Why We’ll Win

win

A free, post-scarcity world will not be prevented by archaic systems scratching and clawing to retain their domination. We will evolve freely, unburdened by an unfortunate past. This will happen, and today I’m going to tell you why.

But more than that, I want you to understand that we deserve to win, and that the future – the world of our children, grandchildren, and so on – very much needs us to win. Our culture stands for – and supports in action – the things that make life thrive on Earth.

Let me make this point very clear:

We believe in the Golden Rule… as in actually believe in it, all the time. Our culture takes it seriously and acts like it’s the only healthy way to live.

The easiest and most gutless life is to follow the crowd. What makes the world better, on the other hand, is to live by what’s right. Making unpopular choices – developing and trading crypto, homeschooling your children, ignoring brain-locked regulators, pursuing unapproved cures, changing religions where it’s forbidden, pursuing what is disliked by the powers that be – these things require strength of character and dedication to real principles.

Regardless of our occasional stupidities and errors, our way of life clearly deserves to win.

How We’ll Win

“To change something,” said Buckminster Fuller, “build a new model and make the old obsolete.” And we’ve been building a new model considerably more than we may realize.

A new model is precisely how the personal computer came to be and how the Internet came to be. Regardless that computers and the Internet have been recaptured by the status quo, the model remains and has also spawned encryption and Bitcoin, technologies that are ephemeral and a lot harder to conquer.

Moreover, the cryptosphere is growing tremendously. When I started pursuing such things back in the 1990s, there were very few of us, and far between. Now I run into crypto advocates in grocery stores, not to mention in general business circles.

Likewise there are dozens of VPN providers these days. When we started Cryptohippie, few people outside of technical circles had any idea of what we were selling.

Furthermore, there are tens of thousands of people working to develop, improve, and spread cryptocurrencies every day, often at their own expense and with considerable uncertainty. Because they believe in them. Because they believe they’re building a better world.

Homeschooling makes another fine example. When I started my involvement, parents had recently been arrested for homeschooling in the US. We had to get busy supporting a legal defense fund. Now there are a few million homeschooled kids in the US alone, and everyone knows that homeschooling produces excellent results.

We’ll win by doing these things, followed by others like them. Little by little, step by step, planting seed after seed, we’re moving toward our goal faster than we’ve appreciated.

Once human action of these types account for enough of our activities, it’ll be almost unstoppable, and the legacy system will begin shrinking. We can expect screaming, threats, and even bloodshed from the obsolete system, but over time it will give up its operations piece by piece.

This isn’t to say that our new systems will be immaculate, but they’ll be far better than the Bronze Age relics that currently dominate mankind.

And if Not…

If, for whatever reason, we fail to continue what we’ve begun, our new civilization still wins in the end. For one thing, human evolution continues. We are notably better than we were a few thousand years ago – qualitatively better – and we’ll be still better in the future.

More immediately than that, however, the next cycling of rulership will finish the job for us. As we covered back in FMP #18, civilizations always cycle. They always have and almost certainly always will, until violence-backed hierarchy ends. When the next cycle comes along, it will do so in a rich technological environment. Because technology does not cycle. Rather, it accretes… it builds up.

So, once the present hierarchies break up and vanish for a few hundred years, tech will be free to come out and play. We’ll be free to reorganize in innovative new ways. Things simply will not be rebuilt according to the same old model. That’s how history works.

But while it’s nice to know that the insanity will pass one way or another, I think all of us would like it to be sooner rather than later. For our own sakes and certainly for those of our offspring, time is important. And so we need to believe in what we’re doing and to do it with vigor.

“The fashion of the present world,” says the Bible, “is passing away.” Let’s help it along.

* * * * *

As it turns out, history was never too hard to understand; they just told you the wrong story.

Comments from readers:

“This is the most amazing little book I have read on history in 36 years of reading history.”

“It will change the way you look at nearly everything.”

“I will flat out say that this is the best history book I have ever read… I am fairly well read, but I learned a tremendous amount that I hadn’t known before or hadn’t aligned so that it made sense.”

“This is the best and clearest description of the history of Western civilization I have ever read.”

“Packed with insights on every page concerning how the world came to be the way it is and what we might expect in the future.”

Get it at Amazon or on Kindle.

* * * * *

Paul Rosenberg
www.freemansperspective.com

The Discovery of Terra Nova by the Cypherpunks

Cypherpunks

Ten years ago the cypherpunks were almost entirely forgotten. But now – and quite shockingly to those of us who were involved – cypherpunks are cool again. More than that, the discoveries of the cypherpunks are starting to change the world in a serious way.

That being so, I’d like to briefly recap what the cypherpunks discovered, because what these people found was a new world… a “terra nova.”

