Slashdot Mirror

← Back to Stories (view on slashdot.org)

UK Cryptographers Call For UK and US To Out Weakened Products

Posted by Unknown on from the instead-they-disappear dept.

Trailrunner7 writes "A group of cryptographers in the UK has published a letter that calls on authorities in that country and the United States to conduct an investigation to determine which security products, protocols and standards have been deliberately weakened by the countries' intelligence services. The letter, signed by a number of researchers from the University of Bristol and other universities, said that the NSA and British GCHQ 'have been acting against the interests of the public that they are meant to serve.' The appeal comes a couple of weeks after leaked documents from the NSA and its UK counterpart, Government Communications Headquarters, showed that the two agencies have been collaborating on projects that give them the ability to subvert encryption protocols and also have been working with unnamed security vendors to insert backdoors into hardware and software products."

69 of 105 comments (clear)

  1. Proprietary Routers by Anonymous Coward · · Score: 4, Insightful

    Let's start with these as they are of great importance and often fall behind with updates.

    Google search:

    cisco routers backdoor
    cisco routers rootkit

    1. Re:Proprietary Routers by Anonymous Coward · · Score: 2

      What makes you think non-proprietary routers or routers that come with source code aren't backdoored? Plenty of complexity to hide the malware in, plus the possibility of compromised hardware. There is quite a bit of firmware code in for example a Gobi 3G modem that your open source kernel can't do much about but send USB urbs to. It sometimes crashes and does weird things, and needs to be power cycled from time to times. I'm sure that there are other pieces of hardware in many routers that aren't yet reviewed thoroughly for security.

    2. Re:Proprietary Routers by rvw · · Score: 1

      Let's start with these as they are of great importance and often fall behind with updates.

      Even if these routers have updates available, when will they be applied? Looking at myself - I can't remember if I have ever checked for an update for my current router, which is three years old. Once I installed dd-wrt on a router, but did I ever install an update? I believe not. If I forgot about this, and don't do this on a regular basis, how about the people nextdoor, colleagues, family who don't know that a router is a computer in itself and can be updated?

    3. Re:Proprietary Routers by Bert64 · · Score: 1

      Backdoors have to be sufficiently hidden, something as trivial as a default password will get abused by random hackers on the internet...

      And lawful interception only works within your area of jurisdiction, whereas you could access backdoors anywhere.

      --
      http://spamdecoy.net - free throwaway anonymous email - avoid spam!
  2. hahhaha by Anonymous Coward · · Score: 1

    yeah,right.... they're going to give up the gold just like that!...

    1. Re:hahhaha by Anonymous Coward · · Score: 1

      what's more the boffins at Bristol think they care about "the public interest." Reality check, blokes.

    2. Re:hahhaha by F.Ultra · · Score: 4, Insightful

      No they think that the _should_ care about the public interest since that is why we have them. If they do not serve the public interest we should abolish them.

    3. Re:hahhaha by GlennWaller1963 · · Score: 1

      I agree, only tokens untill wikileaks or some other expose the docs, and then the politians will make excuses.

      Too much work already and this is probably a lot bigger than anyone thinks.

    4. Re:hahhaha by TheRaven64 · · Score: 5, Interesting

      The problem is that the NSA and GCHQ have dual mandates. They are responsible for both ensuring their respective countries are not vulnerable to attacks and for ensuring that they have techniques for attacking others. This means that when they discover a vulnerability in a piece of widely deployed software, they have conflicting requirements. If they publish it, then the systems that they're defending will be safer because it will be fixed, but if they don't publish it then the systems that they're attacking will remain vulnerable. This gets even worse when they start introducing intentional back doors (given how many Russian spies there were in these institutions during the Cold War, it's pretty much expected that there will be some Chinese spies in there now, so those back doors are almost certainly not secret).

      --
      I am TheRaven on Soylent News
    5. Re: hahhaha by bkmoore · · Score: 2

      Splitting these organizations into separate parts, each with a different mission could fix that, but effective oversight would be required.

