OPSEC For Activists, Because Encryption Is No Guarantee

Nicola Hahn writes: "In the wake of the Snowden revelations strong encryption has been promoted by organizations like The Intercept and Freedom of the Press Foundation as a solution for safeguarding privacy against the encroachment of Big Brother. Even President Obama acknowledges that "there's no scenario in which we don't want really strong encryption."

Yet the public record shows that over the years the NSA has honed its ability to steal encryption keys. Recent reports about the compromise of Gemalto's network and sophisticated firmware manipulation programs by the Office of Tailored Access Operations underscore this reality.

The inconvenient truth is that the current cyber self-defense formulas being presented are conspicuously incomplete. Security tools can and will fail. And when they do, what then? It's called Operational Security (OPSEC), a topic that hasn't received much coverage — but it should.

Semantic games

[diamondmagic]

So it would appear that POTUS is now towing a line advocated by none other than whistler-blower Snowden who asserted [8] that “properly implemented strong crypto systems are one of the few things that you can rely on.”

Only there’s a problem with this narrative and its promise of salvation: When your threat profile entails a funded outfit like the NSA, cyber security is largely a placebo.

How many pointless articles could be avoided if authors and editors understood the difference between a necessary condition and a sufficient condition? Of course comsec is not a solution per se, Ulbricht can tell you all about that! (And how many more pointless discussions could be avoided if everyone knew "per se" = "by itself".)

Re:Semantic games

[Defenestrar]

You've got a good point, but the implementation of said conditions have a different intrinsic suspicion. Discussions on encryption will only get you put on the NSA watchlist along with everyone else. Conversations about OPSEC may get you a little bit more. For example - getting revealed as someone who sends encrypted messages to your friends is either in that category of nerdy or slightly suspicious. Getting revealed as someone who passes parcels to others via dead drops will probably get your door kicked in by the DEA shortly followed by a long line of other three letter groups.

PS - I'm not sure if I'll ever be able to use the word "intrinsic" without thinking of eating leprechauns or quantum mechanics. Does anyone else have this problem?

Re:Semantic games

[gstoddart]

You want to play 'semantic games'?

When 'opsec' is outlawed, only outlaws will have opsec.

In other words: if you're employing opsec, you will be construed as a terrorist, and the NSA et al will use even more secret laws to fuck you over even more.

There is no scenario in this security paranoid world in which being secretive about your actions isn't red flags.

Which is precisely why these 'intelligence' outfits need to have much shorter leashes. Quite possibly suspended from trees high enough to keep their feet off the ground.

In this opsec boils down to "if you have nothing to hide you have nothing to fear", and the fucking fascists have won. It is now illegal to make it difficult for the government to spy on you when it wishes to.

Re:Semantic games

[PvtVoid]

(And how many more pointless discussions could be avoided if everyone knew "per se" = "by itself".)

Not to mention that the phrase is toe the line.

Re:Semantic games

[rtb61]

Problem with your analysis, damned if you do, damned if you do not. Many of the activities of the three letter US agencies have become largely criminal with gross and purposeful misinterpretations of the law and this not in pursuit of justice but in the pursuit of the psychopathic ego of many out of control 'agents' or upon the direct orders of political or corporate appointees. So doing nothing is no more or less effective at getting you door kicked in, being threatened with real and impending death for any reason imaginable including not obeying orders fast enough, a barking dog, happening to have some item in your hand at the time, any item. Then you and all other people in residence at the time being physically assaulted, really assaulted, not grab you hands put them behind your back and being handcuffed but thrown to the ground kicked and jumped on, a bought of "stop resisting' with more blows to the head and then of course your home trashed and your stuff stolen. Then if they hate you ludicrous bail conditions the ensure you remain in jail for years during an hugely purposefully extended trial and the inevitably had sucker you have been in jail for years, plead guilty and you will released with time server ha ha ha.

Basically you are attempting to defend yourself against really lazy and self serving types who in reality wont be bothered with the real leg work, the real reports or any real effort.

Besides it can be hugely fun. Be overtly covert, make a big show of analogue person to person communications. Don't be lazy yourself, do everything you can person to person, the more the merrier and the more wasted spy vs spy efforts. In the whole spy vs spy vs the rest of us, being overt, exposing your efforts, being more public about your activities, serves to protect you and will inevitably expose their spy vs spy efforts to the ridicule and derision it so often rightly deserves.

Re:Semantic games

[al0ha]

Actually you mean "per se" == "by itself" don't you?....

A lot of pointless discussions could be avoided if everyone knew = is an assignment operator and == is a relational operator.

Re:Semantic games

Besides, it's "toeing" the line not "towing" the line.

Re:Semantic games

I hate when they spew that disgusting line. I have nothing to hide everything I do online is legal meaning it's none of their goddamn business. IMO every last one of them should be locked up.

Re:Semantic games

The ironic thing is that OPSEC is a must for any business organization. You can have data at rest protection, and data in transit, but without protection against the VoIP spoofer demanding access or else he will get people fired, this does work. I've worked at a company where the head security guy got fired because he challenged a muckety-muck PHB who was tailgating (trying to get past a door into a sensitive area from the outside of the building without badging in), and this fear caused people to not challenge anything... if it was someone who knew what they were doing, they could just claim to be someone higher up, and the company was theirs.

OPSEC isn't just reserved to TLAs and the military... organizations need at as well.

As for protesters and activists... you can't get most of the 20 something crowd interested in anything other than iPhones and beard oil, so things like keeping the ranks clean of trolls and goofballs are not even something they think about. Handing them an OPSEC guide would be like handing a duck an iPad... there would be curiosity, then it gets pooped on.

