Thank Goodness For the NSA — A Fable

davecb writes "Slaw was kind enough to post my fable on how to not have a problem with the NSA, Thank Goodness for the NSA, and a link to the more technical MAC paper. My challenge to the Slashdot community: what's the first big step to making this all come true?"

Blocked at work

[i+kan+reed]

I'm just going to assume it's the following things in equal measure:

A. Poorly written satire, where "thank goodness for the NSA" is a repeated statement made by forest creatures, ironically unaware of their own doom they weave.
B. The positions of the satirical critics are 100% holy and just, but no one believes them.
C. Believe in the NSA, not apathy is the driving force of its existence in the story. And..
D. The moral reinforces my biases.

Re:Blocked at work

The Article:
If it weren't for the U.S. National Security Agency's trying to spy on everyone in the world, Bleeker Street Law would have been a cooked goose.

Back in 2013, we had a group of clients from a particular country applying for refugee status here in Canada. Because the NSA spying was in the news, we did a forensic audit of our computers, just to be safe. We promptly discovered that we had been hacked. Not by our clients' former national security service, or by the NSA, but by a for-profit organization. A set of aspiring criminals had broken our security and were making everything they stole available by subscription on Silk Road. Several foreign firms and at least one government had subscribed to us. . . .

The country in question had a revolution, Silk Road doesn't exist any more, and we now have a much simpler but more secure computer system, mostly on tablets and phones.

What we do differently

We used to worry about privileged communications with our clients, because we did all too much communicating with ordinary unencrypted email. Now we have encryption programs for our pads and phones, and encrypted email to boot. Older machines storing files get them already encrypted, so crooks can't just subscribe to “every updated file”.

One new machine keeps the keys. We guard it like the cabinet of office keys, and it in turn is locked in the law librarian's office and not connected to networks.

What's on the pads?

Pads are very popular, and both Apple and Android have “end to end” encryption programs on them. This allows us to “label” files with encryption keys, so only the right people can decrypt them.

Personal information is labeled with the person's name, which in effect means it is encrypted with the person's personal key. Business information is labeled with both Bleeker Street's name and the name of the person whose pad or phone it is on. It is therefore encrypted with a per-person business key.

Only little bits of data are in memory and unencrypted at any time, and because it's labeled, it's re-encrypted when it's written back to disk..

Clients can download a free app and have secure email labeled “From client, for Bleeker Street”. We have the for-pay version and can talk to them and to each other, using keys that live in the locked machine.

What's in the keystore?

Our keys, starting with a private key for each of us, then a collection of public keys from our staff and clients, and finally a collection of keys, each of which is for the combination of Bleeker Street and an individual staff member or client. We also have some signatures for software we use (we have a secure subscription), certificates for web pages and the like.

A legitimate investigator can get a court order to get individual keys, but they won't get all the keys and therefore individual lawyers and clients aren't at risk from them.

Where's the risk now?

Stealing data while it's in use is the big risk, followed by people shoulder-surfing for passwords when they're typed. The labeling of accounts keeps most data safe from anyone other than its owner, but if someone subverts the machine itself, they can get data from memory and tiptoe away with it.

It's not perfect security, but we're not an attractive nuisance any more. Criminals used to target us because we had lots of valuable information in one place. No longer: now they have to attack individuals.

They still do, mind you: someone tried to claim they were a partner's daughter in a foreign jail last week; but they can't just break into a file server and take the company's crown jewels. If they do that now, all they'll get is encrypted files, which are about as valuable as zircons.

Re:Blocked at work

[crashcy]

E. Nothing to do with the NSA, and not a fable. His company's security sucked, they got hacked, the improved their security. That's TFA.

Re:Blocked at work

[i+kan+reed]

Well, yay for corporate censorship combined with misleading headlines, then.

Re:Blocked at work

Having worked with some law offices (lawyers individually too), and seen their complete blase attitude to the information that they hold in their files, this surprises me not at all.

Too many attorneys think that because the law says their information is private that it is so, and are absolutely shocked when the other side produces confidential conversations that went through gmail or some other source.

Truly astounding.

