Tag Archives: nsa

Posted on
by

GCHQoogle: so much for "Don't be evil"Another day, another set of terrifying revelations about how we’re all being spied on.

So, what have we learnt from this?

Bruce Schneier has a nice summary, but in short, from what I understand, the situation is as follows:

Firstly, the bad news is that if the NSA or GCHQ want in, there is very little you can do. They simply have far too many resources; they have lists of exploitable vulnerabilities for every network connected device you own, have techniques to break into your wifi, own the root SSL certificates so they can hijack your HTTPS session, can reconstruct the electromagnetic emissions from your monitor into a picture, can root kit your mac, windows PC, games console and turn any mobile phone into a bug… and if all of that fails, they can just kick your door down.

The point is that these are all resource intensive things to do and don’t scale very well, plus there is a much higher chance of discovery. This is why they’ve concentrated on communication interception as a primary attack vector.

Some good news is that it looks very much like the actual encryption algorithms themselves – with a few possible exceptions – haven’t been broken (yet). Instead, as many of us who have been watching this unfold have suspect, they’ve been concentrating on weaknesses in the implementation of these algorithms; exploiting existing bugs (which have often been reported to them by industry partners or spies), or by deliberately creating bugs in implementations, or by circumventing the encryption altogether and getting access to the companies that hold the data on our behalf.

The fact that good crypto is probably still good is little consolation since, because of the engineered vulnerabilities, the cryptographic technologies that protects our privacy, medical and banking records, and the systems that run our entire economy, have still been compromised. Presumably this is what Theresa May meant when they said they could “Handle HTTPS”.

Even if you believe that the security services are brave noble and true defenders of our liberty, it is the height of naiveté to believe that a security hole will only be exploited by us but not them. It is only a matter of time before some other power, or even just plain ordinary crackers, exploit the same security holes to steal your identity or the contents of your bank account.

What can be done

The latest leaked documents do offer a glimmer of hope; by their own admission, the techniques they are deploying are massively vulnerable to disruption (so much so that it seems employees at GCHQ are under strict orders to not even speculate about how information is obtained). It seems that countermeasures, if adopted by the population at large, could very well be effective.

The first thing to do is get political; write to your MP, join the EFF and ORG etc. The security services have gone rogue, but that is a political problem which needs a political solution.

However, in the same way that while we have laws against burglary we still lock the door, we need to change up the way we conduct business on the internet.

This and earlier leaks have made abundantly clear that we absolutely can not trust cloud services, proprietary software products or software that communicates using closed proprietary protocols. Windows, OSX, Skype, Facetime, GMail, Facebook, etc, have all been compromised to some extent or another. Strongly consider moving over to Free software alternatives for your software, since the peer review process inherent in the development process makes them a much harder target to compromise.

Perform regular security audits; keep up to date with patches, and adopt a multi-layered approach to security that mixes protecting your electronic borders with detecting breaches when they occur. Do not rely on proprietary antivirus software to protect you, they’ve been compromised.

Remember, if they really want you, they can have you, so fundamentally the technical countermeasures we adopt should be focussed on changing the economics of mass surveillance. If significant portions of the population stopped using cloud services like Gmail and Google docs, and moved towards a self hosted solution, there would be no tempting large cache of data that could be sucked up. If everyone made more extensive use of strong crypto (and really, there is NO excuse to still be sending things cleartext), then we dramatically increase the effort required to surveil the population at large.

If we can deny them these cheap attack vectors, then we force them to use the much more expensive vectors mentioned above which, crucially, do not scale to the population at large. We don’t remove the ability of the security services to monitor the handful of genuine bad guys out there, but we prevent the possibility of any fishing expeditions, and crucially we stop some future government using mass surveillance via the internet as a tool of oppression.

Posted on
by

Today, Groklaw, a site responsible for, among other things, victory in the SCO patent troll attack on the Linux kernel, followed Lavabit and shut it’s doors. It did so because there is now no way to communicate securely on the internet; traffic is routinely intercepted, servers can be stolen and operators forced to reveal confidential sources.

This is the world we live in, and have been living in for a while now, but thanks to a whistleblower we are all forced to confront this reality.

So, as technologists, what can we do to protect ourselves and our loved ones?

Truth is there is no silver bullet, but that doesn’t mean we just give up and go home. While the technology is only a small part of the issue here, it is something that we as technologists and makers are in a position to do things about.

While we work to solve the political problems that have caused this current situation, I think that we need to work towards making cryptography ubiquitous. Analysis of some of the leaked material already suggests that if the level of cryptographic content was raised, it would raise the cost of analysis by government agencies to an impractical level, and at the very least we’d remove “use of encryption” as grounds for suspicion.

When we build systems we need to decentralise, so there’s no one server and operator to intimidate. We need to protect content and metadata, because who talked to whom, and where, is still sensitive information. We need to work on the UX of the systems that are available, so that cryptography isn’t something someone who just wants to use the computer needs to think about. Think of these sorts of things as safety equipment, like seat belts or airbags. They should just work, without the operator having a degree.

Don’t be this guy.

We needed to think about this stuff before the first sharpie hit the paper.

Coulda, shoulda, woulda….

In the mean-time, we need to use the tools that we have. Make security and cryptography ubiquitous. As technologists, we have the knowledge to protect ourselves (and if you’re not already, you’ve got no excuse), but we also have a duty to help our friends, neighbours and family as well.

So, encourage your friends to use encrypted email and OTR messaging on IM, explain why it’s important while helping them install and use the plugin. Install HTTPS Everywhere on your mum’s computer. Talk to your neighbours about the dangers of the guilt by association fallacy in relation to communication metadata while installing the TOR browser bundle on their laptop.

You get the idea, friends don’t let friends use cleartext!

Posted on
by

Edward Snowden’s exposure of the illegal mass surveillance of basically everybody conducted by the NSA and GCHQ, has and is still causing international political fallout. Hijacking diplomatic flights and using anti-terror legislation to intimidate journalists, aren’t doing much to help matters.

Glyn Moody suggests that, given the widespread abuse of communication technology by the security services, campaigning to get everyone online may not be such a good idea.

Here’s my response:

People shouldn’t necessarily throw away an entire technology just because a few (thousand) bad apples abuse it. As technologists, what this means is that we need to build in safeguards (encryption, obfuscation, anonymous routing etc etc) which make such abuses impossible in the future.

This is already starting to happen (almost every other post on Hacker news these days is some new product that solves one part of the puzzle).

Everyone can do something:

Joe User can do some simple things – install the EFF’s HTTPS Everywhere plugin, and use email encryption (if we can make encryption ubiquitous then we make the PRISM/Tempora kind of abuse much much harder).

Network admins can do things like move their DNS over to OpenNIC (a drop in replacement domain name system run by volunteers outside of government control, often without any logging of queries) and use DNSCrypt to encrypt lookups.

Coders can look at throwing their weight behind an open source project – perhaps add encryption support to their favourite mail client (or make the UX easier), or take a look around at some of the decentralisation projects going on (particularly worth looking at the #indiewebcamp community).

Basically, we need more engagement, not less. Decisions are made by those who show up, and as Tesco put it, “Every little helps” :)

What are your thoughts?