Cryptohippie Responds to the NSA’s Attack on Encryption

cryptohippieEditor’s Note: The founder of FreemansPerspective.com, Paul Rosenberg, has spent many years trying to protect Internet users from unjustified surveillance by groups like the NSA. He is part of the team at Cryptohippie, who offer something called a Virtual Private Network (VPN). It’s a service that helps its users avoid tracking by the snoops.

However, it’s just come to light that many such “protection” services have been compromised themselves. Lest people think Cryptohippie has suffered the same fate, he’s asked us to publish a clarification on just how Cryptohippie protects its users – and indeed, what you should look for before using such a service yourself.

– Thomas Anderson
Editor, FreemansPerspective.com

——————

On September 5th, Glenn Greenwald and others revealed that the NSA was able to break the vast majority of encryption used on the Internet. You can find the story here or here, and commentary by cryptographer Bruce Schneier here.

Below, we’ll explain why you need not worry about your Cryptohippie service, but first, here is a short list of what was revealed:

  • Tech companies and Internet providers are cooperating with the NSA to break encryption everywhere. They are installing “secret vulnerabilities” and “covertly influencing product designs.”
  • Encryption for Hotmail, Google, Yahoo and Facebook is already broken.
  • Your data streams are recorded and decrypted, since the NSA (and their British counterpart, GCHQ) already have access to your secret keys.
  • These attacks involve something called key exchanges (involved in all encryption) and the subversion of certificate authorities, such as Symantec, Comodo and GoDaddy.
  • They have already broken 30 VPNs (Virtual Private Networks) and are working toward 300.
  • The NSA has capabilities against HTTPS (used to protect online shopping and banking) and voice-over-IP.
  • Encryption is still effective, if used well. As Edward Snowden said, “Properly implemented strong crypto systems are one of the few things that you can rely on.”

It appears the NSA and GCHQ are specifically targeting “certificate authority” services. These are services that verify the authenticity of cryptographic keys.

In particular, it seems that the NSA is colluding with, intimidating or subverting these companies.

Why Cryptohippie Remains Safe

None of the leaks so far have changed anything in our threat assumptions. Almost all of this has been assumed among industry professionals, and we have done a few things from the beginning to keep such problems at bay. In specific:

  1. We run our own certificate authority (CA).
  2. We separate server keys from client keys.
  3. We force clients to verify that they are talking to a server-key and that it is signed exactly by our CA.
  4. We do not allow new keys to be generated.
  5. We generate all keys with a known good generator.
  6. We only rely on static asymmetric keys for authentication, not for negotiating the session keys for content encryption. For that we use DH to generate ephemeral session keys.
  7. We use good random source on the servers (combination of hardware and software source, with a FIPS check on randomness).
  8. Because we use DH and good random sources on the server, we can assure good session keys for each connection, even if the user’s computer cannot provide good quality randomness itself.

In other words, our network remains highly secure.

Our public facing website is less secure. We have to use official CA keys there. That, however, matters very little; we don’t have any non-public data attached to that site at all.

Our mail servers have that same certificate issue, but only on the public facing side, not internally. This doesn’t affect our security either: Mails sent out of the Cryptohippie (CH) network have never been safe from the NSA, only mails that stay inside our network – to and from other Cryptohippie users.

Implications

The long-term implication of this for Cryptohippie is that we may face the day when they come knocking, or come hacking. So far, all goes well for us.

The bosses at NSA apparently see this as absolutely necessary for the survival of the United States. (The fact that it survived for 200 years prior is ignored.) One of their documents from 2007 said this:

In the future, superpowers will be made or broken based on the strength of their cryptanalytic programs. It is the price of admission for the U.S. to maintain unrestricted access to and use of cyberspace.

In other words, they are obsessed with this, and see it in the starkest possible terms. We’re not sure whether this is just rah-rah talk for the techies who work for them, or whether they really believe it (which would border on mental illness), but it is very dangerous. There’s no worse tyrant than one who believes he’s righteous.

The implications for the Internet community in general are these:

  1. Do not use a VPN unless it has its own Private Key Infrastructure.
  2. Do not trust certificate authorities.

Specifics

This may be a little technical, but we want to be clear on so serious a matter. Here’s what we see at the moment:

  1. From the data we have both from Snowden and from other sources, plus our own experience, the base algorithms are secure.
  2. The NSA is doing exactly what has been asserted among professionals for some time: subverting certain software, systems and providers, then promoting them as the ones to use.
  3. Several of the protocols used – or at least certain of their implementations – are insecure, not just by accident, but also by design.
  4. The global public key infrastructure is broken.
  5. Some key generation implementations have been tweaked to give out keys that can be cracked more easily. That has happened accidentally in the past, but the NSA seems to have done it on purpose. There are good hints as to which implementations are subverted.
  6. The NSA’s plan is to: give up on controlling crypto itself (it’s unfeasible); don’t rely on breaking algos (too expensive or not possible); subvert stuff, then push the subverted stuff; and kill stuff that isn’t subverted.
  7. The NSA has active capabilities to intrude into many connections. This requires a lot of technology, which is in place all over the world.
  8. We can still protect intergroup communications.
  9. Public communication without secure key exchange and traveling over the clearnet is broken, likely beyond repair. It’s almost impossible to roll out an alternative to x509 on a global scale.
  10. This might lead to a push for a general overhaul of the security infrastructure on the internet.