Re:Blocked at work

[wvmarle]

Except for this little bit in the italics below the main article text:

All of the capabilities mentioned are real as of 2013, and have some degree of availability. No-one has a product that provides them all as yet. Full disclosure: I once proposed this to a device manufacturer, who thought no-one would ever need it.

Sorry, it still is a fable.

Re:Blocked at work

[mlts]

It mainly is an emphasis on going with endpoint security... something which should have been done well before the NSA came to be a boogeyman.

Of course, the article glosses over the biggest gotcha of endpoint encryption... key management. eDiscovery is a major part of business these days, and having a way to recover documents is often mandated by some regulation.

For a small law firm, this isn't a big deal. You get all employees to send stuff out that has the firm's ADK (additional decryption key) attached, and the private part of the ADK is printed out, stored somewhere very secure [1], and that takes care of eDiscovery requirements.

For a bigger company, key management becomes a lot more hairy. If one wants to trade some security for recoverability, S/MIME is usable and fairly easy to get set up on Android, iOS, it is a lot tougher but doable (AFIAK, requires Exchange as a backend.)

[1]: In a previous life, one company I worked for had a holding corporation. This secondary company had a small, unmarked office at a busy office building. The office was protected by an alarm with two codes (normal disarm, disarm + silent alarm), and in the back was a large TL30 x 6 safe with a Mas-Hamilton X-08 (they are up to X-09 now) lock. The safe was used for storing tapes, and a locked compartment similar to a safe deposit box held printed private keys as well as copies burned to optical media. Not 100%, but it did the job of keeping things secure. Of course, said office ended up becoming the company man cave until the business folded.

Re:Blocked at work

[swillden]

E. Nothing to do with the NSA, and not a fable. His company's security sucked, they got hacked, the improved their security. That's TFA.

Actually, it does derive directly from the NSA. Specifically, it comes from the NSA's research on Mandatory Access Control, which is the theory underlying all that discussion of "labels". MAC doesn't necessarily use encryption; in its original design it was intended that the operating system enforce the access controls, but it actually matches quite neatly with the capabilities of labels which correspond to private keys.

So the fable (I agree that it's not a fable) is about using NSA-developed ideas to secure your data. All of the security technologies used in the story also had their roots in NSA work -- and in the past that meant that it was almost certainly good work, in fact among the best in the world. It's only recently that the NSA has apparently forgotten the part of their mission statement that involves keeping US security technologies strong.

Re:Blocked at work

[dryeo]

This is a Canadian law firm. The NSA is supposed to be weakening their security so they have data to trade with Canada's 4 letter agencies for data on Americans. This way everyone can legally spy without breaking those pesky Constitution things.

Re:Blocked at work

[davecb]

Alas, it is a fable: the story is set some years into the future, when such capabilities can be bought off the shelf.

Re:Blocked at work

And it's wrong. One of the capabilities they list is a key server that is not attached to "the networks". But the remote devices, such as smart phones, PCs, and tablets, do their decryption *and* re-encryption by fetching the keys from said key server. (Apparently without the use of any network, because the key server isn't attached to any networks.) To the best of my knowledge there is no way to remotely fetch keys from a server if the server and client are not connected to a network of some sort.

(Feel free to provide links that prove me wrong. I'd be genuinely interested in reading about network-less networking.)

Re:Blocked at work

No talking rabbits. I heard that fables must have talking rabbits.

misleading title

[dmbasso]

The actual title should be "thank goodness $SECURITY_THREAT made use realize our security was worse than crap".

Re:misleading title

[return+42]

I think it's more like, thank goodness $POWERFUL_PERVASIVE_SECURITY_THREAT made everyone realize their security was worse than crap, because otherwise they would never have gone to all the trouble of fixing it. Plus various suggestions for how to fix this state of affairs.

He seems unaware of the issues with compromised hardware, which will require either a political solution or a whole lot more work than software solutions, but as a call to action, it has some merit.

Re:misleading title

[corbettw]

The actual title should be "thank goodness $SECURITY_THREAT made use realize our security was worse than crap".

Well if they're using Perl in their security software no wonder they got hacked...

