Encryption and the .gov: Just follow the Constitution

[Temetka]

Linked from ArsTechnica:

http://arstechnica.com/tech-policy/2015 ... stitution/

Personally, I am for heavier encryption - not weaker algorithms or backdoor access. Every wall I can put between me and various TAO like groups/projects is a good thing. The only reason they really want this type of state is to track every person in real time. Period. They can take that data, mine it, model it, and so on. It's going to be hard closing Pandora's box, but I think it can be done.

Discuss.

[tarvoke]

my "actual-job" is "forensic security". i.e. the very definition of ill-defined. there was no formal training, no degree. it's all follow your nose and continually make better armor vs arms. it will not end.

I think there are several different topics here.

I don't believe in making it illegal to ship heavy encryption. I do believe that allowing "law" backdoors is not only bad on principle, but the obvious result is someone else will be able to use it as a vector.

even stuff in the open eye can turn weird and problematic (cf. shellshock more than 20 years old. and yet never exploited until very recently.)

I'm hopeful this not-yet-MITRE http://seclists.org/oss-sec/2015/q2/335 may allow my underpriced-by-business-model spamazon devices to be rooted. at the same time, this kind of thing scares the hell out of me.

smartphones in general should scare the hell out of sane people. unrooted/unrootable devices, yet still operating at root level with your most basic personal identity? not cool.

[Temetka]

I like your viewpoint.

I got my degree in information security and this is a topic I follow very closely.

I couldn't agree with you more on the topic of smart phones. Although I love my Note 4 for the utility it provides me, I live with zero illusion that anything on it is "secure." Not even the Knox container. Which on my phone is disabled because I rooted it a few weeks after I got it. I don't store anything on it besides some work related excel sheets. I do have it encrypted though using lollipop's encryption.

That being said, I do hope more companies come out with devices like the BlackPhone. But flip the coin yet again and we have to ask, without access to the code - can it be trusted? Not just the OS mind you, but the baseband and modem as well. We all know it will be a cold day in hell before the carriers allow that to happen. Which again begs the basic question of why? Are they hiding something nefarious? Or perhaps they are just trying to keep people from messing with low level code so they don't somehow screw up the cell network. Without transparency in our "smart" devices, we can never really trust them. Or the companies who produce them, or the governments as well.

Going back to encryption, I'd love a phone with it's encryption stored on chip and not on a cloud server somewhere. There is a company working on that, I forget their name at the moment.

Hmm, when to google it and apparently Motorola is working on a solution as well:

http://www.cnet.com/news/the-most-secur ... rld-maybe/

Still can't find the original article though.

[tarvoke]

I like your viewpoint too.

arms.
will.
always.
win.
over.
armor.
...
eventually.

I have literally zero clue what can be trusted. physical access, maybe. not. which, again, hilarious!!! given I make that **** up large-scale for a living.
you would laugh out loud at the sort of rules/conditions I make up to prevent ****.
extra-hilarity: I am literally the joker working for US DoD making this **** up. hi, NSA! why, yes, I am too busy writing BS code for you, to even contemplate adding backdoors for you. sorry!

hypervisor theory? IPMI/lights-out? GSM "security"? sure, make something new for thieves to break into and own.

I love being able to wipe the TPM on a cheap chromebox that now runs chrubuntu. every X-series Thinkpad I own, has fingerprint scanners with easily-breakable TPM nonsense. (ugh let's not even get into the fingerprint == username+password foolishness...)

[tarvoke]

ugh my self-involvement managed to slide past the whole baseband/modem thing you mentioned.
no matter if you have a phone with CM or whatever shiny OS, you are still:
SO.
SCREWED.

[Temetka]

Yup.

That's why I specifically mentioned the baseband and not the OS.

Makes me really curious what the full capabilities of Stingrays are. I'm thinking re-write the baseband of targeted device on the fly, no reboot required. Or it might force a reboot and 99% of all users wouldn't even notice. Or they'd think "hmm, that's odd" and carry on.

I don't want to disclose my full background, but let's just say it includes network operations for the Navy back in the 90's. Man the crypto guys had great gear then. I only shudder to think about what they have now. Let alone the actual spooks.

But all I can do is scream silently in the night.

[tarvoke]

That's why I specifically mentioned the baseband and not the OS.

ohhhhhhh, good lord.

Makes me really curious what the full capabilities of Stingrays are.

good.
lord.

those things.

those.
things.

the OS is badly-written junk. the radio/modem blob is even worse.

except it mostly-works. did I mention the words "SO SCREWED"? ok, good.

we've built our own using openBTS, for other non-screwing-people reasons. the USN paid for it. the Navy are pretty much the cleverest most straightforward people you could ever hope to deal with. the spooks are about the exact opposite.

"hmm, that's odd" and carry on.

yep. 99.999% of us, all-day, every-day.