Technology – Page 69 – A Geek With Guns

3D Printed Rifle Successfully Fires 14th Round

Prepare for more pants shitting hysteria from the idea because another 3D printed firearm, this time a rifle, has managed to fire more than one round without harming its operator:

Just the opposite: Designers have moved beyond handguns to produce rifles with 3D printers. The world’s first 3D-printed rifle, named “The Grizzly” after Canadian-built tanks that were used in World War II, was fired in June, but the first shot fractured the barrel receiver.

The creator, a Canadian man who goes simply by “Matthew,” refined his design and posted a video Friday on YouTube of the Grizzly 2.0 successfully firing 3 rounds of Winchester bullets. The video description says the Grizzly 2.0 fired 14 rounds before it cracked. The new rifle was also safe enough for Matthew to fire it by hand rather than by the string system used in the first test.

Here’s the video:

Before the media begins its fear mongering by telling everybody that this gun can get through airport security and will be used to hijack planes let’s stop and think logically for a minute. Although it has successfully fired 14 rounds without maiming its operator, the Grizzly is still a plastic gun, which means the extent of its life is going to be relatively short. Like the Liberator handgun, the Grizzle rifle is cumbersome to reload. The barrel has to be twisted and removed, the spent cartridge must be pushed out with a rod, a new round must be placed in the barrel, and the barrel must be inserted and twisted back onto the rifle. In other words it’s very slow to operate. With that said, the design is almost certain to advance quickly. We’re in the infancy of 3D printed firearms and it’s an exciting time to be involved in the shooting community.

Careful What You Plug Your Phone Into

I’ve often said that I would enjoy putting several phone charging stations in an airport or mall that would exploit whatever phone was plugged into them. As it turns out, I’m not the only one with such demented ideas:

This news couldn’t wait for the Black Hat conference happening now in Las Vegas. We reported in June that Georgia Tech researchers had created a charging station that could pwn any iOS device. The full presentation revealed precise details on how they managed it. I’m never plugging my iPhone charger into a USB port in a hotel desk again.

This is a potential vulnerability with any device that is capable of receiving data over it’s power input. Most smartphone, and many dumb phones for that matter, use a Universal Serial Bus (USB) to transfer data and charge the battery. Manufacturers of assume the USB port, being a port that requires physical access, is secure and doesn’t need much in the way of verification of validation (although this attitude is slowly changing) making the transfer of malicious software relatively easy. Just because a port requires physical access doesn’t mean one can’t do away with security measures. It’s trivial to convince most people to plug their phone into a random USB port (just claim that they’re plugging it into a phone charger).

Social engineering, the art of tricking somebody to do something for you, is probably the most effective security bypassing mechanism. You may not have access to a machine you want to exploit but chances are you can convince somebody who does have access to grant you access. For example, gaining access to a phone is often as easy as asking the person with the phone if you can make a phone call. If you make an effective story that appeals to the owner’s emotions chances are high that they’ll hand you the device.

One of the most entertaining rooms at Defcon this year was the Social Engineering Village. Inside they had a phone booth where competitors would call various businesses and try to use social engineering to pump important information out of employees. The tactic worked frighteningly well. During one of the times I popped in the competitor had a man on the phone spilling his guts about the entire network setup for his company. Trickery works.

Considerations Regarding Encryption: Cost to Benefit Analysis

Since I began advocating crypto-anarchy I’ve met a surprising amount of resistance from an unexpected group. Many of my fellows in the liberty movement have taken a defeatist approach to technology. Now that they know that the National Security Agency (NSA) is scooping up every data packet it can get its grubby hands on, an almost Luddite-esque sect has developed in the liberty movement. They believe that the Internet, and all forms of electronic communications, should be avoided because they feel that no force on Earth can stand up to the power of the federal government (an ironic attitude from a movement that advocates standing up to the federal government). These people have become critical of advocating cryptographic and anonymizing tools to protect against unwanted spying.

One of the criticisms they often raise is that the NSA can simply decrypt whatever data it captures. This belief partially stems from the belief that the state is omnipotent and partially from misunderstanding the purpose of encryption. In this post I plan to briefly address the latter (I believe I’ve sufficiently addressed the former in my extensive posting history).

