31 December 2013

Cryptopocalypse: Can your iPhone be hacked by the NSA?

Today the Intertubes are awash with hysteric headlines like "The NSA Has Crazy Good Backdoor Access to iPhones".  It's quite the pile-on: besides the press' inclination to tear down the tall dog, there's something stunning about the well-regarded security of latter-day iDevices being easily circumvented by shadowy spies in Ft. Meade.

What's missing--as is all too typical--is a close and sober look at what's being disclosed.

Here's what we know from the latest Snowden documents:

The DROPOUTJEEP iPhone exploit requires physical access to the phone, which suggests it’s based on the sort of hard-boot privilege escalation that has animated the cat-and-mouse game of jailbreaking since 2007.  With each generation of hardware and software, old boot-time-access doors are closed by Apple and new ones discovered by jailbreak hackers.  The result has been continuous improvement of device security.

But hardware and iOS advancements now necessitate that all recent jailbreaks require the device filesystem be unencrypted by removing any passcode (and, in the case of the iPhone 5S, the fingerprint authentication).  That offers good likelihood that your recent iPhone or iPad is safe from this exploit if you enable the passcode.

But here’s something interesting that I’m not seeing discussed amid all the hoo-hah.  The source document that’s being splashed all over the Internet is dated 2007:

Specifically, the document datestamp is “20070108”.  It’s unclear if the date format is year-day-month, as is typically seen in the US outside of at least some government and military usage, or the more globally accepted year-month-day.  I’d argue the latter, because the iPhone was released on June 29, 2007.

Either way, the document relates to the very first generation of iPhone, before the filesystem encryption capability was even introduced.  (That came a year later, with iOS 2.)

So, calm down, people.  Enable your passcode.  And know that there are much more probable threats to your rights and privacy than this one.

14 December 2013

Five essential tools for maximizing your digital privacy

I don't quote my own blog posts very often, but a recent article in Slate, "Facebook wants to know why you didn’t publish that status update you started writing," spotlights an issue that caught my attention in the earliest hours of the Snowden revelations.  It's prompted some discussions and then some advice that's worth a post of its own, so here goes.

Some of Snowden's first bombshells included disclosures that US and allied intel agents could monitor users' logins and other activity on the Internet in real time even for encrypted services.  In the aftermath of these leaks, I commented,
The "As-You-Type" claim is a special concern
Webmail services help prevent loss of your work in the event of a disconnect or crash by frequently storing your draft on their server as you compose it.  This blog post, for example, has been saved to Blogger's server automatically many dozens of times as I've worked on it.  Had I typed something incendiary and intemperate about some politician or bureaucrat, that would have been stored as well-- and potentially monitored and inspected if my phrasing (or integrated profile) contained certain keywords or triggers.  This means cloud-based services of a wide variety have the capability of capturing and potentially monitoring your evolving thoughts and phrasing, even if you think better of them before committing the "Send" or "Publish" button.  So, it's bad enough that what you email and say is monitor-able... what you think is also.
So the automatic server-saving of your drafts not only provides crash-proofness but  allows the service you’re using (and any eavesdroppers, hm?) to observe your thought processes and note any evanescent notions that you may have reconsidered and deleted.  Creepy much?

Five essential tools for maximizing privacy

In response to that article, a correspondent asks if his privacy is more assured if he does his drafting in a word-processor on his computer instead.

Well, as should be clear by now, if your drafts are on some server somewhere, they can in theory be accessed and reviewed by corporate or governmental authorities.  It's happened: just ask David Petraeus.  So you might expect that if your drafting and deletions are entirely constrained to files on your local disk then they would remain private.  Unfortunately it's not quite as simple as that in today's connected world.

Basically: your drafts are private if they're on your computer and not benefiting from any sort of cloud storage or backup service, and assuming no entity has installed a key logger or other monitoring tool on your computer, and that no one physically or remotely accesses your machine while your drafts are on it in some accessible form ...which might not be at all obvious.

That last point is an interesting one.  I've lost the citation but recall how some guy was convicted for some terror-related crime in the past couple years based in part on evidence collected from scratch files scattered on his disk by his word processor.  Finding this evidence was possible because he had not encrypted his hard disk, allowing easy forensic analysis of his activities.  The only defense against this sort of forensic analysis (whether by government or other entity) is to encrypt your disk with a strong password; in the US at least there are legal obstacles to forcing you to give your password up even if accused of a crime.  (Biometric authentication is not constitutionally protected.  So if Fifth Amendment protections against self-incrimination are important in your situation, know that anything protected by something like a fingerprint sensor can be opened by the authorities if you're accused of a crime.)

So there are nuances to what one might expect to be a simple answer.  Meanwhile, the only real news in the Slate article referenced above is that stuff you delete from a hosted draft may still have been noted and logged.  And frankly, that shouldn't be news to alert readers by now.

The first essential tool: personal encryption

Let's face it, cloud services are popular because they're useful.  For example, I routinely do my work in files stored in my Dropbox folder.  The benefit to me is that I can access them from anywhere using any of my devices or even a browser on someone else's machine.  This has been very beneficial to me, plus Dropbox keeps versioned backups of my files, so if I whoops something it's easy to return to a previous version.  Dropbox is a wonderful, reliable, non-creepy, secure service I recommend highly and for which I have documented ways to virtually assure the privacy of your files.  (Newer, self-hosted services like OwnCloud or Bittorrent Sync provide capability similar to Dropbox's without third-party involvement, leaving only the transport channel and physical or remote access to one's machines as potential vulnerabilities.)

Of course, were I writing some sort of radical manifesto, keeping my drafts in my Dropbox might not be the best approach for staying under the radar.  Snowden's whistleblowing tells us that agencies of governments friendly and otherwise (and, who knows, some well-resourced corporations or other entities) now regard ordinary encryption as opaque as Saran Wrap.  Though I'm not in the habit of writing manifestos or possessing other dodgy files, there are some aspects of my finances and work where confidentiality is important, and in those situations I perform my own duplicative private encryption, which is less likely to be easily cracked.

