Slashdot Mirror

There are method of hiding data in plain sight. Just read "Chaffing and Winnowing: Confidentiality without Encryption" at http://theory.lcs.mit.edu/~rivest/chaffing.txt


Also, said Terrorist could use multiple techniques together:

- write message
- apply method of Chaffing and Winnowing (above) or method of hiding messages in spam.
- hide that message in favorite media with outguess.
- encrypt that with PGP or GnuPG.
- encrypt that with the mandated, key-esrowed, back-doored technique
Now there are several barriers to break down, but only the easy one is known about until an investigation is already under way.

Or:
- said terrorist could avoid electronic communications, and meet face to face in a public park or on a public bus or in a crowd

Ask a gardener how they deal with weeds. Do you just remove what you can see, or do you go after the roots? Ask a doctor how he/she deals with a disease. Does he/she treat the symptoms and hope for the best over time, or does he/she treat the source of the disease?

Yes, cutting off one of their means of communication would be an incovenience for people who have evil plans. But is there a better we that we can deal with their evil plans in the first place?

I don't know the answers, I just ask the questions.

"Michael L. Love says the "open-signing" form of encryption that's available with encryption programs such as PGP and GnuPG would keep would-be terrorists from hijacking other people's email to send their messages. Under open signing, the text of the email is open for all to read, but the identify of the sender is authenticated."

There is also some discussion of .NET, and Love says that PGP keyservers could provide an authentication infrastructure to compete with Microsoft in the net services arena. Be sure to see the related Slashdot thread about Microsoft's new authentication proposals.

GPG (GNU PGP workalike) for your email, and OpenSSH for your secure shell needs (ssh, scp, sftp, spop, https, ...).

There's an article (one of two) on the Linux Journal website about GNU Privacy Guard for PGP functionality for us *NIX folks.

-yb

you won't take the algorithms specified in other posts and toss them into a program, because it would almost certainly be insecure. Algorithms are fine, but strong block ciphers, public key encryption algorithms, and hash functions have been around for 10 years or more. OTOH, getting the key managemnet, random number generation, etc right is hard and takes a lot of experience and knowledge.

My call would be to use GnuPG. It uses strong algorithms, uses a well know and fairly intensivley studied format, open source, and the people who did it seem to know what they're doing pretty well. If you're feeling paranoid, use the TripleDES or Rijndael-256 options to encrypt, though personally I feel perfectly safe encrypting even very personal things with CAST5.

If you're actually interested in papers, etc, I would start it out with more practical-oriented things (for example, the specifications of Blowfish, MD5, SHA-1, and RSA - not what you find in Applied Crytography or whatever, but the original academic papers - with fairly minimal experience in programming you should be able to understand things like this fairly easily). From there, you can start to read the more involved papers, with complex algorithms and protocols, weird mathematical systems, etc.

Basicaly "in the know" people know that it's not encryption that breaks a secure system. It's the fact that your OS has a remote root hole (or equivalent), or the FBI put a keylogger in your keyboard, or there is a microphone planted in your room. It's much, much simpler to do any of those things than actually break modern encryption algorithms (consider that the FBI actually carried out my keylogging point in order to grab a PGP passphrase that some mob guy was using to encrypt his books). So unless you're sure that the FBI (or anyone else) can't do something like that, there is no point in using anything that might theoretically be more secure cryptographically speaking.

For those who like to look a the source, there is GPG.

Actually, not even a cigarette. Knowing the source code doesn't compromise security per se, provided that the coders can distinguish their arse from a hole in the ground and didn't hard code database access information into the code.

Look at encryption. Software like GnuPG and to a lesser degree PGP are open source. The algorithms applied are well documented and accessible to anybody.

Can you crack a GPG encrypted message? Not likely and it doesn't matter at all. Because security is not in the algorithm, but depends entirely on the key, possibly the chosen algorithm and the precaution of the sender and receiver.

Security through obscurity is about as dumb as it comes.

---
Drew Streib, dtype.org

I can understand how this would be implemented on a web-based mail system, since you are actually *composing* the message on their server, using whatever script/component they are running.

