Security – Page 2

Somewhat dumb credit card region lock

Visa has a neat feature where you can determine in which regions the card can be used. In my case, it’s “internet”, “Sweden”, “Nordic countries”, “Europe”, “North and central America”, “South America”, “Africa”, “Asia”, “Oceania”. You can set these through the credit card app (mine is from Volvo, of course).

So I disabled all regions except “Internet” and “Sweden”, planning on enabling other regions when I travel.

Today I got a message from Netflix that they couldn’t charge my card. No explanation why. I called the card issuer and after some digging they explained to me that since I disabled “Europe”, Netflix got refused. Turns out that Netflix charges from region “Europe”, not “Internet”. More specifically from The Netherlands. Once I reenabled “Europe”, the charge went through.

Now, there are several problems with this. First of all, an internet based service like Netflix should be in the region “Internet”. Secondly, if it isn’t in “Internet”, they should at the very least tell us from which region they charge. I had no idea Netflix charges from The Netherlands. How could I? It’s not reasonable to expect us to check with the card issuer every time this happens, and have them go dig through logs (took them 10 minutes to find, so it wasn’t trivial).

Worst of all, this kind of thing implies that you’d better open up a lot of regions you’re not travelling to, since you don’t know from which regions different internet based companies do their charging.

Having the card processor issue meaningful error messages, not just “sorry we failed”, would definitely help a lot, too.

Horrible little law

Feinstein-Burr senate bill, it’s getting crazier by the day:

No, this slippery little act says that when a company or person gets a court order asking for encrypted emails or files to be handed over and decrypted, compliance is the law.

How compliance actually happens isn’t specified. They don’t care how user security was broken (or if it were nonexistent), and the senators are making it clear that from now on, this isn’t their problem.

Being a werewolf

Very interesting game with implications for understanding of secure protocols and compromise detection.

Enemy number one

The US gov is quickly turning into corporate threat number one:

Apple has long suspected that servers it ordered from the traditional supply chain were intercepted during shipping, with additional chips and firmware added to them by unknown third parties in order to make them vulnerable to infiltration, according to a person familiar with the matter.

If this is really the case, if the US govt is tapping servers like this at any significant scale, then having Apple implementing encryption end-to-end in most of their products must mean that the govt is losing a hell of a lot more data catches than just the data they could get with a warrant.

The ability to recover data with a warrant is then just a marginal thing. The real problem is that their illegal taps stop working. Which means that the FBI case is a sham on a deeper level than it appears. The real panic is then about the server compromises failing.

And, of course, the end-to-end encryption with no keys server-side is also the solution for Apple. Implants in the servers then have relatively little impact, at least on their customers. The server-to-client communications (SSL) would be compromised, but not the content of the messages inside.

If the govt loses this battle, which I’m pretty sure they will, the next frontier must be the client devices. Not just targeted client devices, which can already be compromised in hardware and software, but we’re talking massive compromises of *all* devices. Having modifications in the chips and firmware of every device coming off the production lines. Anything less than this would mean “going dark” as seen from the pathological viewpoint of the government.

Interestingly, Apple has always tended to try to own their primary technologies, for all kinds of reasons. This is one reason more. As they’re practically the only company in a position to achieve that, to own their designs, their foundries, their assembly lines, with the right technology they could become the only trustworthy vendor of client devices in the world. No, they don’t own their foundries or assembly lines yet, but they could.

If this threat becomes real, or maybe is real already, a whole new set of technologies are needed to verify the integrity of designs, chips, boards, packaging, and software. That in itself will change the market significantly.

The opportunity of taking the high road to protect their customers against all evildoers, including their own governments, *and* finding themselves in almost a monopoly situation when it comes to privacy at the same time, is breathtaking. So breathtaking, in fact, that it would, in extremis, make a move of the whole corporation out of the US to some island somewhere not seem so farfetched at all. Almost reasonable, in fact.

Apple could become the first corporate state. They would need an army, though.

As a PS… maybe someone could calculate the cost to the USA of all this happening?

Even the briefest of cost/benefit calculations as seen from the government’s viewpoint leads one to the conclusion that the leadership of Apple is the most vulnerable target. There is now every incentive for the government to have them replaced by more government-friendly people.

I can think of: smear campaigns, “accidents”, and even buying up of a majority share in Apple through strawmen and have another board elected.

Number one, defending against smear campaigns, could partly explain the proactive “coming out” of Tim Cook.

After having come to the conclusion that the US govt has a definite interest in decapitating Apple, one has to realize this will only work if the culture of resistance to the government is limited to the very top. If eliminating Tim Cook would lead to an organisation more amenable to the wishes of the government.

From this, it’s easy to see that Apple needs to ensure that this culture of resistance, this culture of fighting for privacy, is pervasive in the organisation. Only if they can make that happen, and make it clear to outsiders that it is pervasive, only then will it become unlikely that the government will try, one way or the other, to get Tim Cook replaced.

Interestingly, only the last week, a number of important but unnamed engineers at Apple have talked to news organisations, telling them that they’d rather quit than help enforce any court orders against Apple in this dispute. This coordinated leak makes a lot more sense to me now. It’s a message that makes clear that replacing Tim Cook, or even the whole executive gang, may not get the govt what it wants, anyway.

