Washington Post's Clueless Editorial On Phone Encryption: No Backdoors, But How About A Magical 'Golden Key'?

from the golden-key-cryptography dept

The Washington Post editorial board has weighed in on the recent "controversy" over Apple and Google's smart decision to start encrypting mobile devices by default. The "controversy" itself seems pretty hyped up by law enforcement types who are either lying or clueless about the technology. Throwing a bunch of technically ignorant newspaper editors into the mix probably wasn't the wisest of decisions.

Much of the editorial engages in hand-wringing about what law enforcement is going to do when they need the info on your phone (answer: same thing they did for years before smartphones, and most of the time with smartphones as well, which is regular detective work). It even repeats the bogus use of the phrase "above the law" that FBI director James Comey bizarrely keeps repeating (hint: putting a lock on your stuff isn't making you above the law). But the real kicker is the final paragraph:

How to resolve this? A police “back door” for all smartphones is undesirable — a back door can and will be exploited by bad guys, too. However, with all their wizardry, perhaps Apple and Google could invent a kind of secure golden key they would retain and use only when a court has approved a search warrant. Ultimately, Congress could act and force the issue, but we’d rather see it resolved in law enforcement collaboration with the manufacturers and in a way that protects all three of the forces at work: technology, privacy and rule of law.

Did you get that? No "back door," but rather a "golden key." Now, I'm not sure which members of the Washington Post editorial board is engaged in mythical "golden key" cryptography studies, but to most folks who have even the slightest understanding of technology, they ought to have recognized that what they basically said is: "a back door is a bad idea, so how about creating a magic back door?" A "golden key" is a backdoor and a "backdoor" is a "golden key." The two are indistinguishable and the Post's first point is the only accurate one: it "can and will be exploited by bad guys, too." That's why Apple and Google are doing this. To protect users from bad guys.

In the meantime, just watch, and we'll start to see ignorant politicians and law enforcement start to echo this proposal as well, talking down "backdoors" and talking up "golden keys." The fact that we already had this debate in the 1990s, when the "golden key" was called "key escrow" and when having the government lose that was was fairly important in allowing the internet to become so useful, will apparently be lost on the talking heads.

Still, a small request for the Washington Post Editorial Board: before weighing in on a subject like this, where it's fairly clear that none of you have the slightest clue, perhaps try asking a security expert first?

Filed Under: backdoors, editorial board, encryption, golden key, mobile encryption, privacy, security
Companies: washington post

DailyDirt: Processors Without Borders...?

from the urls-we-dig-up dept

Now that everyone is a bit more concerned about software backdoors that the NSA might have installed everywhere, a nationalistic push towards "home-grown" hardware could pick up a little among various countries around the world. Designing custom processors and software from scratch isn't easy or cheap, but it avoids some of the angles of attack for a security break-in (though it doesn't prevent any of the social engineering tactics). Here are just a few links on processor designs that aren't coming from Intel or AMD.

• The Russian government is reportedly going to rely on computer processors made by Russian companies, instead of Intel or AMD. Three Russian companies are creating "Baikal" processors, based on ARM designs, but it's not exactly clear how much more secure the resulting computers will actually be. (ahem, software? ARM licensing?) [url]
• The Chinese supercomputer, Tianhe-2, holds the top spot as the most powerful computer, but it runs on Intel chips, not Loongson processors. China's Loongson processors might not replace Intel or AMD chips in the top supercomputers in the near future, but it could happen sooner than expected. [url]
• OpenSPARC is an open source processor design available for anyone to develop, but it's getting a little stale since the last T2 release in 2008. If you're really paranoid about security, using obscure hardware and software might be make things a bit harder for potential attackers... (did you seriously believe that?) [url]

If you'd like to read more awesome and interesting stuff, check out this unrelated (but not entirely random!) Techdirt post via StumbleUpon.