So, the first tools to acquire and learn to use are personal encryption utilities.  For those lucky enough to be using a Mac, OS X's built-in ability to create bandwidth-friendly encrypted sparsebundle disk images is a boon.  A helpful reader points out EncFS as another effective, cross-platform tool for bandwidth-conserving file encryption.  For any platform, TrueCrypt provides good capabilities for encrypting files and creating encrypted disk images, although it lacks the sparsebundle capability that's so beneficial for online storage situations.

For me, the benefits of using online services the way I use them outweighs the risks, which I've reduced and mitigated through tools such as these.  Similarly, I use gmail for some of my e-correspondence.  It's a great service.  I recognize that I, the user, am the product, and the service markets me to its customers as a digital dossier collected from my activities, connections, communications and (per the Slate article) thoughts.  Of course, anyone who writes to me c/o my gmail account gets databased, too... an example of how our personal privacy decisions have implications extending beyond the penumbra of our individuality.

The second essential tool: Whole-disk encryption, and password-enable your device

As previously related, I once caught a coworker just as he started poking around on my laptop after he thought I'd left the office.  He was an odd sort of duck, and my immediate thought was that he intended to put something problematic on my machine.  It happens.  In fact, it's the sort of threat that's far more likely than NSA targeting most readers here.

And it's readily addressable: turn on your device's password capabilities, including a screen-saver password or other lock-code that activates when your machine is unattended.  This goes for your smartphone as well as your computer.

But this is just an inconvenience to a determined attacker.  Devices get lost or stolen all the time, and Evil Hotel Maids in some countries can and do access computers left in visitors' rooms to perform espionage on behalf of some state or industrial entity.  The best defense against this is a good whole-disk encryption scheme.  For example, the Mac's FileVault 2 option has been a standard feature of OS X for several generations now, and it is highly effective and efficient.  If your machine's manufacturer offers something of the sort, turn it on.  If not, read some reviews and buy a utility that will do the job.

iPhones and iPads automatically encrypt their file systems when a passcode is turned on-- brilliant.  So, do that.  Recent versions of Android offer something similar.

The third essential tool: Email encryption

Ed Snowden insisted on PGP encryption of email communications, and that's a remarkable endorsement of this free and effective technology.  Its developer, Phil Zimmermann, nearly went to prison for developing it, and then-Sen. Joe Biden made two attempts to sneak wording criminalizing personal encryption into totally unrelated legislation.  It's instructive to ponder why tools that allow individuals to maximize their own privacy have been so controversial for so long... this occurred more than a decade before 9/11.

Today, much of what we do on the Internet is encrypted in transit from your computer to at least the first node in the chain to whatever service you're using.  But that only means eavesdropping is blocked to those lacking the keys, and only while in transit, and only for that hop.  For example, Gmail is very securely handled between your browser and the Gmail servers.  Once there, your emails are stored in plain text.  Worse:
Under the Electronic Communications Privacy Act (ECPA) of 1986, police only need a subpoena, issued without a judge's approval, to read emails that have been opened or that are more than 180 days old.
Meanwhile, the repeated compromises of the public Certificate Authorities suggests any encryption based on CA-managed keys may be vulnerable.

The solution is to heed Snowden's advice and manage your own email encryption for those situations when postcard-class privacy is inadequate.

Setting up PGP takes a little effort and is, unfortunately, still a bit of a geek-fest, but it's worth the effort.  Mac users have it especially easy via the marvelous GPGTools.org toolkit, which integrates brilliantly with Mac's Mail.app.  GPG4Win offers something similar for Windows users.  And all participants in a conversation must have established and exchanged their public keys.  Assuming the participants are trustworthy and careful, this ensures that private discussions remain private.

The fourth essential tool: Back up!

We tend to get worked up about the risks to our data, wealth and privacy from shadowy agencies and sinister corporations, but the greatest risk is the most unavoidable: the eventual failure of our disk drives, including SSDs.  That is a matter of when, not if.

There's only one defense, and that is to maintain current and duplicative backups.  Invest in two USB pocket drives, and back up to them in alternating fashion.  Keep them in different places.  And consider supplementing your local backup strategy with online backup services like Carbonite or my own chosen service, Backblaze.  All offer excellent transport encryption; Backblaze offers a free additional private-encryption capability which further cloaks your stuff on their servers, for a great price.

But if the service happens to back up a draft that you're working on, then there's another example of your drafting-and-deletions hypothetically being accessible to someone with the right access and tools.  But that's many levels lower in terms of exposure than writing your drafts in a gmail/Yahoo/Hotmail composition window, Facebook draft post, Google Docs draft, etc.

The most essential tool: control your own computer

So there are things you can do to improve privacy and increase the chances of flying under the radar of governmental and corporate eavesdroppers and snoops.  Short of staying offline entirely, that can include

  • Carefully selecting (and minimizing) what online services you use and how you use them, 
  • Choosing an operating system that is comparatively secure, 
  • Employing disk, file and transport encryption to increase security, and 
  • Leveraging virtualization, compartmentalization, userspace separations and utilization of separate machines.

That last recommendation is quite important.  We tend to fixate on the shadowy cloak-and-dagger players, and sure: those are sexy threats that make headlines.  But the likelihood most of us will be snared by their tentacles in any meaningful way are small compared to the potential consequences of other dumb things we do.

Top among them: using your company computer for personal purposes.

Just don't.

For starters, it's a great way to get fired.  I've known smart people whose work is legally quite sensitive yet they watch naughty videos, play online games, download warez and do other risky things on their company computers, sometimes even in their normal user accounts.  Dumb, dumb, dumb.  Just ask John Deutch.  (What is it about CIA Directors and their digital idiocy?)  Frankly, if I caught an employee doing that, I'd fire 'em myself just out of intolerance for dumbasses.

So, just don't.  With the cost of terminating employees growing higher every year, IT departments are increasingly tasked with monitoring employee computer usage, documenting offenses useful for knocking down exit demands and defending against termination-related lawsuits.  So keyloggers are routinely installed, screen-snaps are covertly acquired, webcams are snapshotted to capture employee behavior, networking logs are databased... do a bit of searching and you'll find many super-creepy examples out there of employers watching and observing everything their employees and contractors do at the keyboard, and of tools marketed to them for ever deeper surveillance, tools like http://talygen.com/CaptureScreenShot and http://www.oleansoft.com --there are dozens and dozens.