Land Ho

Our new territory was created by a combination of the internet and encryption. The internet gave us unlimited community, and encryption became our “city walls,” allowing us to separate ourselves from the rest of the world.

The first cypherpunks, being clever lads, began using the internet and encryption because they were interesting and fun. Shortly, however, they realized that they were actually building a terra nova and were instantly confronted with a huge question: How should we arrange our new world? That cranked everything into high gear.

I didn’t know this passage from Tom Paine’s Common Sense (1776) at the time, but it captures the astonishing thought that sprang from the discovery of terra nova:

We have it in our power to begin the world over again.

The First Crypto War

Not all was sweetness and light, however. Encryption was considered a munition, and exporting it was highly illegal. But it was easy to see that public key encryption (actually key exchange, published by Diffie and Hellman in 1976) was the perfect technology for the internet… and the internet was not limited to the USA.

So, a group of the clever lads hatched a plan in 1991: They’d write a nice little encryption program and send it around the world. An anti-nuke advocate named Philip Zimmerman drove the project but everyone involved wanted to avoid the jail sentence that would come from exporting their new program. They did have one trick available to them, however: the First Amendment.

So, they took the program, called Pretty Good Privacy, or PGP, and printed it as a book. And since books are protected speech, they pushed copies of the book into envelopes and mailed them to friends in Europe. Once on the far side of the Atlantic, the books were keyed back into computers and turned back into a program… and then distributed everywhere.

Zimmerman very nearly went to jail (based upon an upload to a BBS system), but the world received strong encryption.

Encryption Plus Commerce = “Oh My…”

Once you begin exchanging encrypted messages with friends, one of the next ideas to cross your mind is, Gee, some kind of electronic currency would be really nice to go with this. (David Chaum, for example, began working on digital cash after he invented cryptographic mixes back in 1981.) And once you start imagining encrypted commerce, you quickly realize just how radical this technology can be.

One by one this thought dawned upon us all. I wasn’t among the very first to grasp it, but by the mid-1990s I was struck by it as well. In a continuing education course I conducted for Iowa State University, I wrote this:

Another huge thing in years ahead will be electronic cash for Internet commerce. Electronic cash can be transferred on-line instantly, inexpensively (almost free), and, if encrypted, privately. Think about this for a minute – it will change the world.

“The Universe Favors Encryption”

The awesome power of encryption is not something that is instantly grasped.

The quote above is from Julian Assange (also a cypherpunk), and it’s quite true. Encryption, after all, is merely applied math, and math is built into the structure of the universe.

Now, to illustrate just how strongly the universe favors encryption, please consider this:

It is roughly 2100 (2 to the 100th power) times harder to decrypt a message than it is to encrypt it (unless you have the key).

Engineers debate this number of course, but it’s clearly in that range.  Here it is precisely:

1,267,650,600,228,229,401,496,703,205,376

So, when people like Satoshi Nakamoto, creator of Bitcoin, talk about an arms race between cypherpunks and old-world power, don’t simply assume that the old way will win((You should also know that post-quantum encryption already exists and is being incorporated into leading edge systems.)).

Many Other Pieces

But while the cypherpunks dropped off the radar for a couple of decades, they still produced things like BitTorrent, The Onion Router network (aka Tor, or the darknet), I2P (an even better darknet), a variety of digital cash systems, privacy systems (including the first commercial VPNs), and even commercial tools like digital escrows and dispute resolution.

The big, new cypherpunk creations, however, everyone knows: WikiLeaks and Bitcoin. I’ve explained WikiLeaks before and we have a report on Bitcoin, so I’ll leave those aside for today. But suffice it to say that a cypherpunk world has been building for some time and may form much further in the years ahead.

Is That a Good Thing?

A Planet Cypherpunk would be a radically different place from our current Planet Status Quo, and that scares some people very badly.

That fear isn’t rational of course. The ancient world is very happily long gone. We live better and behave better. The rational choice, then, is to keep that progress going, and that necessarily includes change, including radical new adaptations.

Status quo systems, however, major on fear. That’s the secret ingredient that keeps their game together. And so “right-thinking” moderns have been trained to fear anything new. That’s not rational, but it makes people feel safe.

But rather than conducting a further discourse on why Planet Cypherpunk would be better than Planet Status Quo, I’ll simply leave you with the conclusion of one of the very first cypherpunk documents: Timothy C. May’s Crypto Anarchist Manifesto, published in November 1992:

Arise, you have nothing to lose but your barbed wire fences!

* * * * *

A book that generates comments like these, from actual readers, might be worth your time:

  • I just finished reading The Breaking Dawn and found it to be one of the most thought-provoking, amazing books I have ever read… It will be hard to read another book now that I’ve read this book… I want everyone to read it.
  • Such a tour de force, so many ideas. And I am amazed at the courage to write such a book, that challenges so many people’s conceptions.
  • There were so many points where it was hard to read, I was so choked up.
  • Holy moly! I was familiar with most of the themes presented in A Lodging of Wayfaring Men, but I am still trying to wrap my head around the concepts you presented at the end of this one.