I’m sure Apple is internally making as sure as it possibly can that the leadership cadre is all on the same page. And that the government gets to realize that before they do something stupid (again).

Protonmail

Protonmail, a secure mail system, is now up and running for public use. I’ve just opened an account and it looks just like any other webmail to the user. Assuming everything is correctly implemented as they describe, it will ensure your email contents are encrypted end-to-end. It will also make traffic analysis of metadata much more difficult. In particular, at least when they have enough users, it will be difficult for someone monitoring the external traffic to infer who is talking to whom and build social graphs from that. Not impossible, mind you, but much more difficult.

If you want to really hide who you’re talking to, use the Tor Browser to sign up and don’t enter a real “recovery email” address (it’s optional), and then never connect to Protonmail except through Tor. Not even once. Also, never tell anyone what your Protonmail address is over any communication medium that can be linked to you, never even once. Which, of course, makes it really hard to tell others how to find you. So even though Protonmail solves the key distribution problem, you now have an address distribution problem in its place.

But even if you don’t go the whole way and meticulously hide your identity through Tor, it’s still a very large step forwards in privacy.

And last, but certainly not least, it’s not a US or UK based business. It’s Swiss.

John Oliver on the Apple/FBI thing

If you for some reason missed John Oliver’s explanation of the Apple vs FBI thing, do watch it now.

The FBI in full Honecker mode

Consider this:

Obama: cryptographers who don’t believe in magic ponies are “fetishists,” “absolutists”

…and even worse, this:

Surprise! NSA data will soon routinely be used for domestic policing that has nothing to do with terrorism

Let’s consider this for a bit. In particular the “going dark” idea. The idea that cryptography makes the governments of the world lose access to a kind of information they always had access to. That idea is plain wrong for the most part, since they never had access to this stuff.

Yes, some private information used to be accessible with warrants, such as contents of landline phone calls and letters in the mail, the paper kind that took forever to get through. But there never was much private information in those. We didn’t confide much in letters and phone calls.

But the major part of the information we carry around on our phones were never within reach of the government. Most of what we have there didn’t even exist back then, like huge amounts of photographs, and in particular dick pics. We didn’t do those before. Most of what we write in SMS and other messaging such as Twitter and even Facebook, was only communicated in person before. We didn’t write down stuff like that at all. Seriously, sit down and go through your phone right now, then think about how much of that you ever persisted anywhere only 10 or 15 years ago. Not much, right? It would have been completely unthinkable to have the government record all our private conversations back then, just to be able to plow through them in case they got a warrant at some future point in time.

So, what the government is trying to do under the guise of “not going dark” is shine a light where they never before had the opportunity or the right to shine a light, right into our most private conversations. The equivalence would be if they simply had put cameras and microphones into all our living spaces to monitor everything we do and say. That wasn’t acceptable then. And it shouldn’t be acceptable now, when the phone has become that private living space.

If they get to do this, there is only one space left for privacy, your thoughts. How long until the government will claim that space as well? It may very well become technically feasible in the not too distant future.

Privacy shield…

Completely worthless. Same pig, different name. We can’t trust the EU.

5 things you need to know about the EU-US Privacy Shield agreement | Macworld

Finally, a sensible paper leaked

White House officials have backed away from seeking a legislative fix to deal with the rise of encryption on communication devices, and they are even weighing whether to publicly reject a law requiring firms to be able to unlock their customers’ smartphones and apps under court order.

The whole paper, written on a typewriter and then scanned, can be found here. It’s really disturbing when you read a leaked secret paper from the NSC that actually makes sense and that you can agree with. What’s the world coming to?

The beginning of the end of the DNS

Or how the insanely stupid anti-piracy lobby will screw us all.

Many of us saw this coming a long while back. Letting the **AA-holes misuse the DNS system for their censoring inevitably leads to the rise of a parallel DNS system. Yes, we already have the darknet for (other) illegal purposes, but this brings the darknet principle into the mainstream in a big way.

“The censorship is easy to bypass, by simply changing your name server, so we decided to practice what we preach and offer such a service to all those affected by the problem,”

And…

“The Pirate Party’s DNS has added benefits though, as it supports additional Top Level Domains including .geek or .pirate, and the Namecoin based .bit.”

It’s easy to see that this unregulated DNS system will quickly overlay existing domains with alternatives, either accidentally or intentionally. Phishing and DNS MITM attacks will be of an entirely new caliber. The actual “bankofamerica.com” will lead to a phisher.

(My prediction for what happens then: with https becoming enforced, the **AA-holes will take control of who can have a cert, leading to the pirates providing new CA roots for users, leading to even the bankofamerica.com phisher having extended certs… hey ho, there we go.)

Any safeguards built into DNS clients will be switched off by the users wanting to get the “uncensored” internet.

Can you imagine how hard it will be to convince users to responsibly switch between the public DNS and their respective alternate DNS systems depending on what they’re doing? If there even was any OSs that supported such domain-dependent switching to begin with.

Even if Microsoft, Apple, and Google would want to implement a dual (triple?) DNS client in their systems, the **AA-holes will certainly fight even that, since it would “enable piracy”.

No, I don’t blame the Norwegian Pirate Party for setting this up. I blame the anti-piracy lobby, and the politicians that take their money, for creating the “need” for these destructive designs. Can’t anyone stop them?