However, if this were to be implemented on an ISP level, by adding advertisements to outgoing email messages, I would suggest you add an X-Copyright header to your mail! This coupled with using PGP or GnuPG, and cryptographically signing your email would enable the receiver to see if the mail had been tampered with (the message hash would have changed, and the authentication would fail) and you could attack the ISP for invasion of privacy or mail tampering.

This greatly disturbs me for many reasons. The commercialisation of the Internet will soon reach its peak, and dreadfully our entire desktops will be filled with gigantic advertisements promoting pornography or silly little trinkets. As if this wasn't bad enough our emails would be full of tags like " WIN WIN WIN 10000$ WIN WIN WIN "

Fight now, your desktop might be too clogged to fight later!

May the source be with you.

Gotta watch that "fair-use" stuff... it's extremely limited and does not refer to modification at all. You have the right to quote small snippets in a academic context, parody, and a couple of other small things, but it does not extend to arbitrary modification.

Both systems would be an end-user activity that adds value, in the user's mind, to the information already present in the website.

First, there is no "right" to add value to somebody else's copyrighted work. If your use isn't covered under the extremely limited fair-use clauses and you don't have permission, you are legally out of luck.

The changes are not made on the server, they're made in the browser. Just because Opera allows you to zoom a page, is it violating fair use? No. A website delivers you some information, either free, or in exchnage for something (money, advertising data, etc.). At that point, as long as you're not duplicating it for others, it's yours. You can feed it through a program to do word-count analysis, you can feed it to a translation program, you can feed it to a program which shows you how it looks to people with color-blindness or other vision impairments, you can insert your own commentary on the page, you can rot13 it, encrypt it, delete it, etc. Copyright is about copying. If the information is delivered to you in a physical form (like a newspaper), you can destroy it, give it to someone else, etc., as long as you're not copying it.

In fact, the web gives you even more options: if the server permits, you can fetch the page through another server which translates for you, or processes the page to show you how it looks to a color-blind person. You used to be able to have whole collections of commentary on web pages, but the commentary was so useless that there's no money in it...

What Microsoft is doing is creating a filter in the users' browsers which adds complementary information. In theory (in other words, ignoring monopoly practices and considerations), users have every right to use that browser to perform that task, or to choose a different browser, to perform other information-processing tasks.

Oh.. not that long ago.. german government, for one, is sponsoring GnuPG. Here's the press release.

//rdj

The action plan is

1. Generate a secret key. Use a strong passphrase, and keep it on a machine that you trust deeply. (Your own laptop or desktop.) Perhaps even keep it on removable media.
2. Distribute the public key widely. Get other people to sign it, after checking your credentials.
3. For all future releases of the software, either generate a detached signature, or put the MD5 signature into a GPG-signed release announcement.
4. When you download software, check the signature before you install it.

One word: Encryption.
This will help encourage more people to learn the importance of encryption, even if they are not a criminal. We need more and more proliferation of email programs that support encryption and we need it to be as transparent as possible. Many email programs out there do not suppot encryption or are not very straightforward about it. It is high time this changed because it has become very clear encryption is necessary to invalidate these new ideas governments have. So long as people continue to believe "Well, I'm not SAYING anything of a criminal nature -- besides, encryption is too time consuming" this will be very possible. It seems like a great injustice to me that we haven't seen more of a push to make encrypted email as transparent as possible... if the technology is available, fairly easy to implement and well known why not?

People sometimes attack PGP because it is mostly used by criminals and beast bearded dirty GNU hippies.

Just shows how much they know. No true dirty GNU hippie would dream about using PGP with it's restrictive licensing. Everyone knows that the one true personal privacy program is GNU Privacy Guard, and it's the only one that GNU hippies would consider using. Furthermore, it's Free Software, so you can avoid the problems described above by hacking the source to use a different default location for your key ring that the attacker won't know. See the true power of Free Software in action! GNU forever!

I started downloading this. Then, I realised that I don't know who I'm getting it from, or what could have been changed in the source tree. Sorry Diclophis, next time sign the archive with GPG so people like myself can download it.

