Gov’t, cer­tifi­cate author­i­ties con­spire to spy on SSL users?.

SSL is the cor­ner­stone of secure Web brows­ing, enabling credit card and bank details to be used on the ‘Net with impunity. We’re all told to check for the lit­tle pad­lock in our address bars before hand­ing over any sen­si­tive infor­ma­tion. SSL is also increas­ingly a fea­ture of web­mail providers, instant mes­sag­ing, and other forms of online communication.

Recent dis­cov­er­ies by Wired and a paper by secu­rity researchers Christo­pher Soghoian and Sid Stamm sug­gests that SSL might not be as secure as once thought. Not because SSL itself has been com­pro­mised, but because gov­ern­ments are con­spir­ing with Cer­tifi­cate Author­i­ties, key parts of the SSL infra­struc­ture, to sub­vert the entire sys­tem to allow them to spy on any­one they wish to keep tabs on.

[Ars Tech­nica]

The weak­nesses of SSL are well known, which is why peo­ple who know any­thing about secu­rity don’t trust Cer­tifi­cate Author­i­ties, but in the past this has just been known as some­thing that gov­ern­ments were prob­a­bly doing. Now we have the first bit of evi­dence that they’re actu­ally doing it. I don’t think this will make any dif­fer­ence in the long run–after all, nobody cared when, after years of sus­pi­cion, the US gov­ern­ment admit­ted to using cell phones as track­ing and lis­ten­ing devices–but hope­fully at least a few peo­ple will read this and rec­og­nize that the gov­ern­ment can and does spy on them.

Brief: TSA sub­poe­nas blog­gers to find source of secu­rity doc leak.

The Trans­porta­tion Secu­rity Admin­is­tra­tion is attempt­ing to find the source of a leak of a sen­si­tive secu­rity direc­tive that fol­lowed a failed air­line bomb­ing attempt on Christ­mas Day. Two travel blog­gers have revealed that they have been sub­poe­naed to pro­vide infor­ma­tion that may lead to the source of the leak.

Shortly after an attempted “under­wear” bomber was dis­cov­ered on North­west Air­lines Flight 253 from Ams­ter­dam to Detroit on Decem­ber 25, the Trans­porta­tion Secu­rity Admin­is­tra­tion issued imme­di­ate, tem­po­rary changes to secu­rity pro­ce­dures in an attempt to pre­vent sim­i­lar inci­dents. The par­tic­u­lar details of those changes were issued in an inter­nal secu­rity direc­tive, intended only for TSA employ­ees. How­ever, copies of the direc­tive were leaked to sev­eral blog­gers and quickly spread around the ‘Net.

Writ­ers Chris Elliott and Steven Frischling both received copies of the secu­rity direc­tive from anony­mous sources, and both pub­lished the text of the direc­tive after mass con­fu­sion set in among hol­i­day trav­el­ers affected by the sud­den changes in secu­rity pro­ce­dures. It appears that the TSA is not pun­ish­ing either for pub­lish­ing the doc­u­ment; rather, they are try­ing to find the source of the leak.

“The DHS & TSA are tak­ing this mat­ter seri­ously, and that tells me that they are pay­ing atten­tion to secu­rity in detail,” Frischling wrote on his blog. So far, nei­ther has admit­ted to know­ing the iden­tity of the source of the TSA directive.

The leak is some­what embar­rass­ing for the TSA, though, in light of a recent leak of the entire con­tents of the TSA’s “Stan­dard Oper­at­ing Pro­ce­dures” man­ual online. That dis­clo­sure was due to improper redact­ing of the doc­u­ment, which the TSA later claimed to be out of date.

[Ars Tech­nica]

The les­son to be learned here is that if you find your­self in pos­ses­sion of infor­ma­tion which would embar­rass the gov­ern­ment, don’t pin a giant tar­get on your­self by post­ing it to your blog. Instead, use Tor to upload it anony­mously to Wik­ileaks.

Sprint fed cus­tomer GPS data to cops over 8 mil­lion times.