Get it at Amazon ($18.95) or on Kindle: ($5.99)

TheBreakingDawn

* * * * *

Paul Rosenberg
www.freemansperspective.com

The Problem with the Crypto Debate

CryptoDebate

There have been some important public debates about cryptography recently, and, unfortunately, the loudest voices have understood the problem the least. So, I’m very pleased to post a paper on the subject by someone who understands the fundamental issue: my associate at Cryptohippie, Jonathan Logan.

If you have any interest in this subject, please give this paper your time. And if you know others who are interested in the debate, please send them the link.

Thanks.

 

Introduction

A battle is underway about the limits of cryptography. On the one side are people who want to break into iPhones, tap into conversations and decrypt our backups. On the other side are those who want to prevent the government from mass intrusions but accept targeted attacks. And then there are those who take a so-called “extremist” position that government shouldn’t be allowed to undertake even targeted attacks on cryptographic systems.

This isn’t the first time this battle has been fought, and it won’t be the last. But it’s our turn to fight it right now. And we had better fight it well.

I will begin by admitting that I am an ‘extremist’ in this debate. If my wishes came true, no government or any other uninvited third party would be able to break cryptographic protections.

This is not the first time I’ve been involved in this battle. My job involves designing, writing and deploying cryptographic services.

I wrote my first PGP-encrypted email in 1991 or 1992, I’ve been using OTR since 2005 and all my Internet access has been routed through VPNs since 2000. (Yes…. that early.) I never access the Internet unencrypted, out of principle. I’ve been using Tor since its earliest days, have been surfing Freenet and run I2P eepsites.

If you have no idea what these terms mean, please don’t worry; I’m just mentioning them to emphasize that I am very much in favor of the daily use of good cryptography. I won’t use most of these terms again.

So, while I am a crypto extremist myself, honesty compels me to point how wrongly the “pro-cryptography” side in the current debate has made their case.

The State of the Debate

If you search the arguments made in favor of strong cryptography and against government “backdoors,” you’ll come up with a collection of statements that are uncharitable and shallow.

Proponents of crypto accuse politicians of not understanding technology or cryptography, of wanting to fatally undermine the security of digital systems, or to implement a global surveillance grid without checks and balances. The picture drawn is that the operation of cryptographic systems is binary – they either work completely or not at all… that anybody suggesting a middle ground is stupid.

Yes, politicians are often stupid and uninformed. That’s why people who know better must actually argue in ways that are truthful, well informed and balanced.

Educating the people who will be on the business end of new government regulations must be more than emotional whitewash. If you don’t trust your fellow humans to make good decisions, based on good information, your arguments will quickly degrade into bullying.

The point I hope to bring home in the remainder of this paper is this:

This debate should not be about cryptography. Rather, it should be about government’s regulatory powers.

Let me state this clearly:

A debate about encrypted smartphones is the same as a debate about police breaking into your home and throwing you in jail for private actions.

We cannot have our cake and eat it too. We cannot have government regulate the private actions of people we don’t like and still retain freedom for our own private actions.

You cannot be anti-crypto and at the same time defend freedom of expression, not without contradicting yourself. A strong position against cryptography requires totalitarianism beyond what existed in the Soviet Union.

Crypto Is Math and Speech

Let’s get to the core of this: Cryptographic software uses cryptographic algorithms, and algorithms are simply math.

  • Math has no concept of working one way in one case and another way in another case.

  • Math does not care if an evil or a good person is using it.

  • Math doesn’t care about legislation.

Math is objective and absolute – it works the same way in every case, no matter what the law books say. There cannot be a cryptographic algorithm that works one way for the FBI and another way for the KGB.

For crypto to work, the only difference between users is the key – a secret that each user generates. The ability to decrypt a message relies on the key being known. If you have it, you can decrypt the message; if you don’t, you can’t.

Poorly executed cryptography aside((I’m presuming here that our algorithms are without error, that our assumptions about certain mathematical principles is true and complete, and that our implementations are correct.)), cryptography that the FBI can break can be broken by anyone else who expends the same resources. Weak cryptography is weak for everybody. Math does not care about citizenship.

Anybody in this debate must take the above to heart. It all centers on the keys, the secrets. The fundamental question of any crypto regulation is this:

Are we allowed to keep our secrets to ourselves? May we have private thoughts and actions?

A fundamental thing to notice is that as long as someone writes cryptographic software, there will be messages that law enforcement can’t decrypt. And that brings us to two more fundamental questions:

Are we free to choose how to implement (in software) our ideas?

