-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Simon, thanks for your reply - I wonder if you would be able to run one of the workshops on the day? Perhaps you could do one about password managers or tor?
Also, we have lots of linux experts as always, which is great, but anyone has knowledge of mac and iphone windows etc implementations of GPG / OTR etc, that would be really vital. I mean, we can just look it up etc, but it would be good to find some people with first hand experience :)
Best
Anna
On 08/09/13 18:43, Simon Ward wrote:
David Bolton david@nucleon.co.uk wrote:
Hi Anna (& list)
Unfortunately, I'm not sure that a cryptoparty quite cuts it any more, in this post-Snowden world. It all feels a little too "last year".
I don't think Snowden changes our cryptographic capabilities. That we now know states are spying on citizens (as if we didn't suspect it before anyway) doesn't change the state of cryptography or cryptanalysis. It is more likely give people a bigger incentive to invest more time in improving cryptography, and in turn cryptanalysts will invest more time into breaking it.
None of the Snowden stuff suggests states are actually breaking modern ciphers, and I think it unlikely that they are when they are used sensibly. What we see, and have being seeing since ancient times, is that the main cause of weakness in any encryption scheme is human error. We do things like repeating phrases, reusing keys, or not being as random as we should be. This is what we should be looking at improving.
A lot of people are hyping "new things" such as: elliptic curve ciphers, which don't significantly increase security in real terms, but do allow us to encipher more efficiently; and quantum cryptography, which in theory could attain perfect secrecy, but in practise the implementations are expensive and have vulnerabilities that belie that assumption.
The tools are evolving faster than our ability to use them. While we should continue research in the ongoing battle between cryptography and cryptanalysis, we need to address the human error.
Besides, what would we teach people?
A lot of people still don't understand the need for cryptography, we need to make them aware of the reasons to use it. They may think it's a waste of time, or they might like the idea. At least they'll be making a more informed choice.
Unfortunately, people appealed by the use of cryptography often end up not using it at all because they perceive it as being too difficult. We should show them how to use it, help them up the steep part of the learning curve. Once you're setup it becomes easier.
Tell people about the different tools available: OpenPGP, TLS, SSH and Tor to start with. Talk about the OpenPGP web of trust, get some key-signing going. If we get some CACert notaries along, get people started with CACert.
Oh, I almost forgot, tell people about password managers. Show that they are actually easy to use. No more same easy-to-remember passwords shared across different sites please! With a password manager you can have a unique, long, random password for every different login (assuming the lack of silly restrictions). Further, because you use it all of the time, a longer and more complicated master password can me more easily memorised.
Tell people about the FreedomBox. This isn't necessarily about cryptography, but it's a good place to introduce the idea of control over your own data and moving away from centralised services. For people sufficiently far along with this, talk about running your own DNS, mail, IM, etc and their options for security.
Probably getting too advanced, but I'd like to disabuse people of the notion that IPsec is only useful for VPNs; that it can be used to secure all host to host communication. Introduce DNSSEC, DANE, SSHFP, and others. I don't know of any implementations so far, but it might be worth mentioning STEED, intended to be a mostly transparent email encryption scheme.
As the various articles have revealed, actually using PGP/GPG is simply a flag to the spooks to monitor you even more closely.
Help make encryption the norm. Give people who don't think they need encryption generally the incentive to use it anyway. When they do need encryption there is no flag because the majority of data is encrypted anyway. Even unauthenticated encryption, which is by definition not secure, raises the barrier against passive snooping.
Personally, I don't really trust any of the PGP versions released this century
I wouldn't trust it either. It's proprietary for one (although Zimmerman may have released the source for early versions, I don't think Symantec have).
Even Phil Zimmerman no longer uses PGP - as he stated in this interview last month: http://www.forbes.com/sites/parmyolson/2013/08/09/e-mails-big-privacy-proble...
He said he no longer uses it because it doesn't work for him, not that email encryption is a bad idea. Maybe he should invest the small amount of time needed to get GnuPG working on his Mac? I think he is wrong to only use encryption when he requires it; encryption should be the default.
GPG might be more secure, but I've not messed with it since last year, when I found that the key generation module in GPG4Win wasn't working properly.
Did you report that?
In any case, if you're using Windows how do you assure yourself that the OS isn't defeating your encryption for you? At least with free software, even if I don't audit every bit of code myself, I can have some level of assurance that backdoors are less likely: free software developers are less likely to intentionally introduce backdoors because they might be called out on it, and other people probably have looked at the code.
We've known for a while that SSL can't be trusted on mobile browsers - as the telecoms providers perform a man-in-the-middle decrypt/re-encrypt on the stream (ostensibly so they can squeeze graphics to speed up page
loading - but we now know who else gets to see the "temporary" plaintext).
The SSL problems on mobile platforms are mainly implementation deficiencies, and the MitM would be improbable on a good implementation if the operator's certificate is not in the trusted certificate store.
If you don't want to have the phone company MitM you, don't use their OS. Get a phone out of contract, preferably one you can replace the OS (e.g. replace Android with Replicant) if necessary, or at least be able to remove all of the spyware and crapware.
And the latest revelations show that VPNs can be cracked, if the spooks really want to look inside.
I could even see TOR being rendered useless soon - as fewer exit nodes can be trusted (many will already be run by government agencies - the others are going to be raided one-by-one using whatever bogey-man excuse works best under the laws of the resident's country). The recent botnet surge on TOR is probably a sign of the end-times: http://arstechnica.com/security/2013/09/sudden-spike-of-tor-users-likely-cau...
Make sure you always use end-to-end encryption, especially when using Tor. Run some Tor nodes yourself. Encourage others to do so too. Remember that it is necessary to monitor both entry and exit communications if there is no leakage outside of the Tor network.
Simon _______________________________________________ Manchester mailing list Manchester@lists.fsfe.org https://lists.fsfe.org/mailman/listinfo/manchester