an historical perspective

El Reg commentards can get worked up about a whole range of topics. That is one of the reasons I so enjoy reading it.

Back in May 2009, El Reg posted an article about the then Home Secretary’s decision to place the right wing US Radio commentator, Michael Savage, on a persona non grata list alongside such luminaries as “a couple of unpleasant Russian skinheads, ex-Ku Klux Klan Grand Wizard Stephen ‘Don’ Black, neo-Nazi Erich Gliebe, Hamas MP Yunis Al-Astal and Jewish extremist Mike Guzovsky.”. Savage then reportedly retaliated by threatening to sue, citing “international law” by which he claimed he had the right to say whatever he liked, whenever, and wherever, he saw fit.

Amongst all the usual El Reg forum commentary was one interesting interjection by a US reader with the forum name “drag”, titled “No British Freedom of Speech, obviously”. In that post, drag rather prophetically concluded:

He is a right wing political commentator who tends to get excited about his viewpoints. He isn’t even extreme. Which is why your government would like to see him and other people like him minimized. They don’t want to allow viewpoints into your country that run contrary to the status quo that they want to establish.

At least for now you people still have the internet and the ability to listen to other country’s radio shows…

I wonder how long before that is going to be taken away from you?

Any Internet filtering laws yet?

To which the answer has to be “yes”. With more threatened.

Permanent link to this article: https://baldric.net/2013/12/10/an-historical-perspective/

ssl cipher check

My recent explorations of how to strengthen the ssl/tls certificates I use on both trivia and my mail service have given me cause to look for tools to help me test my configuration. The Calomel firefox plugin and sslabs site are very useful for checking HTTPS configurations, but they are fairly specifically aimed at that aspect alone and I wanted something a little more general purpose – and preferably command line driven. The openssl program itself is pretty useful, but I found this rather nice perl script called ssl-cipher-check which I have now added to my toolset.

Recommended.

On a related note, a post over at crypto stackexchange gives an interesting answer to the question, “how secure is AES?” The post dates from 2012 (and 1 April at that) but it concludes:

  • The federal government is allowed to use AES for top-secret information.
  • We don’t know that they would actually want AES to be mathematically breakable, so at the AES competition 11 years ago it is possible they would have avoided any algorithm they thought they could break in the near future.

None of that is proof, but we tend to assume that the NSA can’t break AES.

No-one has updated or contradicted that answer since it was posted.

Permanent link to this article: https://baldric.net/2013/12/10/ssl-cipher-check/

no more akismet

In common with (probably) all wordpress based blogs, trivia has the aksimet plugin in place. Akismet is shipped by default in the base wordpress installation and new users are encouraged to sign up for an API key. On first configuring the blog’s plugins, users are greeted with the following commentary about akismet:

Used by millions, Akismet is quite possibly the best way in the world to protect your blog from comment and trackback spam. It keeps your site protected from spam even while you sleep. To get started: 1) Click the “Activate” link to the left of this description, 2) Sign up for an Akismet API key, and 3) Go to your Akismet configuration page, and save your API key.

So of course I did, as I guess most people do. And I have used akismet ever since even though I really don’t like it. Having once started to use akismet, I was impressed by the apparent volumes of spam it blocked. The plugin gives statistics through the wordpress dashboard and the reported volumes held at bay are quite remarkable. The graphic below shows my stats since 2009.

akismet-all-time-stats

Note that in 2013 the plugin reportedly stopped over 56,000 spam posts aimed at trivia. In April 2013 alone, the plugin reports that it blocked over 13,500 spam posts. That is a /lot/ of spam. But of course I still had to handle the odd one or two comments (largely from russian sites with dodgy looking URLs) which appeared to get through.

Then I tried an experiment. I turned akismet off. I initially did this in September of this year. I still got the odd one or two russians and ukrainians popping up, but I did not see the expected deluge of rubbish that aksimet would have me believe was out there. I turned it back on in October for short period and noticed no difference so I finally switched it off completely at the beginning of November. It has been off ever since.

Guess what? No deluge. So it stays off. That way I can be sure I am no longer reporting anything back to the aksimet servers.

Permanent link to this article: https://baldric.net/2013/12/08/no-more-akismet/

where are you now?

The ongoing revelations from Snowden continued recently with reporting in the Washington Post about the NSA’s program to track mobile ‘phone location data. Reporting here and elsewhere suggests that the NSA is gathering nearly 5 billion records a day on the whereabouts of cellphones around the world.

That reporting, and its obvious implications, reminded me of the wonderfully graphic reporting in the German newspaper “Die Zeit”‘s on-line magazine, “Zeit Online” some time ago. Zeit reported that the German Green party politician, Malte Spitz, had sued the German telecoms company “Deutsche Telekom” to get them to hand over six months of his ‘phone data. Spitz then gave that data to Zeit Online who combined the geolocation data from the telcom company’s records with information relating to his life as a politician, derived from public information such as his Twitter feeds, blog entries and websites.