Are we free to choose which ideas (again, in software) we will use?

Regulating encryption means regulating our secrets, and that dictates the limits of both free choice and free expression. Let that sit for a second. These aren’t geek questions, these are fundamental human questions:

  • Can someone forbid us from having secrets?

  • Can someone forbid us from creating products as we see fit?

  • Can someone forbid us from buying the products we want?

If you are pro-cryptography, then you must answer all the above with “no.” Otherwise you can’t defend it. If you are anti-crypto, then you must say “yes,” otherwise you’ll never be able to enforce your anti-crypto regulations.

Software is nothing but ideas expressed in a language, making this an issue of speech:

  • Can we be forced to say something that we do not want to say?

  • Can we be forced to keep quiet?

  • Is censorship okay?

To constrain cryptography is to constrain speech and is to answer these questions “yes,” affirming that we should be forced to speak or be quiet.

How Crypto Regulation Is Possible…

There are two naive ways to regulate cryptography. The quickest is to create laws that force people to reveal their passwords or keys when ordered by a judge. These are known as key disclosure laws. Should the person refuse, they are punished. There are three major problems with this approach.

  • First, it undermines the right to remain silent and not to self-incriminate.

  • Second, it only works if you get your hands on a living culprit.

  • Third, the person may simply refuse and accept the sentence.

Note that this is not what anti-cryptography people want. They want access to the encrypted messages and content NO MATTER WHAT. Dead or alive, no torture required.

The second naive approach is to demand that all encryption products use algorithms that are easily broken by law enforcement. This, however, requires that software is written to the order of legislators and regulators.((And thus to the order of people who donate to their campaigns as well.)) And that comes at the cost of security: Weak cryptography is weak for everybody. If you don’t want an evil government to decrypt your secrets, don’t allow your “good” government to enforce weak cryptography.

… Without Breaking the Digital Economy

A much less naive regulation is called “key escrow.” With this approach, the secrets (cryptographic keys) are put into the hands of one or more trusted parties who will reveal those secrets only if legally compelled.

Key escrow is rarely mentioned in these debates. It has a bad history because it was used in the first version of the battle over cryptography (in the ’80s and ’90s). Pro-cryptography people usually treat this approach as “weak cryptography” and lump them together, but that’s a crucial mistake – it distracts us from what we are fighting for and against, and it allows the anti-cryptography crowd to assemble legislation, technology and public support.

It’s necessary to be clear on this: Key escrow is NOT weak crypto, in the sense that it is built with weak algorithms. Instead it’s a sharing of our cryptographic keys – our secrets – with third parties picked by someone else.

That third party can then combine our key with an intercepted message (or stored files) to reveal the contents.

Since the state of the art for encrypted communication is deniable (you cannot prove beyond reasonable doubt who encrypted a message) and with perfect forward security (a key only works in decrypting the messages within a small time range) it is possible to selectively decrypt communication and not be able to undermine the integrity of information systems after the fact.

Correctly implemented, key escrow would only impact past messages, and only those that have been intercepted by other means.

Of course this is less secure than systems without key escrow. Instead of only the actual participants in the communication, there would be one more participant… and one not chosen by the participants.

Instead of one other party to private speech, there would always be two other parties to it. Instead of X people in a group chat, it would always be X+1.

This introduces new problems:

  1. The additional party would hold a lot of keys. That creates a very juicy target for attackers, potentially harming millions of people with a single breach.

  2. There are jurisdictional differences between nations. Access to escrowed keys would involve different legal procedures in different places.

  3. Technical issues and unreliable communication links can prevent keys from making it into escrow.

  4. The system must know exactly whom to give the keys to: it must authenticate the key escrow parties.

Each of these problems can be solved to some extent, resulting in a secure system that wouldn’t allow mass surveillance. The question with key escrow is not whether it will be as secure as non-escrowed encryption (it cannot), but whether it will be secure enough.

In other words, this is not a technical debate; these are decisions that a society must make. And for that, people must be informed and aware of the tradeoffs.

To reduce the issue of having huge caches of keys amassed in some government cellar – which could undermine the whole society with a single leak – there are other things that could be done:

  1. Instead of one facility holding everyone’s data, have many facilities that hold the data of a few people only. This could, for example, be a service offered by lawyers, notaries, banks or consumer protection organizations. They would then be obliged to challenge court orders against the keys of their clients, increasing the likelihood that access to the keys actually adheres to the law.

  2. Instead of directly escrowing the keys with one party, the key could instead be shared with several parties so that a minimum number of those parties has to come together and cooperate to actually reveal the key. These schemes are known as “secret sharing” and would render the subversion of just a few key escrow caches ineffective.