If you aren't familiar with the concept, read this.

Unless I'm sending something absolutely unimportant, like "meet me at the movies at 8", I almost always use encryption when talking about anything personal, like "meet me in front of the bank at 8 with car running". It's not really that I worry about people intercepting the message while being routed across the net, since I'm not exactly a criminal and anyone who knows me is not smart enough to intercept my email, but I fear that someone will gain access to the recipient's mailbox (boss monitoring email, friend is over playing around on computer..) and reads a message I would rather they not see.

A problem with relying on encryption of email solving this problem is that most mail clients will allow you to save the message in a decrypted form for filing once it has been received and decrypted. It would be much more secure if mail clients didn't allow you to save a message in decrypted form, and required you to identify yourself to the decrypter every time you wanted to go back and read an email.

The biggest problem with email encryption is that so few people have keys. I have tried to encourage friends and family members to use encryption by helping them create PGP/GnuPG keys and encrypting everything I send them. Sometimes they encrypt when they send back. Encryption of email might be more common if all the major mail clients shipped with encryption software bundled and installed/setup keys with the default installation.
More people would probably use encryption if they were aware they can do it, had access to the software to do it, and had it setup/knew how to use it.

The use of encryption as the modern day weapon against "Evil Government" is both far more effective and infinitely less fatal than the use of guns as permitted by an anachronistic Constitution.

No, they wouldn't.

Gnu Privacy Guard is a very popular, well known, open source and free software e-mail encryption program available from Germany. Exactly how would US encryption regulations affect anything done in Germany?

Key escrow sounds very nice in theory but how in the world do you propose enforcing its use by international terrorist groups? Even the most poorly-financed terrorist group has free access to Gnu Privacy Guard which obviously has no key escrow capabilities.

US laws regulating encryption have the distinct disadvantage that criminals and foreigners (the very two groups the US is trying to control) are not bound by them.

Please note that the GPG website says that "due to the lack of a well tested entropy source, it should be used with some caution" under Windows. Linux is the recommended platform, the BSDs are the only others that get a full thumbs up.

Actually, although the site said that, it's not the case anymore, and I believe hasn't been the case since version 1.0.3 (maybe 1.0.2?). I asked Werner this very question this morning and he said that yes, the Win32 version is running securely and that he had forgotten to update the website as to this fact.

As I had originally assumed, the moment he removed the warning from next to the link to download the Win32 binary, was the moment it was known to be secure. He has now updated the GnuPG web site to reflect this.

Rich...

Penguin better have my money! The Linux Pimp

Please note that the GPG website says that "due to the lack of a well tested entropy source, it should be used with some caution" under Windows. Linux is the recommended platform, the BSDs are the only others that get a full thumbs up.

Still, that's an improvement - last time I looked, they said that you should only ever use the Windows version for decrypting and verifying signatures, never for generating keys or encrypting, due to this lack of a secure random source..

The FBI is putting a black box between you and the Internet via your ISP. What this means is that your communication passes through this box. The FBI is now the Gatekeeper for whether or not your communication gets out

My understanding is that Carnivore is a packet sniffing device that is attached to a network, but does not act as a gateway. It is capable of listening to everything on the segment, but cannot alter the information. (And I agree that trusting the FBI with that much snoop power is a strong motivation to use GPG on your email.)

http://www.gnupg.org/

Over time AES will be incorporated into all security products and will become a defacto standard. We can already see that GnuPG includes full support and NAI/PGP is expected to follow shortly.

It's nothing that end users will have learn / know - it'll just be included as the standard. If someone wanted to send you an encrypted mail today then they'd still use PGP (or similar), you can't just take Rijndael and encrypt an e-mail (or web session, or SSH session or whatever).

Does this mean massive international man-hunts for the infamous "Carlos the Hacker"?

Best encrypt with ScramDisk (Windows 95/98 version here) locally, and with GnuPG for transmission, all your CueCat code and use anonymous remailers for version releases to Freenet, or be prepared to live out your life in a shadowy realm of underground coders dwelling in the hidden spaces between the giants of the United Corporations of the World.

