OnPoint by Keith Ng

Read Post

OnPoint: The Gift that Keeps on Making Me Barf

42 Responses

First ←Older Page 1 2 Newer→ Last

  • Kyhwana,

    If they've installed backdoors that are discoverable from either inside/outside, other people can use them.. (think about that one for a bit)

    Hamilton • Since Jul 2011 • 14 posts Report Reply

  • Idiot Savant,

    If you met I/S and verified his key, then that takes you one step closer: You know that his key is not faked, therefore you can be more confident that my key is not faked.

    And if I gave you one of those little cards over the weekend, in between being various shades of nasty person (apparently I'm someone's dream villain. Who knew?), and you have got yourself a key-pair, you should sign my key, and thus extend the web of trust. Keith's identity depends on it!

    Palmerston North • Since Nov 2006 • 1717 posts Report Reply

  • Idiot Savant,

    Also it might be best to get my key from here, since the FTP upload seems to have munged the other one with extra carriage-returns

    Palmerston North • Since Nov 2006 • 1717 posts Report Reply

  • BenWilson,

    However, despite this being framed as a breach of encryption, the actual process of encryption (the actual “lock”) hasn’t been broken.

    As far as we know. Do you really think the first thing they’d do if they really cracked public key encryption would be to tell everyone?

    Auckland • Since Nov 2006 • 10657 posts Report Reply

  • Matthew Poole, in reply to BenWilson,

    Do you really think the first thing they’d do if they really cracked public key encryption would be to tell everyone?

    They wouldn't, but the language in the BULLRUN briefing document is a little equivocal for such a massive breakthrough. There's also the matter of Suite B protocols (document last updated May this year) still being approved for use and implementation. If "they" had found a way to break public-key generally, Suite B would cease to be approved for at least Top Secret material in very short order. Because if "they" can do it, they're damned sure that the Russians and Chinese will figure it out before too long. The Five Eyes don't have a monopoly on theoretical mathematicians.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • Rich of Observationz,

    Matthew: you are assuming that what they publicise as ok for e.g. Top Secret is what they actually use. There may be a classified specification for handling such data that overrides the published spec.

    (Although it would probably leak. But it tends to be the way things work. In the old days, in the UK at least, the level of a security clearance was a secret from the person holding that clearance. Because, secret).

    Back in Wellington • Since Nov 2006 • 5550 posts Report Reply

  • BenWilson, in reply to Matthew Poole,

    If “they” had found a way to break public-key generally, Suite B would cease to be approved for at least Top Secret material in very short order.

    Perhaps, or they might leave it that way for a bit (since only they would know how to crack it), and see if they can discover whether anyone else has cracked it. It would be an absolutely perfect time for counter intelligence, so I don't think you can ever really be anywhere near as confident as you want to be.

    Auckland • Since Nov 2006 • 10657 posts Report Reply

  • BenWilson, in reply to Matthew Poole,

    The Five Eyes don’t have a monopoly on theoretical mathematicians.

    They don’t, although it is a crying shame that the collective intelligence community does have that monopoly. There’s so much more worthy things they could be doing.

    ETA: The mathematicians, I mean. The intelligence people I can scarcely give a damn about, so worthless do I consider them.

    Auckland • Since Nov 2006 • 10657 posts Report Reply

  • Lucy Telfar Barnard, in reply to Rich of Observationz,

    In the old days, in the UK at least, the level of a security clearance was a secret from the person holding that clearance.

    But if you know you're only cleared to Top Secret Barfbutt, and by accident something that's Top Secret Crudclap comes across your desk, how are you meant to know not to read it?
    Once upon a time such accidents might have been easier to avoid, but the intelligence industry is sufficiently huge these days that such accidents must be inevitable.

    Wellington • Since Nov 2006 • 585 posts Report Reply

  • BenWilson, in reply to Lucy Telfar Barnard,

    I love the idea that all the keyboard jockeys still have to wear ties.