  3. If key escrow caches are designed only for infrequent access to escrowed keys, it would be mandatory to set them up behind data diodes. This means that a message could be sent into the facility, but there would be no way to get data out of it except for a physical visit.

  4. Escrowed keys sent to the facilities must follow the same cryptographic standards as the data they are meant to protect. In other words, all communication to data facilities must be authenticated and be perfectly forward secure, so that intrusions would have limited impacts

  5. Jurisdictional differences could be solved by setting up independent key escrow systems in each country. Keys could also be escrowed with different agencies. For example, the key escrow for a phone’s internal storage would depend on where the phone was located. For messages, the location of both sender and recipient would determine who gets the escrow keys.

An additional variation could be that keys are shared not only between external data caches, but that part of the key would be stored on the device itself. In this case, three conditions would have to be met for law enforcement to be able to access messages or storage:

  1. Access to the device that did the encryption.

  2. Interception of the message in question or access to the encrypted storage.

  3. N out of M key escrows must cooperate.

Implementing and operating such a key escrow system, however, would be a major task, and government IT projects are known to have a prodigious failure rate.

So, key escrow is complex, expensive and far from perfect. But depending on a society’s decision on tradeoffs, it would be possible to set up a key escrow system that would be secure enough and reliable enough for most scenarios.

Here, then, lies the danger:

Bypassing the fundamental issues of freedom of speech, choice and the right to have secrets, people who defend cryptography are easily painted into corners as unrealistic radicals.

We must engage with these possibilities and put the debate into down-to-earth, understandable terms. People must see the tradeoffs regarding personal privacy and not be distracted by confusing, technical arguments.

Software Censorship

Regulating cryptography comes with a fundamental obstacle: How can people be forced to follow the regulations?

Regulations are never created with the assumption that they will be perfectly adhered to. Rather, they always authorize punishments for those who do not obey.

Sadly, an enforcement method for cryptographic regulation already exists. Smartphones and tablets are already the most commonly used devices to access the Internet, not general purpose computers. Apple, Google and Microsoft (and a few minor players) control the software pipeline from which users select their Apps. Smartphones and tablets allow for nothing else. You can’t run just any program on such devices – it must come through the aforementioned Apple, Google or Microsoft.

Thus it would be relatively easy for the US government to create laws that:

  1. Make it illegal to develop and distribute software that does not follow government rules on cryptography.

  2. Criminalize cryptography software that does not adhere to government rules.

  3. Mandate platform providers (Google, Apple, Microsoft) to remove software that violates government rules.

Since most people don’t know how to install software on their phones, except from the manufacturer’s appstore, they would be prevented from using “illegal” cryptography.

Cryptography outside of government limits would become a black market and a target of intelligence agencies, who would poison that black market by introducing compromised crypto products.

At that point governments would have re-conquered cryptography… all except for a new class of “criminals. ”

Is this possible, or even likely? Yes, it is. Similar things have been done with drugs, guns and gold, all of which have been subjected to effective schemes of suppression and confiscation.

Surely some activists will protest and will continue to use “illegal cryptography,” but how many will be willing to go for jail for it?

While it’s fairly easy for a software manufacturer to move to a jurisdiction that does not regulate cryptography… and while it is certain that illegal cryptography will still be developed and distributed… there remain two serious problems with that hope:

  1. Control over ‘platforms’ will be the key to controlling software distribution. The decrease of general purpose computing will limit the market substantially, probably enough to achieve regulators’ goals.

  2. Proposals for secure key escrow will keep many producers from having to take a stand. Cowardice and convenience will win if people don’t care enough.

So, please, don’t say that the regulation of cryptography is impossible or stupid. It is possible, and it demands a serious response from us.

Conclusion

Calling our opponents technologically inept detours us from clarity on the issues. Rather, we must understand that there are politically feasible ways to regulate cryptography.

If we hope to win this new crypto war, we must make it about the true, fundamental question:

Is it okay that we are forced to act in certain ways, even in private?

Either we have the right to act as we wish in private, or we don’t.

We need to take a principled stand on liberty in all its facets – even towards people and behaviors with which we disagree… either that or slide back to tyranny.

Obama was right when he said that we should not be “fetishizing [the privacy of] our phones above every other value,” making them a special case in the debate over civil liberties.

Indeed, our phones shouldn’t be special. The questions raised here apply to the whole of our lives: to our phones and tablets as much as to our private papers, opinions and actions – digital or not.

Our private lives are off-limits to law enforcement. Period.

 

* * * * *

If you’ve enjoyed Free-Man’s Perspective or A Lodging of Wayfaring Men, you’re going to love Paul Rosenberg’s new novel, The Breaking Dawn.