Encryption isn’t a magic bullet that will prevent unauthorized individuals from reading your data for all eternity. It is a tool that stands to greatly delay an unauthorized individual from reading your data. Anything that has been encrypted can be decrypted. If that wasn’t he case then encryption would be useless as it would prevent unauthorized and authorized individuals from reading the data. There are numerous ways to decrypt encrypted data.

The first, and most obvious, method is getting a copy of the decryption key. In order to allow authorized individuals to read encrypted data there has to be a way to legitimately decrypt it. This is done by giving authorized individuals decryption keys. Decryption keys can take many forms including a pre-shared key that is known to both you and other authorized individuals and asymmetric keypairs, one of which is secret and (ideally) known only to you and another which is public.

The second method is brute force. A brute force attack, in regards to cryptography, involves trying every possible decryption key. While this method will eventually decrypt encrypted data, it’s very time consuming if proper cryptographic algorithms and practices are used. Depending on the amount of computational power available, decrypting the data via brute force may take years, decades, or (possibly) centuries. In other words, brute force attacks are expensive.

The third method is to exploit the encryption algorithm itself. This method is cheaper than brute force but it depends on finding an exploitable vulnerability in the algorithm used to encrypt the data. Depending on the algorithm used, this method can decrypt encrypted data very quickly or it can be impossible (at least for the time being).

Humans always perform a cost to benefit analysis before taking an action. The state is no different. While the NSA, theoretically, has a tremendous amount of computing power available to it, using that computing power isn’t free. Computing power requires time and electricity. So long as you have computers dedicated to decrypting one set of data you can’t dedicate them to decrypting other sets of data. It’s unlikely that the NSA is using brute force to decrypt every encrypted set of data it has intercepted. Instead, it is likely using brute force only after it has decided to target an individual.

Algorithm exploits are another concern. Many people believe that the NSA has exploits that allow it to decrypt data encrypted by every known algorithm. Those people often believe that the NSA also has backdoor access to every electronic device (which would make the former mostly irrelevant). Such knowledge still requires a cost to benefit analysis. While the cost in time an electricity is very low the cost in revealing that it has an exploit is very high. Let’s say you encrypted your hard drive with AES-256 and the NSA had an exploit that allowed it to decrypt the drive. Now that it has that information it can use it to target you but, in so doing, it would have to reveal how it obtained that information. In other words, it would have to explain to a court that it has an exploit that allows it to decrypt AES-256 (many people may point out that they don’t have to give you a trail if they whisk you off to Guantanamo Bay, to which I would point out that they wouldn’t need evidence of wrongdoing either). After that information was revealed everybody wanting to hide information from the NSA would encrypt their information with a different, hopefully more secure, algorithm. Unless the NSA knows what algorithm its intended targets decided to use and had an exploit for that algorithm it would have effectively tossed away its most effective tool to get one person. The same risk applies to revealing information about backdoors installed in systems. That’s a tremendous cost.

That leaves us with the method of obtaining the decryption key. This is, most likely, the cheapest option for the NSA to use if it wants to target a specific individual. Even if an individual is unwilling to voluntarily provide their decryption key the NSA can always resort to rubber-hose cryptanalysis. Rubber-hose cryptanalysis relies on the use of coercion to get a decryption key from a target. An example of this method being was a woman in Colorado who was held in contempt of court for refusing to decrypt her hard drive. By holding her in contempt until she decrypted her hard drive the state gave her an ultimatum: either rot in prison indefinitely or face the chance of rotting in prison if incriminating evidence is found on the decrypted hard drive. Another way to use rubber-hose cryptanalysis is physical force. If you torture somebody long enough they will almost certainly surrender a decryption key. I will point out that an agency willing to torture an individual to retrieve a decryption key is unlikely to concern itself with retrieving evidence in the first place so the point would be moot.

Looking at the costs associated with the above mentioned decryption methods we can develop a rudimentary cost to benefit analysis. In most cases, for the state, the cheapest option is to simply get the decryption key from the user. Holding somebody in concept of court for refusing to surrender their decryption key has a positive (for the state) side effect: the person is detained until they provide the decryption key. Such a case is win-win for the NSA because keeping you in a cage also takes you out of the picture. Brute force would likely be resorted to if the NSA was interested enough in decrypting the data that it would be willing to take the time and front the electrical cost of throwing a good amount of computing power at the task. In other words, it is unlikely to brute force every encrypted piece of data. Instead, it would likely use brute force only after it has decided to specifically target an individual. The only time the NSA would resort to an algorithm exploit (if it has one), in my opinion, is if the data is needed immediately and the consequences of any delay would be very high.

