RE: Carnivore Update - Washington Post 11/21/00
The only answer is the same one for CALEA, absolute mil-grade encryption on every single packet! Given that, it won't matter if they capture packets, they wont be readable. However, as MHSC has found out the hard way, folks don't want to pay for it. Even when it is freeware, they wont go through the extra trouble to install it. The proof is the market penetration of PGP. Only the geeks tend to use it and SSH is only used by SA geeks. The general market DOESN'T CARE! At one time, MHSC offered VPN software and an SSL-based web mail product, for a very nominal $10/month. We had lottsa queries, but few buyers. Folks would rather use a free, unsecured, hotmail/juno/etc than a non-free SSL-based one. BTW, you can't have banner ads on an SSL page. I figure that this market has at least three years to go before it is real.
-----Original Message----- From: Frater M.A.Ch.H. 999 [mailto:azoth@occult.net] Sent: Wednesday, November 22, 2000 6:03 PM To: nanog@merit.edu Subject: Re: Carnivore Update - Washington Post 11/21/00
nanog:
Do what thou wilt shall be the whole of the law.
I still have to say that the Carnivore program is potentially the most disgusting domestic surveillance program ever proposed.
To Hell with the 4th Ammendment, eh, FBI?
I don't know what the FBI's oaths of service are, but my oaths upon entering the US Armed Forces were to protect the Constitution of the United States from all enemies, foreign and domestic.
Furthermore, our motto in Special Forces is 'De Oppresso Liber' --- Liberate from Oppression.
Perhaps they just want to ruffle some feathers and get some domestic resistance popping up by all of this... or on the flip-side see if the citizens actually would resist an attempt to eradicate the 4th Ammendment.
I've noticed that national ammunition sales are soaring over the past few weeks.
Amen! And so they should be.
Carnivore needs to find a resting point before someone takes too much offense to it.
And personally, I always like to use the good ole 'Meta-x spook' lisp built-in command in emacs as often as possible for just this sort of occasion.
e.g.: -------------------------------------------------------------- -------------- NSA kibo Waco, Texas counter-intelligence smuggle DES Mossad terrorist class struggle security CIA explosion Noriega Marxist Kennedy
DES genetic strategic NSA smuggle FBI World Trade Center FSF Panama SDI Honduras Ft. Meade Treasury counter-intelligence class struggle -------------------------------------------------------------- --------------
For everyone who didn't know that command existed in the distribution, enjoy! ;)
Love is the law, love under will.
Frater M.A.Ch.H. 999
~~~^^O^^~~~
MTH/HE/SX/TA/EN S++(*) W N+++(++) PEG++(XX) Dr+ A>++ a++ C G+ QH+++ 666++ Y++(+++) Z+
The only answer is the same one for CALEA, absolute mil-grade encryption on every single packet! Given that, it won't matter if they capture packets, they wont be readable. with new repressive legislation popping up around the world (see UK) you can be forced to give out all your keys.
However, as MHSC has found out the hard way, folks don't want to pay for it. Even when it is freeware, they wont go through the extra trouble to install it. The proof is the market penetration of PGP. as long as it stays as bloated as it has been made,
the US practice of law enforcement is similar: http://devrandom.net/~dilinger/ technology can't replace standing up for our rights. there is no way to really know whether it has a backdoor now. i asked phil zimmermann and he seems not interested in releasing a simple, easily analysable drag and drop app. GnuPG.org could be better here. you are right, it needs pioneering until the masses move. (nothing unusual about that, is there ?) http://securityfocus.com/focus/linux/articles/clear1.html
At one time, MHSC offered VPN software and an SSL-based web mail product, of course carnivore has no problem decrypting SSL.
kind regards philippe, http://A-Z-Internet.com
of course carnivore has no problem decrypting SSL. Source, please. (this seems obvious for the still widely distributed 40 bit versions.