That is a far more present threat to most people than the NSA, or industrial espionage, or the depredations of sneaky social-networking services and ad-platform companies masquerading as cloud service providers.  Solution: Get your own damn laptop or tablet, and lock it down, and keep it in your possession as much as possible, especially when you travel.

And mind your assumptions.  If you think you're safe, you're doing it wrong.

17 November 2013

A Dropboxless Dropbox for extra-secure file sync

Dropbox is great for sharing
files between your machines.
I've used and enthusiastically recommended Dropbox for years: as a costless "virtual thumb drive" for ferrying files between my machines, for sharing files too big to email, and even to host web content.  Great stuff.  I also make a habit of using my Dropbox folder for my current work, so every document I'm working on gets backed-up in real time, in versioned form so I can even return to a previous revision if I whoops something.  I love Dropbox.  It's just an awesome service: sign up at http://db.tt/Me4yRjt and I get a small storage bonus.  

But I have harbored no illusions about the privacy implications of storing stuff in any third-party's cloud, even before the Snowden revelations.  So one of my first blog posts centered on a Mac-centric workaround: use the Mac's magnificent ability to create bandwidth-friendly, encrypted sparsebundle disk images, storing the image in my Dropbox instead of the individual sensitive files.  There's evidently a demand for doing such things, as that post quickly racked up many thousands of hits, has remained at or near the top of Google searches regarding Dropbox security since it was published, and was featured by influential tech commentator Shawn Blanc.

Over time I've kept an eye on the Dropbox market, signing up for (but, frankly, rarely using) alternatives ranging from SugarSync to SkyDrive to SpiderOak.  All are fine services with generous free storage offerings to get you started.  SpiderOak in particular has excellent privacy engineering.  None, however, are both free and open-source (FOSS).  There's SparkleShare, which is FOSS, but it lacks a mobile client, especially for iOS (which I'd need).  Tarsnap and Unison are others, but they're not seamlessly cross-platform and lack a mobile client.  OwnCloud is FOSS but requires a central server-- great for enterprises but overkill for my sync-centric individual's usage.  

All told, I probably have more than 100GB of free storage I don't use, on top of the Dropbox storage that I do use.  

But now there's an alternative that's going to pull at least some of my usage away from Dropbox.  It's Bittorrent Sync, a peer-to-peer implementation of Dropbox-like functionality that syncs stuff between your machines and mobile devices.  It's costless but not yet open-source, though the developers have adopted a never-say-never posture towards FOSS.  

Bittorrent Sync is from the folks who make the excellent uTorrent torrent-management client, and it extends the serverless torrent concept to syncing one's files between machines.  Security seems good (though without open-sourcing, that's a statement of faith) and performance is excellent.  Free clients are offered for Windows, Mac OS X and Linux, and for iOS and Android.  Setup is incredibly straightforward: start with your desktop machines, pasting the automatically-generated key from one client to the other to establish encrypted syncing between them; then for your mobile devices, just scan the QR code your desktop installation will present for you, and setup is complete.  Couldn't be easier, and bonus points to the Bittorrent folks for finally finding a good use for QR codes!

Then it just works.  Put a file in a folder on one machine and it will automagically appear on all the others as long as one remains powered-up.  Just like Dropbox, only there's no third-party central server involved.  (And, no web access-- which may be a plus or a minus, depending on your intended usage).  
Sharing is achieved by providing a key code to those with whom you want to share; they plug this into their own Bittorrent Sync client.  Sharing key codes for read/write and read-only are easy to generate, as are one-time keys that expire after 24 hours.  And files are versioned!

Bittorrent Sync shares some attributes with other file-syncing services: Storage folders on your clients are not encrypted, though the transmission of files is.  Syncing across hotel and a few other public networks may be problematic depending on how they're set up (my Mac client set itself to listen on TCP port 26085, which some networks might block).  And there's the pervasive risk of potentially instilling a sense of false confidence that can contribute to oversights of fundamental security and privacy practices, such as 
  • Failing to set up whole-device encryption, 
  • Failing to establish a long passcode on your mobile devices, 
  • Failing to physically secure your devices or lock their screen when you turn away...
As a useful tool for privacy or just plain easy-peasy syncing, color me impressed about Bittorrent Sync.  It works nicely and is as polished as you'd expect from the folks who gave us uTorrent.

UPDATE: Here's an especially informative review.

14 September 2013

The Cryptogasm needs a dose of perspective

Ed Snowden's PRISM revelations and the drip-drip-drip follow-ups by reporters Poitras and Greenwald have people in a windmilling panic.  According to countless op-ed pages and blogs, we can't trust our devices and services for fear the NSA might be accessing them. Going off the grid is suddenly fashionable.  Folks sense the NSA's shadow behind every pillar, its ears pressed to every wall.  Apple introduces a new smartphone with a fingerprint authentication sensor, and instantly the Internet teems with anxiety that somehow the spooks might be able to access it.  (As if one's fingerprints aren't on everything ever touched, starting with their birth certificate!)

Fortunately we have Citeworld to assure us, "[Apple's new fingerprint sensor] detect[s] the ridge and valley pattern of your fingerprint not from the layer of dead skin on the outside of your finger (which a fake finger can easily replicate), but from the living layer of skin under the surface of your finger, using an RF signal. That only works on a live finger; not one that's been severed from your body."

Such good news: you can sleep without fear of cloak-and-cleaver types amputating your digits in the middle of the night to unlock your iPhone.  People actually worry about that sort of thing today...

Strike one misdirected, overblown fear, then.  There are plenty more where that came from.

Because it's not at all clear that the pundits and commentators have the least clue about the true spectrum of threats to us our liberty today.  The NSA's curiosity may well rank among the least of them.