Christo­pher Soghoian, a grad­u­ate stu­dent at Indi­ana University’s School of Infor­mat­ics and Com­put­ing, has made pub­lic an audio record­ing of Sprint/Nextel’s Elec­tronic Sur­veil­lance Man­ager describ­ing how his com­pany has pro­vided GPS loca­tion data about its wire­less cus­tomers to law enforce­ment over 8 mil­lion times. That’s poten­tially mil­lions of Sprint/Nextel cus­tomers who not only were prob­a­bly unaware that their wire­less provider even had an Elec­tronic Sur­veil­lance Depart­ment, but who cer­tainly did not know that law enforce­ment offers could log into a spe­cial Sprint Web por­tal and, with­out ever hav­ing to demon­strate prob­a­ble cause to a judge, gain access to geolo­ca­tion logs detail­ing where they’ve been and where they are.

[Ars Tech­nica]

It’s well known by now (at least, to any­one who pays atten­tion) that cell phones are used to spy on the loca­tion and move­ment of their own­ers. This is the first solid infor­ma­tion I’ve seen on just how often the cops spy on people–and keep in mind that this is only one com­pany. It’s pretty much guar­an­teed that other com­pa­nies are equally eager to col­lab­o­rate with Big Brother.

War­rant­less sur­veil­lance law­suit thrown out.

Fed­eral dis­trict judge Vaughn Walker has rejected law­suits that aimed to hold telecom­mu­ni­ca­tions com­pa­nies account­able for their role in a con­tro­ver­sial war­rant­less sur­veil­lance pro­gram that was orches­trated in secret by the fed­eral gov­ern­ment. The Elec­tronic Fron­tier Foun­da­tion and Amer­i­can Civil Lib­er­ties Union are prepar­ing to appeal the dismissal.

The war­rant­less sur­veil­lance pro­gram is one the more con­tentious con­tro­ver­sies that still lingers from Bush’s tenure in office. The Bush admin­is­tra­tion attempted to lever­age the State Secrets priv­i­lege to block lit­i­ga­tion that aimed to hold par­tic­i­pants in the sur­veil­lance pro­gram account­able for vio­lat­ing pri­vacy laws. When it became clear that the courts were going to allow the law­suits to move for­ward, Con­gress inter­vened and passed a FISA amend­ment to grant the tele­com com­pa­nies explicit immu­nity. Pres­i­dent Obama voted in favor of immu­nity, despite con­sis­tently promis­ing to oppose it.

Click here to read the rest of this article

[Law & Dis­or­der]

A gov­ern­ment judge rul­ing in favor of the government’s inter­ests? Imag­ine that.

Cal­cu­lat­ing Pass­word Pol­icy Strength Vs. Crack­ing. sny­deq writes “InfoWorld’s Roger Grimes offers a spreadsheet-based cal­cu­la­tor in which you can key in your cur­rent pass­word pol­icy and see how your organization’s pass­words might hold up against the num­ber of guesses an attacker can make in a given minute. The cal­cu­la­tor includes results for four dif­fer­ent pass­word entropy mod­els, and is based on length, char­ac­ter set, max­i­mum age, whether com­plex­ity is enabled, and the num­ber of guesses per minute an attacker can attempt. As an exam­ple, Grimes assumes an eight-character pass­word, with com­plex­ity enabled, a 94-symbol char­ac­ter set, and 90 days between pass­word changes. Such a pol­icy, typ­i­cal for many orga­ni­za­tions, would require attack­ers to make only 65 guesses per minute to break — not at all hard to accom­plish, Grimes writes.”

Read more of this story at Slashdot.

[Slash­dot]

I have some expe­ri­ence with fool­ish pass­word poli­cies like that. They’re actu­ally even worse than this arti­cle sug­gests, because a pol­icy requir­ing hard to mem­o­rize pass­words that change reg­u­larly mean that users gen­er­ally can’t mem­o­rize their pass­words, and as a result with either write them down next to their com­puter or fol­low some pre­dictable pat­tern such as “password1!,” “password2!,” etc.

After try­ing it for three weeks with­out prob­lems, I bought the lat­est ver­sion of PGP Desk­top Pro­fes­sional, which includes whole disk encryp­tion. Both my Mac­Book Pro’s inter­nal hard drive and the exter­nal drive I use for Time Machine back­ups have got­ten along with it just fine, even through the sys­tem update to 10.5.7. For the most part there’s no notice­able impact on per­for­mance, but then my lap­top doesn’t do any­thing really disk intensive–all my pho­tog­ra­phy work hap­pens on a dif­fer­ent com­puter which I will not be encrypt­ing. There did seem to be a slow­down in Time Machine back­ups, but that’s not an area where per­for­mance is really rel­e­vant. I would really pre­fer to use True­Crypt, but as it cur­rently can only do whole disk encryp­tion on Win­dows (where I have been using it for some time), that wasn’t an option.