The result is quite enlightening.

image of map in germany

The Zeit graphic published on their website is interactive. It allows you to select any date from 31 August 2009 to the end of the six month data span and then press “play”. As the Zeit says:

“By pushing the play button, you will set off on a trip through Malte Spitz’s life. The speed controller allows you to adjust how fast you travel, the pause button will let you stop at interesting points. In addition, a calendar at the bottom shows when he was in a particular location and can be used to jump to a specific time period. Each column corresponds to one day.”

The corresponding data shown alongside the interactive map gives more detail about what Spitz was likely to be doing in any one location at a particular time. So for example, on Wednesday 2 September at 4 pm, Spitz is shown to be in Berlin, whilst data from his twitter feed says that he was speaking to the Social Network VZ group about data privacy and consumer protection.

Spitz agreed to provide his telephony location data to a third party. You probably didn’t.

Permanent link to this article: https://baldric.net/2013/12/08/where-are-you-now/

TLS ciphers in postfix and dovecot

A recent exchange amongst ALUG email list members about list etiquette resulted in a flurry of postings on a variety of related topics. I posted a flippant comment about top posting, but did so (deliberately) from my Galaxy tab using Samsung’s default email client which actually forces top posting. Steve responded suggesting that I look at K9, the android email client of choice for those who care about proper adherence to email standards.

Now I last used K9 around the tail end of 2011 but gave up because it had a silly little problem with my self signed TLS certificates and I told the list that. Steve wasn’t satisfied with that answer and pointed to a discussion about the issue which suggested that my certificates might be causing the problem if the IMAP/POP certificate used the same identifiers (for example, the CN) as the SMTP certificate when the certificates were actually different. In my case this turned out to be exactly what was wrong. Even though both my dovecot and my postfix X509 certificates contained exactly the same information, because I had generated them separately at different dates (purely by historic accident) the certificates and keys differed and it was this which caused K9 to barf. As bernhard, a member of the K9 project team said:

“the problem is that your imaps and your smtps certifcate don’t match. we store the certs with their CN. So if the CN is the same but the cert is different we get a problem.

The fix is complexe and breaks backward compability so we can’t apply it.
I know this does not sound good :/
there is some missing feature which is an blocker on this issue, but i can’t give you an timetable when this missing part is addressed.

I fear the only thing you can do about this is to change your smtps cert to be the same as your imaps cert.”

So I did. I simply changed my dovecot SSL configuration to point to the same certificate and key as I had in place for postfix and bingo, my newly re-installed K9 stopped barfing. Of course, I hadn’t spotted this fix because I had given up on K9 before the fix was documented (he said…).

Now given that I have recently strengthened the SSL/TLS certificates I use and tightened up my lighttpd configuration to force use of stronger ciphers, I thought I ought to take a look at doing the same for my dovecot and postfix configurations. It turns out to be both possible and pretty simple to do so. Here’s how.

In dovecot the SSL/TLS configuration is handled by the file /etc/dovecot/conf.d/10-ssl.conf. The relevant sections of my file now contain the following:

# dovecot ssl configuration for IMAPS/POP3S mail.

ssl = yes

# PEM encoded X.509 SSL/TLS certificate and private key. They’re opened before
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Note that the key and certificate file can be combined into one (as here).

ssl_cert = </path/to/my/smtp-server-cert.pem

ssl_key = </path/to/my/smtp-server-cert.pem

# SSL ciphers to use

# (default)
# ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL

# (better)
ssl_cipher_list = TLSv1+HIGH !SSLv2 !RC4 !aNULL !eNULL !3DES @STRENGTH
#
# end

For postfix, the configuration is handled in the usual main.cf. I have updated the relevant section of my configuration file as below:

# TLS parameters

# where we get our entropy

tls_random_source = dev:/dev/urandom

smtpd_use_tls=yes
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_cert_file=/path/to/my/smtp-server-cert.pem
smtpd_tls_key_file=$smtpd_tls_cert_file
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
#
# use only the high grade ciphers (128 bit and higher AES)
#
smtpd_tls_ciphers = high
#
# and exclude known weaknesses
#
smtpd_tls_exclude_ciphers = aNULL, DES, 3DES, MD5, DES+MD5, RC4
#
# and limit the protocols to TLSv1, specifically excluding SSL version 2 and 3
#
smtpd_tls_protocols = TLSv1, !SSLv2, !SSLv3
#

Note that the postfix configuration documentation says that the full list of cipher grades available for opportunistic TLS (which we are using, mandatory is not advisable unless you wish to break your email) is:

null – encryption-less grades for authenticated loopback traffic
export – 90’s style “export” weak keys or stronger (i.e. deliberately broken…..)
low – Legacy single-DES keys or stronger
medium – 128-bit RC4 or stronger
high – 128-bit AES or stronger

Note also that opportunistic TLS defaults to “export”, which is probably not what you want these days. Here I have deliberately limited the ciphers to “high”.