Case in point: within the US it appears you have no Fifth Amendment right to decline to unlock the new iPhone 5S or any other device or lock based on a biometric "passcode," because courts have ruled that fingerprints and other physical attributes of a person do not equate to compelled testimony [cf., http://www.wired.com/opinion/2013/09/the-unexpected-result-of-fingerprint-authentication-that-you-cant-take-the-fifth/].  I'm not an attorney, but the Fourth Amendment might not apply either, if previous case law holds for encrypted digital stores [see, for example, http://www.theindianalawyer.com/court-affirms-locked-glove-box-search/PARAMS/article/25155 and http://en.wikipedia.org/wiki/Carroll_v._United_States]

So, your choice of authentication mechanism has a far more profound and immediate impact on your Constitutional rights than any encryption-cracking initiative that might exist in the bowels of some three-letter agency.  Yet count the headlines.  It's a fair bet this is the first you've heard of this potentially cataclysmic rupture of your rights*.

See, many true threats are not technological.  And straightforward tools continue to be effective against them in the post-Snowden era.

My point isn't to diminish Snowden's stunning revelations, or the dismay over the surveillance of reporter James Rosen or the AP's phone records, or any of the other Orwellian headlines attesting to a surveillance state that's burst its bounds.  It's just that there are threats, and then there are threats.  NSA is just one, and it's far down the list for most of us.  Certain other countries pose another real and present threat to your digital information and identity; creepy Internet services are another; your business competitors are another; personal rivals and enemies are yet another; if one's spouse turns on them then that'd be yet another...

That last one isn't hyperbole, incidentally.  The first indication a friend of mine had that his wife was turning on him and plotting a harrowing divorce was when he noticed things had been slightly changed on his PC.  Turned out she'd hired a private eye to snoop on him, and the guy had installed keyloggers and other spying software.  Nice.

My point: even a weak password would deter that and many other threats you could plausibly face.  Maybe not the NSA, but c'mon, let's be real, if a drug cured 80% of the diseases it was used on, it would be a miracle drug.  And even weak passwords will stymie 80% of the threats to your digital assets and mine.  Maybe more.  That's not to encourage a sense of false confidence, but it's a very true statement.

Frankly, I first got paranoid about having my computer encrypted when I left my company's office for lunch one day, realized I'd forgotten something, did a U-turn, and walked back into my office to find another employee poking around on my computer.  The guy had always struck me as creepy, and you can bet I password-protected my disk that very day.  With that guy, it wasn't so much what he might have found on my machine as what he might have put on it!  And, again, even the simplest password would have thwarted whatever his intentions were. 

Some correspondents have fretted to me about Google acquiring a quantum computer [http://www.wired.com/wiredenterprise/2013/06/d-wave-quantum-computer-usc/], feeling it's part of a plot to undermine all encryption.  Well, for one thing it's still unclear if that computer is actually truly quantum or applicable to cypher-breaking.  The thing isn't exactly open-source, and its capabilities remain mysterious even to its makers and might well be leavened by hype.  And Google is stuffed with curious geeks and flush with money, and they fill the place with toys.  This is just one of many such.  Personally, I don't think their intent for this machine is nefarious, and there's simply no way such computers could factor in any meaningful way into the troves of data Snowden's slides suggest are accessible to the NSA-- certainly not for the budgetary numbers Snowden also provided.  But, people worry about these machines, maybe because of their mysteries.  

There is an inverse relationship between our ability to understand events and our tendency to fear them.  

Besides, there is a reason that the government insists on AES 256-bit encryption for securing its own stuff.  If you do the math, it's not meaningfully more secure than 128-bit encryption against today's cracking technology.  The spooks who make such recommendations for the government did so not because 128-bit encryption is insecure but because they were concerned that cracking of encryption through quantum computing might become a reality within the horizon of the secret items in question.  256-bit AES encryption is secure into the far future, but 128-bit is secure into the middle future.  That's good enough for me against my snooping colleague and other foreseeable threats, and 256-bit AES is good enough for anybody, for now.  (You might think that since 256 is 2 x 128, 256-bit encryption would be twice as secure as 128-bit.  No... it goes as a power of 2, so 256-bit encryption is 340,282,366,920,938,463,463,374,607,431,768,211,456 times as secure as 128-bit encryption.)

Unless there's a flaw in the encryption algorithm, which is a remote possibility, in which case you're surely screwed, but only by whoever possesses knowledge of the flaw and has an interest in little you.  It's much more likely that governments (plural) would just acquire the keys used to encrypt, either by theft or by collusion with the companies that hold the keys.  After all, if someone holds the keys, they don't need to crack anything and they don't need a quantum computer.  And, in fact, the certificate authorities who maintain the encryption keys used by websites and internet services have been repeatedly hacked over the past several years.  

So, your encryption is, for all intents and purposes, merely as trustworthy as whoever holds the keys.  The technology is, again, the least of it.

With some tools like PGP, you hold your own keys.  (See the "What to do" section of http://unvexed.blogspot.com/2013/06/what-prism-may-be-and-means.html)  Use them with a strong algorithm like AES-128 and good long password, and you'll cause trouble even for the NSA, most likely.  And you'll thwart lesser enemies, no problem.  And those are numerous.

*Side note: The convenience and security of the iPhone 5S's new biometric sensor are very compelling.  If Fifth Amendment considerations are a concern, one could use a multi-layered approach: Go ahead and lock (and thereby automatically encrypt) your iPhone with its fingerprint sensor, but store sensitive items in their own encrypted form with a passcode type of authentication.  Of course, outside the US the Fourth and Fifth Amendments are moot to begin with.  And then there's at least partial weakening within 100 miles inside any US border or coastline [http://www.wired.com/threatlevel/2008/10/aclu-assails-10].  Best not to leave home with anything problematic in your possession, hm?  

28 June 2013

An entirely worthy Google Reader replacement

Replace Google Reader entirely: never depend on an RSS aggregator again

Many Google Reader replacements are available today on the eve of that service's termination.  Two things are required: (1) a service which scans, updates and syncs (aggregates) your RSS feeds, and (2) a viewer application or web-page.  Google Reader provided both functionalities.  Its replacements generally do too.
Sismics offers an unusually crisp, speedy
Google-Reader-like browser interface
and requires no RSS-feed aggregation service

Unfortunately, most RSS aggregation services have come in at around $2 a month.  That's certainly not a lot, and one would hope it'd be enough for them to avoid Google Reader's fate, but it's not free like Google Reader.  