Key Authentication

Here’s what key authentication means:

To connect the owner of a key to his/her key, most systems today use a trusted third party for verification. In order to trust the verifications of these parties, you must trust three particular things:

  1. That the trusted party is acting faithfully, not deceiving, and not deceived itself.
  2. That the signature system is unbroken; that is, both the signature algorithm and the hashing used in it are secure.
  3. That the signed key is secure, that it hasn’t been leaked, and that there has not been a private key generated from the public key that has been signed.

That leads you to questions (and answers) like the following. We have omitted the complicated discussion of hashing.

Is the trusted party trustworthy? (No. Most CAs are surely not trustworthy.)

Is the trusted party competent? (Some are; others are not.)

Is the signature algorithm secure? (Yes, the signature algos are secure.)

Is the public key algorithm irreversible? (That depends on random number source. We have seen many such attacks in the past few years.)

Is the private key secret? (Clearly many secret keys are being sold to the NSA, or stolen.)

Key exchange is only secure if you can answer “yes” to ALL of the above questions. Clearly, we can’t, in most cases today. The math is generally good, but the implementations and organizations are not.

Paul Rosenberg
FreemansPerspective.com

The NSA’s Secret War Against Online Privacy Seekers

nsa surveillance privacyIf you haven’t seen this yet, I’m sorry to drop it on you:

On September 5th, Glenn Greenwald and others revealed the extent of the NSA’s destruction of privacy – not just the privacy of people who are oblivious to the situation, but that of privacy seekers as well. You can find the story here or here, and commentary by a legitimate expert here.

Here’s What Was Revealed

  • The biggest tech companies and Internet providers are cooperating with the NSA (which may be why they’re big) to break encryption everywhere. They are installing “secret vulnerabilities” and “covertly influencing product designs.”
  • Encryption for Hotmail, Google, Yahoo and Facebook is already broken. Others as well.
  • Your data streams are recorded and decrypted, since the NSA (and their British counterpart, GCHQ) already have access to your secret keys.
  • These attacks involve something called key exchanges (involved in all encryption) and the subversion of certificate authorities, such as Symantec, Comodo and GoDaddy.
  • They have already broken 30 Virtual Private Network systems and are working toward 300.*
  • Greenwald and others report that in the NSA documents, ordinary Internet customers are referred to as “adversaries.”
  • The NSA has capabilities against “HTTPS, voice-over-IP… [which are] used to protect online shopping and banking.”
  • However, it can be said that encryption is still effective, if used well. As Edward Snowden said, “Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.”

What This Means to You

If you hadn’t taken this seriously or were content to let others keep you safe, now’s the time to wake up and act. You have to protect yourself. No one is going to step in and do it for you. Magic hackers will NOT ride in to your rescue.

You must either learn to handle your own security, seriously, or pay for a top-notch service. If you go cut-rate, you’re just paying for the NSA to spy on you.

I may be preaching to the choir here, but don’t even try to pretend that the government will fix this – they are the people who are doing it – and they love the power. And don’t pretend that the military will step in either – the NSA is part of the military.

We’re all perps now. If all Internet users are “adversaries,” do you really think anyone is safe?

What This Means to Us All

Forget about the US Constitution; it’s a non-factor now. This is just the latest example of people who are drunk on power and don’t care about the principles on which this country was founded.

The NSA and the entire US/UK “security” apparatus is a gigantic drunken beast. The operators are arrogant and untouchable. Their bosses have openly lied to Congress, with no consequences. Do you really think they will remain angels? (Did you ever really think they were?)

The reality is, the system is beyond broken, no matter what kind of happy talk you hear on TV.

Make no mistake, this is the eye of Sauron. It is the empowerment of arrogance and power… and ultimately of death. You might think me dramatic but history doesn’t lie: Surveillance kills.

Once they have your communications, they have your thoughts. They are currently analyzing those thoughts and have already begun to quietly manipulate them. That is, if you choose to let them. Yes, it is your choice.

Be aware of the danger, take it seriously and become the kind of person you want to be… not the one they want to manipulate you into becoming.

[Ed. Note. An important paid report… yours today for free: How Surveillance Destroys Us (and what we can do to stop it).]

While the various program specifics of government surveillance have been well covered, Paul Rosenberg has come up with a brilliant perspective different from anything else we’ve seen.

In this important report, he talks about the (often subtle) psychological effects that non-stop surveillance has on us as living, breathing and thinking human beings.

Specifically, he sheds light on how governments routinely use surveillance to quietly manipulate us into doing what they want without question. That may sound crazy but the evidence doesn’t lie. And it’s all out there in plain sight for those who choose to see it.

This is traditionally a paid members-only benefit, but for a limited time, we’ll make it available to anyone who wants it. Click here to grab your copy.]