    Auckland • Since Nov 2006 • 10657 posts Report Reply

  • andin,

    This means the person who created the key also controls my Twitter and Public Address accounts. But what if both those things were hacked?

    Hope they were wearing ties when they did that...

    raglan • Since Mar 2007 • 1891 posts Report Reply

  • Matthew Poole, in reply to Rich of Observationz,

    Matthew: you are assuming that what they publicise as ok for e.g. Top Secret is what they actually use.

    Suite B is published so that private contractors can build products for use by the US government. I guess the NSA could conceivably buy up a bunch of hardware produced outside their community (but not use it) in order to maintain the cover for Suite B, but Suite B is not just published as a distraction technique.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • Matthew Poole, in reply to Rich of Observationz,

    In the old days, in the UK at least, the level of a security clearance was a secret from the person holding that clearance.

    Ain’t the case now. For one thing you have to be vetted, and sign forms, and the forms you have to sign are directly related to the level of vetting to which you are being subjected. If you’re subjected to a credit check – which you know about because you sign a form – then you’re being vetted for a Top Secret clearance. I actually don’t see how it would be possible to keep secret from someone their clearance level, because they have to know which levels they’re allowed to see.

    Don’t mistake compartments for classification levels. TS Barfbutt and TS Crudclap, as Lucy so eloquently created, would be information compartments. They’re both classified Top Secret, but just holding a TS vetting doesn’t mean a person is entitled to access to those compartments - "need to know" still applies. An individual must also have been cleared for access to a particular compartment, and it’s not normal for the compartment names to be classified.

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • andin, in reply to Matthew Poole,

    . An individual must also have been cleared for access to a particular compartment, and it’s not normal for the compartment names to be classified.

    damn those compartments....

    raglan • Since Mar 2007 • 1891 posts Report Reply

  • izogi,

    Little further down, we see Idiot/Savant. He has signed my key, which means that he has used his key to vouch for my key. [---snip--] If you met I/S and verified his key, then that takes you one step closer: You know that his key is not faked, therefore you can be more confident that my key is not faked.

    An extension to this is that you really need to trust Idiot/Savant to only ever sign keys which he (I'm just assuming) knows are correct.

    About 10 years ago I remember looking up Linus Torvalds' public key on a keyserver. It'd been signed by something like 20,000 different people. It was probably his, but it's likely that the majority of those who signed hadn't met Linus and been given a copy of his public key. At best, they probably knew someone else who'd signed it, and at worst they just assumed it was correct because it was already so popular.

    Furthermore, it's necessary to trust that Idiot/Savant has stored his private key securely, because otherwise some random person could be out there pretending to be Idiot/Savant. If it eventuates that he's been storing his private key on a Google server, or elsewhere in the cloud, for the past year, or even that an NSA/GCSB/National-Party operative (or even a family member) "borrowed" his computer for a few minutes a long time ago and didn't leave a trace, and the NSA/GCSB/National-Party has had a copy of the private key during that time, there's already a problem. Everyone who trusted anything based on Idiot/Savant's digital signature being used during that time could be compromised.

    Some of the key-signing hardware (like the dinky USB devices) that are available go some way towards addressing the security of private keys, as the hardware doesn't let the private key leave the device, but then you once-again run into issues of needing to trust that Manufacturer-X hasn't been coerced by the NSA to put a back door into their system. Maybe the signing/encryption from the device isn't totally secure, or maybe there is a secret way to get the private key off the device. Someone else probably know much more about this than I do.

    Wellington • Since Jan 2007 • 1142 posts Report Reply

  • Matthew Poole, in reply to Matthew Poole,

    it’s not normal for the compartment names to be classified.

    Should have read "it's normal for the compartment names to be classified."