Filed Under: arm, backdoors, baikal processors, loongson, opensparc, processors, security by obscurity, supercomputers, tianhe-2, x86
Companies: amd, intel

Rep. Grayson Asks If Keith Alexander Is Selling Classified Information To Get $1 Million Per Month

from the because-what-else-are-people-buying? dept

We recently noted that former NSA boss Keith Alexander is running around asking for $600k to $1 million per month for his new "cybersecurity" consulting firm. While some people thought that the number was "low" for banks, that doesn't make any sense. You could hire a lot of really good actual security professionals for that kind of cash. So it made us wonder just what banks thought they were getting for that $1 million. Actual security professional Bruce Schneier wondered that as well, and wondered aloud if the one difference was that... Alexander could give them classified info -- such as where he hid the backdoors in their routers.

That statement apparently caught the attention of Rep. Alan Grayson, who has been a vocal opponent of NSA overreach. He's now sent a letter to the Financial Service Rountable to point out that selling classified info is a crime:

Security expert Bruce Schneier noted that this fee for Alexander's services is on its face unreasonable. "Think of how much actual security they could buy with that $600k a month. Unless he's giving them classified information." Schneier also quoted Recode.net, which headlined this news as: "For another million, I'll show you the back door we put in your router."

This arrangement with Mr. Alexander may also include additional work with the shadow regulatory firm The Promontory Group, with whom Alexander apparently will partner "on cybersecurity matters." According to Promontory spokesman Chris Winans, Mr. Alexander "and a firm he's forming will work on the technical aspects of these issues, and we on the risk-management compliance and governance elements."

Disclosing or misusing classified information for profit is, as Mr. Alexander well knows, a felony. I question how Mr. Alexander can provide any of the services he is offering unless he discloses or misuses classified information, including extremely sensitive sources and methods. Without the classified information that he acquired in his former position, he literally would have nothing to offer to you.

Grayson also demands "all information related to your negotiations with Mr. Alexander, so that Congress can verify whether or not he is selling military or cybersecurity secrets to the financial services industry for personal gain. Sure, it's a snarky move, but there is a point behind it. Alexander can't command those sums because of his actual technical expertise. The reality, of course, is that he's selling his connections to the government. But it certainly raises the question of appearances.

Filed Under: alan grayson, backdoors, bruce schneier, cybersecurity, keith alexander, nsa, surveillance

House Overwhelmingly Votes To Slam The Backdoor Shut On The NSA!

from the big-win dept

A week ago, we told you that there were plans for a very important amendment to slam the backdoor shut on the NSA's use of backdoor searches, as well as mandates for backdoors in technology. On Wednesday, we asked you to call your Representatives to support the Amendment. The story got almost no other press. And yet, last night, the amendment passed by an overwhelming majority, 293 to 123. And it was also an overwhelmingly bipartisan vote: Republicans voted for it 135 to 94, and Democrats voted for it 158 to 29. Go take a look at the vote results in the link above -- and if your Representative voted Aye, please go thank them for standing up to protect your privacy and 4th Amendment rights from the NSA. You can use the Sunlight Foundation's new Congressional email system. Separately, a huge shoutout goes to Reps. Zoe Lofgren, Thomas Massie and James Sensenbrenner for putting together this amendment in the first place. As we noted earlier this week, Sensenbrenner's support on the bill is perhaps the most striking, as it's a clear rebuke to House leadership for watering down his own USA Freedom Act.

As we stated, this amendment only fixes two specific problems. It stops the very questionable use of "backdoor searches" of information collected under the Section 702 program. This is the very questionable setup by which the NSA spies on Americans while insisting that they don't actually spy on Americans. It also blocks the NSA from mandating that any technology companies create backdoors in their software or hardware to enable wiretapping (such as the NSA forcing Skype to no longer be encrypted end-to-end).

In many ways, this is more important as a symbolic gesture than for the specifics -- but it should have a much wider impact as well. This is the first time that Congress has overwhelmingly voted to defund an NSA program. Last year's Amash Amendment came very, very close to defunding a different program (the Section 215 bulk records collection program), but by passing by an overwhelming margin, this vote is a pretty big sign that the House (on both sides of the aisle) is not happy with how the NSA has been spying on Americans. As mentioned above, it's also a big slap in the face to the White House and certain members of the House leadership who conspired to water down the USA Freedom Act a few weeks ago, stripping it of a very similar provision to block backdoor searches.

While this particular Amendment is far from a sure thing (it still needs to make it through a Senate equivalent and then the White House), it is quite important as a sign that the House really is fed up with the NSA's surveillance and how the USA Freedom Act process went. It should serve as a warning to the Senate, which is now considering its own version of the USA Freedom Act, that passing a similarly watered down version is simply not acceptable.