* The service I am associated with, Cryptohippie, is unaffected by this. Like other professional services, we operate our own public key infrastructure, without outsourcing trust and control to a third party, like an unaccountable Certificate Authority. We use Perfect Forward Security cipher suites, which prevent communication from being decrypted after the fact, or when keys are lost. We will be publishing a detailed explanation of why Cryptohippie remains safe for our customers, and we’ll ask FreemansPerspective.com to post it as well.

Paul Rosenberg
FreemansPerspective.com

Personal and Online Privacy: If you have nothing to hide, why do you care?

Personal and Online Privacy: If you have nothing to hide, why do you care?We’ve all heard the insulting, tyrannical cliché about privacy: If you have nothing to hide, why do you care?

The comeback, if not that it would fall on deaf ears, should be this: Because I value myself.

The real value of privacy is not because it allows us to hide things, it’s that privacy allows us to develop independently – according to our own natures.

In other words, privacy is an essential tool for personal development.

Privacy is a positive good, not merely a tool for hiding things.

Deconstructing the Cliché

Before we get to the core of this issue, we really should deconstruct this dirty slogan we opened with. Consider the implications of the words if you have nothing to hide:

  • First of all, it is an accusation and an insult, implying that you are engaging in evil.
  • Secondly, it is a threat to turn you in to the authorities.
  • Thirdly, it implies that the entity you are hiding from is supremely righteous and morally superior.

Fundamentally, this slogan is a weapon. It is used to intimidate and confuse you; to force you to bow down to authority; to be as cowardly and compliant as the person using it.

The users of such slogans are angry that you are showing them up in courage. They want you to be in the center of the enforcer’s gun-sites, just like they are.

Now, as to the party that these people think we shouldn’t be hiding from… do they mean governments? If so, they are slandering themselves, since they almost certainly complain about governments endlessly.

The idea that a government is somehow morally superior to us is ridiculous. By any objective standard they are far worse than an average working guy. Pretending that our overlords are righteous is a superstition of the basest kind.

Privacy and Self-Development

Let me start with a quote from a French author whose name escapes me at the moment:

Everything from without informs man that he is nothing. All within tells him that he is everything.

It so happens that one of the better psychologists of our time is a friend of mine. He says that up to half of what we are, we owe to the previous choices we’ve made. (The other factors being heredity and environment.) But, whatever the numbers, choice is the only factor we can do anything about

The truth is that our choices form us. They make us what we are.

What we are next year will be a reflection of the choices we make today. But, choices that are imposed on us from outside – edicts, intimidations, fears, manipulations – work against our healthy development.

People wouldn’t go through the work of imposing choices if those people would make the same choices naturally. Only if you want people to choose against nature do you try to push them in a particular direction.

So, the pre-packaged choices that are thrust upon us daily are not working in our interests, they are working in someone else’s interests. Are we really to think that such choices are best for us?

To develop ourselves healthfully, we must develop ourselves by ourselves, without outside pressures.

The less we are able to choose freely, the less we are really ourselves, and the more we become what other people want us to be.

The positive value of privacy is that it stands between us and manipulative outside forces.

Privacy allows us to grow according to our own natures, not according to the demands of a collective.

Privacy is a tool for becoming what we authentically are.

The Hedge of Anonymity

Anonymity allows us to develop our interactions with the outside world in healthy ways, rather than in manipulated ways.

We have all been intimidated by fear of what others might say. This has stopped us from doing and saying many things, and that wasn’t good for us. Intimidation is clearly an enemy. Anonymity protects us from this enemy by removing any way for consequences to come back to us.

Anonymity allows people to put their ideas into a public square while insulated from shame. So what if some of those thoughts are not good? Once spoken in the public square, they can be tried, analyzed and improved. It is profitable for us that this should occur more, rather than less.

Forget the stories of anonymous people being nasty – those comprise a tiny fraction of the whole and are used for the sake of fear and manipulation. (Humans massively over-respond to fear.)

If You Have Nothing To Hide…

I hide things because I wish to develop in my own way, not in the ways that manipulators wish me to develop. Anyone who says that this is wrong is also telling me that I was born to be a slave.

Only those things that are reliably private are protected from the modern world’s ambient environment of intimidation. It is in those environments that we can develop in our own ways, without obstruction and opposition.

Conditions of privacy or anonymity are almost the only conditions that allow for healthy development.

I think we can all agree that prayer has long been used in personal development. So perhaps Jesus had some of this in mind when he said:

When you pray, go into your room and shut the door and pray to your Father who is in secret.

But if the sloganeers are right, Jesus was a bad man, hiding his evil deeds from morally superior overlords. They would have slapped him with their nasty little slogan, just like they do us:

So, Jesus, why do you need to pray in secret, if you have nothing to hide?

Paul Rosenberg
FreemansPerspective.com

Credit: This article was inspired by a paper circulating in the darknet called The Treasure of Privacy.

[“Personal and Online Privacy: If you have nothing to hide, why do you care?” was originally published on LewRockwell.com]