Weekly Edition
Return to the Security page
| |||||||||||||
Security quotes of the week
In other circumstances I also found situations where NSA employees
explicitly lied to standards committees, such as that for cellphone
encryption, telling them that if they merely debated an
actually-secure protocol, they would be violating the export control
laws unless they excluded all foreigners from the room (in an
international standards committee!). The resulting paralysis is how
we ended up with encryption designed by a clueless Motorola employee
-- and kept secret for years, again due to bad NSA export control
advice, in order to hide its obvious flaws -- that basically XOR'd
each voice packet with the same bit string!
— John
Gilmore
So, in pointing to implementation vulnerabilities as the most likely
possibility for an NSA "breakthrough," I might have actually erred a bit
too far on the side of technological interestingness. It seems that a
large part of what the NSA has been doing has simply been strong-arming
Internet companies and standards bodies into giving it backdoors. To put
it bluntly: sure, if it wants to, the NSA can probably read your email.
But that isn't mathematical cryptography's fault—any more than it
would be
mathematical crypto's fault if goons broke into your house and carted away
your laptop. On the contrary, properly-implemented, backdoor-less strong
crypto is something that apparently scares the NSA enough that they go to
some lengths to keep it from being widely used.
— Scott Aaronson
Government and industry have betrayed the internet, and us.
— Bruce
Schneier issues a call to action
By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards. This is not the internet the world needs, or the internet its creators envisioned. We need to take it back.
[Wickr's Nico] Sell has yet to receive a secret order, so she can legally report in each transparency report: "Wickr has received zero secret orders from law enforcement and spy agencies. Watch closely for this notice to disappear." When the day came that her service had been served by the NSA, she could provide an alert to attentive users (and, more realistically, journalists) who would spread the word. Wickr is designed so that it knows nothing about its users' communications, so an NSA order would presumably leave its utility intact, but notice that the service had been subjected to an order would be a useful signal to users of other, related services.
— Cory
Doctorow suggests a "dead man's switch"(Log in to post comments)
Security quotes of the week Posted Sep 12, 2013 1:45 UTC (Thu) by josh (subscriber, #17465) [Link]
rsync.net has had a "warrant canary" for years: http://www.rsync.net/resources/notices/canary.txt
It contains a GPG-signed message saying no warrants have been served to rsync.net, along with the date and a snapshot of current headlines to prevent pre-generating it. This effectively turns a secret warrant's "must not disclose" into a "must actively issue false statement", which would at the very least produce some interesting court cases about whether a failure to make a false statement is actionable.
Security quotes of the week Posted Sep 12, 2013 16:39 UTC (Thu) by ghane (subscriber, #1805) [Link]
I can think of a case where "failure to make a false statement" might be an offence.
A police officer tells the pizza delivery guy to walk up to the hostage-taker, and declare that he is alone. The pizza guy walks up, is asked "Are the police behind you", and truthfully answers "I cannot tell a lie, siz large men in flak jackets".
Would this be actionable?
Or the pizza guys says, again truthfully, "I regret that I cannot answer that question".
Security quotes of the week Posted Sep 12, 2013 19:43 UTC (Thu) by hummassa (subscriber, #307) [Link]
I inferred that exactly that was what the Lavabit thing (an maybe even the Groklaw thing) was about: they had been served, and they just shut down operations instead of either disobeying orders or keep providing a compromised service.
It's the equivalent of the proverbial pizza guy saying "I'm not going inside that room with so many guns on either side of it, go call Domino's".
Security quotes of the week Posted Sep 13, 2013 15:50 UTC (Fri) by josh (subscriber, #17465) [Link]
That might well be actionable, but there's a key difference between that scenario and a warrant canary: the pizza guy voluntarily agreed to make such a statement, and then did not act as previously agreed.
With a warrant canary, there's no pre-established voluntary expectation to make such a statement.
Security quotes of the week Posted Sep 12, 2013 17:35 UTC (Thu) by iabervon (subscriber, #722) [Link]
"Oh, and we'll need the private key for generating your canary."
Security quotes of the week Posted Sep 12, 2013 19:44 UTC (Thu) by hummassa (subscriber, #307) [Link]
"sorry, it's lost, bad disk sector and all. Seriously, it does not exist anymore."
Security quotes of the week Posted Sep 13, 2013 16:03 UTC (Fri) by josh (subscriber, #17465) [Link]
Bad idea. In the US, making a false statement to federal agents is a crime.
Leaving aside the general rule of not saying *anything*, a completely truthful statement would suffice if required: "You already have it among the equipment you've already seized." (Protected by a passphrase you don't have, sitting on an encrypted hard drive whose passphrase you don't have.)
Eventually, if warrant canaries became widespread, they could be defeated through the use of active surveillance techniques (keyloggers, for instance), but not through the standard serving of a warrant (secret or otherwise) and seizure of equipment.
Security quotes of the week Posted Sep 13, 2013 18:50 UTC (Fri) by hummassa (subscriber, #307) [Link]
> Bad idea. In the US, making a false statement to federal agents is a crime.
I was implying that the "it does not exist anymore" was to be true. You know, like the key was on a flash drive that you hammered just before being arrested.
(you can conveniently omit the "I destroyed the key with a hammer" part)
Security quotes of the week Posted Sep 13, 2013 19:15 UTC (Fri) by iabervon (subscriber, #722) [Link]
Or even, "The way you pulled my server out of the rack it was in destroyed the only copy of it." Of course, if the canary is sufficiently fragile that it can be destroyed when a warrant is served, it would also be sufficiently fragile that it might be destroyed by accident, and there's the question of re-establishing trust when that happens. And, of course, if there are never any false alarms, that increasingly suggests that there isn't a working alarm system.
