We are developing the social individualist meta-context for the future. From the very serious to the extremely frivolous... lets see what is on the mind of the Samizdata people.

Samizdata, derived from Samizdat /n. - a system of clandestine publication of banned literature in the USSR [Russ.,= self-publishing house]

Interesting developments on the privacy front…

Two coms companies, Lavabit and Silent Circle, are working to make e-mail rather harder for the likes of the NSA to snoop on.

I would be interested to hear from our more tech savvy readers what they think of the proposals when they get more details.

16 comments to Interesting developments on the privacy front…

  • Tedd

    Perry:

    I’m sure much more tech-savvy people that me will comment. But I was interested to see that darkmail is designed to be peer to peer. At the time of the Napster decision I felt that the real tragedy was the damage it did to the development of peer-to-peer technology. We’re probably years behind where we would have been if the courts had told the RIAA to get stuffed.

    Probably, it’s a case of the technology being too far ahead of society. I don’t imagine many people in the 90s were thinking in terms of whether the internet would evolve toward distributed, peer-to-peer networks or toward centralized, service-controlled networks like Facebook or Google Docs. But now that we’ve gone down the latter path for a while, and more people are starting to understand its disadvantages, perhaps there’s an opportunity to change course.

  • Bruce Hoult

    Yup, absolutely no details to evaluate yet.

    I’m not sure you’re going to be able to make it impossible to figure out who an intercepted email is to. It’s got to have some kind of address or routing instructions! You can have an an anonymous dropbox, but then someone centralized has to know who is allowed to check it, their IP can be traced etc.

    There’s no problem making the from, subject, date etc encrypted if you want to.

  • Bruce Holt writes:

    There’s no problem making the from, subject, date etc encrypted if you want to.

    This after quite correctly pointing out that one cannot hide the destination unless one broadcasts to the world.

    A close equivalence is the use of HF radio during WW2, and its interception, particularly by the British. The sender and intended recipient are indeed hidden. Though clearly the date and time of the transmission are not hidden.

    However, there is a weakness in Bruce’s analysis. A sender may well encrypt his/her sender information, but there is the equivalence of direction finding. All IP traffic comes from somewhere. If TCP is used, there is verified information on the IP address of the IP source. On the logical first step of transmission, this will be the message originator. [TCP is a higher layer protocol over IP, the basic internet protocol. It provides acknowledgement of receipt and automatic retransmission requests, through knowledge of the IP source address, which carried in each packet.]

    If the simpler UDP higher-level protocol is used on top of IP, with false IP source address information, there is potentially some protection of the message source. However, with UDP, the sender has no guarantee that the message has got anywhere at all. Also, the IP service provider for the first step (eg, in the UK for private users, the organisation providing DSL service over a BT local loop) will know the IP source; also that the IP source used a different source address from that/those registered to the DSL link – a potentially suspicious activity (for a DSL connection) that may well draw attention to the sender/source. There are further layers of sophistication that I think are better avoided, for the time being at least

    What it all comes down to is that there are national security reasons for NSA, GCHQ, etc to do what they do. However, if they do not target themselves narrowly enough, there will eventually be significant resistance from the public. This will make more difficult, their underlying valuable contribution to national security. In that, they are just like all other branches of government in making their contribution to the good governance of our world of ever-increasing complexity: overdoing it is bad for us and so ultimately bad for them.

    Best regards

  • Bob Grahame

    Unless it has some sort of Tor-like routing obfuscation, I can’t see that using P2P will stop the gathering of “who is talking to whom” metedata.

    Or amy I missing a possibility somewhere?

    Bob.

  • Not sure yet.

    However BitMessage looks like it has solved all these problems. What it does:

    1) Encrypt the message with the recipients public key so that *only* the recipient can decrypt it.
    2) Mix the message up in a peer-to-peer file sharing scheme so that everyone has a copy of many encrypted messages, only some of which are addressed to them.
    3) Attempt to decrypt all received messages.

    In step 3, you will only successfully decrypt messages addressed to you. Someone watching can’t see the text and since messages are all mixed up in step 2 can’t see how messages were routed.

    Maybe Lavabit and Silent Circle are doing this and making it easy to use.

    The key to this sort of thing is getting everyone to do it so you aren’t automatically subject to suspicion just by using the tool.

  • By the way, in step (2) you are retransmitting other people’s messages as well as sending your own (it works like BitTorrent). That makes it hard to see when and how many messages a given person is sending.

    Given enough computing power and the ability to spy on all the connections simultaneously (not as unlikely as I once thought), perhaps it is still possible to disentangle things. Perhaps.

  • Sam Duncan

    I wondered when someone would bring up Bitmessage. It’s gained quite a bit of traction since the original Lavabit Incident.

    The disadvantage, as far as I can see, lies in step 2). If it becomes really popular, which, as Rob says, it needs to in order to avoid becoming a reason for suspicion in itself, then the amount of data getting shuffled around is going to be huge. That’s not just an issue of network load; because of the design of the thing, it makes it harder for a client to find messages intended for you since it has to churn through that much more “junk”.