Re:Semantic games

[diamondmagic]

Oh boy, forgive me for not appending [sic], too.

Not necessarially opposed to grammatical errors, just the nonsense that it causes. Like this one up here ^

Re:Semantic games

PS - I'm not sure if I'll ever be able to use the word "intrinsic" without thinking of eating leprechauns or quantum mechanics. Does anyone else have this problem?

Fortunately for us, there are still enough geeks at NSA that even the AIs will be born understanding Nethack references.

Re:Semantic games

Besides it can be hugely fun. Be overtly covert, make a big show of analogue person to person communications. Don't be lazy yourself, do everything you can person to person, the more the merrier and the more wasted spy vs spy efforts. In the whole spy vs spy vs the rest of us, being overt, exposing your efforts, being more public about your activities, serves to protect you and will inevitably expose their spy vs spy efforts to the ridicule and derision it so often rightly deserves.

Back in the day, I always thought that was the best part of Chanology. Untrained civilians got to cosplay spy vs. spy against a reasonably competent adversary mired in 1960s thinking. The cult had money and manpower, but was by definition unable to update its playbook because its playbook came directly from the mouth of Hubbard and to update it was heresy. Anons had phenomenally better communications but zero training/experience in countersurveillance beyond what they could learn in a few weeks. By building on what was learned during the cult's first attack on the Internet (the a.r.s. battles of the early/mid 90s), this time around, the 'net had enough people to change the general public's perception of the cult from merely "that weird hollywood cult" to "not just merely weird, but something that is dangerous and which should be shunned." Best part is, nobody really got hurt except for the cult's revenue stream.

Re:Semantic games

The first rule of OPSEC is also the second rule of OPSEC. If you're discussing security procedures over an open channel on ANY 3rd party telecommunications service you have already lost the war.

Re:Semantic games

[Z00L00K]

Opsec is just a procedure you apply.

Invent one procedure that works only for your closed group, it shall only be known to all of you. What the procedures and patterns you have within your closed group will have to be seen as normal variations that to the casual observer don't look outside the ordinary.

A certain variation on how the clothing is worn might be your way of signaling to your group a certain message - or be part of the message when you casually meet.

Re:Semantic games

These things only stand out when there are few people doing it. Hence the push for mass encryption. If Grandma and Little Tommy exchanged their cat pictures through Threema and YouPorn et al. pushed the boundaries of SSL security on their websites, then your conversation with $oppressedgroup activists would not stand out all that much any more.

Of course

[ShieldW0lf]

If I'm the only one who can unlock your encrypted communications, then it's in my best interest to have everyone encrypt their communications, because then, I'll be the only one with total situation awareness.

It won't be in any of your interests, of course, because you'll be handing me my advantage on a silver platter... but you're all far too shortsighted to pay attention to such things.

Of course Obama and the NSA want you all using strong encryption. Stupid of you to give them what they want, though.

Re:Of course

Intel AMT / vPro / vt do an end run around crypto.

Built in backdoors. No need for your cooperation.

Just like good guns are banned.
And good girls (can't marry actual girls, female children).
So is any security for peons like us men.

Re:Of course

[RevSpaminator]

A friend of mine has worked installing automotive glass for years. Every time someone asks him, "I want a sun roof but how I do I keep it from leaking?" his response is simple. "If you don't want leaks, don't cut a hole in the roof of your car." I've watched the computer industry over the last 30+ years and if there is anything to be learned from history, there is no such thing a "secure" system. Wanna keep a secret? Don't write it down and don't tell anyone.

Re:Of course

It would be much stupider to let anyone in the world spy on me, which is what you want.

Well, that's not quite accurate. You specifically want to spy on me, and everyone else in the world. Claiming that you want others to have that same capability is merely a cover for your own selfish motivation.

Fortunately, you will never have the power you seek, nor would you be competent to effectively use it even if you had it.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Of course = Obfuscate

Limit and obfuscate are the only options. Been done for thousands of years.

Re:Sigh...

[MobSwatter]

Mkay, and that has nothing to do with a predictable species living in networked habitrails.

Test your security with false information

[hamjudo]

In the days of brick and mortar spying, the people being spied on would send messages that included false meeting times and locations. For example, in a town with underground utilities, announce a meeting to take place in a rarely used manhole. If the manhole cover is disturbed, then you know that the communication channel has been compromised. No math is required.

The high tech equivalent would be to mention a network resource where access can be monitored. When the network resource is accessed, you know there is a problem.

Re:Test your security with false information

[viperidaenz]

When access to that network resource is being monitored, you don't know there's a problem.

Re: Test your security with false information

The thing the nsa fears the most is two people sitting down face to face, in an isolated location, and exchanging the critical intel. No cell phones, computers, sat or signal access. You know, people just having an old fashion conversations.

The greatest enemies of the united states, do just that, really well. Kind of makes you wonder just how the nsa is the right tool for the job.

Re:Test your security with false information

The other point that needs to mentioned is that the first rule of using codes is "The enemy knows the code". If you think it will ever be possible to encode a significant body of material such that the other side will never, ever be able to read it then you are not using rational thought. The other side are as smart as you are, why wouldn't they be? If you can read their codes, they can read yours. Encryption DELAYS the enemy knowing your intentions, it will never prevent him from working it all out eventually.

Re: Test your security with false information

The thing the nsa fears the most is two people sitting down face to face, in an isolated location, and exchanging the critical intel. No cell phones, computers, sat or signal access. You know, people just having an old fashion conversations.

