to accept any prohibition against ride-sharing services.