This is one step forward in a big process, but it is a big milestone. For the first time since the Snowden revelations began, the House overwhelmingly voted to defund some NSA practices. Once again, if you're an American, I urge you to look over the list of Aye votes, and send a thank you to those Representatives who took a stand for your privacy and against the NSA last night.

Filed Under: backdoor searches, backdoors, defense appropriations, fisa amendments act, jim sensenbrenner, nsa, section 702, surveillance, thomas massie, zoe lofgren

Stop The NSA's Backdoor: Call Congress Today To Support Key Amendment

from the speak-up-now dept

Last week, we noted that there was an effort underway to introduce an amendment for this week's Defense Appropriations bill in the House that would effectively limit some of the most nefarious aspects of the NSA's ability to spy on Americans via two different types of backdoors: (1) so-called "backdoor searches" on Americans' information collected under Section 702 of the FISA Amendments Act and (2) mandating tech companies build in backdoors to their technology for the NSA to go snooping. The Defense Appropriations bill is expected to hit the House floor sometime soon, under open rules, meaning that the amendment in question won't be blocked by the House Rules Committee, as happens on a variety of other bills.

The amendment has powerful bipartisan backing, sponsored by Reps. James Sensenbrenner, Thomas Massie and Zoe Lofgren, along with co-sponsors Reps. Conyers, Poe, Gabbard, Jordan, O’Rourke, Amash, and Holt. Having Sensenbrenner bring out this amendment is a big deal. This amendment would restore at least one aspect of the USA Freedom Act that was stripped out at the last minute under pressure from the White House. Sensenbrenner sponsoring this bill highlights that he's clearly not satisfied with how his own bill got twisted and watered down from the original, and he's still working to put back in some of the protections that were removed. Conyers is a powerful force on the other side of the aisle, whose support for the USA Freedom Act was seen by some as a signal that the bill was "okay" to vote on. Having both of them support this Amendment suggests that neither were really that satisfied with the bill and felt pressured into supporting it.

While this Amendment doesn't fix everything, it is an important chance for members of Congress to show that they really do support protecting Americans' privacy. But they need to know that. Please contact your Representative today to let them know you want them to support this amendment. The EFF and others have set up a website, ShutTheBackDoor.net, to help you contact your official. Please do so today.

Filed Under: backdoors, defense appropriations, jim sensenbrenner, john conyers, justin amash, mandates, nsa, surveillance, thomas massie, zoe lofgren

Open Letter From Security Researchers Explains How NSA Has Weakened Our Communications Infrastructure

from the read-it dept

Among the many problems with President Obama's weak statement concerning NSA surveillance was the fact that he didn't even address the serious issue of the NSA undermining cryptography with backdoors. The White House's task force had included a recommendation to end this practice, and the President appeared to ignore it entirely. Now, a large group of US computer security and cryptography researchers have sent a strongly worded open letter to the President condemning these efforts (and his failure to stop the program).

Indiscriminate collection, storage, and processing of unprecedented amounts of personal information chill free speech and invite many types of abuse, ranging from mission creep to identity theft. These are not hypothetical problems; they have occurred many times in the past. Inserting backdoors, sabotaging standards, and tapping commercial data-center links provide bad actors, foreign and domestic, opportunities to exploit the resulting vulnerabilities.

The value of society-wide surveillance in preventing terrorism is unclear, but the threat that such surveillance poses to privacy, democracy, and the US technology sector is readily apparent. Because transparency and public consent are at the core of our democracy, we call upon the US government to subject all mass-surveillance activities to public scrutiny and to resist the deployment of mass-surveillance programs in advance of sound technical and social controls. In finding a way forward, the five principles promulgated at http://reformgovernmentsurveillance.com/ provide a good starting point.

The choice is not whether to allow the NSA to spy. The choice is between a communications infrastructure that is vulnerable to attack at its core and one that, by default, is intrinsically secure for its users. Every country, including our own, must give intelligence and law-enforcement authorities the means to pursue terrorists and criminals, but we can do so without fundamentally undermining the security that enables commerce, entertainment, personal communication, and other aspects of 21st-century life. We urge the US government to reject society-wide surveillance and the subversion of security technology, to adopt state-of-the-art, privacy-preserving technology, and to ensure that new policies, guided by enunciated principles, support human rights, trustworthy commerce, and technical innovation.