The greatest enemies of the united states, do just that, really well. Kind of makes you wonder just how the nsa is the right tool for the job.

I didn't know the NSA was the United States' only intelligence agency. /eyeroll

Re:Test your security with false information

[SeatcheInpericulisau]

If you are having a hard time understanding what hamjudo was saying, read Paper Moon or other stories about con-artists.

Con is short for Confidence, and a con-job is a means to earn someone's confidence long enough to get their money or to dupe them long enough to get away with whatever you took from them. This includes playing the patsy or the dumb crook, when you think you're being tracked by the authorities, the mob or that angry husband.

I don't recommend this life style, but I like reading about what con-jobs worked, how long they lasted, and when were the perps caught. Con-artists are gregarious extroverts with an exuberance for your life, your loves, your interests, and most importantly, your purse.

My experience in life has taught me three things about con-artists.
The first thing is knowing when you've been caught.
The second thing is knowing how to get away with it anyway by admitting to the first lie.
The third thing is remembering the objective; never give back the goods you've taken, hide them well, and spend them well.

Re:Test your security with false information

The phrase is "The enemy knows the system", and it is a reformulation of Kirchhoff's maxim attributed to Claude Shannon. What he's saying is that ciphers whose design relies on security through obscurity don't work.

One thing Claude Shannon proved was that properly secured and properly employed (no reuse) one time pads are impenetrable.

Proper systems in place

One solution could be to use OpenBSD ... for everything.

Re:Proper systems in place

One solution could be to use OpenBSD ... for everything.

No. And I've nothing against OpenBSD, it's just you're missing the point - even if there was such a thing as secure hardware and secure software (there ain't) the weakest link is always the meatbag (PEBCAK) operator.

It'd be more useful to use good OpSec and OpenBSD. It'd be more secure to use good OpSec and Windows 95 than poor OpSec and OpenBSD - and that remains true whether you wish to avoid targetted surveillance or simply browse securely.

Rule one of OpSec 101 - do I really need to do this? Generally the first rule broken by most (sigh).

Demonoid Penguin - moderating, (but not this thread)

OPSEC

[nsaspook]

Old school.

http://radicalsurvivalism.com/...
http://www.outofregs.com/postI...

Opsec?

[viperidaenz]

It's called know what you're doing and don't be stupid.

Stop it!

Unless you are talking about a military operation you shouldn't be using the term OPSEC.

Re:Stop it!

Unless you are talking about a military operation you shouldn't be using the term OPSEC.

Every time the NSA comes up, /. turns into this shitty Tom Clancy novelette.

OPSEC

[Onuma]

Loose lips sink ships. If it is talked about, someone will sooner or later overhear it.

You are correct.

Snowden confirmed our suspicions. And for that he lost his livelihood and his home. And in return for his sacrifice we....have done nothing.

We benefited from his revelations, and then we let him rot. We can't even be arsed into signing an online petition to help him out.

Given how we reward whistle blowers, I am surprised we have any at all.

Re: You are correct.

[Hevel-Varik]

I believe in dealing with terror with overwhelming violence and am not normally sympathetic to idealogical subversion but this is different. Regardless of how powerful and all knowing you feel the NSA needs to be, I cannot relate to any argument that they should know and store absolutely everything I ever say or write over any wire or store on any computer because of needing 'information dominance' while at the same time I SHOULD HAVE ABSOLUTELY NO FUCKING IDEA THAT THAT IS THE CASE. That's not government of the people by the people. The people need to now that the people know everything about the people, even if you believe the people need know everything about the people for the safety of the people. I don't sympathise at all with the if .... the terrorists have won but in this case, Snowden is a national here and I do hope that one day a President and hopefully a hardliner pardons him a gives him some type of reward.

Adhoc one time pad encryption

We're mostly programmers here not cryptographers, but there is a simple way to encrypt data from one trusted point to another trusted point, and that's to use a large random key and make a one-time-pad encryption. Its something programmers can understand, its unbreakable and it should be added to every point to point link on-top of any of that NSA corrupted shit that passes for encryption.

You have a key that is far larger than the data you are encrypting, you never reuse parts of the key. The key is random garbage not generated by the computer, but sampled, e.g. random video mashes together or random noise audio mashed together. You transfer the private key by trusted method, e.g. carry it on an external 2TB drive. Given the amount of data that can be moved now is TB, and the amount of data sent in messages is still small, its surprisingly easy to totally encrypt that data.

So a 10,000 buy orders are still only a few MB of message data, and yet a multi-TB key can fit in the pocket.

It's something every programmer can understand and its easy to implement and adds minimal encryption overhead since it can be done in one pass. You can add it ontop of any other encryption system.

Re:Adhoc one time pad encryption

[pepty]

So then you just have to send copies of your one time pads to everyone you want to have conversations with. What could go wrong?

Re:Adhoc one time pad encryption

[bickerdyke]

You have a key that is far larger than the data you are encrypting, you never reuse parts of the key. The key is random garbage not generated by the computer, but sampled, e.g. random video mashes together or random noise audio mashed together. You transfer the private key by trusted method,

If you have a trusted communication method you could use the same method to send the actual message. (Exception being when you have a trusted channel once in a while)

Next is that video and audio are far too regular to count as reliable source of randomness. Have a look what work went into defining the entropy sources for the Linux pseudo random number generator. Things you thought should be more than random over a large stretch of time showed to be surprisingly predictable.