"...throw your message through a compression algorithm, like zip or gzip then hit it with PGP."

Read the PGP source code. Compression-before-encryption is already in place, standard. Unless things have changed, the InfoZIP (a la PhilKatzZIP) method is still used, just as it was in the early versions of PGP. (I haven't actually tracked PGP source changes since I started tracking GnuPG source, preferring a free(-as-in-freedom) alternative to the .COMmercial code.)

IIRC, somewhere in the docs I believe you will find an explanation as to why compression-before-encryption is utilized / good practice. You DID read the docs before using any crypto software, right? (cf. {insert link here about why RTFM is even more important with crypto than with other software} This link is left as an exercise for "Reply" karma-gleaning, heh.)

Since it's in the docs, not just the source, I'm surprised you don't know this. LOL.

(I'm not surprised others don't read crypto source before trusting it, but I *am* surprised if they don't at least RTFM. Would they also run untrusted binaries they receive via attachments to unsolicited email?)

So use GPG instead, it isn't susceptible to the PGP hack. And create a 4096-bit key if you're really paranoid.

Anyone with enough resources will be able to track you down. Big corps usually have good private investigators on the payroll - these guys don't have to play by the rules like the cops/feds do. You can take some steps to make things considerably more difficult, however.

Use a *good* anonymous remailer in a country other than your own. If possible, use several remailers in several different countries. Distribute your software through Freenet and encourage users to set up mirrors. Use encryption software, such as GNUPG.

These suggestions are perfectly legal ways to obfuscate your identity. This is good because if you are caught, there won't be a lot of "enhancement" charges thrown at you (like getting caught with a few grams of pot, a small scale, and a (legal) gun). Depending on exactly how "subversive" this software is, you may decide it's worth breaking a few more laws to reduce your chances of getting caught.

Is the issue here with user acceptance or with script compatibility?

Yes, the RSA (and IDEA) capabilties are modules and yes, some additional configuration is required. But I find that gpg in the UN*X/Linux arena works better than the 6.5.x version of pgp for scripting.

For testing I signed, encrypted, signed and encrypted between different clients running PINE w/gpg (pgpenvelope is our friend), PINE w/pgp Freeware 6.5.x, and Windows clients such as Outlook 98/2000/Express and PGP Freeware 6.5.8.

On the gpg client I added the the IDEA and RSA modules.

The only issue seen was that if the pine client using gpg self signs an encrypted message and sends it to himself then PGP bitches and say's bad packet data.

Personally I'm sold on gpg for Linux. My keys were generated by gpg. To send them and use them in Win32 environments I temporarily set the secret passphrase to null, export it to a asc file, brought it back into PGP, set the passphrase on both and started using them.

Sure I could use PGP for Linux, but the gpg just works better for me.

"Central clearinghouse" PKI is what SSL uses. SSL certificates are signed by Certificate Authorities (CAs), such as VeriSign. CAs are trusted entities who verify an applicant's identity before issuing them a certificate. A certificate is the same as a public key except that it has more information about the owner - usually the x.509 Distinguished Name which consists of a "common name" (CN), "organizational unit" (OU), "organization" (O), "locality" (L), "state" (S), "country" (C), and sometimes email. For instance, Microsoft's DN is CN=www.microsoft.com/OU=mscom/O=Microsoft/L=Redmon d/S=Washington/C=US. How do you know which CAs to trust? Web browsers typically have a built-in list. Anyone can act as a CA, but when someone views a website which is using one of that CA's certificates, the user's web browser should (and most do) display a warning. Go to Fortify's SSL test page and my HTTPS website. Fortify's certificate was issued by Thawte (who I believe is now owned by VeriSign), a widely-known CA whose certificate is in most/all browsers. My certificate is signed by the "Zevils CA", which doesn't really exist. Your browser should display a warning when accessing the zevils site but not when accessing the Fortify site.

