I still use RC despite the long history of XSS attacks against it. Luckily RC uses progressive enhancement, so it still works with JS turned off. I just assume emails can still execute JS in 2016? Perhaps it's wrong of me to use RC with JS turned off as a preventative measure, but you have to adore that user interface! It's the only reason I choose RC over other self-hosted email web apps (and there are few to choose from in this space). I like the simplicity of Squirrel-mail, but Roundcube looks and feels too good not to use.
You're right. Before any integration of a server-side PGP key like this, they ought to have deployed some basic hygiene like a strict Content Security Policy (CSP) and a better sanitization library like HTMLpurifier. I don't trust webmail software, and definitely not PHP webmail software, to hold my keys for me otherwise.
I appreciate the intention of this article. Written for people only starting to change their surfing habits in light of Snowden. But the example of the tools they should use are not thought out very well.
First: Freedome by F-Secure is closed source and there is no OpenVPN alternative. Always choose a VPN that has OpenVPN so that users can configure the connection to their needs. No need for this bloated mess.
Second: Whilst disposable Google accounts might seem like a good idea, there are any number of ways for Google to cross-correlate a disposable identity with your actual identity using fingerprinting captchas or even your screen resolution. Google does this to spot serial re-registrations and to stop people gaming Google Plus voting rings and spammers in general.
Third: Be careful of online websites offering fake-name services. Most of this data is generated server-side and logged for the purposes of cross-correlation with your IP address and useragent string. Quite possibly the vast majority of fake-identity sites are run by LEA
- I like to write some quick and dirty ruby gems to generate fake identities because then it can't be correlated. (The names are pulled in from disparate sources and I always ensure true-randomness).
- In terms of email, use things like Riseup which use TLS at every hop so that passive dragnets cant sniff the password. 99% of all IMAP and SMTP services can be passively sniffed because they use weak STARTTLS.
- Use 'honeywords' in an email to correlate different emails with different activities. For example:
> Second: Whilst disposable Google accounts might seem like a good idea, there are any number of ways for Google to cross-correlate
In all fairness, the author does mention multiple times that a fake Google account is not meant to protect you from Google, but from the site you're signing up on.
I don't see the point of using honeywords. I mean, I've used them a bit, but any spammer is going to strip them immediately, so they're useless for identifying which provider leaked your address, right? And now to login, you need to remember the honeyword you used to register, which is a big inconvenience for anyone not using a password manager. (Use a password manager!)
If you primarily use honeywords, then you can filter out anything going to craigds@host.tld as spam. The hard part would be transitioning people you want to communicate with to craigds+{family,friends,correspondence}@host.tld.
Optionally, retain craigds@host.tld for personal and professional communication/correspondence, and move everything else to craigds1+{something}@host.tld (or a different host).
I just bought an entire TLD for signups/spam and made it a catchall. One positive is I know when companies are breached often before they announce it as my pagerduty@domain.com told me a little while ago.
I've used the same strategy for the past few years with great results. Like you said it's really nice to see early on which companies are leaking your info.
It's also nice to be able to kill specific email addresses once a breach has been disclosed and the spam becomes plentiful.
You can counter this by creating a hook to scramble keys as they are typed. There are countless antiloggers out there and they're the first thing I install on any fresh distro. Why this antilogging technique is not the default in most so called 'hardened' systems is beyond me. Really low hanging fruit like the ability to log keys should be looked after first and not addressed at some future date when you realize 20+ years of keystrokes were siphoned off your machine.
Aren't anti-antiloggers equally easy to write? Countering an example keylogger is easy, but countering a production-ready keylogger, assuming that keylogger actually gets to load itself as a kernel module, doesn't seem like low-hanging fruit.
What's the threat model you have where evil kernel modules are installed on your machine, yet they don't do things like siphon off your files, read passwords out of the memory of running processes, add entries to /root/.ssh/authorized_keys if and only if the current process's name is "sshd", etc.?
In terms of a threat model, it includes any machine which acts as a hypervisor and as the old saying goes: If you don't trust the hypervisor, how can you trust any machine running in that hypervisor?