Now after reloading our mail system we can check the configuration on dovecot with openssl thus:

openssl s_client -connect my.mailserver.com:993

and amongst the details returned we see the reassuring response:


New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.1
Cipher : DHE-RSA-AES256-SHA

and the same check on our postfix mailer port thus:

openssl s_client -connect my.mailserver.com:25 -starttls smtp

gives us:

New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.1
Cipher : ECDHE-RSA-AES256-SHA

Job done.

Permanent link to this article: https://baldric.net/2013/12/07/tls-ciphers-in-postfix-and-dovecot/

boycott amazon

This time last year I wrote to Jeff Bezos telling him that I was no longer prepared to support a multinational which so arranged its tax affairs that it paid little or no UK corporation tax on turnover estimated (last year) at some £3.3 billion.

This year, Margaret Hodge, chair of the UK Parliamentary Public Accounts Select Committee, together with at least seven other UK MPs, has renewed her call for a continued boycott of Amazon in the lead up to Christmas. The only way to hurt companies like Amazon is to hit them in the pocket. They hit us by refusing to pay their fair share of taxation. We can hit them by refusing to use them.

I have continued to buy CDs, DVDs and books over the last year. This last week alone I bought several books as Christmas presents, including some rather rare (and hence expensive) ones. None of them came from Amazon. There are plenty of alternatives to the Amazon behemoth. Use them. And tell Bezos why (his email address is jeff@amazon.com)

Merry Christmas Jeff.

Permanent link to this article: https://baldric.net/2013/12/03/boycott-amazon/

data is imaginary. this burrito is real

As usual, Randall Munroe over at xkcd has his own take on the NSA/GCHQ snooping reportage.

XKCD cartoon

My thanks as always.

Permanent link to this article: https://baldric.net/2013/12/03/data-is-imaginary-this-burrito-is-real/

counterpoint the surrealism of the underlying metaphor

Last week, El Reg posted an amusing take on the apparent invasion of the NSA by Management Consultants.

Nothing new there then.

From personal experience I can confirm that UK Government has been completely overrun with the buggers for years.

Permanent link to this article: https://baldric.net/2013/12/02/counterpoint-the-surrealism-of-the-underlying-metaphor/

necessary and proportionate

Yesterday I received an email from the Open Rights Group asking me to sign an on-line petition set up in collaboration with nearly 300 other organisations. The email said:

In 2013, we learned digital surveillance by governments across the world knows no bounds.

Their national intelligence and investigative agencies capture our phone calls, track our location, peer into our address books, and read our emails. They often do this in secret and without adequate public oversight, violating our human rights.

We won’t stand for this anymore.

Over the past year, 300 organisations have come together to support the International Principles on the Application of Human Rights to Communications Surveillance.

Today we’re launching a global petition supporting the 13 International Principles alongside a range of international NGOs including Access, Chaos Computer Club, Digitale Gesellschaft, Electronic Frontier Foundation, OpenMedia and Privacy International.

These thirteen Principles establish the human rights obligations of governments engaged in communications surveillance. [1]

They’ve been developed over months of consultation between internationally-recognised technology, privacy, and human rights experts.

Can you join people from around the world to lend your name and support to the Principles?

Unfortunately, the link given in the email went to a page on the “necessaryandproportionate” website which sought signatures from persons signing on behalf of NGOs rather than individuals wishing to add their own voices to the campaign. Today I received a new email pointing to an amended page where I might actually sign up as me rather than me qua some officer representing an organisation.

A brief investigation of that website shows the following “idiosyncracies”. Firstly, the website on IP address 69.50.232.52 appears to be hosted by Silicon Valley Web Hosting out of San Jose in California (see below – click for a full sized image – note the “ShowIP” popup info bottom left).

image of website

There is nothing inherently wrong with that (though of course the hosting company is subject to US law). After all, lots of websites I use are hosted in the US, and there are many US based organisations appearing as signatories to the petition. However, the SSL certificate used appears to be both woefully weak and incorrectly signed – note in particular the CN (common name) assignation is a wildcard for “trollingeffects.org” whilst the actual website is called “en.necessaryandproportionate.org”. Again, see below:

image of website

So the organisation has re-purposed a certificate produced for another domain rather than getting a nice shiny new (strong) one for itself. And frankly, a 128 bit RC4 cipher with a SHA-1 MAC is just laughably daft given that the page in question says:

Join the global movement demanding the protection of human rights and an end to mass surveillance. Let the world know: Privacy is a human right. Endorse the Necessary and Proportionate Principles.

Whilst I may have no problem in people knowing that I have signed such a petition (after all, if it is to be effective, then the petitioners’ names (and where applicable, affiliations) must be public, I’m not that keen on using a website run by a supposedly privacy conscious collective which is so woefully inadequate in even the basic protection it offers.