Re:Adhoc one time pad encryption

> If you have a trusted communication method you could use the same method to send the actual message.
> (Exception being when you have a trusted channel once in a while)

Depends on the amount of key material. For one message, yes, it doesn't make much sense. But what if the exchange is a few terabytes of random key material? Or, analogue, a few boxes of tightly written pads, which last for a significant amount of time in the future?

Re:Adhoc one time pad encryption

They send a really sexy agent to pretend to be your girlfriend (boy if so inclined) so that you give away your secret codes to her.

Hmmmm... I think everyone on Slashdot's going to start encrypting in 1..2..3.... M-/n$M-mM-^]TM-^MM-~^Z:4jckM-\xM-^XM-~M-,M-^

PSK

To my knowledge, the NSA has not figured out how to break conventional encryption. There's nothing quite as secure as conventional encryption. It may be difficult to securely communicate a pre-shared key, but you only have to do it relatively rarely. If you send pieces by various media, it makes it much more difficult to eavesdrop. Send 10 characters by SMS, 10 by voice over landline, etc.

Uninteresting

[AndyCanfield]

The article misses one partial solution: be uninteresting. I've got a bank account in a non-US bank. It's got several hundred dollars in it. Nobody's going to bother to steal that. I've got a password I use all over the Internet, including Slashdot, but you can't do anything with it but post stupid comments. My bank password was a different one. I look just like a million other Amerians living overseas, and that is my ultimate protection. Of course, the cheaper hard disks get, the more data the NSA can store, so the protection is only partial. But for now it is a factor. Of 200 million Americans, how many are worth tracking?

Re:Uninteresting

Every American is tracked, in case they choose to have a political life in the future. The same is true of just about every developed country today to varying extents. Your best choice is to emigrate to a Rule Of Law state and keep a low profile.

In America you can be violently attacked and/or robbed blind and have your life ruined by police/politicians/bureaucrats for any reason or none at all. In Australia and New Zealand everything is monitored, same as the US, but you still have civil recourse even if you're an obnoxious shit. I really hope that doesn't change.

Some Real Advice

[linuxrocks123]

- It is technically possible to air-gap the machine you use to access your email, by copying the email over from an insecure computer to the air-gapped machine.
- TAILS is great, but they probably at least try to break it since it's popular. Will they succeed? Maybe. So use an OpenBSD live CD, it's more secure anyway. Or get creative: use Whonix. The FBI's pedestrian attempt at drive-by malware would have fallen flat on its face with an adversary using Whonix.
- Firejail. Google it. Won't protect you against local kernel privilege escalation attacks, though.

Yes, contingency planning is good. Yes, single points of failure are bad. But you can get very, very good communication security if you really try.

Re:Some Real Advice

" It is technically possible to air-gap the machine you use to access your email, by copying the email over from an insecure computer to the air-gapped machine."

Serial port. Slow as hell but ZModem doesn't inject nasty malware.

Re:Some Real Advice

[linuxrocks123]

I was thinking flash drive or possibly optical disk ... couldn't there theoretically be an exploitable buffer overflow in ZModem?

Re:Some Real Advice

Electromagnet and magnetometer. It's the only way to be sure.

Re:Some Real Advice

There is always theoretically a bug to be exploited on the air gapped system.

laptop connected to a USB robot hand that types the data in via keyboard.

Re:Some Real Advice

[Burz]

- Firejail. Google it. Won't protect you against local kernel privilege escalation attacks, though.

Yes, contingency planning is good. Yes, single points of failure are bad. But you can get very, very good communication security if you really try.

Qubes OS should protect you against privilege escalation *and* VM breakout attacks where sandboxes like 'Firejail' do not. Its a hardened hypervisor-based desktop OS that isolates elements like graphics and network IO from each other using a system's IOMMU if necessary. Its single-user, and all security is implemented using the hypervisor.

Qubes is put out by white-hat hacker group Invisible Things Lab who switched their focus when they saw the need to do something about endpoint security. Their philosophy is to use the strongest means possible for isolation short of airgapping as a way to manage the complexity (large attack surface) of the personal computing environment; The security models of monolithic OS kernels

A bonus of isolating all the risky activities away from the graphics system is exposition: The windowing system becomes a reliable means to represent security context using window-frame colors and domain labels assigned by the user to the various VM domains.

Re:Some Real Advice

[Burz]

"The traditional security model of monolithic OS kernels" ...have been abandoned because they don't work against external threats. Of course, that doesn't prevent you from using traditional security within a Qubes VM.

(Sorry. Finishing sentence from previous post :) )

Re:Some Real Advice

[Burz]

Due to risks like BadUSB, or even attacks using the filesystem itself, those methods carry risk of exploiting the air-gapped system.

IMO, its actually better to use an isolating OS like Qubes because it uses a simplified and hardened protocol for data transfer between domains. Even copy-and-paste between domains has been hardened. It can isolate USB controllers and external disks at the hardware level using the IOMMU/VT-d feature in newer chipsets.

Re:Some Real Advice

[linuxrocks123]

Bugs in the filesystem driver, yes, but those are probably pretty rare I'd think. BadUSB, not really. That attack works by emulating a keyboard/mouse HID controller. If you plug your USB drive in and all of a sudden your computer starts typing things and moving the mouse on its own, you would notice immediately. Also it typically requires special hardware; a rooted box couldn't just take a real USB drive and turn it into a HID controller.

Re:Some Real Advice

[Burz]

You've got the wrong impression of BadUSB as impersonating a HID certainly isn't required. USB is fundamentally insecure in a number of ways...

https://www.blackhat.com/prese...

http://media.blackhat.com/bh-d...

https://srlabs.de/blog/wp-cont...