Antilogging is but one tiny component of defense in depth and worth investigating if you're doing anything interesting with a computer. 'Doing something interesting' although is not to be misconstrued as 'doing something bad'. It just means how can any meaningful work get done if low hanging fruit like keystrokes can (and are) being siphoned off?
It helps to see how machines are actually being compromised like this...I've seen it on my machine and sometimes entire office building are being siphoned like this. I typically report this, but I would much rather get to the root as to how it's possible in the first place :(
Huh, that doesn't match my intuitions at all (at least on UNIX-based OSes), so I'm pretty surprised and want to re-adjust my expectations. You're saying that you regularly see compromised machines that are running kernel-mode keyloggers, but only keyloggers? What has the attack vector been, and do you know where they keys are being logged to?
What do you mean by that? If you scramble the keys as they enter the input system then you can't write anything. If you want the user to be able to use use the keyboard then you can also read what's getting sent to userspace.
Typically we don't want the userspace to be compromised at all. An antilogger works by effectively substituting letters as they are typed. So when I type 'A', it is read as A in the kernel, but backspaced, replaced by a random letter, and then the real `A` appears on screen by means of hijacking the input form.
For the pedants:
Some more advanced antiloggers are minus ring-0 and physically remap the keys so that `A` doesn't mean A at all. Infact if I typed this, a load of garbage would be displayed on the screen. The only reason we see valid output is because of a software abstraction layer translating the 'garbage' back to it original symbolic meaning. This is how we thwart such a kernel logger as described in this thread.
JPGs are also a lot safer as PDFs can ping remote resources using carefully hidden beacon images.
Although that said, I sometimes use this to see who opened my files. I once left hundreds of these on a very popular cloud hosting provider (not naming names), and somebody working there was stupid to open the PDF on a machine connected to the internet, thereby proving abuse by employees and proving any random stranger can access 'your' files in the so called 'cloud'.
Look up 'honeydocs'. Some interesting articles about this technique
Zemana Antilogger is pretty sufficient for these threats, and also blacklisted by the NSA, so I suppose it works then? I wrote some custom apps that use 'key-interleaving' so that as I type, the key is backspaced, replaced by another letter, and then substituted several times. It's trivial to write such an app, and takes about two-days. The hardware keyloggers are much more insidious though and that keyboard advertised on the site looks awesome :)
The Apple situation annoys me because it's no longer about the web. It's about breaking crypto on a device which is vendor-locked. The same thing as breaking homegrown crypto, or DVD crypto; easy and trivial. The fact that Apple doesn't use ephemeral keys and can't simply throw away the key in the event of an incident is worrisome enough.
Real crypto needs to be more compartmented than that. A bank is not secure because of the massive door - it's safe because it would take a thief weeks to empty every safety deposit box.
It's also made even safer when the key is (more or less) thrown away for periods of time and nobody can get it. Even with manual over-ride. Literally somebody could be dying inside the safe and nobody could save them.
In properly implemented crypto nobody should hear you scream.
The hole concept of end to end encryption works far better if the ends are actually secure. We use end to end encryption to protect our communucation one the move and our endpoint are protected with secure hardware.
Weakening end point security is certantly not as bad as going after tls (for example) but its still a vital piece of our trust chain.
And the smartphone will grow in importance as an authentification factor and that makes it even more vital.
Better wording of a back door is donwgraded security. For an institution whose sole purpose is to engender security, they do the opposite. It's like saying they have better, more expensive guns than the rest of us.
Which collectively if you think about it, and round up all the PCs in each home, and all the security that goes into them, it's (collectively) the most militarized group of computers there is, and they obviously don't feel outgunned.
>For an institution whose sole purpose is to engender security, they do the opposite.
Well the security they engender is mostly physical security i.e. not getting blown up by terrorists while the security they want to breach is information security. I could see why some people would not mind trading privacy for reducing the chance of getting blown up, all else being unconsidered.
> Well the security they engender is mostly physical security i.e. not getting blown up by terrorists while the security they want to breach is information security.
This is exactly my point. They use the terrorist strawman to frame their agenda; which is to hack all the internets without anyone batting an eyelid.
Information technology is but one facet of reality, and a reflection. It is not the whole thing. It's for this reason it is more suitable to get to the core of why anyone would want to commit an act such as blowing oneself up in the first place.
