Alas (but no surprise), the rumor that’s been buzzing around the ‘Net ever since Edward Snowden’s NSA documents began their slow leak has turned out to be true. The NSA has cracked the encryption on which the Internet thrives.
All those assurances from our banks, insurance companies, doctors, credit card companies, etc. that our data is safe and secure? Blooey.
Maybe “cracking” isn’t quite the right term. Apparently, they haven’t really gotten any great master key. Not even to one form of encryption (and there are many forms). This isn’t Bletchley Park and the Enigma machine. Nothing so grand. Simply tawdry.
If the news stories are correct, the NSA’s methods consist of brute-force attacks (which, correct me if I’m wrong, techies) are used only in individual cases where they’ve really got motive to snoop and — no surprise — backdoors willingly provided by tech companies.
There are so many non-surprises here.
Collaborating companies named in the documents include Google, Facebook, Yahoo, and Hotmail. No doubt only the tip of the iceberg.
I hope every one of those companies, and any others, pay and pay and pay and pay for their betrayal, not only the betrayal of their users, but as Bruce Schneier says, their part in what amounts to an all-out attack on the Internet. They have sold the Internet for the modern equivalent of 30 pieces of silver. May their end be as miserable and gruesome as that of the man who inspired them.
Read the article (or this one or this one) and weep.
But as you weep, notice. It’s another non-surprise. But notice what the NSA calls us all — calls every user of online banking, every poor fool who trusted his medical records to some online provider, everyone who believed the word of Internet corporations. They call us “adversaries.”
Adversaries.
Adversaries.
A few weeks back when I said the federal government (particularly its UberGovernment) had declared war on us, I could have been exaggerating. Just being dramatic.
But no more. The UberGovernment has declared each and every one of us to be its adversaries. Just because we want confidential information kept confidential. Just because we want privacy. Just because we don’t want Big Brother — or any other criminal — peering over our shoulders, into our bank accounts, or into the space between our doctor and us.
I hope to hell we’re worthy ones.
I’m surprised that anybody’s surprised.
If you look at the Guardian/Times coverage, it notes that it’s not just “cracking the ciphers” that’s involved.
Among the other strategies is manipulating the process by which standards are adopted. This is nothing we didn’t know — NSA threw semi-public tantrums over DES, etc., and the bottom line is that we have AES at 256 bits as the standard because that’s what NSA was willing to accept. They were willing to accept it because they believed that they had the resources to compromise it.
All of which is neither here nor there, because although most of us libertarians are individualist both on principle and by inclination, the safety here is to be found in numbers — lots of people using a large variety of strong crypto such that the resources can’t be brought together to brute-force everything.
Which in turn means they’ll have to focus on a much smaller number of people in whom they’re really interested. And the case is already that if they’re really interested in you, encryption is passe. If they can’t crack it, they’ll find a way to see what you’re doing before it GETS encryped.
No, not brute force. Bruce Schneier linked to the same things. The methodology involved is in compromising the algorithms and standards, as you said, “backdoors” eg:
, and other manipulations. In re. eliptic curve cryptography (ecc):
Schneier also links to his article on how to remain secure.
The sad truth, which I think of every time topics such as this come up, is that the vast majority of people will just continue to use Gmail, etc., and not bother.
I’m sure the NSA has some impressive compute power it can throw at brute-force attacks, should they come across something justifying the expenditure of that much resource, but as Bruce says, “The math is good …”
More from Bruce – http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
https://en.wikipedia.org/wiki/Adversary_%28cryptography%29
Funny, I would think NSA would be the “adversaries” …
Thanks for the enlightening links, guys. Very good (though infuriating) information.
Chris — I was unaware that “adversary” had that special meaning in cryptography. Wow. That makes it even more outrageous and ironic that the NSA (who I agree who fits that adversary description to a “t”) would label the normal users and operators of encrypted systems with that term.
Talk about projection!
I’m looking through Schneier’s Guide to Staying Secure article, and I get to this line: “…and a few other things I’m not going to write about.” Well, why the hell not? This is the most trustworthy guy on the tubes about security & privacy & transparency, and he’s holding stuff back. Who can know why?
It’s just all depressing to me. America has out-Stasied the Stasi. And I helped it.
Scott – “And I helped it.”