    6. Re:hahhaha by murdocj · · Score: 1, Informative

      And part of "the public interest" is tracking down the people who want to drop off a truck bomb at the shopping center I'm going to be at. And part of tracking those people down is monitoring their communications.

    7. Re:hahhaha by Anonymous Coward · · Score: 4, Insightful

      How many truck bombs have been set off in your town? And if you think the long string of successful non-explosive days is thanks to the alphabet soup agencies, I have a lovely truck bomb preventing rock here I'd be willing to part with for a few thousand dollars.

    8. Re:hahhaha by Anonymous Coward · · Score: 1

      -1 for douche-bag font.

      And because people posting from typewriters don't have much to offer on cryptography in electronics, despite bugs having been placed in typewriters in the past.

    9. Re: hahhaha by Ash-Fox · · Score: 1

      They do have separate parts. One is to protect the United Kingdom, the other is to protect the United States.,

      --
      Change is certain; progress is not obligatory.
    10. Re: hahhaha by Will.Woodhull · · Score: 1

      Effective oversight IS required. Whether they are split up, remain as they are, or dissolved. Since even if they go away, there are going to be government agencies and private investigators who are going to continue to try and get away with this crap.

      This is not a genie that can be tricked into going back into the bottle.

      --
      Will
    11. Re:hahhaha by grep+-v+'.*'+* · · Score: 1

      The problem is that the NSA and GCHQ have dual mandates. They are responsible for both ensuring their respective countries are not vulnerable to attacks and for ensuring that they have techniques for attacking others.

      I read a science fiction story a year ago (Daemon) that had the absolute best idea of very specific crypto usage, and I _really think_ the current NSA and such have always been implementing that.

      They assume that "We're [the NSA] Number One" and everybody else is either behind or way, WAY behind. So: they weaken the initial crypto magic number standards just enough so that they can still manage to break it. #2 will eventually figure it out (or 13 can just ask 1600) and the #3 guys could just ask nicely, but #23 will just never get it, even though they're all playing the catch-up game. So NSA weakened crypto would apply to public content and most secrets with a time sensitive content; the REAL secrets use the non-weakened crypto strain or OTP.

      Thus the NSA can walk the fine line that pays tribute to both of their conflicting demands: it's secure from everyone else, but not secure from THEM (the NSA) unless they want it to be.

      But if somehow on-demand the NSA can't break into the crypto, there's always the $5,000 wrench. (This IS the government we're talking about, remember.)

      --
      If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
    12. Re:hahhaha by ultranova · · Score: 3, Insightful

      And part of "the public interest" is tracking down the people who want to drop off a truck bomb at the shopping center I'm going to be at. And part of tracking those people down is monitoring their communications.

      1) You know some particular person is planning to bomb a shopping center. You don't need bugged encryption protocols, you can simply get a warrant to keep them under surveillance until you have enough evidence to arrest them.

      2) You know there's a plan to bomb the shopping center, but don't know who's involved. Fortunately truck bombs need lots of materials, such as fertilizer, so start asking local sellers. And as a last resort you could simply stop and search every truck that approaches the center - you have probable cause, after all.

      3) You don't know anything, but have a gnawing suspicion that some unspecified bad guy might be planning an attack against an unspecified shopping center for unspecified reason at unspecified date. Thus, you want the right and ability to open random letters on the off chance that these shadowy figures are discussing their evil plans on them. In this case, have you considered getting psychiatric help? Because it sure sounds like classic paranoia to me.

      --

      Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

    13. Re:hahhaha by number17 · · Score: 1

      Well if you are talking UK then which town would you like to know about? I visited Portadown in '97. The next year the center of the town was blown up.