There are no magic bullets in security. Encrypting your data won’t prevent unauthorized individuals from reading it for all time. But encrypting your data raises the cost of reading it, which will likely deter fishing expeditions (decrypting all data and selecting people to target based on the decrypted information). By encrypting your data you will likely remain under the radar unless the NSA has some other reason to target you. If that is the case it won’t matter if you use modern technology or not. Once you’re a target the NSA can use old fashioned surveillance methods such as bugging your dwelling or dedicating an individual to follow you around. There is no sense in handicapping yourself in order to avoid Big Brother. Big Brother can watch you whether your use a cell phone or only communication with individuals in person. If you use the best tools available you can enjoy almost the same level of security using modern communication technology as you enjoy when having face-to-face discussions.

Exploiting Automobiles

It has been apparent since automobile manufacturers began inserting computers into automobiles that security hasn’t been a high priority. After decades of warnings the automobile manufacturers may finally be forced to deal with their lack of foresight:

Charlie Miller and Chris Valasek say they will publish detailed blueprints of techniques for attacking critical systems in the Toyota Prius and Ford Escape in a 100-page white paper, following several months of research they conducted with a grant from the U.S. government.

The two “white hats” – hackers who try to uncover software vulnerabilities before criminals can exploit them – will also release the software they built for hacking the cars at the Def Con hacking convention in Las Vegas this week.

They said they devised ways to force a Toyota Prius to brake suddenly at 80 miles an hour, jerk its steering wheel, or accelerate the engine. They also say they can disable the brakes of a Ford Escape traveling at very slow speeds, so that the car keeps moving no matter how hard the driver presses the pedal.

One of the golden rule of security is that exploits only become more elaborate with time. It sounds like the exploits that will be demonstrated at Defcon will require physical access to the automobile but, in all likelihood, the ability to remotely execute these exploits will show up shortly after the paper is published. All modern automobiles have tire pressure sensors (all of which, as far as I know, are wireless) and many now have Bluetooth, both of which could be potential avenues for remote attacks. It will be interesting to see the ramifications of this research in a few years.

Laugh of the Day: White House Telecom Adviser Proposes Privacy Code of Conduct

The National Telecommunications and Information Administration, the top telecom adviser to the White House, has laughably proposed a code of conduct for apps:

WASHINGTON — Assistant Secretary of Commerce for Communications and Information and NTIA Administrator Lawrence E. Strickling issued the following statement on the multistakeholder process to develop the first privacy code of conduct aimed at improving disclosures on mobile devices.

“NTIA is pleased that today a diverse group of stakeholders reached a seminal milestone in the efforts to enhance consumer privacy on mobile devices. We encourage all the companies that participated in the discussion to move forward to test the code with their consumers. I want to congratulate all of the participants, who through their commitment and dedication have demonstrated the promise and importance of the multistakeholder policy-making process.”

What makes this laughable is the fact that any privacy policy that is developed will almost certainly take the form of “Signatories to this contract agree to share no personal information about users with anybody, except the National Security Agency (NSA), for whom it will be mandatory to share with.”

The State Fails to Stop the Signal

Earlier this year the United States government attempt to suppress Computer-Aided Design (CAD) models for 3D printable firearms from being distributed by placing them under the control of the International Traffic in Arms Regulations (ITAR). By bringing ITAR into the equation the state was able to label those CAD models as munitions and prevent them from being legally exported from the country. Since those CAD models are under ITAR regulations I’m completely baffled by this story:

Less than two months after the debut of the first almost entirely 3D-printed handgun, a Canadian gunsmith has created the first 3D printed rifle.

The gun maker, who goes by the online handle CanadianGunNut, is an active user on DEFCAD, the primary online forum for 3D-printed firearms.

Doesn’t he know that the idea for 3D printable firearms originated in the United States and it is therefore illegal to export that idea, now that it has been labeled a munition, to his native country of Canada?