You and me both, then. I don’t know what your part was, but we’ll leave mine broadly defined as “giving them a place to put all of their info.” It’s a sickening feeling when this stuff comes out and all I can do is think that it’s at least partially my fault.
I read one of Schneier’s articles (http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying) yesterday, without seeing the info on what the NSA has been able to do.
Literally sick to my stomach.
Epic – a Privacy-focused Web Browser (On Slashdot)
Clarification in the comments – it’s based on Chromium, not Chrome. I don’t know how much difference that makes.
My part was just being generally involved in computers, networks and storage since 1979, from mainframes to embedded devices, and everything in between, and everything that attaches to them. Built it, supported it, sold it, bought it, promoted it. An entire life’s work.
Funny the Nazi Stasi Army would call everyone ELSE ‘the Adversary’ —
’cause THAT term is usually reserved for, well, THE Adversary. THE Bad Guy — Ole Scratch, HaSatan, Lucifer, Beelzebub, Molech, and so on – the one Judas went to spend some quality time with, perhaps.
There’s more irony in that than meets the eye…
One bit of silver lining: Now, when someone uses the excuse, “I don’t want to get on the list” to avoid joining NRA/getting a CHL/writing representatives/demonstrating/registering to vote/etc. the perfect answer is “It’s too late. The list is everyone.”
Related: Axciom Opens (Some) Consumer Data.
I haven’t looked, but admit I’m curious as to what they think they know about me.
Well, I just hit the button, and something else pops up.
Bitcoins Not So Anonymous.
I always assume that anything I do online leaves a trace. The question is always whether I’m of enough interest to some TLA agency for that trace to be worth dredging up.
And, since it’s Friday, and I’ve had enough of this week, and its attendant dreck:
Detailed animal drawings. Pretty cool.
[NSA threw semi-public tantrums over DES, etc., and the bottom line is that we have AES at 256 bits as the standard because that’s what NSA was willing to accept. They were willing to accept it because they believed that they had the resources to compromise it.]
This I doubt. The US govt uses encryption too – AES. They are not going to use a standard that is crackable. Anyway encryption at a basic level is not compromised. It’s the ISP and other institutions that are questionable. Anything with a human who can be bribed or threatened.
[The NSA also attacks network devices directly: routers, switches, firewalls, etc. Most of these devices have surveillance capabilities already built in; the trick is to surreptitiously turn them on. This is an especially fruitful avenue of attack; routers are updated less frequently, tend not to have security software installed on them, and are generally ignored as a vulnerability.]
I have gotten the pfsense firewall working. I think the next thing is to hack the router and put some open source code on it (if I understand that procedure correctly). I’m less worried about routers assuming I am using VPN.
I wonder about VPN providers. It wouldn’t be hard for NSA to bribe them to add back doors (sigh).
I very much doubt anything like GPG is compromised. Of the OSs I assume any Microsoft product is compromised, but I think linux is much more of a problem (I guess the vulnerabilities are through the applications) and think the BSDs are even more difficult for the snoops.
Interesting article about routers:
http://www.wired.com/threatlevel/2013/09/nsa-router-hacking/
jed, chromium is an open source operating system. its browser is iron. the chrome browser is a fork made especially for google at google’s request. i have used various linux distros and their various browsers. chrome gets a ‘meh’ from me. i use gmail for business reasons only, even knowing google is very likely riddled with security holes that are intentional.
clarence
Scott – Well, I wasn’t born in 1979, but I had a healthy interest in the stuff by 1999, and I’d sold and/or supported enough storage by 2009 to store pretty much anything they wanted to store.
On a related note, anyone figure out how to reconcile feelings of guilt and disgust over current state and past actions with parental approval of said actions and the state of things? Serious conscience issues here.
Jed, thanks for the animals link. Definitely needed, about now.
Paul,
You write:
“The US govt uses encryption too – AES. They are not going to use a standard that is crackable.”
Whatever makes you think that? Any standard is crackable (more so than non-standards, since with a standard the likely key bit length is known, etc.). The more likely scenario is that the US government prefers standards that OTHER governments are unlikely to be able to crack ROUTINELY through brute force, due to lack of resources.
AES is crackable. It’s just a question of resources. The question is whether NSA has enough computing power to make brute force cracking of 256-bit AES routine or not.
Today’s Guardian followup specifies that brute force decryption is part of the NSA’s approach.