It begins with an attack that crashes the investment markets, brings down economic systems, and divides the world. One part is dominated by mass surveillance and massive data systems: clean cities and empty minds… where everything is assured and everything is ordered. The other part is abandoned, without services, with limited communications, and shoved 50 years behind the times… but where human minds are left to find their own bearings.

You may never look at life the same way again.

Get it now at Amazon ($18.95) or on Kindle: ($5.99)

* * * * *

TheBreakingDawn

Cryptohippie Responds to the NSA’s Attack on Encryption

cryptohippieEditor’s Note: The founder of FreemansPerspective.com, Paul Rosenberg, has spent many years trying to protect Internet users from unjustified surveillance by groups like the NSA. He is part of the team at Cryptohippie, who offer something called a Virtual Private Network (VPN). It’s a service that helps its users avoid tracking by the snoops.

However, it’s just come to light that many such “protection” services have been compromised themselves. Lest people think Cryptohippie has suffered the same fate, he’s asked us to publish a clarification on just how Cryptohippie protects its users – and indeed, what you should look for before using such a service yourself.

– Thomas Anderson
Editor, FreemansPerspective.com

——————

On September 5th, Glenn Greenwald and others revealed that the NSA was able to break the vast majority of encryption used on the Internet. You can find the story here or here, and commentary by cryptographer Bruce Schneier here.

Below, we’ll explain why you need not worry about your Cryptohippie service, but first, here is a short list of what was revealed:

  • Tech companies and Internet providers are cooperating with the NSA to break encryption everywhere. They are installing “secret vulnerabilities” and “covertly influencing product designs.”
  • Encryption for Hotmail, Google, Yahoo and Facebook is already broken.
  • Your data streams are recorded and decrypted, since the NSA (and their British counterpart, GCHQ) already have access to your secret keys.
  • These attacks involve something called key exchanges (involved in all encryption) and the subversion of certificate authorities, such as Symantec, Comodo and GoDaddy.
  • They have already broken 30 VPNs (Virtual Private Networks) and are working toward 300.
  • The NSA has capabilities against HTTPS (used to protect online shopping and banking) and voice-over-IP.
  • Encryption is still effective, if used well. As Edward Snowden said, “Properly implemented strong crypto systems are one of the few things that you can rely on.”

It appears the NSA and GCHQ are specifically targeting “certificate authority” services. These are services that verify the authenticity of cryptographic keys.

In particular, it seems that the NSA is colluding with, intimidating or subverting these companies.

Why Cryptohippie Remains Safe

None of the leaks so far have changed anything in our threat assumptions. Almost all of this has been assumed among industry professionals, and we have done a few things from the beginning to keep such problems at bay. In specific:

  1. We run our own certificate authority (CA).
  2. We separate server keys from client keys.
  3. We force clients to verify that they are talking to a server-key and that it is signed exactly by our CA.
  4. We do not allow new keys to be generated.
  5. We generate all keys with a known good generator.
  6. We only rely on static asymmetric keys for authentication, not for negotiating the session keys for content encryption. For that we use DH to generate ephemeral session keys.
  7. We use good random source on the servers (combination of hardware and software source, with a FIPS check on randomness).
  8. Because we use DH and good random sources on the server, we can assure good session keys for each connection, even if the user’s computer cannot provide good quality randomness itself.

In other words, our network remains highly secure.

Our public facing website is less secure. We have to use official CA keys there. That, however, matters very little; we don’t have any non-public data attached to that site at all.

Our mail servers have that same certificate issue, but only on the public facing side, not internally. This doesn’t affect our security either: Mails sent out of the Cryptohippie (CH) network have never been safe from the NSA, only mails that stay inside our network – to and from other Cryptohippie users.

Implications

The long-term implication of this for Cryptohippie is that we may face the day when they come knocking, or come hacking. So far, all goes well for us.

The bosses at NSA apparently see this as absolutely necessary for the survival of the United States. (The fact that it survived for 200 years prior is ignored.) One of their documents from 2007 said this:

In the future, superpowers will be made or broken based on the strength of their cryptanalytic programs. It is the price of admission for the U.S. to maintain unrestricted access to and use of cyberspace.

In other words, they are obsessed with this, and see it in the starkest possible terms. We’re not sure whether this is just rah-rah talk for the techies who work for them, or whether they really believe it (which would border on mental illness), but it is very dangerous. There’s no worse tyrant than one who believes he’s righteous.