Security quotes of the week Posted Sep 16, 2013 13:47 UTC (Mon) by union (subscriber, #36393) [Link]
Disclaimer: I am from small EU country whose legal system is based/similar to Germany's. The following is based on my dealings with our own legal system.
If you do this you are most probably in contempt of court*.
Judge said: "You will not reveal, ....".
But your actions reveled that anyway. Just because you set up those actions before the order (set up canary), does not mean that those actions receive immunity.
If it means that you have to lie in order to comply with order, than its you own fault. (Nobody forced you to set up canary)
In short, this might not be such a good idea, check with layers first.
It would double suck that in addition to receiving the order, you would have to lie too.
*I assume this letters are sent from some form of judge or judge like entity.
Security quotes of the week Posted Sep 16, 2013 14:26 UTC (Mon) by mathstuf (subscriber, #69389) [Link]
I always wonder why "I can neither confirm nor deny X" is bothered with in relation to these security letters. Any normal person would deny it off the before the condition was imposed, so that line is indication itself that something is up. I can see that at this point, bigger companies can say that meaningfully since other NSLs might impose requirements on statements about NSLs in general, but that smells of freedom of speech issues for citizens in the US. I suppose it could be imposed under "national security" reasons these days…
Security quotes of the week Posted Sep 16, 2013 17:28 UTC (Mon) by hummassa (subscriber, #307) [Link]
> But your actions reveled that anyway. Just because you set up those actions before the order (set up canary), does not mean that those actions receive immunity.
Huh? Penal doctrine (and, in some countries, constitutional guarantees) is that there is no crime without a previously-defined explicit regulation. Emphasis on the "previously-defined".
It's the same thing as your judge telling "you shall not urinate yesterday", it would make no sense at all. Set up the canary and destroy the key immediately upon receival of any notice, summons or citation. Preferably, before opening the envelope.
Security quotes of the week Posted Sep 17, 2013 11:08 UTC (Tue) by union (subscriber, #36393) [Link]
>Huh? Penal doctrine (and, in some countries, constitutional guarantees) is that there is no crime without a previously-defined explicit regulation. Emphasis on the "previously-defined".
Perhaps I didn't explain properly.
It's not wrong to set up canary. You don't get penalized for setting up canary.
You get penalized for revealing something *after* you were told/ordered not to do it. It does not matter how you revealed it, it matters that you did.
I hope this is clearer.
Security quotes of the week Posted Sep 17, 2013 14:58 UTC (Tue) by nybble41 (subscriber, #55106) [Link]
> You get penalized for revealing something *after* you were told/ordered not to do it. It does not matter how you revealed it, it matters that you did.
Right, except that the information wasn't revealed due to any positive action of yours, but rather through non-action. Moreover, the only way to prevent the information from being revealed would have been to lie, which under some circumstances would be a crime (fraud) in itself. To justify punishing someone for non-action you first need to show that they had a legal obligation to act, a tricky proposition at the best of times. I would not be entirely surprised to find such a provision in the law, but even putting aside the moral issues I doubt there could be any Constitutional basis for a law compelling someone to lie.
Even the original order to merely remain silent has serious First Amendment issues: it's a straightforward violation of the right to free speech in regard to a political matter, when political speech has always been granted the strongest protection. A requirement to lie to cover up political influence would be even worse.
Security quotes of the week Posted Sep 22, 2013 13:19 UTC (Sun) by hummassa (subscriber, #307) [Link]
And still, Microsoft, Apple, Google (and FB?) lied blatantly in the first post-Snowden days. Supposedly under duress from the government...
https://www.schneier.com/blog/archives/2013/08/restoring_...
GSM encryption Posted Sep 12, 2013 15:11 UTC (Thu) by jhhaller (subscriber, #56103) [Link]
There are two parts of encryption, designing the standard, and selling the products using the standard.
I suspect that had a more competent GSM encryption standard had been written, that US companies would have had a lot harder time exporting equipment which included that stricter standard. Does that make that Motorola employee "clueless" or shrewd in a business sense? There was certainly no objection to exporting GSM equipment using that weak encryption, and it does need an export license.
GSM encryption Posted Sep 12, 2013 21:12 UTC (Thu) by drag (subscriber, #31333) [Link]
That's kinda what the quote talks about.
The NSA lied to phone companies about the difficulty and legal issues with having strong protocols. They were scared to implement strong encryption because our democratically elected officials don't want you safe from them.
Security quotes of the week Posted Sep 23, 2013 13:25 UTC (Mon) by SEMW (guest, #52697) [Link]
> ...she can legally report in each transparency report: "Wickr has received zero secret orders from law enforcement and spy agencies. Watch closely for this notice to disappear".
So the only two transparency reports still up on https://www.mywickr.com/en/downloads/ are from February 25th and August 4th, 2013. Neither contain that phrase.
The February one contains the somewhat more specific phrase "Wickr has not received any subpoenas through the U.S. judicial system". The accompanying table claims that 0 government requests have been received from the US, though states that some have been received from other governments and that those have been denied. The August one drops that wording in favour of the even more specific phrase "Wickr has not been required by a FISA request to keep any secrets that are not in this transparency report as part of a national security order". The accompanying table continues to maintain that 0 government requests have been received from the US.
Does anyone know whether Wickr did publish transparency reports before the Feb 2013 one (and that they did contain the "Watch closely for this notice to disappear" phrasing)? If so, that would imply that those pdfs have been removed from the downloads page, possibly to remove evidence of the dead-man switch setup. I've tried the wayback machine, but it doesn't have that page archived.
Security quotes of the week Posted Sep 23, 2013 14:23 UTC (Mon) by hummassa (subscriber, #307) [Link]
I would assume they have been served, until the return of very broad terms.
|
|||||||||||||