Information control, like gun control, is a foolhardy dream that can never be realized. Throughout our history handfuls of individuals have attempted to suppress information they believed to be harmful but failed as other individuals discovered more effective ways to disseminate information. 3D printable firearms are in their infancy but this will change as 3D printer technology improves and becomes more widely available to the masses. Eventually we will be able to print off firearms that are every bit as good as, or better than, currently manufactured firearms. Now that the state is in a position where it has to stifle both information and physical firearms its goal is completely unattainable.

The Nintendo Entertainment System Turned 30

I never thought I’d post this many video game related articles in one day but I learned that the Nintendo Entertainment System (NES) turned 30 yesterday, making the same age as me.

The NES was the first video game system I ever owned and I probably spent more time playing that thing that I should admit (in my defense I grew up in the small town with nothing to do). It was kind of cool to learn that it’s the same age as I am.

Encrypt Everything: Sending OpenPGP Encrypted E-Mails with Thunderbird and Enigmail

Finally, it’s here, the final guide in my OpenPGP series. I’m sorry it took so long to post but free time has been at a premium as of late. This guide will explain how to use Thunderbird and Enigmail, which you should already have installed, to send e-mails that will give the National Security Agency (NSA) a hard time.

Before I get to the guide I want to note a couple of things. First, this guide will not explain how to add your e-mail account to Thunderbird. If you need instructions on that please see Mozilla’s guide for automatic account configuration and manual account configuration. Second, this guide will be applicable to OS X, Windows, and Linux but the screenshots will be taken from OS X as that is the primary operating system I use. With those notes out of the way let’s begin.

The first thing we need to do is enable OpenPGP for your account. This can be found by navigating to the menu button, selecting Preferences, and clicking on Account Settings…:

You should be looking at the Account Settings… page. From here select the OpenPGP Security item under your e-mail account:

By default OpenPGP is disabled for every account. To enable OpenPGP for your account click the Enable OpenPGP support (Enigmail) for this identity check box. This will also allow you to change the options below the check box. By default Enigmail is setup to use your e-mail address to identify the OpenPGP keypair to use for your account. If you entered your e-mail address when you created your OpenPGP keypair this is the option you should selection, otherwise you’ll have to manually select a keypair.

You will also notice several check boxes under Message Composition Default Options. The check box labeled Sign non-encrypted messages by default will ensure that Enigmail cryptographically signs e-mails that you’re not encrypting. I usually select this because the cryptographic signature allows recipients of my e-mails to verify that I sent the e-mail and that the contents haven’t been altered. The check box labeled Sign encrypted messages by default does the same thing as the check box above it but for encrypted e-mails. I usually check this by default as well. Selecting Encrypt messages by default will cause Enigmail to encrypt every e-mail you send. I usually leave this option unchecked because most of the people I send e-mails to don’t have OpenPGP and therefore are unable to decrypt messages I send to them.

The last check box, which is labeled Use PGP/MIME by default, is, in my opinion, pretty useful. Normally when you send a cryptographically signed and/or encrypted message the recipient sees a blob of text. PGP/MIME puts OpenPGP signatures and encrypted content into attachments. If the recipient is using OpenPGP, and has the proper decryption key, they will see whether or not the signature is valid and be able to read the encrypted contents. On the other hand, if the recipient isn’t using OpenPGP, they will not see the signature text or the encrypted content. I check this option because the signature text and encrypted content often confuse recipients unfamiliar with OpenPGP. When this option selected, as far as the recipients without OpenPGP are concerned, the e-mail is just a regular old e-mail.

Before leaving the Account Settings… page there is one other thing you may wish to consider doing. Navigate to Composition & Addressing:

By default Thunderbird is setup to use HyperText Markup Language (HTML) formatting for e-mails. I’m not a fan of HTML formatting when it comes to e-mails and it can raise some Cain with the OpenPGP signature process. I always deselect Compose messages in HTML format. You can either leave it checked or not, it’s up to you.