The implications for the Internet community in general are these:

  1. Do not use a VPN unless it has its own Private Key Infrastructure.
  2. Do not trust certificate authorities.

Specifics

This may be a little technical, but we want to be clear on so serious a matter. Here’s what we see at the moment:

  1. From the data we have both from Snowden and from other sources, plus our own experience, the base algorithms are secure.
  2. The NSA is doing exactly what has been asserted among professionals for some time: subverting certain software, systems and providers, then promoting them as the ones to use.
  3. Several of the protocols used – or at least certain of their implementations – are insecure, not just by accident, but also by design.
  4. The global public key infrastructure is broken.
  5. Some key generation implementations have been tweaked to give out keys that can be cracked more easily. That has happened accidentally in the past, but the NSA seems to have done it on purpose. There are good hints as to which implementations are subverted.
  6. The NSA’s plan is to: give up on controlling crypto itself (it’s unfeasible); don’t rely on breaking algos (too expensive or not possible); subvert stuff, then push the subverted stuff; and kill stuff that isn’t subverted.
  7. The NSA has active capabilities to intrude into many connections. This requires a lot of technology, which is in place all over the world.
  8. We can still protect intergroup communications.
  9. Public communication without secure key exchange and traveling over the clearnet is broken, likely beyond repair. It’s almost impossible to roll out an alternative to x509 on a global scale.
  10. This might lead to a push for a general overhaul of the security infrastructure on the internet.

Key Authentication

Here’s what key authentication means:

To connect the owner of a key to his/her key, most systems today use a trusted third party for verification. In order to trust the verifications of these parties, you must trust three particular things:

  1. That the trusted party is acting faithfully, not deceiving, and not deceived itself.
  2. That the signature system is unbroken; that is, both the signature algorithm and the hashing used in it are secure.
  3. That the signed key is secure, that it hasn’t been leaked, and that there has not been a private key generated from the public key that has been signed.

That leads you to questions (and answers) like the following. We have omitted the complicated discussion of hashing.

Is the trusted party trustworthy? (No. Most CAs are surely not trustworthy.)

Is the trusted party competent? (Some are; others are not.)

Is the signature algorithm secure? (Yes, the signature algos are secure.)

Is the public key algorithm irreversible? (That depends on random number source. We have seen many such attacks in the past few years.)

Is the private key secret? (Clearly many secret keys are being sold to the NSA, or stolen.)

Key exchange is only secure if you can answer “yes” to ALL of the above questions. Clearly, we can’t, in most cases today. The math is generally good, but the implementations and organizations are not.

Paul Rosenberg
FreemansPerspective.com

The NSA’s Secret War Against Online Privacy Seekers

nsa surveillance privacyIf you haven’t seen this yet, I’m sorry to drop it on you:

On September 5th, Glenn Greenwald and others revealed the extent of the NSA’s destruction of privacy – not just the privacy of people who are oblivious to the situation, but that of privacy seekers as well. You can find the story here or here, and commentary by a legitimate expert here.

Here’s What Was Revealed

  • The biggest tech companies and Internet providers are cooperating with the NSA (which may be why they’re big) to break encryption everywhere. They are installing “secret vulnerabilities” and “covertly influencing product designs.”
  • Encryption for Hotmail, Google, Yahoo and Facebook is already broken. Others as well.
  • Your data streams are recorded and decrypted, since the NSA (and their British counterpart, GCHQ) already have access to your secret keys.
  • These attacks involve something called key exchanges (involved in all encryption) and the subversion of certificate authorities, such as Symantec, Comodo and GoDaddy.
  • They have already broken 30 Virtual Private Network systems and are working toward 300.*
  • Greenwald and others report that in the NSA documents, ordinary Internet customers are referred to as “adversaries.”
  • The NSA has capabilities against “HTTPS, voice-over-IP… [which are] used to protect online shopping and banking.”
  • However, it can be said that encryption is still effective, if used well. As Edward Snowden said, “Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.”

What This Means to You

If you hadn’t taken this seriously or were content to let others keep you safe, now’s the time to wake up and act. You have to protect yourself. No one is going to step in and do it for you. Magic hackers will NOT ride in to your rescue.

You must either learn to handle your own security, seriously, or pay for a top-notch service. If you go cut-rate, you’re just paying for the NSA to spy on you.

I may be preaching to the choir here, but don’t even try to pretend that the government will fix this – they are the people who are doing it – and they love the power. And don’t pretend that the military will step in either – the NSA is part of the military.

We’re all perps now. If all Internet users are “adversaries,” do you really think anyone is safe?

What This Means to Us All

Forget about the US Constitution; it’s a non-factor now. This is just the latest example of people who are drunk on power and don’t care about the principles on which this country was founded.

The NSA and the entire US/UK “security” apparatus is a gigantic drunken beast. The operators are arrogant and untouchable. Their bosses have openly lied to Congress, with no consequences. Do you really think they will remain angels? (Did you ever really think they were?)

The reality is, the system is beyond broken, no matter what kind of happy talk you hear on TV.

Make no mistake, this is the eye of Sauron. It is the empowerment of arrogance and power… and ultimately of death. You might think me dramatic but history doesn’t lie: Surveillance kills.