there are many sources discussing the NSA key in windows and apple is likely to have implemented similar backdoors. there could be a reason why 128 bit SSL encryption has been approved by the US for export in december 1999. the question is if we have to prove they can decrypt SSL communications or if the government agencies have to show they can't (don't hold your breath). how strong 128 bit encryption is is another question.) this discussion is probably getting off-topic on this list. i have just received some thoughts about it from security expert Eric Murray and while he is less pessimistic, please see below. kind regards philippe, http://A-Z-Internet.com --- *** --- http://remus.prakinf.tu-ilmenau.de/ssl-users/archive14/0158.html http://www.mail-archive.com/cryptography-digest%40senator-bedfellow.mit.edu/... http://www.tinhat.com/surveillance/code_breaking.html SSL Server Security Survey - A random sample of 8081 different secure web servers (servers running the SSL protocol) in active use on the Internet shows that 32% are dangerously weak. These weak servers either support only the flawed SSL v2 protocol, use too-small key sizes ("40 bit" encryption), or have expired or self-signed certificates. Data exchanges with all types of weak servers are vulnerable to attack. http://www.meer.net/~ericm/papers/ssl_servers.html --- *** --- On Thu, Nov 23, 2000 at 08:55:52PM +0100, Philippe Landau wrote:
Hello
Is there a possibility that a government has a backdoor to decrypt SSL communications ?
kind regards philippe, http://A-Z-Internet.com
Yes it is possible, in the code that calls SSL. It's not very possible in the SSL protocol itself since that has been well investigated by security researchers. It's a little more possible in open-source SSL implementations but still not very likely. It's most possible in closed-source implementations, where the code that calls SSL is only known to the author(s). A backdoor that say reduced the entropy going into session keys would be difficult to detect-- even decompiling the code and stepping through it might not show it. -- Eric Murray Consulting Security Architect SecureDesign LLC http://www.securedesignllc.com PGP keyid:E03F65E5
of course carnivore has no problem decrypting SSL.
Source, please.
I do not think that carnivore is doing that, but SSL is not resistant to the man-in-the-middle attack. The problem here is in the lack of any useful certificate validation support. How many users actually check that site certificate indeed belongs to whoever is identified as the site owner on the Web pages? (Plus, it depends on the security of certification autority's private keys, their public parts being non-revokable, because they are bundled with browser software. I have a little doubt that it is all too easy for law enforcement to obtain these keys if they need to. Interests of my privacy definitely do not match interests of RSA Cert. Auth., Inc, a commercial entity. Of course, i have no proof that this happened, but I have no reason to trust that it didn't happen, too.) --vadim
On Thu, Nov 23, 2000 at 07:16:49PM -0800, Vadim Antonov wrote:
useful certificate validation support. How many users actually check that site certificate indeed belongs to whoever is identified as the site owner on the Web pages?
Not relevant; presumably one would have accessed one's web mail at some point in the past, before Carnivore was installed at one's ISP. If so, the certificate will have been obtained long ago.
commercial entity. Of course, i have no proof that this happened, but I have no reason to trust that it didn't happen, too.)
It is a tremendous stretch to go from "we don't know" to "has no problem decrypting". That's what I'm objecting to; the original statement was not provable, and all I did was ask for the source. So far I haven't gotten a source, I've gotten assertions that SSL is weak (of course it is) with this somehow implying that Carnivore can magically decrypt things immediately.
extra trouble to install it. The proof is the market penetration of PGP. Only the geeks tend to use it and SSH is only used by SA geeks. The general market DOESN'T CARE!
As part of a side business, we do an incredible amount of real e-commerce, mostly electronic funds tranfer via the Federal Reserve Banking system (ACH batch processing - Qdebit.com). We see roughly several levels of clients: 70% - "Huh? We're secure, only I have the root password" (actual quote) 10% - Encryption is hard, how about we ZIP the file we send via FTP? (not bad, it helps...) 10% - SSL encrypted XML posts. 5% - SCP (SSH) file transfer, known keys on each side + passwords. 5% - Hardware encryption, leased line, keys for hardware encryption and passwords delivered in seperate parts by different people after identity verification. No physical connections to gateway systems. (Federal Reserve, Chase Manhatten Bank...) We even had one client swear his IBM MQ Series system he used for transfering data and files over the 'net was IDEA encrypted, and we should not worry about the large batches of name,address,SSN,routing,account#... information. Plugged in a sniffer and watch it all pass in plain text. I also blame the difficulty level to install basic encryption software, but if my 16 year old "skateboard head" son and 19 year old "art major' daughter can install PGP and encryption programs to keep their old man (me) from reading their e-mail and opening up their files on the home and school network... It can't be that hard. Until real data encryption is built into the Operating Systems and all software... --mike--
participants (5)
-
Philippe Landau -
Quark Physics -
Roeland Meyer -
Shawn McMahon -
Vadim Antonov