More unfortunately, all that I've reviewed lack Google Reader's ability to email an article or summary directly from the app as Google Reader would allow.  Instead, if there's any email functionality at all, just a link is sent.  Of course, all make it easy to quickly open the source article, followed by composing an email via one's usual cut/paste (or, for Mac users, Safari's wondrous Reader Mode). 

[UPDATE: I just discovered the wondrous inoreader.com.  It imported my 270 Google Reader feeds in about thirty seconds... and it offers emailing of entire RSS-version articles at a click, just like Google Reader!  Based on my brief usage of it, I'd say it's the best of the Google Reader lookalikes.]

My first attempt at replacing Google Reader was spin up a little open-source service called Selfoss on my own server, an original-issue $35 Raspberry Pi card.  A bit of effort and patience is required to install it, and users with many dozens of RSS feeds should not update them too often lest they overburden their Pi (installing on a "real" server would address that, of course).  But selfoss presents an unusually pretty interface in the user's browser and provides all the functionality of Google Reader except that email function, which apparently only Google Reader inoreader.com provides.  

And though I'm happy with how selfoss runs on my Raspberry Pi, I've continued to watch the RSS-reader landscape sprout like forest mushrooms after a rain.  

And here, finally, is an unusual one: Sismics Reader, which runs entirely on your laptop or desktop computer ...or which can be deployed on a server if you wish.  

That's right-- it can do its own scan-and-update right on your PC, no external aggregation service required.  

And since you're not dependent on an aggregation service, there's no chance your service will abruptly die if the service goes the way of Google Reader.

Sismics Reader supports Windows, Mac OS X and Linux and installs in a blink.  When installed on your computer, you just browse to the application's specified address and poof: up comes your feeds.

It's about as full-featured as anything I've tried so far (save that lamented email function!) and has the great advantage of being available when you are offline, such as on an airplane with your laptop.  That's very cool.  

Its look and feel is very similar to Google Reader's.  That means it's not quite as pretty as Selfoss but is entirely functional.  And since it resides entirely on your machine, it is ultra-responsive.

It's free and open-source.  Give it a try.  It will import your Google RSS feed list (which you should be sure to download to a safe place before the service terminates -- see Mashable's friendly how-to for that).  

It's amazingly fast.

Potential drawbacks:  
  • It's Java-based, but I have Java on my laptop for other reasons so that's no big issue for me.  If you need Java, you can download it free from https://www.java.com/en/ --if you're not sure if you have Java or not, you can run a quick test at https://www.java.com/en/download/installed.jsp  Do be aware that Java has had more than its share of vulnerabilities in recent months.  Keep it updated.
  • If you enjoy browsing your RSS feeds on your iDevice or other smartphone or tablet, you'll have to install Sismics on a server; it provides a nice mobile-browser interface.  But then you'll be able to get at it only when you're online.

I'd be interested in others' opinions too... leave a comment!

22 June 2013

How to make secure, encrypted phone calls... for free

The ZRTP-capable
Groundwire app for iOS
Recent revelations have alleged wholesale governmental monitoring of phone conversations and emails.  Governments (plural) are reported to have real-time ability to access encrypted digital connections of all kinds, including Skype.  My own hypothesis, based on details in the the published allegations and known hacks of Certificate Authorities (on whose infrastructure the entire trust system of today's Internet is based), is that purloined Certificate Authority certificates are being utilized to allow inexpensive monitoring of communications transported over encrypted channels like SSL and TLS.  The key to privacy is to utilize encryption techniques which do not depend on the compromised Certificate Authority system.

VoIP is rarely encrypted at all, but that may be changing as dismayed citizens demand an end to suspicionless, warrantless surveillance.  Today, ostel.co (note: not .com) is a free/open-source project which implements the ZRTP communications-encryption technique which allows users to call each other securely and without cost over WiFi or other Internet connections.  Conference and video calls are also supported.  More info about ZRTP here.

Each participant must run a ZRTP-capable VoIP client on their computer or smartphone-- this is not something you can use a old-timey analog telephone with.  Clients are available for a variety of platforms including OS X, Windows, iOS and Android.  Some are even free!

Getting started making and receiving secure calls is simple: you sign up for an account at ostel.co and give yourself a user name.  You download the appropriate app onto your computer or smartphone and set it up to talk to your ostel.co account.  Your friends and associates do the same.  You then ring each other up using your respective user names, and validate a randomly-generated numeric code.  Pretty simple.

Documentation is sparse, to put it charitably, but here's how I got it working on OS X 10.8.4 Mountain Lion:

  • Download Jitsi, a free/open-source client capable of, among other things, telephony using ZRTP encryption.
  • Run it... or attempt to.  On later builds of OS X you may receive a message that Java 6 is required.  Well, I have Java 7 installed and enabled (it's needed for some other software I use), but this didn't seem to be acceptable to Jitsi.  With some trepidation given the security issues surrounding Java recently, I accepted the download of the older version.  There was no progress indicator, but events seemed to proceed without issue (and frankly rather quickly-- I have my doubts that Java 6 was installed at all), and eventually I was able to load and run Jitsi.  The current, recommended version of Java 7 remains intact on my system and is still my default, per the version tester at java.com.
  • Now you need to set up Jitsi to use your ostel.co account.  This is totally undocumented, but what works is to open its Preference pane and add a SIP account, specifying YourUserName@ostel.co (again, note it's not .com) and inputting your ostel.co account password.  
  • Done.

Set-up should be similar for other apps.  The only prerequisites would seem to be (1) the ability to work with generic SIP connections and (2) ZRTP compatibility.  (Be sure to select your desired audio input and output in the Preferences-- Jitsi had selected AirPlay as my default, rather than my Mac's speakers or headphones, causing some momentary confusion for me.)

[DELIGHTED UPDATE: seems the free Linphone iPhone app supports ZRTP!  Once you have installed the app and set up a username at ostel.co, just go to the app's settings and input your ostel.co username (minus the "@ostel.co" part), then your password, then "ostel.co" for the domain.  Then, in the Network settings, select Media Encryption and tick ZRTP.  Done!  This app even seems to support encrypted video.]