“C minus – must do better.”

(Oh, and for comparison, the Open Rights Group’s own website is hosted by ByteMark Consulting (Hi Guys) and uses a 256 bit AES cipher.)

Permanent link to this article: https://baldric.net/2013/11/27/necessary-and-proportionate/

more ninjastiks

In July I noted that a company calling itself Ninjastik had popped up selling what looked to be essentially the Tor Browser Bundle on an 8 Gig stick for $56.95 or a 16 Gig stick for $69.95. As I expected, we have now seen one or two more companies attempting to sell products which leverage Tor – in effect they are trading, or attempting to trade, on the Tor reputation. The first such product to gain prominence is the so-called “safeplug” which appears to be made by the pogoplug guys. Roman Mamedov over at the tor-talk mail list suggested that someone might like to buy one of these and run a tear-down to check it out. No-one has yet owned up to spending the requisite $49.00, but that has not stopped a lively discussion about the value or otherwise of an “off-the-shelf” commodity device which purports to offer “complete anonymity and peace of mind”. As some commentators have said, that looks like dangerous advice. Tor is a complex system. It does not, and cannot offer complete anonymity if you don’t know what you are doing. Selling access to Tor in such a fashion looks like the actions of opportunistic snake oil salesmen.

This brings us to the second new device to pop up on the radar, the Open Router Project, or ORP. Here we have a crowd-sourcing plea for funds to develop what, on the face of it, looks to be an interesting device. The developers claim that ORP1 will offer:

a high performance networking router that allows you to run a firewall, IPSec VPN (virtual private network) and a TOR server for your home network.

Furthermore:

Its easy-to-use web interface will make encrypted and anonymised communications for your entire network easier to set up and manage. Now you don’t need to be a geek to be able to ensure that every device you use at home uses the internet with privacy, whether it’s your home PC, smartphone or tablet.

It’s that “you don’t have to be a geek” bit I worry about, particularly coupled with the promise of an “easy to use web interface”. Unfortunately, you /do/ have to be at least a little geeky to ensure that you remain anonymous when using Tor (or even VPNs, especially IPSEC VPNs). And read the “Stretch Goals” bit on the indiegogo site. That looks decidedly geeky, and is indeed described as such.

But we have a genuine problem here. All Tor users and evangelists want to see greater use of network level encryption in general and Tor in particular. Getting foolproof consumer devices which offer that into the hands of a much larger population of users must be a good thing. The devil, however, is in the detail. As some commentators on the tor-talk list pointed out, most people attempting to use such devices will become frustrated by the limitations Tor imposes (no scripts, no flash, blocks on many websites, odd language problems etc.). In the face of such difficulties, and without understanding why these happen, there is a danger that Tor becomes branded as unusable. In the worst case scenario, the poor unsuspecting user can actively but unwittingly de-anonymise him or herself whilst continuing to use the consumer device in the belief that it is still offering protection.

That said, I would love to see a foolproof consumer device which I could give to my kids in the knowledge that it would offer them the kind of privacy and anonymity they need and deserve. But I just /know/ I’d get lots of “support” calls.

Permanent link to this article: https://baldric.net/2013/11/26/more-ninjastiks/

I’m sure that is not what they meant

Yesterday’s Guardian contained a quarter page advertisement from “hibu” (the company formerly known as Yell, and before that, Yellow Pages). The advertisement showed a picture of a bright red and green fish swimming against a tide of uniformly blue fish. The headline was “Get spotted on all kinds of digital devices”. The ad finished with the tagline, “To help make sure you’re found online, go to hibu.co.uk”.

Right.

Someone, somewhere has a weird sense of humour.

Permanent link to this article: https://baldric.net/2013/10/25/im-sure-that-is-not-what-they-meant/

Oliver Stone on PRISM

I am a big fan of Oliver Stone movies.

Outside the pages of the Guardian and its sister paper the Observer, the level of comment in the UK on NSA/GCHQ surveillance capability remains bizarrely muted. In the US they are at least having a conversation. Whether that conversation results in any sensible decisions, and then legislative action, remains to be seen.

Permanent link to this article: https://baldric.net/2013/10/25/oliver-stone-on-prism/

wd caviar green load cycle count

Back in January of this year I upgraded my desktop’s hard drive to a 2 TB WD Caviar Green. Not the world’s fastest drive, but quiet, power efficient, and, so I thought, good value for money. I subsequently used two of the same disks in a new build RAID 1 server (which I must get around to writing about). An email to the ALUG mailing list this week made me check those disks.

Mark was having trouble with a RAID 5 setup and had discovered that others with the same problem were also using WD Green drives. These drives park the heads rather aggressively as part of the power saving features, Unfortunately, because RAID configurations constantly write to the disks to keep them synchronised this tends to wake the disk up as soon as the head is parked. The result is a very high load cycle count in very short order.