Most people have had ants in their kitchen at some point. Spraying them is hopeless because more will come in from outside forever. The little bait trays with the stuff they take back to their nests as food actually solves the problem, at least for a while.
Someone needs to invent some kind of “bait tray” for all the snoopers…
Thomas:
http://www.eetimes.com/document.asp?doc_id=1279619
This is what they are talking about when they say “the math is good”. Theoretically crackable, yes, if they have longer than the age of the universe. Long before they expend those resources they will call for the goons to apply some “rubber hose cryptography”. Or they will give the CEO of Microsoft a call, for adding back doors.
What you are interpreting as “brute force” is perhaps an attack against passwords I think. Such are quite vulnerable because humans can remember only so much. “Side channel attacks” I think they are called.
A side channel attack attempts to use things incidental to the implementation as an attack vector. Passphrase guessing is just plain brute force.
https://en.wikipedia.org/wiki/Side_channel_attack
Also, it’s possible to supply different length keys to various ciphers, up to a stated maximum. With RSA, for example, the maximum is 4096 (or is it 8192?). Well, it’s reasonable to expect that the truly paranoid will use the max key length, but as Paul says, that results in a mind-boggling brute-force crack time. That’s why the feds like to insert backdoors. I doubt that knowing the key length helps much, unless the key length is quite small.
MamaLiberty – Ant baits tend to kill ants, obviously. Kind of tough to do that electronically, legally. That said, the more people using open source implementations of open source encryption (of which Claire has posted several times, and I’ve got several links if you’d like them dug out) will serve to give them more work to do.
Thanks, Mike… Guess the ants thing was a bad analogy.
I’ve been using PGP since about 1996… so far, very few people want to bother using it with me… and it doesn’t work unilaterally. 🙂 “The more people that use it…” Well, of course… Everyone having a million bucks and a pony would be wonderful too… but how would you make that happen?
Try this:
It’s like a “have a heart” gopher trap. Not killing them might makes you feel good on the rare occasions you catch something, but it’s never going to get rid of very many gophers, let alone all of them.
I have more in mind something that will introduce a “worm” or some disease that would wipe the snoopers out, root and branch. And at that point, “legally” will have a whole new meaning, I suspect. 🙂
Password guessing is usually a dictionary attack, which is not a brute force attack.
http://www.infosecisland.com/blogview/6131-Brute-Force-vs-Dictionary-Attacks.html
https://en.wikipedia.org/wiki/Brute-force_attack
It would be interesting to download a dictionary and to run your passwords against it to see if it’s in there. If it’s not, the attackers would have to resort to side channel attacks to crack your encryption.
I’ve been thinking about wifi encryption.
http://netsecurity.about.com/od/secureyourwifinetwork/a/WPA2-Crack.htm
http://arstechnica.com/security/2012/08/wireless-password-easily-cracked/
The best way to do it is use no wifi, and use ethernet instead. 99% of the time my laptop is sitting on my desk; how difficult is it to run a cable to that? Also you could have an internet switch and spare cable there for when your friends come over.
But if wireless is needed, use a random password. I roll the dice and use 3 rolls to select each character from the 92 possible. That one article suggested a 30-character length. Why not? How many times do you need to enter a WPA2 password?
My next thing is dumping my old crappy linksys router for a home-made one using pfsense. Apparently NSA does attack routers as well. I have already worked with pfsense and it is very impressive. You can use any old computer you have laying around, although the power consumed by 24 hour use might be a bit much. That’s what low-power ITX motherboards are for…
http://pfsense.org/
I’m just not sure what to do about my ISP-supplied dish. I suppose I just have to assume NSA has all traffic that passes through that, or through the ISP itself. Then there is VPN to take care of that…
A dictionary attack is just a filter on a brute-force attack, used to reduce the search space, because it’s statistcally useful.
And just because one’s password or passphrase doesn’t appear in existing dictionary or rainbow tables doesn’t mean that is has sufficient entropy to be well secured. And there are other methods besides side-channel attacks for a cryptanalyst or LEO to use, such as keyloggers, which are also useful against very good passphrases.
but how would you make that happen?
This is the most disheartening aspect of the whole situation. I don’t have the hundreds of convincings in me to even start to make it happen.
Time to break out the ghosting and monkeywrenching guides from my mis-spent youth.