Now you can enjoy secure calls... or (let's have our eyes open about such things) allegedly secure calls.  Also keep in mind that the use of encryption technologies including email encryption and Tor (if detected) can spotlight you for special scrutiny and indefinite retention of your emails and other data, even if you are a U.S. citizen.

Audio quality in my testing has been excellent, clear and crisp and without echo.

08 June 2013

What PRISM may be... and means

London's Guardian and the Washington Post have published reports, based on leaked slides from a
Slide 4 presents a timeline.
Pay attention to the timeline.
National Security Agency PowerPoint of breathtakingly eye-searing design, alleging that the US Federal government monitors virtually all digital communications including VoIP, email, chat, file transfers and social networking.

The government has admitted to the general outline of all this, though it protests that many details are wrong.  That it has come to this should surprise no one familiar with current events and the unconstrained growth of the state.

Importantly, the original Guardian report noted that monitoring agencies could practically view one's typing in real-time.

The eruption of outrage was immediate, with most commentators taking literally the statement "collection directly from the servers" which appeared on the latest slide to be revealed, again by the Guardian, the "FAA702 Operations" slide.

Company spokesmen quickly denied the reports, first with brief, cautious statements remarkable for their similarity, and subsequently with broadened and less equivocal denials.  Meanwhile the sheer scale and intrusiveness that would be required to access these complex services "directly from the servers" is mind-boggling; the practicalities of mounting such an effort in so many technically diverse sites without a prior leak is hard to imagine.

The newly released "FAA702 Operations" slide
features the "directly from the servers" comment.
So let's just say those cranky paranoiac conspiracy theorists are looking mighty sage at this moment.  We'll learn more as time goes on.  However, for now most analyses hinge on the "directly from servers" notion and ignore other aspects of the slides which may point to plausible technical explanations of what's going on ...and suggest how one can protect one's communications.

A focus on data in-transit

The second of the four slides originally published by the Guardian notes, "Much of the world's communications flow [sic] through the U.S."  And the newly released FAA702 Operations slide speaks of collection from cables and equipment.  Putting the two together suggests that the eavesdropping infrastructure is in place at the trunk and/or ISP level.  This would hardly be news, as such monitoring is familiar from the evergreen ECHELON and Carnivore programs of the '90s, not to mention the fabled Room 641A.

Slide 2 of the original set.
The problem with eavesdropping is that much of the traffic today is encrypted.  Besides corporate VPNs and https web services, other alphabet-soup encryption protocols cloak connections between user and server, for example the TLS transit-encryption offered by some email services.  But--and this is important vs. Slide 4's timeline--transit encryption is a fairly recent option for consumer email.

Conventionally, data sent via encrypted transport cannot readily be eavesdropped.  Two problems, though: they only encrypt from user to server; from there on there may be no encryption.  Encryption between servers is rarer.  Furthermore, some encryption is better than others.  PPTP VPNs, for example, are more readily compromised than some others (though as I've argued elsewhere PPTP is adequate for many uses).  Also note that when you send an email, its recipients are always exposed to your email service provider and to any eavesdropper, unless your email service and your recipient's service are among the minority that will encrypt server-to-server connections, and then only for that hop in the chain.

Meanwhile, there is a compelling hint in Slide 4 that encrypted transport is not the roadblock it once was, at least to the NSA.  Note the progression of PRISM "participants," from 2007 to the present.  Now compare:

And so on.  The compelling thing about this observation is the possibility that Slide 4 represents a progression of low-hanging fruit, as the chronology lines up.  In each case there was an extended period between "participation" in PRISM and implementation of encryption.  This would give an eavesdropper ample time to optimize parsing schemes for a service's formats, patterns and protocols before having to deal with encryption.

This notion is supported by the fact that as recently as April, Apple's transport encryption scheme was reported as uncrackable by the government.  But that report was based on a leaked document from the Drug Enforcement Agency, which resides many steps down from NSA in the surveillance-technology totem-pole.  It's entirely possible that the DEA had not gotten the memo in April that the NSA had cracked Apple's encryption just last October as the latest in a rollout of that elite agency's decryption capability going back several years.

Also, note that most commercial transit encryption is based on encryption keys managed and secured by Certificate Authorities (CAs), firms specializing in creating, storing and serving authentication credentials that uniquely identify the participants in a secure transaction.  (Some large companies run their own CA, including Apple.)  But successful break-ins of Certificate Authorities have occurred with startling regularity in recent years; a Google search for certificate authority hacked yields tens of thousands of hits.  A sophisticated state actor possessing a CA's identity, keys or tools for generating them can eavesdrop on communications secured by the hacked authority's services.  Hence, one interpretation of the PRISM revelations is that they may indicate the ongoing cavitation of the CA-based trust chain.

[UPDATE: A new article in the Huffington Post describes the communications between whistleblower Snowden and journalist Greenwald: "Snowden only wanted to communicate securely using PGP encryption…"  Now, if Snowden is what he says he is and knows what he says he knows, that's a hell of an endorsement of PGP.  And more importantly, it indicates that the NSA does not have the ability to decrypt by brute-force.  So Snowden's reported preference--together with Slide 4's $20M budget number--even more strongly indicates a CA-spoofing approach as the likeliest explanation of the "as-you-type" claim.]

[UPDATE: A report by CNN, quotes further claims by Snowden, including "targeting fat data pipes that push immense amounts of data around the Internet... We hack network backbones -- like huge Internet routers, basically -- that give us access to the communications of hundreds of thousands of computers without having to hack every single one."  If true, breaking the encryption of such massive amounts of data can only be achieved by possession of spoofed or purloined CA credentials.  No known technology exists which would allow it otherwise, especially if costs are anywhere near the Slide 4 number.]

[UPDATE: The Electronic Frontier Foundation has published a marvelous and timely article, "How secure is HTTPS today? How often is it attacked?"  Money quote:
In short: there are a lot of ways to break HTTPS/TLS/SSL today, even when websites do everything right. As currently implemented, the Web's security protocols may be good enough to protect against attackers with limited time and motivation, but they are inadequate for a world in which geopolitical and business contests are increasingly being played out through attacks against the security of computer systems.
#1 on their list of vulnerabilities: "Break into any Certificate Authority (or compromise the web applications that feed into it). As we learned from the SSL Observatory project, there are 600+ Certificate Authorities that your browser will trust; the attacker only needs to find one of those 600 that she is capable of breaking into. This has been happening with catastrophic results."