Having read Mark’s posts and the others like the ones referenced above, I thought I had better check my own drives (using smartctl from the smartmontools package). I didn’t like what I found.

On my desktop:

smartctl -a /dev/sda | grep Load_Cycle
193 Load_Cycle_Count 0x0032 151 151 000 Old_age Always – 148961

On the RAID server:

smartctl -a /dev/sda | grep Load_Cycle
193 Load_Cycle_Count 0x0032 071 071 000 Old_age Always – 387053

smartctl -a /dev/sdb | grep Load_Cycle
193 Load_Cycle_Count 0x0032 072 072 000 Old_age Always – 386379

WD say in their specifications for these disks that they are good for a lifetime of 300,000 Load Cycles. So my server’s disks look as if they are at high risk of failure after only 6 months usage. My desktop doesn’t look much better. Not good. Some fora I checked say that the 300,000 figure is on the conservative side and 1 million cycles is perfectly possible, but I’m inclined to believe a manufacturer’s specs in the absence of any other more authoritative advice.

I am looking for potential replacements, but meanwhile I am contemplating trying Christophe Bothamy’s linux idle3tool which supposedly may cure the head parking problem. I am not yet sure I want to use that tool in anger unless I know I have replacement disks on hand. Of course, if the tool works, then I probably would not have needed to buy any new disks.

Tricky.

Permanent link to this article: https://baldric.net/2013/10/12/wd-caviar-green-load-cycle-count/

Snowden paranoia

A recent exchange on the tor-talk mailing list about conspiracy theories elicited this gem from “Ted Smith” (obviously a Bob Heinlein fan).

“One of the more Gibsonesque theories I’ve heard is that Snowden is a CIA operative working to destabilize the NSA’s surveillance system on behalf of the CIA and other elite that feel too watched by it in the wake of the Petraeus scandal.”

That is too beautiful for words. And it is so clearly bonkers that millions will probably believe it.

The internet is truly a wonderful, and disturbing, place.

Permanent link to this article: https://baldric.net/2013/10/09/snowden-paranoia/

running out of money

The failure of the US Government to agree a budget with Congress is having some interesting effects.

NIST appears to be completely shut down: (Click images for full size).

nist-closed

The NSA says “Due to the Government Shutdown, this site is not being updated.” (Though one assumes that they are still being funded….)

nsa-no-update

Whilst the Whitehouse simply blames Congress.

whitehouse-no-money

God bless America.

Permanent link to this article: https://baldric.net/2013/10/09/running-out-of-money/

that’s completely ludicrous

Glenn Greenwald on Newsnight.

The full episode of Newsnight’s report including Greenwald’s interview and comment from Sir David Omand (ex Director GCHQ) can be seen here on BBC’s iplayer. Gordon Corera, the BBC’s Security respondent reports here on the Newsnight episode.

As an aside, I was amused by Ross Anderson’s claim that many academics had apparently not believed that Government was capable of building the sort of panopticon reportedly available to GCHQ on the grounds that Government was incompetent.

Ross is widely known to be rabidly anti-spook.

Permanent link to this article: https://baldric.net/2013/10/05/thats-completely-ludicrous/

the guardian on tor

My last post noted that the Guardian had posted a series of articles on the Tor network and Snowden’s latest revelations about how the NSA has been attacking that network.

All those posts are worth reading, but my favourite is the one by Bruce Schneier explaining how the NSA has attacked Tor users through browser exploits – including native vulnerabilities in the versions of Firefox included in the Tor browser bundle (note to self, maybe opera was a good choice after all).

In the article, Schneier describes the “FoxAcid” CNE system used to attack a target’s browser. He explains that, whilst the FoxAcid server is publicly accessible, it would appear completely innocuous to casual visitors unless a specifically crafted URL, called a FoxAxcid tag, were used, whereupon the server would attempt an attack on the visiting browser as a precursor to a complete compromise of the end user system. Schneier went on to explain that the NSA would use a variety of methods to get a target to use a FoxAcid tag and then helpfully included an actual example as an active link. Way to go Bruce. (That link has since been removed, but it was certainly active last night, I know – and so do most people who read the tor-relays list). That is a pretty good social engineering attack. Note to NSA. If you want to know whether I use Tor, it is easy, just read this blog.

[The comments at the end of Schneier’s article contain this gem:

“This article by Bruce Schneier is the main reason that I have never used the internet.”

How does that work then?]

Permanent link to this article: https://baldric.net/2013/10/05/the-guardian-on-tor/

good news for tor

The past couple of days have seen a flurry of news stories about Tor. Some of the news has hit the mainstream media, some of it hasn’t. Yet.

A couple of day ago, a rather plaintive post to the tor-talk mailing list read:

“looking for a way to contact silk road.Site shut down.money at stake.”

(Note to readers – the “silk road” was a somewhat notorious website acting as a broker, or intermediary, between persons wishing to purchase materials of questionable legality, such as high grade drugs or weapons and vendors of said materials. Transactions on the site were conducted using bitcoin. The site operator made his money by taking a transaction fee from the bitcoin traffic. The “silk road” was run as a hidden service on the Tor network.)