When the USB drivers themselves can be attacked with malformed protocol data there is a fairly direct channel to gaining access to the whole system. Also a USB drive controller can make itself look like an internal drive, meaning that DMA (yes, USB supports DMA) restrictions get lifted and then you have a hole in security similar to Firewire.

As for filesystem attacks being 'rare', that's only because other attacks (esp. remote) have offered so much opportunity to attackers. If an attacker wants an offline mode of exploitation then filesystems -- being complex data formats themselves -- then filesystems are a wide-open field of opportunity.

Re:Some Real Advice

[linuxrocks123]

StackExchange says you're wrong about USB having DMA: http://security.stackexchange....

In any case, BadUSB would require reprogramming the actual device, so I still don't think it is a practical attack vector in this scenario. Moreover, if you're really paranoid, you can use write-once CD-Rs instead of USB devices.

QubesOS is an interesting idea, but it's more complicated and therefore more likely to have bugs than airgapping a machine. You're assuming there are no bugs in Xen, for instance.

As for filesystem bugs, this code has been around for 20 years or more. There are bugs everywhere, but I think especially popular Linux filesystem drivers are likely pretty solid. But go ahead and just dd the file to the optical disk directly and don't use a filesystem if it makes you feel better.

Re:Some Real Advice

[Burz]

If the USB host controller firmware or any of the USB drivers available to the system are exploited, then malware delivered by the USB device may get use of the DMA channel between the host controller and RAM (if not simply gain root access). And calling customization of a device impractical is, I think, leaning a bit towards denial -- many hobbyists can do this now. Familiarity with common controller types used in consumer devices is also rising.

Its probably safer to bet security on a chokepoint like Xen hypervisor (which uses microkernel architecture and is only 1MB) than to use portable USB devices between air gapped machines. With the latter, any / all of the USB drivers plus a good chunk of the OS represent the attack surface.

The air gap user is relying on a riot of very disparate components, mostly authored by people who treat security as a mere buzzword.

If Internet security improves, we'll likely see more USB-based attacks in the wild. Sneaker-net may have high latency but its still a network.

Re:Some Real Advice

[linuxrocks123]

Burz,

I'm not saying it's impossible to customize a USB device. I'm saying rooting a machine to the point that it can customize an arbitrary USB key plugged in by the legitimate operator of the machine is impractical. You're also invoking speculative, unknown attacks against the USB host driver and firmware, which I will see you with my previously invoked unknown, speculative attacks against Xen. Also, you completely ignored my suggestion of using an optical disk if you are concerned about USB.

Safest way I can think of using airgapped machines right now for encrypted email:

1. Copy received email from networked machine C to write-once optical disk.
2. Decrypt received email on airgapped machine A.
3. Compose reply on different airgapped machine B, encrypt reply.
4. Copy encrypted reply to write-once optical disk.
5. Send encrypted reply from networked machine.

This involves three physical computers, but none has to be recent or expensive. Airgapped machine A has no ability to send information to C or B, and airgapped machine B is never touched by any devices from the outside world, and also never needs to know any secret keys, since all you need to encrypt an email message is the recipient's public key. Theoretically you could type such a key in by hand, but in any case it's a once-per-recipient transfer.

I would argue using USB sticks in this scenario gives only a very slight reduction in security, but write-many optical disks would be a practical approach if you're scared of USB. I will say that compiling out obscure and unused USB kernel drivers is a good move, as is disabling USB kernel module autoloading.

Re:Some Real Advice

[Burz]

I'm saying rooting a machine to the point that it can customize an arbitrary USB key plugged in by the legitimate operator of the machine is impractical.

Except that privilege escalation attacks against these multi-decade-old systems appear year after year. A well-funded state attacker (OP is about activists, after all) would certainly have some at their disposal.

Which gets back to the premise that monolithic kernels enforcing user privs is an outmoded form of security. Re-purpose the kernels as feature sets under an isolating hypervisor and security begins to look realistic.

Re: CD-R, lets assume I use an optical disk to move a quantity of email messages from a networked/untrusted machine to an airgapped one (both conventional architecture). If I export as .eml files, I have to archive them before burning them. So, over and above the risk from nasty email attachments, there is the risk the untrusted machine could use malformed email or archive format to perform an exploit. If you think that's far-fetched, consider how much more complex email and archive formats are compared to the .lnk files that were recently discovered as an NSA exploit.

Even so, the untrusted networked system could take a chance that you have automounting enabled or that you will inadvertently do something to mount a volume... it could write a malformed filesystem to the disc anyway.

Once an air-gapped system is compromised, it can alter the hard drive firmware to store passwords and keys in a format/cipher readable by the attacker who can later break-in to the premises and steal/confiscate the computer. In a Qubes non-networked vm, there is no out-of-band way to communicate or store info, and a compromised vm wouldn't have access to the disc encryption password in any case.

What you described #s 1-5 sounds much more complicated than using email in Qubes. And presumably this covers only email for one type of role (work, personal, etc); Covering all the roles means using many additional computers and burning many discs, and each role needs its own disc encryption passphrase.

If the email domain is untrusted, then create an untrusted Qubes vm for it. I could even create one vm for each role, plus one archival non-networked vm to store info, and even if the archival vm were compromised there's nothing it can really do except try to erase the data in that one vm. Securely copying between the vms is point-and-click (easier, in fact, than between user sandboxes on a regular system) or scriptable... one only needs to consider how risky the source and formats are to the destination vm. If there is a need to sanitize the info, its easy to do so in a Disposable vm (right now Qubes can sanitize pdf files, and other formats are expected). The only unintuitive caveat in such a virtualized setup is that sensitive asymmetric encryption (operations that use the private key) has to occur while untrusted VMs are not running in order to avoid side-channel attacks.