Once you’ve completed your work in the Account Settings… page click the OK button; it’s time to send an e-mail. Composing an encrypted and signed e-mail with Thunderbird and Enigmail is easy. Start a new e-mail and enter the recipient, subject, and message you want to send. After you’ve done that click the arrow next to the OpenPGP button in the toolbar:

As you can see, encrypting the e-mail, if you didn’t setup Enigmail to do it automatically in the Account Settings… page, is as simple is clicking the Encrypt Message menu item. If you look at the lower right-hand corner of the e-mail composition window you’ll see a key. If the key is gray the e-mail will not be encrypted, if the key is yellow the message will be encrypted.

Now that your e-mail is setup to be encrypted it’s time to click the Send button. If you haven’t imported the recipients public key into GNU Privacy Guard or flagged the recipient’s public key as trusted you will see the following dialog:

If you’ve imported the key but never flagged it as trusted just click the check box next to the recipient’s public key. You can also attempt to download the recipient’s public key from a key server if you haven’t imported it by clicking the Download missing keys button. Clicking that button will open the following dialog:

Many keyservers are setup to share public keys with each other. If the recipient has uploaded their public key to a notable server selecting the default option will stand a good chance of finding the public key you need.

Those who previously imported the recipient’s public key and flagged it as trusted won’t have to worry about the above steps. In either case you’re done. Congratulations, you’ve sent your first encrypted e-mail. Now convince your friends and family members to follow these guides so they can send you encrypted e-mails and decrypt your encrypted e-mails.

The Death of Barnes and Noble

Recent news regarding the leadership decisions taking place in Barnes and Nobel leads me to believe that the chain is now officially dead:

For the last several years there’s been a battle for Barnes & Noble’s soul. In one corner stood 72-year-old chairman and founder Leonard Riggio. A legend in retail, Riggio has been fighting to keep the chain focused on stores rather than jumping into the e-reader tablet wars.

Though he still owns 30% of the company’s stock, Riggio had been pushed to the side strategically in favor of former computer hardware executive and now-ex CEO William Lynch. It was Lynch who drove the company’s costly expansion into handheld Nook readers.

Last night Riggio emerged victorious when Barnes & Noble announced Lynch’s immediate resignation. Overnight Riggio went from figurehead Chairman to unquestioned king. All other executives at Barnes & Noble will now report directly to him and the company says it has no immediate plans to find a new CEO to replace Lynch.

The final nail in Lynch’s coffin was in late June when Barnes & Noble reported a staggering $477 million loss on Nooks and announced that it would be outsourcing the manufacturing of future e-readers. As discussed on Breakout at the time, the Nook debacle strengthened the hand of Barnes & Noble’s founder Leonard Riggio and his push to keep the company focused on the chain’s 675 stores.

History has not been kind to companies that try to maintain the old way of doing things when a new way has established itself. Buggy manufacturers didn’t do so well when automobiles began permeating society, business for typewriter manufacturers didn’t boom after the introduction of affordable personal computers, and traditional bookstores aren’t going to find their coffers filled with cash now that e-books have become popular.

While Barnes and Noble’s Nook division hasn’t been bringing the company profits the correct response isn’t to shift the company towards a dying model. Sure, losses will go down in the immediacy but as time goes on and Barnes and Noble focuses on heavy, space consuming dead tree books the company will become less and less relevant. But in the long run Barnes and Nobel will become irrelevant if it attempts to continue its old model.

We’re at the beginning of a new era where the cost of personal electronics has decreased to a point where it is viable to replace physical books with electronic books and e-readers. Trying to prop up the old model is a recipe for irrelevancy. Those wanting physical books will become a small minority that won’t be capable of maintaining Barnes and Noble’s currently large presence.

More Information Released About the NSA’s PRISM Program

The Washington Post has released more slides about the National Security Agency’s PRISM program. When news of PRISM first broke many of the companies listed in the initially released slides, including Facebook and Apple, claimed they weren’t actively participating in any such program. The newly released slides refutes those refutations. According to those slides the Federal Bureau of Investigations (FBI) has hardware located on the premises of PRISM participants:

The FBI uses government equipment on private company property to retrieve matching information from a participating company, such as Microsoft or Yahoo and pass it without further review to the NSA.

PRISM simply accesses those FBI systems. In other words, PRISM participants can claim to not be participating in the program because the program is actually querying FBI systems. Likewise, the NSA can claim they have no direct access to PRISM participant servers. It’s a wonderful web of denial that the state has managed to setup.