In response to this query, another poster pointed to an article in ehackingnews which explained that the site had been taken down by the FBI following a fairly lengthy, (and by all accounts fairly thorough) investigation. One Ross Ulbricht, the alleged operator of the silk road site has been arrested by the FBI. The full account of the FBI investigation, and its case against Ulbricht can be seen (warning, PDF) here.

After this post, there then follows a long series of posts in the thread titled “Silk Road taken down by FBI”. This thread bears reading. Aside from some of the usual rabid Aluminium Foil Deflector Beanie nonsense, or expected anti-establishment ranting, there is some thoughtful and useful commentary. Two things struck me when reading this series of posts. First, the FBI takedown and arrest seems to have resulted from some good, old fashioned, thorough police work (helped, of course, by the admitted stupidity and poor operational security demonstrated by Ulbricht). As one poster said:

In many ways this is (or should be) a PR win for Tor.

1) No technical vulnerabilities were used (AFAWK) – this should be welcome news to Tor users

2) Traditional police work still works – this should be good news to the law and order folks that traditional methods still work and no extensive digital survailance (sic) state is needed.

Secondly, this incident, coupled with what is now known to be the FBI takedown in August of this year of the Freedom Hosting Service (also a Tor hidden service) site allegedly hosting child pornography, means that two fairly high profile, (probably) illegal sites are now off the Tor network.

I say “probably” for two reasons, one, I am not a lawyer, and two, I am relying on third party reporting of the activity on those sites. I have no personal knowledge of either of them. Here, though, I must confess to some mixed feelings in my reaction. On the one hand I must applaud the removal of sites which have given rise to the sort of reporting which has increasingly lead to Tor becoming known as the “dark web”, a home for criminal activity and only criminal activity. This sort of reporting fosters an atmosphere which is antithetical to support for Tor. That cannot be a good thing, particularly at a time when personal privacy and anonymity are under increasing threat. On the other hand, I believe, and have argued elsewhere that Tor is and should be completely neutral with respect to the services it hosts or provides access to. It is for wider society to take a judgement on which of those services are tolerable. Tor operators must remain neutral or we fall into the same trap of censorship which we profess to deplore elsewhere.

Then, just as the feverish temperature on the tor-talk list was about to cool slightly, Roger Dingledine lobbed in a new post yesterday pointing to the latest in the series of Guardian articles on the Snowden revelations. Those articles, which are listed in summary here detail how the NSA and GCHQ have been attacking Tor in attempts to de-anonymise its users. Dingledine has since posted a blog article on the torproject website explaining that, yes, they do know about the Guardian reporting, in fact they contributed to that reporting. Dingledine promises a full analysis later, but meanwhile he points to his commentary in the Guardian article, where he says (of the NSA):

“The good news is that they went for a browser exploit, meaning there’s no indication they can break the Tor protocol or do traffic analysis on the Tor network. Infecting the laptop, phone, or desktop is still the easiest way to learn about the human behind the keyboard.

Tor still helps here: you can target individuals with browser exploits, but if you attack too many users, somebody’s going to notice. So even if the NSA aims to surveil everyone, everywhere, they have to be a lot more selective about which Tor users they spy on.

Just using Tor isn’t enough to keep you safe in all cases. Browser exploits, large-scale surveillance, and general user security are all challenging topics for the average internet user. These attacks make it clear that we, the broader internet community, need to keep working on better security for browsers and other internet-facing applications.”

As Dingledine says, the good news from Tor’s perspective is that even an adversary as large, powerful and well funded as the NSA is apparently unable to break the network itself. This means that Tor remains safe to use by that majority of people whose only concern is a much lesser adversary. It is also worth noting that there is no contradiction between NSA’s apparent failure in direct attacks against the Tor network and the FBI’s successes against criminal activity facilitated by Tor (even if, as some suspect, the FBI had NSA assistance – see the “parallel construction” arguments). The FBI success proves that police investigative activity works. If you are a dumb criminal, then no technology is going to help you.

Permanent link to this article: https://baldric.net/2013/10/05/good-news-for-tor/

another good reason to avoid the kindle

xkcd-book-burning

My thanks as always to xkcd

(P.S. Take a look at xkcd 533 and read the comment in the “mouseover” title popup. Then try not to laugh.)

Permanent link to this article: https://baldric.net/2013/10/02/another-good-reason-to-avoid-the-kindle/

get your own nsa email account

Some enterprising chap, possibly called “Chris Fisher” if the whois record is correct, has registered the domain name nsa.org. He now appears to be selling email accounts on that domain. The accounts are quite pricey too at $142.00 considering that he is only giving 2 Gig of store. Mind you, his FAQ is quite honest.

I tried to get gchq.org, but it has already gone.