The other popular method of PKI is known as the "web of trust." This is what PGP and GPG use. If you know someone in real life, you have proof of their identity (such as a driver's license), and you both have GPG/PGP keys, you should sign each other's public keys and upload the signed keys to the keyserver. Here's how the web of trust works (with help from the GNU Privacy Guard Handbook):

Alice knows Bob in real life. They both use GPG. Alice knows with absolute certainty that a certain key is Bob's key, and that Bob is who he says he is, so she signs Bob's key with her key. Alice and Bob discuss PKI every day at lunch and Alice knows that Bob has excellent judgement on when to sign a key, so she tells GPG that she trusts Bob's signature on a key as much as her own (she can also give Bob marginal trust or no trust - see GPG documentation for details.) Bob has signed Charlie's key. Thus, Alice trusts Charlie's key. The web of trust, at least in the GPG implementation, is quite flexible and does extend to a depth of more than one. See the GPG handbook for more information.

Of course, PKI is not a magical security fairy that sprinkles security dust on your keys while you're asleep at night. Bruce Schneier and Carl Ellison have written an excellent paper, Ten Risks of PKI (Computer Security Journal, v 16, n 1, 2000, pp. 1-7)

If you're in a windows environment, there's really no choice -- pgp is by far the more integrated and useful solution. If you're using a Windows mail reader, then go for PGP for Windows.

In a unix environment, you'll find either to be roughly equivalent. Some minor differences I've noticed since making the migration to gnupg:

• gnupg has a nifty feature that makes it automatically grab a key off the keyserver if I read a signed email by someone whose key I don't have. This is nifty.
• gnupg apparantly doesn't have a way to retrieve a key from the keyservers by email. This is a real pain in the ass. With pgp, you can just import the key for "nugget@slacker.com" and if there are keys on the server for that email, they'll be imported. gnupg requires you to know the key ID (like E43C5FC3).
• The pgp command line syntax and commands are cryptic and obtuse
• The gnupg command line syntax and commands are unnecessarily verbose and will push you over the edge with your carpal tunnel if you're doing much manual work
• PGP has the edge for application integration, but this is rapidly changing. gnupg works fine with mutt, which is the mail reader you want to be using anyway, so it's a moot point. :)
• gnupg's key management is vastly superior to pgp's in both conveying key-management information as well as allowing access to key-management functions.

If you're already using pgp, the differences aren't enough to justify conversion, but if you're just starting out -- gnupg seems to be the most viable option. And, of course, mutt is too good to believe.

The learning curve for either is the same, mainly just getting past public key crypto concepts and mechanisms. Wrapping your brain around "public key" and "private key" and the difference between "signing" and "encrypting" is well over half the battle.

Well, it can use PGP 5.0+ keys, giving decent interoperability (most people have pgp 5+ now as it offers significantly more secure encryption).

As well, according to the GnuPG website gnupg.org:

GnuPG is not vulnerable to the faked ARR (aka ADK) attack as PGP 5 and 6 is. The reason for this is that GnuPG does intentionally not handle those "additional recipients requests". BTW, those Big Brother packets are not defined in the OpenPGP standard - they are a proprietary PGP extension.

Also according to gnupg.org, these are the GPG features:

Full replacement of PGP.
Does not use any patented algorithms.
GPLed, written from scratch.
Can be used as a filter program.
Full OpenPGP implementation.
Better functionality than PGP and some security enhancements over PGP 2.
Decrypts and verifies PGP 5.x messages.
Supports ElGamal (signature and encryption), DSA, 3DES, Blowfish, Twofish, CAST5, MD5, SHA-1, RIPE-MD-160 and TIGER.
Easy implementation of new algorithms using extension modules.
User ID is forced to be in a standard format.
Supports key and signature expiration dates.
English, Danish, Dutch, Esperanto, French, German, Japanese, Italian, Polish, Portuguese (Brazilian), Portuguese (Portuguese), Russian, Spanish and Swedish language support.
Online help system.
Optional anonymous message receivers.
Integrated support for HKP keyservers (wwwkeys.pgp.net).

