OnPoint: The Gift that Keeps on Making Me Barf
42 Responses
First ←Older Page 1 2 Newer→ Last
-
If they've installed backdoors that are discoverable from either inside/outside, other people can use them.. (think about that one for a bit)
-
If you met I/S and verified his key, then that takes you one step closer: You know that his key is not faked, therefore you can be more confident that my key is not faked.
And if I gave you one of those little cards over the weekend, in between being various shades of nasty person (apparently I'm someone's dream villain. Who knew?), and you have got yourself a key-pair, you should sign my key, and thus extend the web of trust. Keith's identity depends on it!
-
Also it might be best to get my key from here, since the FTP upload seems to have munged the other one with extra carriage-returns
-
However, despite this being framed as a breach of encryption, the actual process of encryption (the actual “lock”) hasn’t been broken.
As far as we know. Do you really think the first thing they’d do if they really cracked public key encryption would be to tell everyone?
-
Matthew Poole, in reply to
Do you really think the first thing they’d do if they really cracked public key encryption would be to tell everyone?
They wouldn't, but the language in the BULLRUN briefing document is a little equivocal for such a massive breakthrough. There's also the matter of Suite B protocols (document last updated May this year) still being approved for use and implementation. If "they" had found a way to break public-key generally, Suite B would cease to be approved for at least Top Secret material in very short order. Because if "they" can do it, they're damned sure that the Russians and Chinese will figure it out before too long. The Five Eyes don't have a monopoly on theoretical mathematicians.
-
Matthew: you are assuming that what they publicise as ok for e.g. Top Secret is what they actually use. There may be a classified specification for handling such data that overrides the published spec.
(Although it would probably leak. But it tends to be the way things work. In the old days, in the UK at least, the level of a security clearance was a secret from the person holding that clearance. Because, secret).
-
BenWilson, in reply to
If “they” had found a way to break public-key generally, Suite B would cease to be approved for at least Top Secret material in very short order.
Perhaps, or they might leave it that way for a bit (since only they would know how to crack it), and see if they can discover whether anyone else has cracked it. It would be an absolutely perfect time for counter intelligence, so I don't think you can ever really be anywhere near as confident as you want to be.
-
BenWilson, in reply to
The Five Eyes don’t have a monopoly on theoretical mathematicians.
They don’t, although it is a crying shame that the collective intelligence community does have that monopoly. There’s so much more worthy things they could be doing.
ETA: The mathematicians, I mean. The intelligence people I can scarcely give a damn about, so worthless do I consider them.
-
Lucy Telfar Barnard, in reply to
In the old days, in the UK at least, the level of a security clearance was a secret from the person holding that clearance.
But if you know you're only cleared to Top Secret Barfbutt, and by accident something that's Top Secret Crudclap comes across your desk, how are you meant to know not to read it?
Once upon a time such accidents might have been easier to avoid, but the intelligence industry is sufficiently huge these days that such accidents must be inevitable. -
BenWilson, in reply to
I love the idea that all the keyboard jockeys still have to wear ties.
-
This means the person who created the key also controls my Twitter and Public Address accounts. But what if both those things were hacked?
Hope they were wearing ties when they did that...
-
Matthew Poole, in reply to
Matthew: you are assuming that what they publicise as ok for e.g. Top Secret is what they actually use.
Suite B is published so that private contractors can build products for use by the US government. I guess the NSA could conceivably buy up a bunch of hardware produced outside their community (but not use it) in order to maintain the cover for Suite B, but Suite B is not just published as a distraction technique.
-
Matthew Poole, in reply to
In the old days, in the UK at least, the level of a security clearance was a secret from the person holding that clearance.
Ain’t the case now. For one thing you have to be vetted, and sign forms, and the forms you have to sign are directly related to the level of vetting to which you are being subjected. If you’re subjected to a credit check – which you know about because you sign a form – then you’re being vetted for a Top Secret clearance. I actually don’t see how it would be possible to keep secret from someone their clearance level, because they have to know which levels they’re allowed to see.
Don’t mistake compartments for classification levels. TS Barfbutt and TS Crudclap, as Lucy so eloquently created, would be information compartments. They’re both classified Top Secret, but just holding a TS vetting doesn’t mean a person is entitled to access to those compartments - "need to know" still applies. An individual must also have been cleared for access to a particular compartment, and it’s not normal for the compartment names to be classified.
-
andin, in reply to
. An individual must also have been cleared for access to a particular compartment, and it’s not normal for the compartment names to be classified.
damn those compartments....