      Here's a list of the bombings: http://en.wikipedia.org/wiki/List_of_bombings_during_the_Northern_Ireland_Troubles_and_peace_process
      Oddly enough the Portadown bombing isnt listed in the above list: http://en.wikipedia.org/wiki/The_Troubles_in_Portadown

    14. Re:hahhaha by F.Ultra · · Score: 1

      Have the IRA ever been caught by wiretapping? They seam to be smart enough to suspect that they have always been under surveillance and thus never communicated plans via wire or wireless.

  3. Unlikely by AmiMoJo · · Score: 4, Insightful

    Does anyone really expect these criminal organizations, headed by the kind of people who set up a Star Trek style command bridge, are going to do the right thing? The only way to deal with these scum is to shut them down and start from scratch.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    1. Re:Unlikely by FriendlyLurker · · Score: 2

      acting against the interests of the public that they are meant to serve.

      Your right although the organizations are not being treated like criminals by the powers that be, more like rewarded as an owner rewards a guard dog. We the public are the enemy/being treated like we are all criminal "terrorists" so they are defiantly not operating in our interests - surely this is obvious at this point, or are the researchers just being polite?

    2. Re:Unlikely by Xemu · · Score: 1

      Does anyone really expect these criminal organizations, headed by the kind of people who set up a Star Trek style command bridge, are going to do the right thing?

      Sure. The Star Trek bridge seems to indicate that it's an organisation headed by a trekkie, so I think there is a pretty good chance they are geeks and will do the "right thing". I would be more worried if they had built a replica of the White House and was an organisation headed by politicans or lawyers.

      The only way to deal with these scum is to shut them down and start from scratch.

      Repeating the same experiment is likely to yield the same results.

      --
      Tell your friends about xenu.net
    3. Re:Unlikely by easyTree · · Score: 1

      *beeping sound made when public-service vehicle is reversing* WARNING - the box is open; WARNING - the box is open... Substantial danger - do not stray outside the box. WARNING....

      --
      Requiem for the American Dream
  4. Likely outcome by return+42 · · Score: 5, Insightful

    I suspect the agencies will make a great show of reluctance, then reveal what they did to some protocols and algorithms -- those where the backdoors are most likely to be noticed, or have already been found, such as Dual_EC_DRBG. The crown jewels, those least likely to be noticed, will remain secret. Nothing to see here folks, move along.

    NSA and GCHG couldn't care less about the public interest. They have a mandate to spy on as much as possible on the off chance that it may prevent some terrorist act. They will continue to do so in any way they can unless the legislative bodies or courts in their respective nations rein them in. This seems moderately likely in the US, quite unlikely in the UK.

    1. Re:Likely outcome by loustic · · Score: 1

      Why would you ask the government to do it? They were caught red handed in the first place!

    2. Re:Likely outcome by FriendlyLurker · · Score: 5, Insightful

      on the off chance that it may prevent some terrorist act. .

      Oh, that must mean those terrorist organizations like Occupy Wall Street, - or any other community based activist group trying to agitate for improved conditions for the people. Must be why we are treated as the enemy.

    3. Re:Likely outcome by mrspoonsi · · Score: 4, Insightful

      It needs more people to be outraged by it, to what lengths are people willing to accept this kind of intrusion? If these spy agencies shipped all domestic post to a 3rd country, where it was opened, photocopied, stored then sent on its way, people would be doing a Bastille style take down, yet somehow because these letters (email) are electronic, and it does not need a huge complex of Stasi officers doing the actual work, then it is OK for most of the people?

      Well I say to those people, your liberty is gone, a form of government is in place which is open to internal corruption / blackmail, there is a massive abuse of power going on. Information is power, and the next President, well the NSA, FBI, etc might just have a file on said future president, all his little secrets, so the President is in their pocket so to speak.

      Remember, for a true democracy, government needs to be transparent.

    4. Re:Likely outcome by Anonymous Coward · · Score: 2, Interesting

      What makes you believe spying on everybody, including politicians and military, are about preventing terrorism? The Information Dominance (look it up), is for just that: Dominance. By an unaccountable entity.

