Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment Re:Uh... okay (Score 3, Informative) 607

There's nothing in the articles that implies this. Backdooring a CA only helps if several things hold:

1) They can not only intercept but also rewrite traffic on the fly. Possible, but if so, not yet mentioned in any leaks.

2) They're willing to take the chance that someone might notice.

So an operation against a single site, definitely possible. But they are clearly desperate to grab everything, all the time! Their whole MO is not targeted investigations but to spy on everyone simultaneously. You can't use a rogue CA to do that. They'd be detected immediately, if only by geeks setting up SSL for their new personal VPS and suddenly noticing the CA their browser gets isn't the one they installed.

The problems with SSL are not that CAs exist. The model holds against the global adversary who wants to decrypt everything. The problems with SSL are almost certainly more prosaic - many websites can be automatically hacked and their keys stolen without the owners ever knowing. In the default config that allows you to then decrypt all past traffic as well. Some implementations will use old, weak keys that were strong once upon a time but have since become obsolete. Some implementations will have bad random number generators. Some implementations will run on VPS providers and are subject to side channel attacks by colocated VMs. Some keys can be subpoenad and others can be obtained by covert agents. And of course you still leak traffic metadata even when SSL works perfectly.

There are lots of ways to attack SSL that will work some of the time, and that's exactly what the leaks imply - they can beat encryption sometimes but they don't have a magic skeleton key to everything.

Comment Re:SSH? (Score 5, Informative) 607

Certificate authorities never see private keys so you are dead wrong about that. What's more, even if a rogue CA was minting bad certs on the fly to attest that the NSA was really, that would have been noticed. Remember that secrecy is something they value insanely highly. They wouldn't ever do something so easily noticed and the articles do not imply any kind of CA compromise.

In fact if you read all the stories (they overlap largely but not entirely) you can get a vague picture of what's going on. Firstly, they record all encrypted traffic in case they can decrypt it later. Secondly, they have a database of public to private keys, populated via any means they can. Thirdly, they obtain keys in lots of ways (hacking, subversion, bogus court orders, brute forcing old/weak keys etc) but they don't seem to have a magical solution to all strong crypto. The closest that the leaks come to this is discussion of some amazing cryptoanalytic breakthrough, which could possibly mean they're able to break some kinds of RSA? Perhaps they're ahead of Joux et al by some years?

Regardless, what it is, it can't be a solution to all crypto, because these governments apparently asked the newspapers not to publish on the grounds that people might switch to stronger systems that worked.

Comment Re:Botnets and Tor (Score 2) 55

No offence, but there absolutely is reason to believe you're incorrect. The reasons are in the Tor mailing lists which I've been keeping up with for the past few weeks.

Firstly, exit traffic has hardly moved, despite massive increase in Tor usage overall. This is consistent with the bots getting instructions from a hidden service. So exit node operators can't do much here.

Secondly, the whole point of the hidden service protocol is that relays don't know the IP of the hidden service. That's why there are rendezvous nodes that join user and service together via two 3-hop circuits. De-anonymizing such a service is very hard and requires you to control large numbers of nodes over a period of many months, according to the latest research. It's not something the Tor community can just do.

If you think you know of a slick way to resolve this problem, I suggest taking it to the Tor developers, because all the evidence I see from their lists is that right now they don't have any great ideas.

Comment Re:Botnets and Tor (Score 4, Informative) 55

I believe you are making an incorrect assumption that these botnet nodes are actually relaying on behalf of the network. I've not seen any reason to believe this is correct. Rather than just act as normal clients of the Tor network - placing extreme load on existing relays.

In fact, this botnet appears to be basically breaking Tor with many node operators reporting that their relays cannot keep up. The Tor developers recently started developing code to prioritise the more efficient NTOR handshake over the older protocol, and because the botnet runs older code people who upgrade to the latest code (once they are finished) should take priority over the botnet traffic. Until the botnet also upgrades, of course.

To make it worse, when a circuit fails to build because of overloaded relays, Tor retries. I'm not sure there's any kind of exponential backoff. Thus the network goes into a death spiral in which clients constantly try to build circuits and fail, placing even more load on the already overloaded system and making it impossible to recover.