A brute force attack is trying every possibility; therefore there is no filter on it. It’s fun arguing semantics, eh?
Yes, not being in the dictionary is not sufficient. Brute force attacks work very well with short passwords. The remedy is not to have a short password…
Keyloggers are a problem, but every attack comes with a cost, and keyloggers have a particularly high one if you are talking about hardware ones. Software ones, well don’t run Windows! 🙂 Again, you don’t have to have perfect security. It just has to be “good enough”.
Keep in mind that most of the “soldiers” in the trenches working for the regime in a computer hacker capacity are going to be motivated by looking for Al Qaeda et. al. The number who would sign on to actual tyranny are probably quite few. They probably don’t have a high percentage of psychopaths, unlike the role of politician. Bottom line, I see expensive operations like the installation of keyloggers being used more against a guy in Damascus named Achmed, than against denizens of Claire’s blog. Maybe I’m wrong on that…
Paul, your last comment makes me wonder why you’re concerned about wifi encryption. It seems as expensive as keyloggers.
As well, I don’t see any evidence that their focus is on Achmed. If it was, well, why the Boston Marathon bombings, as just the latest example? That assumption has simply been wiped out by the latest revelations. Certainly in my mind it has been.
Gary Hunt already predicated this kind of thing back in 2011 with his article, “How Dangerous is Internet Communication to Patriots?” [ http://www.outpost-of-freedom.com/blog/?p=540%5D. As hard as I’ve tried to secure my digital privacy, nearly everything I’ve tried usually doesn’t work on its face, without getting into the whole issue of “backdoors,” and such. At this juncture, I would rather focus on my non-digital (real-world) personal privacy, since there have been minor successes on that front.
However, seeing that we still need some form of digital (preferably, offline) encryption, I still think that the OpenPGP standard can be used for file encryption. Even with email, I think it can play a role, provided you don’t limit your encryption solely to it, if you know what I mean 😉
I have written a PGP installation tutorial for both Mac and Windows OS [http://thelastbastille.wordpress.com/2013/03/25/how-to-configure-use-pgp-encryption-for-email-windows-os-instructions/]. I know for a fact that over two dozen individuals have emailed me to test and make sure they installed PGP correctly. Mamaliberty, there is absolutely no reason for you to feel alone about this.
I also have GPG installed, although I rarely find occasion to use it. Also Enigmail… I should add though, that I do use full disk encryption, and that is an “all the time” thing of course. I also normally run my laptop with the battery out, so that protection of my hard drive is as fast as hitting the power switch.
[Paul, your last comment makes me wonder why you’re concerned about wifi encryption. It seems as expensive as keyloggers.]
I do this stuff to develop expertise and to annoy the snoops, and help others do the same. I don’t get how wifi encryption is expensive? By expense I mean getting several highly-paid govt snoops to surreptitiously break into a home and install a hardware keylogger and whatever else they do. Obviously they are limited with that so they won’t be applying it to everybody.
[I don’t see any evidence that their focus is on Achmed. If it was, well, why the Boston Marathon bombings, as just the latest example? That assumption has simply been wiped out by the latest revelations.]
I should say, the focus of the average snoop is on Achmed. The ruling class on the other hand has other interests, like keeping the boot on our neck. I don’t think the latest revelations negate any of this, because the vacuuming up of all data CAN be used to fight terrorism, and so in the mind of the average snoop that is what it’s for. I’d wager a lot of them are going through some soul-searching right now too. The troops follow the leaders
…continued…
The troops do not follow the leaders mindlessly, but for a purpose that is righteous or at least has that appearance. The farther that purpose from what is actually going on, the more reluctant they are to follow, which is a problem for the rulers. Unlike the lizard people who run D.C., these guys are human beings like the rest of us.
While the discussion is on security and passwords here is a web site that will generate secure passwords and automatically log you on to web sites when you visit.
http://www.dashlane.com
“…I don’t get how wifi encryption is expensive?”
I meant that cracking default wifi encryption is expensive for the NSA, not for you to implement. The same way I assume keylogger installation is expensive for the NSA given the number of endpoints. But I can see your point.
Actually, cracking wifi encryption (I mean WPA2) is not expensive at all; there are free tools on the internet for doing it. Of course it’s harder to do if a reasonable password is chosen, but most people don’t do that.