Re:Some Real Advice

[linuxrocks123]

Except that privilege escalation attacks against these multi-decade-old systems appear year after year. A well-funded state attacker (OP is about activists, after all) would certainly have some at their disposal.

All code has bugs. Xen has bugs. Qubes has bugs. And yes, OSes have bugs, although Linux local privilege escalation bugs are not an everyday occurrence, and OpenBSD bugs are very rare. You can't handwave a 0-day privilege escalation vulnerability into existence and claim that there are no 0-day privilege escalation vulnerabilities in Xen.

Re: CD-R, lets assume I use an optical disk to move a quantity of email messages from a networked/untrusted machine to an airgapped one (both conventional architecture). If I export as .eml files, I have to archive them before burning them. So, over and above the risk from nasty email attachments, there is the risk the untrusted machine could use malformed email or archive format to perform an exploit. If you think that's far-fetched, consider how much more complex email and archive formats are compared to the .lnk files that were recently discovered as an NSA exploit.

tar is pretty solid, actually, but, if you don't like it, make up your own trivial archive format (it's not hard), or don't use it and follow a one-disk-per-message protocol. And don't use a filesystem. dd if=email.eml of=/dev/cdrw (approximately), then dd if=/dev/cdrom of=email.eml

Even so, the untrusted networked system could take a chance that you have automounting enabled or that you will inadvertently do something to mount a volume... it could write a malformed filesystem to the disc anyway.

User error could happen with any system. You're really stretching here.

Once an air-gapped system is compromised, it can alter the hard drive firmware to store passwords and keys in a format/cipher readable by the attacker who can later break-in to the premises and steal/confiscate the computer. In a Qubes non-networked vm, there is no out-of-band way to communicate or store info, and a compromised vm wouldn't have access to the disc encryption password in any case.

Where did I ever say any of these computers had hard discs? And of course there's an out-of-band way to store info. Just use a magical vulnerability in Xen I made up to write it to another VM's permanent storage.

What you described #s 1-5 sounds much more complicated than using email in Qubes. And presumably this covers only email for one type of role (work, personal, etc); Covering all the roles means using many additional computers and burning many discs, and each role needs its own disc encryption passphrase.

I have no idea where you're getting that disc encryption has anything to do with anything here, and, no, you could definitely use the same three computers for all your emails. If you find burning discs to be too cumbersome, use floppy disc drivers or Zip drives or something, but it's really not that bad, especially if you don't bother to fixate.

This whole notion you have that "the operating system is insecure so let's put another layer on top of it" is just silly. If you make Xen your operating system, then Xen is your operating system. If you want a secure operating system with no privilege escalation, then that's what you need. Using a hypervisor doesn't magically make security vulnerabilities go away. There have and will be attacks against Xen, against Qubes, and against any other complex pieces of software you create. You want a secure OS, then you need a dead-simple OS written with security in mind. True security comes from simplicity, not complexity.

The one thing I think you're right about is that modern OSes are too complex to provide extreme levels of security. OpenBSD is the best, but even it is a quite complex piece of software. A braindead-simple POSIX-like OS kernel prizing secur

Re:Some Real Advice

[Burz]

Indeed, all code has bugs. Its a question of who/what is using the least amount of code necessary to provide a security mechanism. That's what reducing the attack surface is really about.

From a security standpoint, Qubes would by definition have very few-to-no additional bugs above what exist in Xen. OTOH, as I have implied, a Linux or Windows kernel + supporting libraries and also the firmware for USB controllers and NICs are immense compared to Xen plus a couple Qubes drivers (there is more to Qubes code, but only a small bit is critical to security).

I'm just pointing out that air-gapping does rely on the good behavior of an awful lot of code at its security perimeters. And it is TWO or more perimeters, not one, because you are putting some faith in the networked machine(s) being well-behaved as well.

Even so, the untrusted networked system could take a chance that you have automounting enabled or that you will inadvertently do something to mount a volume... it could write a malformed filesystem to the disc anyway.

User error could happen with any system. You're really stretching here.

And why should a user be burdened with a detail like controlling automount behavior? Its exactly the kind of thing you see in the papers when people are hacked. And it raises the question of how much of a tireless control freak you have to be to make a security schema work.

Its much safer to have a core domain that simply doesn't mount any extra volumes and is cut off from the network. One can quickly dispatch a disposable vm to look at the contents of a drive or copy something.

Once an air-gapped system is compromised, it can alter the hard drive firmware to store passwords and keys in a format/cipher readable by the attacker who can later break-in to the premises and steal/confiscate the computer. In a Qubes non-networked vm, there is no out-of-band way to communicate or store info, and a compromised vm wouldn't have access to the disc encryption password in any case.

Where did I ever say any of these computers had hard discs?

LOL! OK you 'win' that one. Let's do without mass storage...

What you described #s 1-5 sounds much more complicated than using email in Qubes. And presumably this covers only email for one type of role (work, personal, etc); Covering all the roles means using many additional computers and burning many discs, and each role needs its own disc encryption passphrase.

This whole notion you have that "the operating system is insecure so let's put another layer on top of it" is just silly. If you make Xen your operating system, then Xen is your operating system.

As I pointed out, Xen is tiny. Its not being layered on top of anything.