Pity.

Permanent link to this article: https://baldric.net/2013/09/25/get-your-own-nsa-email-account/

just for rob

Shortly after the launch of the new iPhone 5S, my old friend Rob emailed me trying to goad me into writing a post about it. After all, it was made by one of my least favourite companies and it contained a supposedly funky bit of kit in the shape of its fingerprint scanner. Rob pointed to the BBC article where they asked: “Could iPhone’s fingerprint sensor help kill off passwords?” and speculated whether that would be enough to get me to rant ^W comment.

I responded that biometrics had been well covered for a long time by many others and I didn’t think there was much to add that hadn’t already been said. I particularly liked a comment by Schneier back in 1998 where he said:

“Here’s another possible biometric system: thumbprints for remote login authorizations. Alice puts her thumbprint on a reader embedded in the keyboard (don’t laugh, there are a lot of companies who want to make this happen). The computer sends the digital thumbprint to the host. The host verifies the thumbprint and lets Alice in if it matches the thumbprint on file. This won’t work because it’s so easy to steal Alice’s digital thumbprint, and once you have it it’s easy to fool the host, again and again. Biometrics are unique identifiers, but they are not secrets.

Which brings us to the second major problem with biometrics: it doesn’t handle failure very well. Imagine that Alice is using her thumbprint as a biometric, and someone steals it. Now what? This isn’t a digital certificate, where some trusted third party can issue her another one. This is her thumb. She only has two. Once someone steals your biometric, it remains stolen for life; there’s no getting back to a secure situation. (Other problems can arise: it’s too cold for Alice’s fingerprint to register on the reader, or her finger is too dry, or she loses it in a spectacular power-tool accident. Keys just don’t have as dramatic a failure mode.)”

As I said, what’s to add? It’s just another apple gimmick (and as Schneier said “Don’t laugh, there are a lot of companies who want this to happen.”)

Rob tried again a couple of days ago when he emailed me this link to a page which put together a list of potential rewards offered to the first person or persons to crack the iPhone fingerprint scanner.

I’m sure he will be delighted to read the El Reg report today that the German Chaos Computer Club claim to have cracked it.

So I’ve posted this just for him.

Permanent link to this article: https://baldric.net/2013/09/23/just-for-rob/

that’s another password I have to change

Michael Horowitz has posted an interesting article over at Computer world. In it he points out that, by default, most android devices (tablets and ‘phones) routinely ‘phone home to Google to back up Wi-Fi passwords along with other assorted settings. Google sells this option as a convenience to help you regain settings after you upgrade to a new device, or replace a lost or stolen device.

As I was reading this article, I was actually feeling pretty smug because I do not allow any of my devices to call home. Google is the last company I would trust with any of my personal information, so I always ensure that options such as “backup and recovery” are resolutely switched off. If I lose the phone, tough, I’ll live with it.

Then I thought about my wife. And asked her to check her phone (an old HTC device running Android 2.3.4).

Yep – she had “Backup my settings” checked.

Horowitz concludes his blog post:

“At this point, everybody should probably change their Wi-Fi password.”

Done.

Permanent link to this article: https://baldric.net/2013/09/20/thats-another-password-i-have-to-change/

RSA says don’t use RSA

A report in wired today says that RSA Security [*] have released an advisory to developer customers noting that the Dual Elliptic Curve Deterministic Random Bit Generation (or Dual EC DRBG) algorithm (the one which is subject to speculation about NSA interference) is the default in one of its toolkits and strongly advised them to stop using the algorithm.

Wired says:

The advisory provides developers with information about how to change the default to one of a number of other random number generator algorithms RSA supports and notes that RSA has also changed the default on its end in BSafe and in an RSA key management system.

The company is the first to go public with such an announcement in the wake of revelations by the New York Times that the NSA may have inserted an intentional weakness in the algorithm — known as Dual Elliptic Curve Deterministic Random Bit Generation (or Dual EC DRBG) — and then used its influence to get the algorithm added to a national standard issued by the National Institute of Standards and Technology.

The report continues:

In its advisory, RSA said that all versions of RSA BSAFE Toolkits, including all versions of Crypto-C ME, Micro Edition Suite, Crypto-J, Cert-J, SSL-J, Crypto-C, Cert-C, SSL-C were affected.

In addition, all versions of RSA Data Protection Manager (DPM) server and clients were affected as well.

The company said that to “ensure a high level of assurance in their application, RSA strongly recommends that customers discontinue use of Dual EC DRBG and move to a different PRNG.”

I can find nothing about this announcement on the RSA website at present, but it is is entirely possible that the company wishes to keep its developer community ahead of the game before it makes any other public statement. If the wired reporting is true, and since they quote Sam Curry, chief technical officer for RSA, it looks authentic, then this announcement is one more example of how NSA’s activity is having a nasty impact on US Corporations. RSA’s unique selling point is supposed to be its trustworthiness in the field of cryptographic products. If you lose that, you lose your customers. Lose your customers and you lose your business.