The rest is essential reading, too.  Read the whole thing.]

The "As-You-Type" claim is a special concern

Webmail services help prevent loss of your work in the event of a disconnect or crash by frequently storing your draft on their server as you compose it.  This blog post, for example, has been saved to Blogger's server automatically many dozens of times as I've worked on it.  Had I typed something incendiary and intemperate about some politician or bureaucrat, that would have been stored as well-- and potentially monitored and inspected if my phrasing (or integrated profile) contained certain keywords or triggers.

This means cloud-based services of a wide variety have the capability of capturing and potentially monitoring your evolving thoughts and phrasing, even if you think better of them before committing the "Send" or "Publish" button.  So, it's bad enough that what you email and say is monitor-able... what you think is also.


Perhaps PRISM is just an ordinary court-ordered data dump.  Verizon showed that those court orders can cast a wide net.  Counter-argument: Insufficient to explain "as you type" surveillance of the alleged sweeping extent, assuming that's true.  But maybe the as-you-type capability is part of the "Upstream" segment of the FAA702 slide rather than the PRISM segment.

Perhaps PRISM really does represent monitoring operations or back-doors at the servers of Google, Apple, Facebook, Microsoft, etc.  Counter-argument: These are highly heterogeneous computing environments.  Insertion of monitoring equipment or back-doors would be a massive undertaking and specific to each provider, involving their top engineering talent.  Hard to imagine how this could be feasible, especially for the $20 million annual budget in Slide 4.  On the other hand, the information flowing into and out of those servers, decrypted, is standards-compliant HTML and so forth-- eminently monitorable.

Perhaps the companies are lying.  Their statements were too similar, too scripted.  Counter-argument: Lawyers and executives tend to phrase things with precision, and the statements issued by company spokesmen reeked of lawyerly parsing and executive tip-toeing.  Spokesmen and CEOs would naturally have little interest in their companies' cooperation with occasional court orders, though they'd know they occur.  That's sufficient to explain the initial denials.  In fact, corner a Zuckerberg, Page or Cook on any controversial issue, and you'll get cautious phrasing like that.  It doesn't necessarily indicate collusion with the Feds nor anything to hide.  On the other hand, the creepy collection, correlation and wholesaling of user information is the foundation of the business models of several companies on the list.  But that doesn't provide as-you-type surveillance.

Perhaps PRISM represents an unfolding decryption capability based on Carnivore's progeny.  This, I think, is the conjecture most in keeping with the published reports to date, the as-you-type claim, the $20 million budget number, and Occam's Razor.  It requires only a generous interpretation of Slide 2's "directly from the servers": if one assumes that can mean directly from the pipes supplying the servers then the companies' broadening denials begin to make sense.  Even the Slide 4 timeline makes sense.

Law-abiding citizens have nothing to worry about.  This all just benefits terrorists and child-porn freaks.  Counter-argument: If you feel like bcc'ing Eric Holder on every email you send, be my guest.  Go ahead, set up your phone as a permanent party line with the NSA.  Think of a politician or bureaucrat you really loathe and share your desktop with them 24/7.  ...It is untrue that only creeps, paranoiacs and enemies of the state should be uncomfortable with the cataclysmic loss of privacy that PRISM may represent.  And here's a thought: if the US can do it, what if other countries can?  Fine, say you trust Barack Obama and the entire Federal edifice; do you also trust Xi Jinping?  Vladimir Putin?

Lots of the hoo-hah is about metadata.  At least the government isn't listening into your conversations.  Counter-argument: If you use any digital communications channel such as a cell phone or VoIP, conversations are among the most readily monitorable types of data on the list in the NSA slides, enjoying weak encryption if any.  Besides, the metadata--collected over time and correlated with that of your contacts and your interests--paints a very detailed picture of you.  It's the reason why the social networks are so highly valued.

What to do

President Obama defends the PRISM practices and warns that its disclosure will drive the bad guys underground.  That's a clue that it is still possible to hide.

First, although the trust chain for conventional commercial encryption may be irretrievably broken by now, it's still very much worthwhile to use https, ssl, tls and other transport encryption tools.  They are still effective against eavesdropping by all but the most sophisticated eavesdroppers, at least between your computer and your service provider.  After that first node, however, there are no guarantees.

Beyond that, encrypting your files and message contents using private encryption techniques (non-CA-based) would seem, from Obama's comment, to still be a way of cloaking your communications from inspection by anyone.  It seems likely that brute-force decryption remains elusive, especially for real-time monitoring.  (Certainly then-Sen. Biden must have had a reason for inserting identical anti-encryption wording in two unrelated bills.)

Among my suggestions --and believe me, the bad guys already know about these:

  • TrueCrypt is a free/open-source tool for encrypting files in various ways. 
  • GPGtools.org makes a fabulous plug-in for the OS X's mail.app that makes it easy to send and receive emails signed and encrypted privately, without reliance on Certificate Authorities.  It's free and open-source... I've donated, and recommend you do too.
  • GPG4Win offers something similar for Windows users.
  • FileVault2 is a whole-disk encryption technology that encrypts your Mac's entire hard disk with virtually no noticeable performance hit.  It secures your machine whenever it's locked or turned off, so that a thief, spy or Evil Hotel Maid is unlikely to get anything useful off of it.  It's installed on recent versions of OS X and just a Preference Pane check-box away from activation.
  • CryptoCat is an easy-to-use secure messaging tool, free and open-source, that supports a wide variety of computers and operating systems and can also be accessed in browsers.
  • Tor is an anonymized Internet connection that, used properly, obfuscates your location and cloaks what you're doing on it from your ISP on to whatever service you're accessing.  (Just, don't in the fullness of your fervor allow your machine to be a Tor exit node... the service is popular with assorted creeps and bad-guys, and you will be their traceable identity if you do that.)  [UPDATE: In reply to my question on their "Tor vs. PRISM" blog post, Tor developers noted, "Tor does not rely on any CAs. Every node generates its own keys and directory authorities are hard coded into the application. If you are looking for an introduction to the way Tor works there are several videos on YouTube."]
  • Wickr is a secure communications app for iOS and, soon, Android that features self-destructing messages and other privacy tools for communicating with other Wickr users.  (My username: sjwickr)
  • Silent Circle is a secure communications platform that includes encrypted VoIP for talking, emailing and messaging other Silent Circle users.  From Phil Zimmermann, inventor of the PGP encryption algorithm (and the target of Biden's legislative trickery).
  • Liberté Linux is a specialized version of Linux which deeply integrates encryption and Tor networking (for example replacing the conventional browser with one that only uses Tor) and which replaces conventional email with secure "cables" to other Liberté users (I'm hxwua6y464h4cpuq5oscyq3bvxpxxgbu@cpundtimj5g6twt2.onion ...for now).  Liberté can be run in a virtual machine or booted from a CD or USB stick and must be left running in order to receive cables.