Re:misleading title

[flyingfsck]

Worse than Perl, $SECURITY_THREAT is a Bash variable...

Re:misleading title

[RabidReindeer]

Worse than Perl, $SECURITY_THREAT is a Bash variable...

Could be worse. Could be %SECURITY_THREAT%.

problems

"Only little bits of data are in memory and unencrypted at any time, and because it's labeled, it's re-encrypted when it's written back to disk.."

you can copy memory....and thus...hacked

"Criminals used to target us because we had lots of valuable information in one place. No longer: now they have to attack individuals."
but they started out doing that....so lots a practice....ignorance is bliss isn't it....

"If they do that now, all they'll get is encrypted files, which are about as valuable as zircons."

Which is why the NSA copies all encrypted data cause its useless....no no , one day perhaps any day or already they have cracked it....and as i said at reddit....hackers have stopped telling you shit cause you put us into a jail for helping out and are screwing the world not helping it.

Never underestimate a mistake that turns into a hack/exploit/backdoor/whatever you want to call it.ITS MADE BY A FLAWED BEING CALLED MAN....

Re:problems

[Em+Adespoton]

One new machine keeps the keys. We guard it like the cabinet of office keys, and it in turn is locked in the law librarian's office and not connected to networks.

Er... if the keys are kept on an airgapped machine, how do they decrypt/encrypt the messages?

Or do they mean that they have personal and master keys, and the master key is kept airgapped, while the personal keys are kept on the devices (individual can encrypt/decrypt their own data, but only airgapped master keys can decrypt ALL corporate data)?

Also, this does nothing to prevent phishing for account details. I also notice that the fable refers to local encryption/decryption and passwords, but also keys. Wouldn't they do better to use two factor authentication, and for sensitive documents, require the key of a partner as well as whatever employee is encrypting/decrypting the data? This could be done via SMS challenge/response, where the partner's key is never made public.

Interestingly, the other item that he missed was DLP -- software is smart enough now to automatically encrypt data with the correct key based on content and metadata. THIS should be the default.

Re:problems

[davecb]

Aha! That sounds interesting, but as a search term, I get everything ever written about data loss protection (;-))

Capability Based Security

[ka9dgx]

So, what these articles are both calling for is Capability Based Security, in which you feed a list of resources to the OS when you run a program. This has the pleasant and reasonable effect of limiting the side effects a program can do, and protects the user, the operating system, and everyone else on the internet.

The trusted systems of the 1980s required the Administrator to supply these lists... it could reasonably be done by users these days, because we're all system administrators of our own machines, when it comes down to brass tacks. It doesn't even have to look much different than what we're used to seeing. A capability based version of Word would ask the system to get a file... which would do so via a "powerbox" (a secure way of picking files which side-steps the application doing it directly).

I applaud this fellow traveler who seeks the same sane approach I've been shouting about for years. 8)

Re:Capability Based Security

[ckatko]

More over, it doesn't even need to be something complex as a per register, memory block level. It can be as simple as saying "this is a game" and "most games don't need root file access" therefor "this thing that calls itself a game, is trying to use root file access, stop it."

Categories.

Most graphics tools are the same in what they touch. Most games are. Most [insert anything].

It wouldn't be hard to implement, or specify. Hell, many applications are ALREADY categorized. You press "apps" button or the "games" button on Google Play/whatever. Once you have a set of categories, building a list by hand, or through building a probability distribution of a large sample set of "games" and what they access.

Any access outside of the categories normal way can be handled many different ways. You can have the user approve of it on a per access level, on a per access type level, have the user decide if he wants to promote the "game" to a "game special access" which gives it more, but not root, access. And so on.

I'm no expert on virus propagation, but I would postulate that it would cut down on many viruses as well. Even if you somehow infected a program, you couldn't get more access than it already has.

Re:Capability Based Security

[chill]

SELinux (and SEAndroid)

...because we're all system administrators of our own machines, when it comes down to brass tacks.

No, you're not. If you allow that it is Discretionary Access Control. There has to be a master policy that is enforced, limiting DAC to only where appropriate.