Hypervisors vary in their security focus; Most are designed to re-purpose a CPU security mechanism as a way to conveniently maximize hardware usage or run alternative OSes. They don't care much about security, especially on the desktop where they focus on convenience alone. They expose graphics, audio, clipboard, etc. in ways that practically define the category of vm-breakout exploits.

Xen cares very much about security on the server, and Qubes adds what is necessary to extend that to the desktop by properly virtualizing the graphics subsystem along with everything else, for example.

True security comes from simplicity, not complexity.

I agree -- However, functionality comes from complexity. So the solution becomes using simple security mechanisms to manage the de-privileged complexity.

It has been fun arguing over two different isolation mechanisms. Air-gapping is not often discussed in detail, and it would be nice to see sites like /. carry more posts about all of the above.

Ugh

[Rinikusu]

It's bad enough you gotta bunch of guys out there who read too much goddamned Tom Clancy and use military/police-esque terms for everything whilst wearing their size XXXXXL tactical camo pants, but do we really want to start throwing around terms like OPSEC? Goodie, you know a new term/acronym; you're still not a badass.

nsa whistleblower william binney, dr.robert duncan

they've said there's no encryption that's going to make any difference because NSA can tap passwords and steal encryption certificates a variety of ways, including from peoples brains through neural decoding, and leaky signals off computers too using interferometry.

offline machines are best they said, probably the only way to really protect yourself a little, encryption don't matter much.

but you also need shielding. overall I suspect that won't work if the satellite signals can't be blocked. NO JOKE, LISTEN HERE: http://www.oregonstatehospital.net/d/media_archive/2015-02-24%20Awake%20Radio-%20Dr.%20Robert%20Duncan,%20William%20Binney,%20John%20Kiriakou%20interview.%20CIA,%20NSA,%20DOD,%20US%20DOJ%20bullshit%20exposed.mp3

obamasweapon.com

The best security...

... Don't be an activist. It's that simple. Or are you so naive as to think your action could ever, ever matter? You will only end up on some watch list and suffer for it. Your family will suffer too. And for what? In case you have not noticed, the game has been over a long time now. You're trying to resuscitate a rotten corpse. Move on.

Such A Nice Bootlicker

...you are.

Here's a gem: You night to FIGHT for freedom. The government and their mohammedic friends are hell-bent on implementing Mohammedic Security (total surveillance, torture, kidnapping etc) here.

There is NOTHING WRONG with using TOR and turning off the NSA Beacon as much as possible. As long as you dont conspire to harm anybody else, that is.

And yeah, I get regular black helos, C130 overflights and the odd three-strange-persons visits in the train. When I was in Atlanta they once showed me about 50% of the USAF C130 flight after some internet posting.

I am defending Germanic Freedoms, including the Freedom Of Our Women and those crypto-Mohammedics can Go Fuck Themselves.

ERRATA

"You NEED to FIGHT for freedom."

And I also had at least two types of combat helos (Cobra and Apache) overflying me in a Show Of Force action. Plus I get the regular Marine Infantery Aviation overflights with their Beechcrafts here.

Yeah boys, fight for your Mohammedic Friends !

Finally

Communications Security is easy to implement. Just FORGET to "secure" any *networked* cybernetic device.

Get yourself a FIALKA,TYPEX or SIGABA device and use that to encipher your messages. Then you can use NSApp or NSAbook to transmit the enciphered stuff.

The FIALKA can actually be done in software. JUST MAKE SURE TO REMOVE ANY OUTSIDE CONNECTIONS after generating key material. Transfer of info is done using YOUR FINGERS. Like you did with a FIALKA.

Finally, no, I am not Russian but a Germanic Patriot and I hate all the Middle East Buttfucking.

Open source USB and hard drive firmware

[gast0n7]

What does the future look like for open-source USB and hard drive firmware, and the ability to update our own? Something open-source router firmware?

Not having a mobile phone is suspicious...

[Richard+Kirk]

Any pattern in the way you behave can be used against you. If you are not emitting a mobile phone signal, then you are suspicious. If you have an iPhone, and the logs suggest you regularly take the batteries out, then you are very suspicious. A modern spy would carry a mobile phone - not the latest security recommended one, but something dull - and would tweet and post pictures of what they are eating and listening to just to get the right watch profile. You would have to leave the phone behind when you want to do Spy Things, but you could leave it in the locker at the swimming pool, or something plausible like that. If you have to send crypto messages over this phone, keep the message very short, and plausible.

I don't think there are many real spies here on Slashdot, but there are probably people who would like to keep their data secure in a way that does not attract attention to themselves. Perhaps we should all use encryption whether we need it or not, so those that need it will no longer stand out.

Re:Not having a mobile phone is suspicious...

[Bob+the+Super+Hamste]

Personally if we really wanted to mess with them set up a bunch of disposable e-mail addresses over the course of a week using open WiFi connections with a computer running ToR and then periodically e-mail random data attachments back and forth. Hell I've done this for shits and giggles, when I am at the bank send off some random data since I can connect the Starbucks WiFi across the parking lot, at the used book store connect to McDonalds WiFi next door. Poisson the well make their mining of data useless and make them waste resources trying to decrypt output from /dev/random. The e-mail address are just first names of people in groups (the Beatles, the 12 apostles, Metallica, the US senate judiciary committee, etc) with random letter/number combination passwords. After a couple of months stop using those e-mails and then after a bit create a new set of accounts but a different number of them rinse and repeat. Being a white male with US citizenship, born in the US and residing in the US offers a lot of protection to do this but I wouldn't recommend anyone with a suspicious* background to do this.