That ReformGovernmentSurveillance.com site is the one launched by a bunch of the biggest internet companies, so it's good to see these researchers and technologists lining up behind that effort as well.

One of the things that's been glaring about all of the investigations and panels and research into these programs is that they almost always leave out actual technologists, and especially leave out security experts. That seems like a big weakness, and now those security researchers are speaking out anyway. At some point, the politicians backing these programs are going to have to realize that almost no one who actually understands this stuff thinks what they're doing is the right way to go about this.

Filed Under: backdoors, cryptography, nsa, security, security researchers, surveillance

What The Intelligence Community Doesn't Get: Backdoor For 'The Good Guys' Is Always A Backdoor For The 'Bad Guys' As Well

from the get-with-the-program dept

Max Eddy, over at PC Mag, has a very interesting article about the experience of Nico Sell, of the company Wickr, talking about how an FBI agent casually approached her to ask if she'd install backdoors in her software allowing the FBI to retrieve information. As the article notes, this is how the FBI (much more so than the NSA) has acted towards many tech companies ever since attempts to mandate such backdoors by law failed (though, they're still trying). Some companies -- stupidly -- agree to this, while many do not. Those that do may think they're helping fight for "good," but the reality is different. They're opening up a huge liability on themselves, should the news of the backdoors ever get out, and at the same time, they're making their own product invariably weaker. As Sell pointed out to the FBI guy, she'd seen hackers piggyback on "lawful intercept" machines and learned:

"It was very clear that a backdoor for the good guys is always a backdoor for the bad guys."

Bruce Schneier, over at the Atlantic, recently made nearly the same point in talking about the massive costs of all of this NSA surveillance (as well as talking about the near total lack of benefits). There's the cost of running these programs that are massive. There is the fact that these programs will be abused (they always are). There are the costs of destroying trust in various tech businesses (especially from foreign users and customers). But just as important is the fact that the NSA, FBI and others in the intelligence community are flat out weakening our national security by installing backdoors that malicious users can and will find and exploit:

The more we choose to eavesdrop on the Internet and other communications technologies, the less we are secure from eavesdropping by others. Our choice isn't between a digital world where the NSA can eavesdrop and one where the NSA is prevented from eavesdropping; it's between a digital world that is vulnerable to all attackers, and one that is secure for all users.

As Schneier points out, to fix this, we need to recognize that security is more important than surveillance. The surveillance apologists always claim that their goal is security. If so, they have a funny way of showing it. The "solution" they've drummed up hasn't made us any more secure... it's made us less secure.

Filed Under: backdoors, encryption, fbi, nsa, security, vulnerabilities

RSA's 'Denial' Concerning $10 Million From The NSA To Promote Broken Crypto Not Really A Denial At All

from the between-the-lines... dept

On Friday, a very big story broke on Reuters, saying that the NSA had paid RSA $10 million in order to promote Dual EC DRBG encryption as the default in its BSAFE product. It had been suspected for a few years, and more or less confirmed earlier this year, that the NSA had effectively taken over the standards process for this standard, allowing it to hide a weakness, making it significantly easier for the NSA to crack any encrypted content using it.

As plenty of people noted, the news that RSA took $10 million to promote a compromised crypto standard pretty much destroys RSA's credibility. The company, now owned by EMC, has now put out a statement in response to all of this, which some claim is the RSA denying the story. In fact, RSA itself states: "we categorically deny this allegation." But, as you read the details, that doesn't appear to be the case at all. They more or less say that they don't reveal details of contracts, so won't confirm or deny any particular contract, and that while they did promote Dual EC DRBG, and knew that the NSA was involved, they never knew that it was compromised.

In short: yes, RSA did exactly what the Reuters article claimed, but its best defense is that it didn't know that Dual EC DRBG was compromised, so they didn't take money to weaken crypto... on purpose. Even if that's what happened.