For example, if Alice allows access to Bob and Charlie, she should have the ability to restrict resharing. That is, unless Alice allows it, neither Bob nor Charlie could grant access to Dan. Therefore neither Bob nor Charlie is a true admin of their machine.

Re:Capability Based Security

[naasking]

Polaris: Virus Safe Computing for Windows XP. This is what Windows Vista's new security model should have been.

Re:Capability Based Security

[naasking]

For example, if Alice allows access to Bob and Charlie, she should have the ability to restrict resharing.

Why? This access control merely provides a false sense of security. Bob and Charlie could always just make a copy and send that, or proxy access for whomever they wish to share to. It doesn't actually restrict delegation, it merely provides the illusion of doing so.

Restricting delegation has caused all sorts of insecure mechanisms just re-enable the types of sharing that are needed just to get work done.

Re:Capability Based Security

[PPH]

Yeah, yeah.

because we're all system administrators of our own machines,

And by 'we', you mean the majority of users who see the UAC popup and only understand, "Blah, blah. Blah, blah download, blah, blah, blah. Yadda, yadda, codec, blah, blah, blah." And all they want is a button that says, "Make the nasty box go away and give me the cute kitten desktop."

Game over.

Re:Capability Based Security

[davecb]

To be somewhat nitpicky, capabilities as discussed here are a way of enforcing categories. They're main value is what you mentioned, their ability to put fine-grained restrictions on processes, such as "you're a game, not a debugger, so you can't read another processes memory".

Re:Capability Based Security

[ka9dgx]

Not so fast... we all administer our own wallets, and we know not to send all our money to a PO Box in Nigeria. If there's no way to specify what can/can't be accessed, you get the default behavior you describe, because there really is no control. What we have now are systems just like EULAs, you either choose to run a program, or don't.

It doesn't have to be this way, and it wouldn't even cost much more to do it right. We could all have Orange Book A1 Secure computers, if we wanted to do the work as a community to make it so.

Re:Capability Based Security

So if bob and charlie memorize the document, alice should have an option of forcibly lobotomizing them. Okie dokie. No problem.

Re:Capability Based Security

[PPH]

But most people understand PO boxes and know where Nigeria is. Grandma just thought the kittens were cute and had no understanding why a binary from .ru or.cn would be something to worry about. OTOH, grandma has come close to cleaning out her savings account because Leisure Suit Larry said he'd hold the cash for her.

Re:Capability Based Security

[chill]

Copying and providing proxy access are process controls. You discipline people for that.

You're demanding something perfect and rejecting anything that doesn't measure up. The real world doesn't work that way. Security layers are added depending on the specific needs for confidentiality, integrity and availability.

Something like the formula for Coke or the KFC Original Recipe get more protection than the cafeteria's lunch menu.

Re:Capability Based Security

[naasking]

Copying and providing proxy access are process controls. You discipline people for that.

No, it's worse than that. Firstly, they are efficiency impediments because they require workarounds, and moreover, they obstruct the deployment of fine-grained permissions ala POLA because users still need to be able to do something to do their jobs. Secondly, training users has never worked and will never work, particularly when such discipline conflicts with the need to do their job.

There's a reason capability-based security tokens are gaining traction with online web services at the expense of traditional wall-garden authentication scenarios: they are more composable, more fine-grained, and most importantly, fine-grained security authorizations are largely invisible to users.

You're demanding something perfect and rejecting anything that doesn't measure up.

No, I'm demanding that administrators not be able to express policies that aren't actually enforceable.

Thank Edward Snowden

[Chalnoth]

Thank the person that brought these security breaches to light, not the people who have been illegally performing them.

Re:Thank Edward Snowden

[corbettw]

Hear, hear. If I had points you'd get one.

Re:Thank Edward Snowden

[BringsApples]

Edward Snowden had jack-didly to do with bringing any security breaches to light. If a company like this one didn't do regular security audits, then that's why they got breached in the first place.

Re:Thank Edward Snowden

I think the point of thanking the NSA is that they were the root cause - Snowden was the proximate cause. The issues for the author of the original article did not stem from the NSA activity, but the NSA activity led to Snowden's revelations which led to the author's organization examing their security and discovering that they had been hacked (by organizations other than the NSA or Snowden). If the NSA's activities hadn't inspired Snowden to perform his expose, then the author's organization would have gone on blithly unaware of their naughty bits blowing in the wind.