    The people behind it are aware of the potential problem, but the only solution proposed so far seems to be splitting it up into several domains (for want of a better word; it’s not an official term as far as I know), which of course dilutes the security, and leads straight back into the suspicion-by-use trap unless the domain you’re in is chosen at random.

    It’s also, by necessity, rather slower than email: more akin to ye olde steam post, in that it takes a day or two to get where it’s going. But that may be no bad thing.

    It’ll be interesting to see exactly what Lavabit and SC are doing.

  • So, having looked at the Wikipedia entry, I ask concerning Bitmessage: what protocol(s) is/are used (TCP/UDP/other) to ‘send’ a new message?

    If UDP, does this include falsification of IP source addresses?

    Likewise, what protocol(s) (including appropriate source address falsification) is/are used to forward new messages between ‘anonymous’ access points? This, I assume, includes communicating to the intended recipient(s).

    Information on IP port usage might also be of interest, in assessing vulnerabilities.

    Best regards

  • Nigel, it just uses TCP. The aim is not to hide the fact that you are participating in BitMessage, the aim is to hide *who* you are communicating with by just communicating with everyone. I did wonder about Sam Duncan’s point and how they would solve it. I also wonder about the legal position of transmitting other people’s messages for them. Does it count as aiding and abetting?

  • Eric Gisin

    Currently mail is implemented like this, where each link can be encrypted by SSL/TLS:
    client -> server -> server -> client
    Encryption can be enabled on most clients, much server-server traffic is encrypted. See this thread. The problem is NSA may have private keys for some providers.

  • Eric Gisin

    You can’t really have client-client email systems: clients are often offline, people need to access their mail on multiple devices. Households can run their own servers, a cheap NAS can do this. You still requires a directory service, like registering a domain that maps to your dynamic IP address. Alternatively your contacts could be in the form user@IP-address if people have permanent IPv6 addresses.

    The good solution is for countries with good privacy laws require that major email providers host servers for their citizens in one of those countries. The servers would also be required to disable unencrypted connections. Would any country consider this, and would citizens trust them?

  • marvo

    The only way for this to work is for people to communicate peer to peer, encrypted and authenticated.
    And the key distribution / trust system needs to be distributed rather than centralised as now with browsers. Indeed browsers went in the wrong direction when they started discriminating/warning against self issued SSL certificates as opposed to the ones included in the browser, including ones under the control of entities subject to the control of e.g. the Chinese government. It is also all too easy to add fake certificates to machines under your control (at work) and do a ‘man in the middle’ attack.
    Trusted certificates can be arranged in a web of trust with some certs directly verified by you and others relying on the trust of friends and friends of friends.

    Eric Gisin has a point about the problems of peer to peer, but if you have to rely on trusting third parties you are already in trouble. The biggest problem is that it is not easy to do. I am a techie and have not moved from gmail because setting the whole thing up is a tremendous pain, and requires continous work to keep it working and spam free.

    Two other points are that, encryption does not provide protection against traffic analysis i.e. seeing the addresses mail is sent to or against coercion / abuse of due process of law

    Bottom line though is that if your mail passes through a third party unencrypted then you can be easily compromised.

  • Tedd

    With the proliferation of mobile devices, the problem of establishing peer-to-peer communication when one peer is offline starts to become moot. For that matter, it’s probably realistic to have a cheap, always-on box in your home to handle peer-to-peer messages.

  • PersonFromPorlock

    Going at it from a different angle, how about an app that automatically generates random character string messages and sends them to other randomly-selected computers with the same app which then discards them. Lots of messages, 24/7/365. Spy agencies couldn’t afford to ignore any of them because they might be genuine.

    If we can’t keep ‘em from listening, deafen ‘em with noise.

  • NiV

    There are several ways of achieving this, I don’t know which, if any, the companies are planning to use.

    There’s a crypto protocol called ‘secure multi-party sum’ in which all parties can publish messages in each round that are cryptographically constructed to add up to zero, so if anyone adds a message to their contribution, it appears in the grand total with nobody able to tell which participant sent it. Only the intended recipients have the keys to read it. Very secure, but doesn’t scale well.

    I’ve long suspected that some people use spam to send hidden messages. Encrypt your message, encode it in the form of a spam message (in the choice of words, spelling mistakes, spaces, etc.), broadcast to a random address list along with your intended recipient. Hiding the existence of a secret message in an ordinary-looking communication is called steganography, and there are plenty more places to apply it – photos, you-tube, website adverts, twitter, cookies, blog comments…

    Some people have started building internet infrastructure outside the big companies. Wifi-enabled computers, mobile phones, and other devices can act as relays. Unsecured wifi can act as a gateway. Companies can build their own private wide-area networks, or private links between networks. People have poked fibre lines down sewers. Data can be transmitted over shared power lines, or in the flicker of outdoor advertising signs. There’s plenty of technology available – I assume there’s a market for it. Wouldn’t it be surprising if nobody was doing it?

  • Laird

    A little off-topic, but there is an excellent article in the Guardian describing the whole Snowden/NAS contretemps. Warning: I found the format of the article extremely offputting. But it’s worth wading through.

    http://www.theguardian.com/world/interactive/2013/nov/01/snowden-nsa-files-surveillance-revelations-decoded#section/1