    5. Re:Likely outcome by Walterk · · Score: 5, Interesting

      Interesting you raise the point about the "mandate to spy on as much as possible on the off chance that it may prevent some terrorist act".

      There is a very interesting article on the BBC blogs indicating just how useless MI5 has been at any sort of intelligence gathering, even the sort that's been painfully obvious over it's entire existence. It's opening gambit: "Maybe the real state secret is that spies aren't very good at their jobs and don't know very much about the world".

      http://www.bbc.co.uk/blogs/adamcurtis/posts/BUGGER

      --

      "If anyone needs me, I'm in the angry dome."
    6. Re:Likely outcome by AmiMoJo · · Score: 3, Insightful

      We have to assume everything up to this point is compromised and start pretty much from scratch. Replace AES with TwoFish, re-design all the lower level protocols, increase all key lengths, remove any ability to downgrade security and mercilessly cut off clients that don't upgrade when an issue is found.

      The whole trusted certificate system has to be replaced as well, which is going to be hard.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    7. Re:Likely outcome by easyTree · · Score: 2

      Duh. *They* are in a tower-block and we are the zombie horde climbing the walls. What would *you* do to maintain the relative positions?

      --
      Requiem for the American Dream
    8. Re:Likely outcome by Anonymous Coward · · Score: 1

      Play re-runs of popular football(soccer) matches on large screens whilst playing the anti-sound to 'brains......' over the speakers?

    9. Re:Likely outcome by Anonymous Coward · · Score: 1

      You mean like this one:

      http://en.wikipedia.org/wiki/Constitution_of_the_United_Kingdom

      Or did you mean a single written constitution, which, as the USA shows, has flaws of its own.

    10. Re:Likely outcome by Gr8Apes · · Score: 1

      What makes you think TwoFish is any better? Or that the lower level protocols you will create will be any better? We have source for many of these. There are other ways of making things secure.

      --
      The cesspool just got a check and balance.
    11. Re:Likely outcome by jhol13 · · Score: 1

      ... incorrect moderation, sorry

    12. Re:Likely outcome by Will.Woodhull · · Score: 1

      It is much easier to get elected if you are not morally encumbered. Aspiring politicians who are lugging around ethical baggage don't get the money and favors needed to win campaigns.

      --
      Will
    13. Re:Likely outcome by tlhIngan · · Score: 1

      Oh, that must mean those terrorist organizations like Occupy Wall Street, - or any other community based activist group trying to agitate for improved conditions for the people. Must be why we are treated as the enemy.

      OWS scared bankers and traders - the people with money. Those people called their senators and reps and action got taken.

      OWS terrorized those with money (i.e., power) therefore the OWS guys get branded as terrorists.

      Remember, the victor writes the history books.

      Proles like you and me? No money and no power, thus we'll never be able to recast OWS as a legitimate organization.

    14. Re:Likely outcome by Dan+Ost · · Score: 1

      We have to assume everything up to this point is compromised and start pretty much from scratch. Replace AES with TwoFish, re-design all the lower level protocols, increase all key lengths, remove any ability to downgrade security and mercilessly cut off clients that don't upgrade when an issue is found.

      I don't think any of that is strictly necessary. Verify the math and inspect the implementations, but there's no need to throw it all away. Some amount of paranoia is justified, but throwing it all away goes too far.

      The whole trusted certificate system has to be replaced as well, which is going to be hard.

      I agree there are serious issues with the current system, but I am at a loss to come up with what would replace it.

      --

      *sigh* back to work...
    15. Re:Likely outcome by Gr8Apes · · Score: 1

      They can fix that by sanctioning it. It was in the running, AES won.

