[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: "I Write Mass Surveillance Software"

To: or-talk@xxxxxxxxxxxxx
Subject: Re: "I Write Mass Surveillance Software"
From: Gregory Maxwell <gmaxwell@xxxxxxxxx>
Date: Wed, 16 Sep 2009 17:26:31 -0400
Cc: or-talk@xxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 16 Sep 2009 17:26:34 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=Ab2c516msc4/U6tfLQXrOH87IzMCqR6TwbIoNgsR1uI=; b=uVwUrzLGv35H7GDakh+QoZnfIc7G1/rj2SPmzOd/PiohZBY1SDLzP/0QBjq3vHCaSW P0MkoYXiFNDLX38QieifXEPR4ApEAP1/XY8oFJnYRv+HNAiStu7hCJSxumLxo6uMLQSs pFl0EyXrYoxBjJaD1o9QjFyAw9aI3LXmjoLG4=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=hfpV//YSYRbKv4CFPtgRdXc2hJ8Ce0A9EaLZIMN2z069/K6cfkTuVV2opuzCXm9BFv LWIOxFAuG+o9vQILzao+Aw5Lgo5x9yAYKcAKJtwY+gTfvILsQ+BwLs26vfbRzJzPQ0of 92T3fGVohSnK4gfbDbUxaqQnu/Gej4TOaeizQ=
In-reply-to: <dfae87ff0909161401h32c7d7f8o3617d63a4f5e0f39@xxxxxxxxxxxxxx>
References: <dfae87ff0909161401h32c7d7f8o3617d63a4f5e0f39@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On Wed, Sep 16, 2009 at 5:01 PM, Rich Jones <rich@xxxxxxxxxxx> wrote:
> http://www.reddit.com/r/IAmA/comments/9kwph/i_am_a_guy_who_writes_covert_software_that_runs/
> Thoughts?
>
> also, I realized that two of the posts I've made this this list have now
> been reddit-related. Sorry about that. But I'd really like to know what you
> all make of this. He doesn't give very many specifics, unfortunately. What
> do you think his 'sidestepping' is?

The hostility on reddit is odd and unfortunate.

The obvious sidestepping is MITM-ing connections for users then shove
manipulated binaries at them which disable encryption, leak key
material, or intercept keystrokes  ... or simply perform degradation
attacks, either forcing protocols to less secure modes, or simply
blocking or massively slowing secure connections to make the user
switch to something insecure.

These have the enormous downside of being detectable active attacks.
Not something you could afford to apply frequently against general
public unless you were willing to tip off your primary target that you
were watching.  Then again— with ISPs like comcast injecting RST
packets, would a degradation attack be distinguishable?

Less obvious sidestepping would include things like simply monitoring
the remote side with the expectation that they won't be as prudent
with security as your primary target.

Black-helicopter mode sidestepping would be having pre-arranged back
doors in popular operating systems or client software.

References:
- "I Write Mass Surveillance Software"
  - From: Rich Jones

Prev by Author: Re: Why you need balls of steel to operate a Tor exit node
Next by Author: Re: Tor server "nami" taken by the German Police
Previous by thread: "I Write Mass Surveillance Software"
Next by thread: Re: "I Write Mass Surveillance Software"
Index(es):
- Author
- Thread