Re:Thank Edward Snowden

No, the point of putting NSA in the headline and article (twice) was to get hits on the /. editor's keyword filter. Anything with those three letters will get auto-greenlighted until it blows over. Relevance to the actual story or to /. is irrelevant.

Re:Thank Edward Snowden

[davecb]

Strongly agree!

--dave
[Thanking the NSA was just a tiny bit tongue-in-cheek]

Badly WRONG, mate

Google for "Confessions of a Cyber Warrior". Exploits are the problem these days, not crypto or Sandboxing.

Memory Safe Languages might provide a certain amount of relief:

http://sourceforge.net/p/sappeurcompiler/code-0/HEAD/tree/trunk/doc/SAPPEUR.pdf?format=raw

But to be 100% sure, one needs Formal Verification. See this:

http://scherbius2014.de/SindAlleComputerHackbar.html

My challenge to the Slashdot community

[BringsApples]

Try to convince yourself that you didn't just get tricked into reading an article.

Re:My challenge to the Slashdot community

[Yaotzin]

Hah, the joke's on them, I didn't even read the summary!

Re:My challenge to the Slashdot community

[tomhath]

Yea, my next submission will have a headline like "Global Warning scientist tells NSA to Stand Your Ground".

Re:My challenge to the Slashdot community

[tsprig]

Talk about trivial pursuits ... after all, this *is* Slashdot.

Re:My challenge to the Slashdot community

Wait, I've been around for awhile.... There are articles? When did that start?

Re:My challenge to the Slashdot community

You don't know what "tricked" means, do you?

Re:My challenge to the Slashdot community

First post!

Re:My challenge to the Slashdot community

"Try to convince yourself that you didn't just get tricked into reading an article."

I wasn't tricked--I went willingly, as Slashdot serves me in no other purpose than to gauge the levels of manipulation that corporations and governments will pay for. You see, Slashdot has become nothing more than a place for people to sell ideas--THEIR ideas. There is no discussion, there is only a carefully orchestrated product and the response of readers. Slashdot is nothing more than a paid polling service. This "submission" is a good example--Someone wanted to ask the question "What percentage of demographic x is willing to continue believing that the NSA can actually be of benefit to anyone?"

Or, perhaps, they're simply looking for the "correct" responses that lead to a NSA recruiter calling on you.

Thank goodness for the SS.

[MobSwatter]

If it weren't for our own inept network security implementation, all are eggs would have been in one basket.

Re:More pro-NSA propaganda on Slashdot

Do you actually think you sound less demented if you say "zionist" instead of "OMG BLOOD-SUCKING JEW"?

Thank goodness for...

[gmuslera]

Hitler, the Black Death, Attila the Hun, Toba, the Chicxulub asteroid, whatever caused the Great Dying and so on. That we survived despite (at a very high cost) them don't mean that we must be grateful for what they did, even if that meant that had a role on the changes that ended with us right how we are now.

Re:Thank goodness for...

Actually, I DO thank the black death for breaking the hold that church had in society during the dark ages. Without bishops and popes dying as fleas and their prayers falling in deaf ears of their God(tm), people would never had noticed that it was all self-serving BS and we'd still enslaved by theocracy.

Re:Thank goodness for...

[gmuslera]

At the cost of killing half of europe's population in a very painful way? It qualifies as a phyrric victory, or even as a phyrric defeat (or at least, phyrric no victory, phyrric defeat have another use)

Great security, there

[whitroth]

The one machine that has all the keys is in a locked office, not connected to the Net.

Lessee, 1) do they *also* have an offsite backup of that info in a safe deposit box somewhere?
                          2) if not, and there's a fire, what happens to their company?
                          3) Who installed the lock on the door? Does the building engineer have a key? How does
                                            he protect that?
                          4) Who cleans the room? And when they do, do they shove the electric motorted floor cleaner
                                        up against the system?
                          5) What happens if the h/d fails?

                mark "I *know* y'all can come up with more reasons"

Re:Great security, there

[davecb]

Yup, in the Fabulously Secure Supplier Company's safe (;-))

Re:Great security, there

[hibiki_r]

You assume the system works. In the real world, the keys cannot be just in a computer that is not connected to the network, because otherwise nothing would get decrypted outside of said computer.