-
Little further down, we see Idiot/Savant. He has signed my key, which means that he has used his key to vouch for my key. [---snip--] If you met I/S and verified his key, then that takes you one step closer: You know that his key is not faked, therefore you can be more confident that my key is not faked.
An extension to this is that you really need to trust Idiot/Savant to only ever sign keys which he (I'm just assuming) knows are correct.
About 10 years ago I remember looking up Linus Torvalds' public key on a keyserver. It'd been signed by something like 20,000 different people. It was probably his, but it's likely that the majority of those who signed hadn't met Linus and been given a copy of his public key. At best, they probably knew someone else who'd signed it, and at worst they just assumed it was correct because it was already so popular.
Furthermore, it's necessary to trust that Idiot/Savant has stored his private key securely, because otherwise some random person could be out there pretending to be Idiot/Savant. If it eventuates that he's been storing his private key on a Google server, or elsewhere in the cloud, for the past year, or even that an NSA/GCSB/National-Party operative (or even a family member) "borrowed" his computer for a few minutes a long time ago and didn't leave a trace, and the NSA/GCSB/National-Party has had a copy of the private key during that time, there's already a problem. Everyone who trusted anything based on Idiot/Savant's digital signature being used during that time could be compromised.
Some of the key-signing hardware (like the dinky USB devices) that are available go some way towards addressing the security of private keys, as the hardware doesn't let the private key leave the device, but then you once-again run into issues of needing to trust that Manufacturer-X hasn't been coerced by the NSA to put a back door into their system. Maybe the signing/encryption from the device isn't totally secure, or maybe there is a secret way to get the private key off the device. Someone else probably know much more about this than I do.
-
Matthew Poole, in reply to
it’s not normal for the compartment names to be classified.
Should have read "it's normal for the compartment names to be classified."
-
BenWilson, in reply to
All of which is to say that 100% security of data is not possible, and furthermore it's not even really possible to know with any accuracy how safe your data is, because it comes down to how much the intelligence people care about it.
Which neatly segues into a point I've made before. There's really not that much point worrying about what access to your data intelligence services have (unless, of course, you are a spook yourself), because they have the power to coerce from you anything you care to hide. Seen in that light, excessive paranoia about the security of your data is in the best case an entertaining diversion, and in the worst case it is inviting real trouble onto yourself.
It's a good idea to take precautions to protect your data from intrusion by private individuals, so they can't just nick your money or wreck your site, or blackmail you with some foolish photos you kept, or scam one of your friends or family. This really doesn't require particularly high levels of security. But if your purpose is to protect yourself from a body like the NSA, then good luck with that, don't mention me even saying I told you so, the day you get waterboarded for your passwords.
-
But if your purpose is to protect yourself from a body like the NSA, then good luck with that
I tend to agree. When your own government, which is meant to represent you and which structures the entire legislative framework in which you have to live, won't commit to not snooping on you (and perhaps even actively does so), there's only so much that can be done short of figuring out how to change how the government does things.
-
BenWilson, in reply to
If you want to protest their actions, then I think actual protest in a public and open way is far more likely to be effective than playing their game with encryption.
-
Idiot Savant, in reply to
I tend to agree. When your own government, which is meant to represent you and which structures the entire legislative framework in which you have to live, won't commit to not snooping on you (and perhaps even actively does so), there's only so much that can be done short of figuring out how to change how the government does things.
The solution to the GCSB: de-elect, de-fund, and destroy.
-
-
It just occurred to me to start imagining how this all interacts with the (already bad) idea of online voting for local and national elections. The security agencies could end up actually knowing who you voted for.
Next time you go through US customs and immigration, be prepared for extra attention because you voted for the local communist for mayor, or gave your party vote to the KimDotComForwardSlashParty.
-
Kumara Republic, in reply to
If you want to protest their actions, then I think actual protest in a public and open way is far more likely to be effective than playing their game with encryption.
That, or somehow hoisting them on their own petard.
-
Ian Dalziel, in reply to
...or somehow hoisting them on their own petard
for the nsa surely it'd be more
hosting them on their own petabyte petard......slightly loopy tangential aside:
backdoors...other people can use them..
(think about that one for a bit)what happens when data goes into feedback?
stochastic moebius ommm...?
Resist The Singularity!
-
There's two practical problems with public key encryption: generating a high quality (i.e. very secure against attack) pair of keys, public and private; and keeping your private key safe. It is no longer possible to assume that any computer made from commercially available chips/logic has not been compromised at the hardware/firmware level; nor that the compilers used to turn the source code of the various programs used in a public key encryption system into machine code have not themselves been compromised. So how can you be sure that (a) you actually have a pair of secure keys; and (b) that your private key is secure?
Post your response…
This topic is closed.