It's like going all guns blazing on the symptoms of flu. Unless a cure is invented it will haunt us and we only have symptomatic relief.
I can understand the motivations for going after anyone doing something technically interesting with a computer (actually a rare thing unless you are supremely skilled and have chosen a life of learning systems and divulging technical manuals). Also see: homebrew crypto
The problem is that some privacy is essential for democracy to function: you can't have the secret police going around bugging political parties and feeding information to their preferred candidates. Breaching encryption is like Watergate but without all the tedious need to physically break into a hotel.
> Breaching encryption is like Watergate but without all the tedious need to physically break into a hotel.
I don't agree. When I'm in a hotel room, I'm supposed to enjoy some privacy. If this bill passes, you will know a priori that electronic communication is under judiciary control. As I said before, it will be the same as it has always been with telephone.
Really, absolutely-private remote communication didn't even exist before the advent of computers. And now it looks like it's a fundamental human right and no discussion is possible. I don't think that such a bill should be forced on UK (or any other) people, but fighting criminality is at least as important, and I'm not shocked that compromises are being proposed and discussed.
Remote communication other than by courier didn't exist at all prior to the 19th century and the telegraph. That's why it was left out of the construction of the 4th Amendment.
You can make an argument for crimefighting, but then you have to stay within the judicial boundaries: limited access, requiring a warrant, limited use, requirement for basis for suspicion. The crimefighting process is there to produce evidence which is then presented to a court in public.
The problem with the IPbill is that it comes from the military intelligence point of view instead. The process produces intelligence which is then classified and is illegal for the public to see. There are warrants to be issued under the IP bill: it is a criminal offence for the people on whom the warrant is served to "to disclose to any person, without reasonable excuse, the existence or contents
of the warrant." This provision does not come with a time limit. You can be ordered to hack activists or opposition parties or human rights lawyers and not allowed to whistleblow, ever.
There are some extraordinary little subclauses like 154.(9):
"Any conduct which is carried out in accordance with a bulk equipment interference warrant is lawful for all purposes"
You make a sensible point against this particular bill.
I just can't understand why any resemblance of a limitation of the privacy over electronic communication is greeted with such outrage. I do understand that encryption can be either controllable XOR secure. But my point is that secure encryption has never been a right: actually, the discussion has just started, due to the recent spread of its usage.
Again, telephone and (thanks for reminding) courier have always been controllable, thus not secure. Deciding whether a non-controllable medium of remote communication should exist, and who may use it, is a social and political question (like, for example, cloning: it is technically possible, but drastically controlled by laws). I understand it's quite natural for us HN-ers to stand on one side, but the world is bigger that HN.
And that's partly why the mistrust exists. Law enforcement agencies are not given the benefit of the doubt on this because of previous abuses. There's a history here which is too long to #include every time the subject comes up.
Deciding whether a non-controllable medium of remote communication should exist, and who may use it, is a social and political question
"Controllable" is a word shift from "secret", and that's what the US 1st Amendment guarantees: the existence of non-controllable means of remote communication. After all, one of the founding heroes of the US was a ""terrorist"" who brought messages to the other members of his anti-government cell.
The UK situation is much worse, and a full discussion would have to involve the abuses of the last generation of antiterrorist police and military action in Northern Ireland.
Not only that, privacy is integral to physical security. If you have no privacy then attackers know exactly when and where you're vulnerable to physical attack.
The second occurrence is not only inevitable, it refutes the notion of a door in the first place, which is supposed to be fully opened at some stage for long periods, not temporarily opened in-case-of-emergency, or half-shut just-in-case.
https://www.intelligentexploit.com/view-details.html?id=1696...
I still use RC despite the long history of XSS attacks against it. Luckily RC uses progressive enhancement, so it still works with JS turned off. I just assume emails can still execute JS in 2016? Perhaps it's wrong of me to use RC with JS turned off as a preventative measure, but you have to adore that user interface! It's the only reason I choose RC over other self-hosted email web apps (and there are few to choose from in this space). I like the simplicity of Squirrel-mail, but Roundcube looks and feels too good not to use.