* By suspicious I mean someone who might have ties to any protest organization, be a naturalized citizen, have visited any strange countries, be a minority, committed a crime other than a traffic/parking ticket, or any other group the government may want to target or would be ignored by the news media. Basically it would be similar to driving while black, or the opposite of being a young white girl who gets murdered or put on trial in a foreign country. I hate to say it but it is sadly true that the general population would't care about your plight if you could be painted as an undesireable.

Re:Not having a mobile phone is suspicious...

"A modern spy would carry a mobile phone - not the latest security recommended one, but something dull - and would tweet and post pictures of what they are eating and listening to just to get the right watch profile."

Then you're marked as someone who doesn't carry a "smart" phone and still generating a lot of metadata.

Oh Little Bootlicker

If his Information were manipulated, we would already have heard your paymasters scream and shout. The fact that they dont mean it is more or less 99,9% the TRUTH.

Besides, all we learn nicely fits into the general scheme of things we already knew. Imperiums control the plebs via information. Totally if possible.

Bullshit

A proper OTP is provably secure. Stop emitting false information.

Be PRECISE

Sure as hell they have broken the JN25 PSK cipher book. Sure as hell they have broken the Engima PSK Cipher. And probably a shitload of others.

You are right that they lately have added lots of focus on key mat stealing instead of code breaking. After all, everybody wants max result at min effort.

WRONG

As soon as you throw even ephemeral sand into the Gears Of War, you better think of yourself as an "operative". Because the War Maker Side will be using military-style operations against you. They wont kill you, but surely they will exert non-violent pressure so that you might do this yourself.

For example "mock attack with angry dog".

Think of your daily routine as a "sustainment operation". You Sustain Anti War Pressure. You better sustain it on a random time/space schedule or the attack dog can be set up against you at too low cost.

Yeah, THAT IS A FREE SPEECH OPERATION.

Not Correct

Were I live we blast the government and their sucker media when they want to go into WAR MODE. We already made them turn off the comment function on FAZ.NET, a major CIA/New York Finance outlet. Thereby they admitted serious defeat.

The heat has been turned on onto the Anglo Imperium Collaborateurs in Berlin and they know very well.

So yeah, not easy, but surely we can have effects.

African National Congress Manual for Covert Action

http://cryptome.org/anc-manual...

"This is an African National Congress manual for covert actions, first published during 1988-90 as a series of articles in 'Umsebenzi', later as a single pamphlet for underground operatives"

peace & love

Trolling for the agencies.

Way back in the day, when the cold war was in its closing stages, and I was a teenager, the family used to go on holiday to Portsmouth (We had relatives there), the place also has a MAJOR naval base.

Yours truly (aged about 13 or so) used to think it a great joke to fire up the typewriter and produce a page or so of random 5 character groups (A zener diode noise source and the schools BBC micro helped with this), then mail the resulting document to "The Cultural Attache, Soviet Embassy, London" from one of the post boxes near the gates of the navy yard.

Now the mail would clearly have been read, so while the trolling of the Soviets was minor, the UK agencies would seem to have a spy in the navy that they cannot find writing in codes they cannot break....

Good times.

Regards, Dan.

At the risk of redundancy

The only guarantee of OPSEC is not being in business (or doing anything, or being alive...) Otherwise, you can only get close to complete operational security.

As far as encryption goes... mathematically, all forms of encryption that aren't pure, truly-random, one-time pad cypher-based techniques, and NOTHING ELSE, must have some form of compromise, and are vulnerable to various kinds of attacks. The keys, or whatever you call them, must be shared over the very same communication channel that the users at the ends are trying to secure, somehow.

Only a pre-shared, USED ONCE THEN DESTROYED, truly-random, one-time pad cypher scheme comes with any guarantee of security for the sender and recipient of the encryption, but additional measure must be used within the scheme to prevent some kinds of attacks, like man-in-the-middle randomization. The scheme must include a mechanism that assures the recipient that the message is authentic, and ideally a return information path to let the sender know that the message was received, unadulterated, and THAT in turn must be resistant to forgery, etc.

Naturally, if either side is compromised, (i.e., recipient is decrypting in a room with a hidden camera, etc., or if sender is apprehended after encrypting message before destroying cryptographic materials, etc.,) even that guarantee goes out the window.

This is why less-secure methods are used--the methods used aren't fully secure, but they're secure enough, or believed to be, until someone reveals a way to defeat them that is within reach of anyone who might try to break the crypto-scheme, in the public interest, at which point the scheme is abandoned. You all remember that 40-bit encryption was the standard for a while, not too long ago, right? That only gave a 1-trillion possible code keyspace, or thereabouts, which today, a cellphone is probably powerful enough to break in seconds or maybe minutes.

What I'm saying, I guess, is that unless you are using MANUALLY GENERATED one-time-pad cyphers, and using them CORRECTLY, your communication security is limited by a number of factors, including, how badly someone who wants to read your messages, (etc.,) wants to do so. Any crypto scheme based on doing one-way function mathematics requires a certain amount of computing power, and your ability to utilize it is a function of how much power that takes. You couldn't, for example, use with a PC or a smart phone, or anything in between, encryption with say, a 100,000,000,000,000,000 ^ 100,000,000,000,000,000 long key, because well... that's just not practical.

Incovenient truths?

How 'bout this one: All us much vaunted activists who are currently cheering the FCC vote yesterday just made it ever so much more convenient for everyone to be officially spied on, and not just by the NSA.

But, yeah, opsec is good.