      --
      The cesspool just got a check and balance.
    16. Re:Likely outcome by chihowa · · Score: 1

      Perspectives is just shifting the Trusted Third Party from the CAs to the notaries... a few weaknesses:

      • While it's true that anyone can be a notary, there are fewer than two dozen of them listed and most of them are run by the same people (who you don't know... why would you trust them?)
      • The system of distributing the notary keys is subject to MitM, which means the whole system is subject to MitM attacks (which is what its intended to protect against).
      • The whole system only works if contact with the servers is maintained, which allows for a DoS attack or suppression of non-compromised servers (or servers from non-compromised regions). [this depends on your quorum settings, but when I tried it out various servers were offline for various periods of time so I had to decrease the quorum percentage for any site to validate]
      • Perspectives also has the side effect of sending the sites you visit to a third party. Even the CAs don't include this "feature". You can stop that by only having Perspectives check sites that generate certificate errors, but then you're back to trusting the CAs again.

      I don't mean to totally poo-poo this interesting take on certificate trust, but there are serious flaws with it and some of them won't be going away.

      --
      If you want a vision of the future, imagine a youtube comments section scrolling - forever.
    17. Re:Likely outcome by AmiMoJo · · Score: 1

      The problem is that the NSA knows things about cryptography that we don't. In that sense they may have chosen AES over TwoFish because AES is more secure, but with the recent revelations it seems more likely that it was chosen because AES is weaker and/or they were able to modify it in such a way that they have a backdoor.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  5. take all European Cellular offline then by Anonymous Coward · · Score: 1

    GSM standard was weakened from 128 to 64, at the time at an explicit NSA request during the standard creation.
    Even the NSA themselves talk about strenghtening the security of a GSM signal:
    http://www.nsa.gov/ia/_files/Mobility_Capability_Pkg_Vers_1_2.pdf

    1. Re:take all European Cellular offline then by Quila · · Score: 1

      At least the French admitted they wanted GSM encryption weak so they could break it.

  6. Wrong target by c0lo · · Score: 2

    conduct an investigation to determine which security products, protocols and standards have been deliberately weakened by the countries' intelligence services

    I couldn't care less which are the ones that were weakened deliberately or by honest mistake. I'd feel much better if I'd know which algos/constants are still safe and/or what can be done with the algos/constant-sets that are under doubt.

    Also, a simpler alternative to an unnecessary complicated IPSEC spec would be good (on the line of "as simple as possible, but no simpler") - though I expect this would be an engineering job rather than a pure crypto one.

    --
    Questions raise, answers kill. Raise questions to stay alive.
    1. Re:Wrong target by drinkypoo · · Score: 1

      a simpler alternative to an unnecessary complicated IPSEC spec

      What is it about IPSEC that you find unnecessarily complicated?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    2. Re:Wrong target by c0lo · · Score: 2
      I'll let others speak, as they do it better.

      Our main criticism of IPsec is its complexity. IPsec contains too many options and too much flexibility; there are often several ways of doing the same or similar things. This is a typical committee effect. Committees are notorious for adding features, options, and additional flexibility to satisfy various factions within the committee. As we all know, this additional complexity and bloat is seriously detrimental to a normal (functional) standard. However, it has a devastating effect on a security standard.

      (my emphasis).

      --
      Questions raise, answers kill. Raise questions to stay alive.
    3. Re:Wrong target by drinkypoo · · Score: 1

      The problem is that while there is overlap, the functions are still not identical. All traffic is intended to be in transport mode, tunnel mode is there only to replace unencrypted tunnels. And AH was created to provide auth without encryption explicitly, not just using a null cipher which was intended for testing, not actual use.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    4. Re:Wrong target by WuphonsReach · · Score: 1

      Some of that is the IKEv1 design issue. You had an exponentially increasing combination of hashes, authentication methods and encryption methods. Which has been fixed in IKEv2 where you only offer "suites" to the client, plus a bunch of other improvements.

      --
      Wolde you bothe eate your cake, and have your cake?
  7. Collective noun by wonkey_monkey · · Score: 4, Funny

    A group of cryptographers

    I believe the correct term is a crib.