Once they have your communications, they have your thoughts. They are currently analyzing those thoughts and have already begun to quietly manipulate them. That is, if you choose to let them. Yes, it is your choice.

Be aware of the danger, take it seriously and become the kind of person you want to be… not the one they want to manipulate you into becoming.

[Ed. Note. An important paid report… yours today for free: How Surveillance Destroys Us (and what we can do to stop it).]

While the various program specifics of government surveillance have been well covered, Paul Rosenberg has come up with a brilliant perspective different from anything else we’ve seen.

In this important report, he talks about the (often subtle) psychological effects that non-stop surveillance has on us as living, breathing and thinking human beings.

Specifically, he sheds light on how governments routinely use surveillance to quietly manipulate us into doing what they want without question. That may sound crazy but the evidence doesn’t lie. And it’s all out there in plain sight for those who choose to see it.

This is traditionally a paid members-only benefit, but for a limited time, we’ll make it available to anyone who wants it. Click here to grab your copy.]

* The service I am associated with, Cryptohippie, is unaffected by this. Like other professional services, we operate our own public key infrastructure, without outsourcing trust and control to a third party, like an unaccountable Certificate Authority. We use Perfect Forward Security cipher suites, which prevent communication from being decrypted after the fact, or when keys are lost. We will be publishing a detailed explanation of why Cryptohippie remains safe for our customers, and we’ll ask FreemansPerspective.com to post it as well.

Paul Rosenberg
FreemansPerspective.com

The Cure For Surveillance Capitalism

Now that people are gaining some understanding of Surveillance Capitalism, I’d like to explain how we can – and can’t – protect ourselves from it.

Surveillance Capitalism functions on volume: The more data they have on you, the more valuable each piece of data becomes. What your watchers really need is the correlation between What and Who. Once they have that, all the other pieces – when, how much, in response to what and so on – are easy to put together. That’s when they can sell or trade that information profitably. And so you have some idea of just how profitably, consider that Google (Alphabet) took in $162 billion in 2019.

Remember, these people have access to almost everything you send over the Internet. Anything you send without protection becomes theirs – every email, web site visit, chat and wifi login – and the more they gather, then more money they make.

To make things worse, Google gives free tools to web developers. Using them makes the developer’s job easier, but it also redirects the information that goes through all those sites right back to Google. If you run Firefox or Brave with the NoScript extension (and I highly recommend that you do), you’ll see this almost every time you look.

And let’s be clear about one thing: Surveillance Capitalists wouldn’t fight for your information unless they meant to use it in ways you wouldn’t.

Back in 2009, Google’s boss bragged that he knew what you’d be doing on Tuesday morning, and sadly he wasn’t lying. It has become worse every year since.

The Exits

Surveillance is a real-life Matrix. The very model of the Internet over the past fifteen years – the “forever free stuff” model – is Surveillance Capitalism incarnate. Everything has been rigged against the sanctity of your identity and your personal information. Stealing and using your data is the only way most of these businesses can make money.

So, since a Matrix can’t allow its victims an easy escape, we can more or less forget about some new law saving us. Laws are passed only if political donors will be protected, and surveillance capitalists are among the biggest donors. Laws that gut their business model will not be permitted. Perhaps a few small steps will be made, but you’re never going to influence Senator X better than Facebook or Google.

The first way to escape, then, is simply to not give them data. And that means either avoiding the Internet altogether, or finding ways to avoid the correlation between What and Who. And we do that with systems that look like this:

What you’re seeing here are cryptographically secure mixes. Internet signals (from Persons A, B, C and D) run through two or more random cascades, making identity very difficult to track. What is separated from Who.

Doing this well requires at least two “hops” in separate jurisdictions, so that correlation stays ahead of professional surveillors.

Now I’m going to give you a list of things you want for separating your What from your Who. This is tech jargon, so don’t worry about it until you need to ask questions about anonymity systems. Then pull out this list and ask if they have each item:

  • A jurisdictionally aware network.
  • Anonymous authentication.
  • Their own DNS server
  • Their own key infrastructure.

Encryption Isn’t Enough

Encryption seems to be on everyone’s lips these days, and while encryption is a wonderful and essential technology, it doesn’t separate What from Who. If your Internet traffic isn’t anonymized, surveillance still blows through it. It boils down to this:

  • Encrypted means only that your message can’t be read. It can still be seen. Anyone can learn who you speak to, when, and for how long.
  • Anonymity means that no one knows who is speaking to whom.

So then, you need both encryption and anonymity. Otherwise the people who buy data sets from Microsoft, Google, Apple, Amazon, Facebook and Twitter will still know everything essential about you: Which sibling you communicate with most often, which vacation you’re interested in, which co-worker you’re closest to and so on, without much limit.

Now you know.