    Auckland • Since Mar 2007 • 4097 posts Report Reply

  • BenWilson, in reply to izogi,

    All of which is to say that 100% security of data is not possible, and furthermore it's not even really possible to know with any accuracy how safe your data is, because it comes down to how much the intelligence people care about it.

    Which neatly segues into a point I've made before. There's really not that much point worrying about what access to your data intelligence services have (unless, of course, you are a spook yourself), because they have the power to coerce from you anything you care to hide. Seen in that light, excessive paranoia about the security of your data is in the best case an entertaining diversion, and in the worst case it is inviting real trouble onto yourself.

    It's a good idea to take precautions to protect your data from intrusion by private individuals, so they can't just nick your money or wreck your site, or blackmail you with some foolish photos you kept, or scam one of your friends or family. This really doesn't require particularly high levels of security. But if your purpose is to protect yourself from a body like the NSA, then good luck with that, don't mention me even saying I told you so, the day you get waterboarded for your passwords.

    Auckland • Since Nov 2006 • 10657 posts Report Reply

  • izogi,

    But if your purpose is to protect yourself from a body like the NSA, then good luck with that

    I tend to agree. When your own government, which is meant to represent you and which structures the entire legislative framework in which you have to live, won't commit to not snooping on you (and perhaps even actively does so), there's only so much that can be done short of figuring out how to change how the government does things.

    Wellington • Since Jan 2007 • 1142 posts Report Reply

  • BenWilson, in reply to izogi,

    If you want to protest their actions, then I think actual protest in a public and open way is far more likely to be effective than playing their game with encryption.

    Auckland • Since Nov 2006 • 10657 posts Report Reply

  • Idiot Savant, in reply to izogi,

    I tend to agree. When your own government, which is meant to represent you and which structures the entire legislative framework in which you have to live, won't commit to not snooping on you (and perhaps even actively does so), there's only so much that can be done short of figuring out how to change how the government does things.

    The solution to the GCSB: de-elect, de-fund, and destroy.

    Palmerston North • Since Nov 2006 • 1717 posts Report Reply

  • Gareth Swain,

    Japan • Since Apr 2013 • 45 posts Report Reply

  • Jarno van der Linden,

    It just occurred to me to start imagining how this all interacts with the (already bad) idea of online voting for local and national elections. The security agencies could end up actually knowing who you voted for.

    Next time you go through US customs and immigration, be prepared for extra attention because you voted for the local communist for mayor, or gave your party vote to the KimDotComForwardSlashParty.

    Nelson • Since Oct 2007 • 82 posts Report Reply

  • Kumara Republic, in reply to BenWilson,

    If you want to protest their actions, then I think actual protest in a public and open way is far more likely to be effective than playing their game with encryption.

    That, or somehow hoisting them on their own petard.

    The southernmost capital … • Since Nov 2006 • 5446 posts Report Reply

  • Ian Dalziel, in reply to Kumara Republic,

    ...or somehow hoisting them on their own petard

    for the nsa surely it'd be more
    hosting them on their own petabyte petard...

    ...slightly loopy tangential aside:

    backdoors...other people can use them..
    (think about that one for a bit)

    what happens when data goes into feedback?

    stochastic moebius ommm...?

    Resist The Singularity!

    Christchurch • Since Dec 2006 • 7953 posts Report Reply

  • Robert Harvey,

    There's two practical problems with public key encryption: generating a high quality (i.e. very secure against attack) pair of keys, public and private; and keeping your private key safe. It is no longer possible to assume that any computer made from commercially available chips/logic has not been compromised at the hardware/firmware level; nor that the compilers used to turn the source code of the various programs used in a public key encryption system into machine code have not themselves been compromised. So how can you be sure that (a) you actually have a pair of secure keys; and (b) that your private key is secure?

    Westmere • Since Nov 2006 • 66 posts Report Reply

First ←Older Page 1 2 Newer→ Last

Post your response…

Please sign in using your Public Address credentials…

Login

You may also create an account or retrieve your password.