My recent essay, Free vs. Freeing, touched on the central issue of all this: as we utilize free services provided by friendly companies, the costs are often unacknowledged.  Now, I speak as a guy writing on Blogger's Google-owned service... which is not a problem, as I'm aware that as I've pecked at this post, my evolving thoughts have been uploaded, my profile is correlated and marketed, and my ultimate message is noted.  But for other services, I'm among the cognoscenti who will happily spin up a service on my own machines, who knows to implement PGP to help ensure the privacy of email conversations,  and so on.  So, certainly, take advantage of the products and services mentioned above. But take this as a call to educate yourself: on what's alleged, what's going on or could be, on the technologies involved and how they've broken down, on how to reduce your reliance on them, and most of all how it has come to this.  We may, as some have stated, be beyond the point where the democratic process can influence matters.  There's only one way to find out.

27 May 2013

Free vs. Freeing

This essay was originally posted on Patricia Seybold's Customers.com.

Drive through the green hills of the Virginia horse country: dotting the rolling landscape are lavish
estates of the truly rich, distant stone monuments to old money overlooking countless acres of beauty and protection. Nearer the cities lie gated communities of the merely well-off, cloisters of fine homes and upscale condominiums onto whose streets only the authorized are admitted by uniformed guards. Then come the jumbled neighborhoods of the common, for whom horses are perhaps something to bet on and cheer if they’re of any consequence at all, the everyday business of existence being more at stake each day.

The stratification has evolved naturally, with the wealthy seeking high and isolated ground of their own, the accomplished erecting pens for themselves, and the rest left to strive as well as they can as they bump and clash their way through their weeks and days, doing what’s obligated and taking what’s offered. Humans have organized themselves in similar ways for centuries: feudal fiefdoms, the beau monde, tribal civilizations, even academic societies naturally organize themselves in this fashion.

It’s nothing new.

The term personal computer is now precisely three decades old, but only recently have computing devices begun to truly shade within the penumbra of the person. A beige box on a desk was, in retrospect, hardly personal. A location-aware computing and communications device in one’s pocket is more so—always on, sense-enabled, and always connected to the new compute, data, and social resources of the world—and it has begun to influence, define, and modify personhood. Wearable computers are next: after that lies conjecture, but it is certain that devices will fuse ever closer to the essence of the person even as their resources and mechanisms evanesce to the cloud.

It’s unremarked, but of little wonder, then, that a similar stratification is emerging among these more-truly-personal devices. From the roiling primordial bog of silicon and copper that incubated technology for 30 years have emerged devices made increasingly in our own image: they help us see, help us remember, help us chatter and enjoy, help us earn and retain wealth—both the old kind, denominated in numbers and influence, and a new kind denominated in gnostic power.

For those affluent in this new way, there will be self-contained estates, separate and secure. For them, information is something maintained aloof and stoic and distant, and, most of all, detached. These elite of the new elites will build their own unapproachable stone monuments to their uncommon mastery of the wisdom of this age. They will loft their own clouds, because they can.

For those merely well-off in this new way, there will be gated and protected neighborhoods, their assets secured by paid patrols and uniformed guardians. For these burghers of the new era, security is something hired; privacy is a matter of dues and subscriptions; trust a matter of fealty.

For the common—those who participate without influence, who build without architecting, who use without grasping, who exalt but don’t know—the new age offers bounties, but wealth of the new sort is not theirs. Instead, for them lie days of labor leavened by circuses, their comings and goings predictable and, moreover, predicted, by their overseers, who ladle out a benign daily porridge without obvious cost.

Democracy, exult the common: behold the flattening; let no one hunger for bits and bytes and presence, and all for free.

Order, smile the bourgeoisie, secure in their pens, overwatched by guardians.

Liberty, sigh the lords, separate and free.

27 February 2013

On Marissa Mayer's New No-Remote-Work Policy

Has Mayer explained what's going on here?  

I'm not seeing it, not in the original reports (in which Yahoo specifically declined comment) or in anything subsequent.

I can go either way on her decision depending on what her objective is for making it.  For now, that's tabula rasa.  This article is a good example: it's one author viewing the decision through the lens of a working mom.  Okay: so the article reflects more the world-view and priorities of that particular author.  All the commentaries do, in fact, because what they're missing is the world-view and priorities of one Marissa Mayer.

Sure, Yahoo needed a shaking up.  A culture change.  A refocusing and a reduction in both force and in breadth of endeavors.  If a foundation of business is "find a need and fill it," it's not clear how the latter-day Yahoo is doing either.  Mayer's Job One is to fix that.  Okay, so how does this new policy fit in?

I'm a huge fan of the Five Whys technique.  So far the why-ometer is stuck at zero.

IMHO, we (and the pundits) have insufficient data for analyzing this move, much less criticizing it.  

But Mayer and Yahoo can be criticized for not getting ahead of this story.  From page 202 of Scott's Big Book of Pithy Pronouncements, Milton's Law states: "In the absence of information, people will naturally assume the worst."  Insofar as that's in play, it's potentially damaging and difficult to control.  In that regard, I'm not impressed.