    --
    systemd is Roko's Basilisk.
    1. Re:Collective noun by LoRdTAW · · Score: 1

      Yea man those mother fuckers are hardcore. You don't want to get caught in the wrong part of internet town after dark. http://en.wikipedia.org/wiki/Crips#Etymology

  8. Re:We're doing something wrong? by letherial · · Score: 1

    I do miss my childhood days being shown a movie on how to survive the impending apocalypse by hiding under the desk. A certain warm and comfy feeling that i haven't felt since Regan. I keep hoping the new world with terrorism coming from every direction will bring that feeling back. I suppose it wont happen till the terrorist get nukes they can deploy.

    One day i dream of the cold war again, if only putin would just hurry up already.

  9. Re:Is it for real? by letherial · · Score: 1

    Paranoia is often a byproduct of ignorance. If you research it you should find that it is a little disturbing, but not quite whats its being made out to be.

    Stick with open source and you should be fine.

  10. Been like this since post-WWII by stiggle · · Score: 1

    After WWII German enigma & lorenz machines were being sold to other nations as uncrackable. It was the forerunner to GCHQ, Bletchley Park which cracked them during the war and then buried all evidence of it.

  11. good luck! by Anonymous Coward · · Score: 1

    ackcray isthay ouyay insensitiveway odclay!

  12. Cisco by Gravis+Zero · · Score: 1

    if there is one brand of router that has been compromised, it's Cisco. why? simple, they are super popular and the NSA doesn't play nice. Cisco owns Linksys, so a huge amount of routers in people's homes have a backdoor just waiting to be used.

    --
    Anons need not reply. Questions end with a question mark.
  13. Come on! by Anonymous Coward · · Score: 1

    Did you ever thought of asking a burglar what he has taken from your house? and trusting his answer?

    1. Re:Come on! by ShoulderOfOrion · · Score: 1

      Particularly when the burglar looks less like brilliant master thief Lara Croft and more like a big hairy dude with a hammer.

  14. 250 mil/year by X.25 · · Score: 1

    250 mil per year buys you a lot of backdoors.

  15. Re:Intelligence Gathering Agencies by Xtifr · · Score: 2

    The point of the NSA and the GCHQ is to gather intelligence.

    That's only part of their point. They're also supposed to protect US/UK secrets against spying. You may notice that these goals are somewhat at odds, which is why such organizations tend to be a little schizophrenic.

  16. Re:Is it for real? by Antique+Geekmeister · · Score: 4, Informative

    They've apparently been interfering with open source and free software. (See John Gilmore's notes about the security agency hindered deveopment of IPsec, at http://www.mail-archive.com/cryptography@metzdowd.com/msg12325.html )

  17. The plan will not work by Taco+Cowboy · · Score: 1

    "A group of cryptographers in the UK has published a letter that calls on authorities in that country and the United States to conduct an investigation to determine which security products, protocols and standards have been deliberately weakened by the countries' intelligence services

    You seriously think this plan will work ?

    I'm afraid not.

    It's as if there is still conscience left in the governments of the two countries.

    If there was any conscience to start with, the government wouldn't have allowed their spooks to spy on their own people, in the first place.

    It's also like asking a thief to confess to which items he has stolen.

    It's like trusting the th

    --
    Muchas Gracias, Señor Edward Snowden !
  18. Re:Is it for real? by denis-The-menace · · Score: 1

    FYI: This site is blocked at my work.

    Oh, my phone is ringing. It's security!

    --
    Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
  19. Re:Nobody liked to be reminded that they are meat. by jeffmflanagan · · Score: 1

    The reason for a hand reader in addition to a code is to stop dishonest employees from clocking each other in. Of course dishonest employees should be unemployed, but in poor-paying jobs it's hard to attract quality people.

  20. Hahahamlet...LOL by ElitistWhiner · · Score: 1

    The cryptographer doth protest too much.

    PGP released mid 90's was pulled back and off the Internet for 6+ mo. Then re-launched with a wink and a nod for general consumption.