Unfortunately we may be looking at the end of Tor here, at least temporarily. The botnet operator doesn't seem to realise what's happening, otherwise they'd be backing off. Tor is effectively experiencing a massive, global, accidental denial of service attack by this botnet. Many relays don't have enough CPU power to weather the circuit storms. It will be very interesting to see what the Tor developers do next - they don't have any effective way to fight off this botnet because almost by design they can't detect or centrally control the network. They practically have to ask nicely for the operators to go away.

Comment Others, too... (Score 1) 95

The first search engine I used was the World Wide Web Worm (probably in 1994, I think). Before that, I used to use Archie quite a lot, which was a search engine for FTP sites (which you accessed via telnet).

The World Wide Web Worm found me a quite a few research papers which I needed to read to prepare the dissertation we had to do in the final year of our degree course. It saved many many hours of shuffling through paper in the library.

Comment Reminiscent of the Sony (Score 1) 244

I bought a Sony smartwatch just to have the experience and on the off chance that it would be fabulous.

It was anything but.

You're absolutely right: the "smart watch" is a dead end.

Smart —fine.
Wearable — excellent.
Watch —stupid.

Packing a third of a smartphone (it can't do most of what a smartphone can do, at least not directly and independently) into a device with a crazy-small display size and a battery that might last you a day before needing to be charged (and remember, when you think about charging, that a "watch" is something strapped to your wrist that you rarely want to think about in logistical terms in your everyday life) just plain doesn't make anything about life better.

Wearable tech sounds great, but it'll be something other than "bluetooth device running your phone's OS that you need to charge all the time and that does less than your phone."

Comment Re:How to crack: (Score 1) 183

I think this speaks to the fact that post-Snowden, the game has entered a new stage.

Pre-Snowden the NSA or whoever would not have been willing to do such a thing, due to the very high likelyhood of detection. Yes, 99.9% of people aren't going to notice their phone doing something unexpected. But if you apply it to everyone because you want the ability to grep their communications for keywords a.k.a. selectors then you need all of it, all the time. There are over a billion Android activations now. Even 0.01% of users being tech savvy and using custom/modified ROMs or analyzing their phone more carefully would notice what's up, and then their secrecy (the most prized asset) is blown. Secrecy is a double edged sword, it protects them but also limits them. So - not feasible.

Unfortunately, post-Snowden, the intelligence agencies know two things. Firstly, their secrecy is blown. Everyone knows they spy on every person alive, all the time. Most of their secrets are now ex-secrets. There's nothing to defend anymore there. The second thing they know is that it seems people don't give a shit. There were no protests in the streets. There were no diplomatic repercussions. It went in front of Congress and got voted down. The UK didn't even get to have a vote, the government just went full Orwell and other than some angry newspaper columns jack shit happened. Time to invade Syria? Parliamentary recall. Journalists have their materials seized? Stay on vacation. Generally they learned, totalitarian surveillance ranks lower in the priority stack than whether to invade Syria or not.

The combination of these two things means they're going to get really aggressive now. Automatically MITM every SSL connection using a FISAd CA? Unthinkable before, too easily detected. Post-Snowden, why not, it's just another way to do what people already know about. Force Google to back door every Android? Why not! They already track peoples movements everywhere, including people who switch phones to try and avoid detection. They apparently have the ability to turn phones into bugs, even if they appear to be switched off. Automatic, global backdooring of every mobile device wouldn't surprise people.

In short I think we may have lost as much as we gained from Snowden's leaks. Sure, the veil of secrecy was torn down. But society failed to rise up. The secret police have won. Now they can do anything without fear, and there's literally nothing to stop them.

Comment Re:Very little utility here (Score 2) 183

Er, what? We just learned this summer that governments are sucking up EVERYTHING and storing it for god knows how long, and you think it's useless because you would need to obtain the device to read the content?

No way! At this point any kind of crypto, even the unauthenticated kind, is a good step forward.

Comment Re:now i will never fly BA (Score 1) 286

I'm very forgiving when things break. If there's a problem with my plane's engine, by all means, please take all the time you need to repair it!

But I'm not at all forgiving of poor planning, like suddenly realizing that the scheduled pilot has worked too many hours in a row and isn't allowed to fly any more that day. Or maybe noticing that the engine is due for an oil change, and delaying the flight for an hour while that's performed. Both of those are real world examples of the fun I've had with United.

Slashdot Top Deals

The first version always gets thrown away.