We made the decision to use Dual EC DRBG as the default in BSAFE toolkits in 2004, in the context of an industry-wide effort to develop newer, stronger methods of encryption. At that time, the NSA had a trusted role in the community-wide effort to strengthen, not weaken, encryption.

Right, but that raises questions of why RSA trusted NSA to be a good player here, rather than trying to insert compromises or backdoors into key standards.

This algorithm is only one of multiple choices available within BSAFE toolkits, and users have always been free to choose whichever one best suits their needs.

Yes, but it was the default. And, as everyone knows, a very large percentage of folks just use the default.

We continued using the algorithm as an option within BSAFE toolkits as it gained acceptance as a NIST standard and because of its value in FIPS compliance. When concern surfaced around the algorithm in 2007, we continued to rely upon NIST as the arbiter of that discussion.

Again, this doesn't make RSA look good. As has now become clear, the NSA had basically sneakily taken over the whole standardization process. RSA more or less trusting NIST without looking into the matter themselves raises questions. Especially if there was a $10 million contract that incentivized them not to dig too deeply. RSA promoted this standard as the default in BSAFE. You would hope that a company with the stature in the space like RSA would be more careful than just to rely on someone else's say so that a particular standard is secure.

RSA claiming it didn't know the standard the NSA paid them $10 million to make default was suspect is hardly convincing. Why else would the NSA suddenly pay them $10 million to promote that standard? Furthermore, it appears that news of this $10 million contract was known a bit more widely. Chris Soghoian points to an email from cypherpunk Lucky Green, from back in September, to a cryptography mailing list in which he more or less reveals the same info that Reuters reported on Friday, though without naming the company.

According to published reports that I saw, NSA/DoD pays $250M (per year?) to backdoor cryptographic implementations. I have knowledge of only one such effort. That effort involved DoD/NSA paying $10M to a leading cryptographic library provider to both implement and set as the default the obviously backdoored Dual_EC_DRBG as the default RNG.

This was $10M wasted. While this vendor may have had a dominating position in the market place before certain patents expired, by the time DoD/NSA paid the $10M, few customers used that vendor's cryptographic libraries.

While this describes the right amount, if the NSA is really spending $250 million, it's certainly possible that it has quite a few other $10 million contracts out there to promote or avoid certain other encryption standards depending on what it desires. Hopefully, some reporters are currently reaching out to all the companies on this list to see if they've got any contracts with the NSA concerning Dual EC DRBG.

Companies taking money from NSA, but claiming that they didn't realize the encryption the contract pushed them to promote was compromised, aren't going to find a very sympathetic audience outside of the NSA. The RSA's "categorical denial" here misses the point. It certainly doesn't suggest that the Reuters story was wrong -- just that the RSA was so blinded by a mere $10 million that it didn't bother to make sure the standard wasn't compromised.

Filed Under: backdoors, compromised, crypto, nist, nsa, standards, surveillance
Companies: rsa

NSA Gave RSA $10 Million To Promote Crypto It Had Purposely Weakened

from the say-bye-bye-to-credibility,-rsa dept

Earlier this year, the Snowden leaks revealed how the NSA was effectively infiltrating crypto standards efforts to take control of them and make sure that backdoors or other weaknesses were installed. Many in the crypto community reacted angrily to this, and began to rethink how they interact with the feds. However, Reuters has just dropped a bombshell into all of this, as it has revealed that not only did the NSA purposefully weaken crypto, it then paid famed crypto provider RSA $10 million to push the weakened crypto, making it a de facto standard.

Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show.

The earlier disclosures of RSA's entanglement with the NSA already had shocked some in the close-knit world of computer security experts. The company had a long history of championing privacy and security, and it played a leading role in blocking a 1990s effort by the NSA to require a special chip to enable spying on a wide range of computer and communications products.

If this is true, it represents a serious attack on RSA's credibility. While RSA, now owned by EMC, put out a statement saying that "under no circumstances does RSA design or enable any back doors in our products" Reuters sources seem to suggest something quite different. While it might not be seen as "designing or enabling" back doors, that is the effective result of this.