  21. It's crowded in there by DrYak · · Score: 1

    ...when you factor in the chinese backdoor that are here too, it's starting to be a bid crowded inside.

    BTW: Speaking of China, maybe that's where to start asking question -
    The UK cryptographer should ask the FSB and MSS to out products which got weakened by UK and US.

    Very probably the russian and the chinese have knowledge about them too (In theory FSB and MSS are also intelligence agencies, so they should have done they own investigation and perhaps uncovered a few while doing their own security assessment. In practice they probably met a few backdoors while busy trying to plant their own), and unlike the UK and US they don't need to try hiding from public disgrace by trying to keep secretly these specific weakening.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  22. Other way. by DrYak · · Score: 1

    What makes you think non-proprietary routers or routers that come with source code aren't backdoored?

    To each problems it own tool.

    Planting backdoors (i.e.: definitely malicious code) is easier in a definitely closed environment, were very few people can see the code, and the one which understand it can easily by hushed by orders of top management.

    In opensource software, that is a little bit more complicated, because the code is open and a lot more people are reading it. Hidden malicious stuff will get discovered eventually. The only variation is the amount of time until discovery. And again all it takes is one single developper poking in the wrong corner (because he/she hit a bizarre bug - side effect from your backdoor) to discover it and very likely he'll be out of reach (geography/jurisdiction) to be prevented from speaking about it and embarrassing the NSA. So this specific way (planting backdoors) won't necessarily be optimal.

    Better aim for other better suited solutions in this case:
    - exploitable bugs/botched code/and erroneous implementation, leaking information. If it looks like bugs, less change for the whole operation to be blown up if discovered. (buggy key generator as an example in Debian. Could be negligence. Could be an inside job).
    - bugged hardware. hardware random number generator for example. Something as simple as a counter whose output is encrypted, would look genuinely random, but for someone knowing the encryption password, is completely trivial to abuse. (And an encryption stage would make sense in a genuine RNG, as a way to erase out any non randomness in the output. So no surprise if there is a AES-like stage in the RNG of a CPU. Simply, the data fed into it isn't the electrical noise generated by heat (as designed by the engineer), but a simple counter (discretely replaced by an anonymous employee at the maker, somewhere on the line between the engineer and the fab).
    - limited ressource: randomness is hard to obtain, specially in embed devices like routers. There might not be enough accumulated entropy by the time the SSH keys need to be generated during the first boot of a home router. And thus the keys to the router could be quite easily predicted.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  23. Naive by mspohr · · Score: 1

    It is naive to believe that "the authorities" would conduct any kind of real investigation and release any real information on back doors. This is the proverbial fox guarding the hen house problem.
    It would be much more effective to has a "backleaks" type web site where the programmers and managers who are aware of these back doors could silently post about compromised software. Then, the accused software could be investigated (easier if open source).
    There are probably many people who know about compromised software... we just need a way for them to clear their conscience.

    --
    I don't read your sig. Why are you reading mine?
  24. This sounds familiar by I+Read+Good · · Score: 1

    The NSA has an interest in strong encryption as much as they do in subverting encryption. Take as an example the work they did with (read "for") IBM on DES.

    "It took the academic community two decades to figure out that the NSA 'tweaks' actually improved the security of DES." -Bruce Schneier

    http://en.wikipedia.org/wiki/Data_Encryption_Standard#NSA.27s_involvement_in_the_design

  25. Filed under "that ain't gonna happen" by JonBoy47 · · Score: 1

    Al queda, etc. aren't that tech savvy, compared to, say, the DoD. To the extent they communicate electronically, they're doing so via "off the shelf" civilian-accessible means. NSA and GCHQ aren't stupid. they haven't compromised garden variety technologies to the point they're vulnerable to garden variety criminals. No nerd with a Beowulf cluster will crack it. That said, the spooks aren't slumming with Beowulf clusters either. And they're not going to do anything to enhance the security of such civilian technologies beyond what they themselves can penetrate.