The rest of the PGP Desk­top pack­age gets a mixed review. I had looked at PGP last sum­mer and dis­missed it as unac­cept­able because of the hor­ri­bly designed proxy it relies on for encrypt­ing email, but this time around I dis­cov­ered that there is also an offi­cially unsup­ported plu­gin avail­able for Mail. The plu­gin works the same way as the GPG­Mail plu­gin, but with fewer fea­tures. This is not sur­pris­ing, as they have the same author. Appar­ently some brain­less prod­uct man­ager at PGP Cor­po­ra­tion had decided to kill the plu­gin (pre­sum­ably to force users into using their worth­less proxy), and it was brought back by pop­u­lar demand.

Since the last time I looked at PGP, it’s lost the abil­ity to com­mu­ni­cate with pub­lic key servers other than the one actu­ally run by PGP Cor­po­ra­tion, which very few peo­ple use. Accord­ing to a thread on the PGP sup­port forum, the devel­op­ers know about this bug and just don’t care about fix­ing it. Well, nobody will ever accuse the PGP Cor­po­ra­tion of hav­ing good cus­tomer ser­vice or QA! For­tu­nately the key­servers have web inter­faces so the prob­lem can be worked around as long as you’re using the “unsup­ported” Mail plu­gin. Any­one fool­ish enough to use the proxy will be out of luck, though.

I ulti­mately decided to switch from GPG to PGP for my email needs, at least for the moment, because while both of them have huge prob­lems on the Mac, PGP’s refusal to work with key­servers that aren’t owned by the PGP Cor­po­ra­tion is less of a prob­lem than the hideously unus­able key­chain man­age­ment that GPG inflicts.

No War­rant Required in U.S. for GPS Track­ing.

At least, accord­ing to a U.S. Dis­trict Court rul­ing:

As the law cur­rently stands, the court said police can mount GPS on cars to track peo­ple with­out vio­lat­ing their con­sti­tu­tional rights — even if the dri­vers aren’t suspects.

Offi­cers do not need to get war­rants before­hand because GPS track­ing does not involve a search or a seizure, Judge Paul Lund­sten wrote for the unan­i­mous three-judge panel based in Madison.

That means “police are seem­ingly free to secretly track anyone’s pub­lic move­ments with a GPS device,” he wrote.

The court wants the leg­is­la­ture to fix it:

How­ever, the Dis­trict 4 Court of Appeals said it was “more than a lit­tle trou­bled” by that con­clu­sion and asked Wis­con­sin law­mak­ers to reg­u­late GPS use to pro­tect against abuse by police and pri­vate individuals.

I think the odds of that hap­pen­ing are approx­i­mately zero.

[Schneier on Secu­rity]

I agree. Also note that this really only applies to cops spy­ing on dri­vers who don’t have cell phones. If you’ve got a cell phone, it’s sim­pler and cheaper for the cops to spy on you using the track­ing device you paid for and vol­un­teered to carry around rather than going to the trou­ble of bug­ging your car.

In light of the recent news about SHA-1, I decided to replace my ten year old work PGP key.

This was posted on the PGP-Basics mail­ing list by Robert J. Hansen:

Some researchers are claim­ing they’ve been able to make the Sheng­dong
Uni­ver­sity attack on SHA-1 a fac­tor of about 2000 times eas­ier. If
their research is cor­rect, that means SHA-1 is now attack­able by reg­u­lar
people.

These results are not unex­pected. We knew this day would come. For the
last cou­ple of years most crypto nerds have been strongly rec­om­mend­ing
peo­ple either migrate away from SHA-1 imme­di­ately, or at the very least
have a migra­tion plan put together.

If you have already migrated — then you may ignore this development.

If you have not — then it is increas­ingly urgent you do so.

Orig­i­nal URL:

http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf

Review: PGP Whole Disk Encryp­tion for Mac OS X [Paul Sta­ma­tiou]

Another good review. This one doesn’t men­tion Time Machine, but goes into more detail on cold boot attacks.