[ * ] Note. I find it ironic that the SSL certificate for RSA.com fails the firefox check because it is actually for emc.com. EMC may own RSA, but it does not give wary customers any warm feeling to see an SSL warning pop up on the RSA site.

.

Permanent link to this article: https://baldric.net/2013/09/20/rsa-says-dont-use-rsa/

Naughton’s ten tips

Back in July I commented on one of John Naughton’s “networker” columns in the Observer. Last Sunday, Naughton wrote another nice article titled “10 ways to keep your personal data safe from online snoopers”.

Naughton begins the article by recalling that Tim Berners-Lee called the technology he devised a “web” of interrelated documents. He notes that:

“To its inventor, the noun must have seemed perfectly apposite: it described the intricate, organic linking of sites and pages that he had in mind. But “web” has other, metaphorical, connotations. Webs are things that spiders weave with the aim of capturing prey. And if you want a metaphor for thinking about where we are now with networked technology, here’s one to ponder.

Imagine a gigantic, global web in which are trapped upwards of two billion flies. Most of those unfortunate creatures don’t know – yet – that they are trapped. After all, they wandered cheerfully, willingly, into the web. Some of them even imagine that they could escape if they wanted to.

We are those insects.”

He continues:

“What’s astonishing is how unconcerned many people appear to be about this. Is it because they are unaware of the extent and comprehensiveness of the surveillance? Or is it some weird manifestation of Stockholm syndrome – that strange condition in which prisoners exhibit positive feelings towards their captors?”

I’m no longer astonished. But I am increasingly depressed at the lack of concern for personal privacy that most people seem to exhibit. Unfortunately, given the way the ‘net works, once that privacy has been breached, there is no way back. I like to think I have been fairly careful over the last several years in protecting that part of me which I feel needs to remain private. The most public manifestation of me is this blog, but trivia contains only that information which I choose to divulge. I control it, but even so, in aggregate there is probably more information available from trivia than I would initially have wished to reveal. But hey, you cannot expect to be a vanity publisher and /not/ reveal personal information.

As I have previously noted, sometimes I care about the footprint I leave on the web, sometimes I don’t, but the point is that I should be in control of that footprint. I am not sure that is entirely possible any more but I’m going to continue trying. As part of controlling my footprint I routinely lie when asked to provide personal identifiers on any website which requires me to have an “account”. If I can find an alternative source of the information I am seeking on a website which does not have such a ridiculous policy I will do so, but unfortunately sometimes this is not always possible. So as I said, I lie. My own privacy policy here encourages trivia’s visitors to do the same.

In my attempts to limit my exposure elsewhere I have recently been checking old sites I have used with the intention of deleting any and all accounts I no longer want or need. I have found this trickier than it should be, even though I keep fairly good records. Most of the sites I still appear to have unnecessary accounts on are specialist fora which I have used when researching a problem (like my old difficulty of getting sony memory sticks working on my AAO netbook – which I never did solve). Only one or two are the sort of mainstream site which really need concern me – like google for example which it is completely impossible to avoid if you use any android device. In google’s case I have an account which only exists on the mobile devices, divulges the absolute bare minimum I can get away with and never uses email – but I still don’t like even that. Some sites I simply have to give personal information to if I want them to accept a credit card and deliver goods to me – though of course I no longer have an amazon account. I was thus pleased to see the arrival of a new site called justdelete.me which aims to assist people like me who wish to clean up old accounts, but are having difficulty finding out how to do so. Amazon is a good example of a company which makes this unnecessarily difficult. (Intriguingly, it would appear that it is impossible to delete an account from /any/ gawker media site – you have been warned.)

But back to Naughton. He asks:

“What can you do if you’re someone who feels uneasy about being caught in this web? The honest answer is that there’s no comprehensive solution: if you are going to use telephones (mobile or landline) and the internet then you are going to leave a trail. But there are things you can do to make your communications less insecure and your trail harder to follow.”

He then lists “10 ideas you might consider”. Those ideas are fairly sensible tips, but it reads an awful lot like whistling in the wind. Anyone with any clue about protecting personal privacy and the need to do so would already be doing all of what he discusses – and more. The people who really need the advice, won’t follow it. Delete a facebook account? My daughter would not countenance that, it is her primary way of sharing information. Avoid google? My daughter thinks google /is/ the web – her default when looking for even an obvious website (e.g. tesco) is to plug “tesco” into a google search on the grounds that that is quick and simple. Avoid free email? Fortunately in my daughter’s case I gave her an email account on my mail server, but I’m pretty sure she also has a gmail account – she has an android mobile. Use PGP encryption? Get real.

My daughter is not stupid, she simply would not see the need to do any of what Naughton recommends. And nor, I’ll bet will many others.

Permanent link to this article: https://baldric.net/2013/09/17/naughtons-ten-tips/