Yeah. That's it. There's decent integration with GNOME, so try it out.

I don't use it, and won't use it. Their liscensing is too restrictive. I'd much rather use the German produced GnuPG. Better liscensing, more standards compliant, and they don't put stupid features like ADK in to satisfy Big Brotherish commercial interests.

GNUPG isn't affected - so those of us who like a software free-as-in-speech don't have an problem.

It can only affect you if you get a key from an untrusted source. For most /.ers this won't be an issue.

So basically, don't panic just yet. Of course, this will no doubt start a number of 'many eyes of open-source' arguments.

It shouldn't, at all.

GPG is based on the OpenPGP standard ( RFC 2440 ) which doesn't, AFAIK, include "Key Escrow" or "ADK". PGP seemes to have "added" this feature, perhaps this is what the mean by "multiple recipents" in the E-business product.

Of course I could be wrong, but that's the way it looks to me :)

Need I do more then post this link?

I think a ratio type of thing would be a great idea, but how in the world can this be done? Obviously this is not too practicle in an anonymous situation

Perhaps the solution is a pseudonymous system, like the pseudonymous mail sytem. It could also enforce the use of GnuPG and PGP.

then use a good level of encryption. i don't think any company is exercising due dilligance if they aren't encrypting their email.

use gpg or pgp. use mailers like pine, mutt or eudora that support them.

then they should use encryption. use gpg or pgp. use mailers like pine, mutt or eudora that support them.

use gpg or pgp. use mailers like pine, mutt or eudora that support them.

• PGP international home
• Direct link for novices at PGP international home
• GNU Privacy Guard
• Using Mutt with PGP
• Info on one of the PGP plugins for MS Outlook

Fucking government assholes... if you weren't such snooping bastards, maybe I wouldn't feel it was necessary to ensure my privacy. My problem is that not-so-savvy friends and business associates require me to use cleartext e-mail. Ah, life is depressing...

---------///----------
All generalizations are false.

look into stegfs for plausible deniability.

then go get gnupg for encryption and get mutt for a mailer that makes it dead simple to use. drop me an email if you have an issue.

Step 1: Download Gnu Privacy Guard.

Step 2: Exchange keys

Step 3: Communicate to your heart's content.

The great thing about strong encrytion is that the transmission medium can be completely insecure; Hell, you could yell the symbols out in a crowded room, and nobody will know what you're saying.

Of course, getting caught with those tools might be a ticket to a concrete vacation somewheres with lots of bugs and bad food. (Resist temptation to poke fun at Carnival)

No, he means GPG (aka GnuPG, the GNU Privacy Guard), a GPL'ed, open source alternative for PGP which does not use patented algorithims.

The Mozilla Crypto FAQ has a little bit of information on encryption and the News/Email client.

Firstly, kudos to Earthlink for standing up to the FBI. I'm not a US citizen, but we all know this sort of activity goes on all over the world (can anyone say Echelon?). Ultimately though, what we have to remember is that email is an incsecure medium in its standard form. How do we protect our privacy? Well, using GNU Privacy Guard is a good place to start. If we all encrypted all our emails governments wouldn't be tempted to try this sort of thing - because they'd know it wouldn't work.

Essentially this would allow mp3's to have an authenticated 'creator'. It would also show when an mp3 was re-sampled, cut, incomplete, etc, since the signature would no longer be valid.

"People who say you should be using PGP for any sensitive communications are right."

s/for any sensitive commuications/for any communications/

Is this BetweenUs thing Open Source (since closed source is anathema in secure communications) and does it have a URL?

If I can't see the source, I'm sure not going to trust it (and even then... heh.)

GnuPG is okay, right?

Higher-level encryption products, notably PGP, are available free to everybody over the Internet provided that they *say* they are from the US

Doesn't this already happen with cryptography...

Open source projects like gnupg make sure that all of their content is created and distributed outside the U.S. The OpenBSD project and the OpenSSH project have their ftp servers outside the U.S. so they'll not have to deal with U.S. laws regarding encryption. Not really new news, just a new application what other people have been doing for a long time.