Reuters spoke to a number of former RSA employees, many of whom said it was a huge mistake for RSA to make this deal, showing how the company had strayed far away from its initial mission. Others suggest that the NSA basically duped the RSA on this, such that RSA agreed to the deal, without realizing they were promoting a compromised standard. That's not a totally crazy assertion, but it's not particular comforting either way. While it seems crazy to trust the NSA, for years, many people did recognize that the NSA did employ many top crypto experts, and it was believed that, rather than compromising crypto, they were helping to build stronger crypto. Yes, some were always suspicious of this, but it wasn't entirely crazy to think that a crypto standard supported by the NSA was for good reasons. Of course, it is now quite apparent that the skeptics were exactly correct all along. And RSA's agreement to take this money from the NSA and to promote compromised crypto now has to call into question pretty much all of RSA's activities.

$10 million doesn't seem like that much to make on a deal in which you effectively undermine the entire reason why anyone does business with you. As someone in the article notes, the deal was "handled by business leaders rather than pure technologists." And it shows.

Filed Under: backdoors, bsafe, crypto, nsa, surveillance
Companies: emc, rsa

Task Force Report's Langauge Hints At Backdoors In Software

from the but-of-course dept

After looking over the White House intelligence task force's proposals to reform the way the US government does surveillance, we pointed out one oddity that hinted that the NSA may have been engaged in financial manipulation. Others have been combing through the report for other hints of things it might accidentally reveal, and Ed Felten (who I still think should have led the task force) has spotted another one, in how the report discusses the issue of backdoors in software. He notes that the wording is odd in the following bit:

Upon review, however, we are unaware of any vulnerability created by the US Government in generally available commercial software that puts users at risk of criminal hackers or foreign governments decrypting their data. Moreover, it appears that in the vast majority of generally used, commercially available encryption software, there is no vulnerability , or “backdoor,” that makes it possible for the US Government or anyone else to achieve unauthorized access.

[Footnote: Any cryptographic algorithm can become exploitable if implemented incorrectly or used improperly.]

A quick read of that might suggest that the panel did not find out about any such backdoors and that the NSA told them there were no such backdoors. But Felten notes that, especially given the NSA's almost pathological need to say things that appear to imply one thing, but which can be read to state the exact opposite, if the wording came from the NSA, it may be indicating the existence of backdoors of some kind.

Turning to the text, the most interesting feature is the difference between the first and second sentences, which have parallel structure but use different language. Here’s a chart laying out the differences:

First sentence	Second sentence
unaware of any vulnerability	in vast majority … no vulnerability
vulnerability created by USG	[any vulnerability]
generally available commercial software	generally used, commercially available … software
[any software]	encryption software
puts users at risk of [non-USG exploit]	[exploitable by USG] or anyone else
decrypting data	unauthorized access

This structure leaves open the possibility that there are vulnerabilities known to and exploitable by the US Government (USG). These might fall into several categories:

• vulnerabilities created by the USG that are exploitable only with the knowledge of a cryptographic key known only to the USG. An example would be the widely suspected backdoor in the NIST pseudorandom number generator standard.
• vulnerabilities created by the USG that allow access to data by means other than decryption, for example by allowing remote access to data at rest, or by causing copies of data to be sent to NSA collection points.
• vulnerabilities in software that is not generally available, such as internally developed software used by large companies to manage their data centers.
• vulnerabilities that are in non-encryption software and were not created by the USG. These would be outside the scope of both sentences.

He goes further to note that the lack of definitions around "generally available commercial software" and "generally used, commercially available... software" leaves open a world of unanswered questions.

One wonders how the people who chose those phrases would classify critical open source software such as Linux or OpenSSL. Are these “commercial software”? Even if not “commercial software”, are they “commercially available”? I can see two possibilities here. Perhaps this is imprecise drafting by the panel who might have intended to cover all of the relevant software but, being less familiar with the technical community, might have missed this nuance. Or perhaps this is one of the NSA’s word games, meant to leave a loophole.

Some will, undoubtedly, argue that this is all nitpicking, and we should take the report at face value. However, given that nearly every time the NSA has been asked to discuss various programs, it seems to carefully parse its words in exactly this manner -- to imply one thing, while really meaning the exact opposite -- it seems that the NSA has lost the benefit of the doubt here, and it's perfectly reasonable to raise questions about what is truly meant by certain claims.

Filed Under: backdoors, ed felten, encryption, nsa, software, task force