The moment you try to get those keys to be useful, you are making copies, which will reside in less secure environments, and you are connecting something to said machine, which suddenly gives you an attack vector.

A system that has very secure keys, like something that meets PCI-DSS key management standards, is always extremely inconvenient to start up and use. What the article wishes for is actually impossible given our current technology.

NSA are NOT omnipotent.

Am I the only hacker here who's had enough with this blowing up of NSA skill set and power? we don't have to go much further back in time than 4-5years and NSA was limited to spear phishing, cuz that was all the skills they had. ..and I have serious doubts about this self promoting doc drop they've got going on.

Their tools and skillset reminds me of 5 years ago, Stop trying to pretend to be us. We are much more scary than you,. You pay RSA to implement a bug, meanwhile we extract RSA som their secure cards inm munutes. aes and 3des too, we eavesdrop on your bakning card, your pin, your sim, and we aren't in we will get in. You buy exploits form VUPEN meanwhile you and everyone else have already been owned multiple times by code we wrote. You create stronger more obsucre crypto, wen we figure out cooler more relaxed ways we can crack it. Like listening to your device working, so it leaks it secrets, too.

Ask Obama how it feels to know his facebook server was owned his entire first term, or if he feels like his privacy was invaded when you tell i'm we laughed that morning facebook started coming on the morning brief. lol. does he know other ppl read that before he did? or that those times edits were done on his facebook server that some prankster was just undoing it to be funny? senate.gov whitehouse.gov .. coldfusion.. musta been the most owned webserver on the net. Realize while you use secret court orders to obtain ppls keys and certs, hackers just hack them. And we have more 0day in your commonly used stuff than you can imagine, i mean do you think adobe was safe? or word? no not even integrity-178B, we have bugs in gsm 3g 4g gps surveilence cams, sensors, software, hardware, smart cards and bank cards these things are not secure! We can jsut as easily track your metadata, although you would claim it was illegal, but that's ok we would, like you, jsut argue we are not doing it.

AIr force glorified sysadmins. not hackers. These ppl cannot figure out how to secure coms between their planes and nato planes on training.

Now get that ship under control before we hackers flip out and give you a taste of your own medicine. You do wholesale logging of EVERYONE but you get PISSED when snowden takes a few thousand pages of documents, other ppl ahve a right to privacy, and ot have to worry about their emta data. I no longer shop us cuz of you. i gave away my mac went back to linux and open hardware. my sim card has telco and all other certs removed from it (good luck trying to 'hack' in now.).. You think Ed was smart.. jesus wait till you meet some real hackers, cuz we piss on you posers, like kamisnky mitnick tinnes, your consultants, our toys.

think how this feels to other people. Then realize other people have that skillset and better. You protect yourself with tech, we own you with it. you think adobe?? amazon??? microsoft??? cisco? is gonna keep you safe?all these ppl you rely on including RSA gets hacked all the time. gary7.nsa.gov rings some sort of bell?

Re:NSA are NOT omnipotent.

ALso I would like to add that a HIGH SCHOOL DROP OUT walked right into NSA with a usb drive and walked right out with it. Where were these super hackers then? Obviously myth, they are trying to t ake attention away from how they do it. And they get real mad over that, but it's no problem for them to collect ALL over the rest of the worlds communication in bulk? and also claim to the court theya rent doing it therefor it's legal. If i tried that argument i would be in jail now. These ppl are obviously not tech geniuses.

The fact is that they are hypocrits, liars, and they dont realize hgow much worse than the stasi their collection is in terms of size. Nobody trusts NIST, FIPS, AES, RSA anymore.. esp. afte rhtat bad l lie rsa came back with. Nobody mentioned anything about bsafe. and whatnot. but, we've cracked rsa cards and aes ez all year.