Right, so because "true" end-to-end is impossible, we're supposed to sit back and do nothing ?
I'll be happy with encryption from my PC to its destination PC/server, thank you very much.
Priti Patel has declared war on encryption safeguards, demanding they be torn up for the convenience of police workers. Patel, the social conservative appointed Home Secretary by British Prime Minister Boris Johnson last week, used this morning's Daily Telegraph to call for end-to-end encryption to be broken with backdoors …
Certainly can be a lot more secure than mobile "apps". Unless anyone is willing to bet their lives that Android/iOS don't slurp keystrokes before you've actually encrypted anything ?
At least with a decent Linux kernel you can check your keystrokes aren't watched and build up from there.
"At least with a decent Linux kernel you can check your keystrokes aren't watched and build up from there."
You need a decent userland around it. You can start with that kernel but then wrap it in layers of opaque binaries and it doesn't matter what the kernel is.
Also don't forget about the whole OS-under-your-kernel thing that's all the rage now. The signed one *you* can't replace but the manufacturer can decide to or be forced to -- a.k.a. the Intel Magement Engine or the AMD PSP depending on whether you're blue blooded or red blooded.
Unlike the Clipper chip, because people have already given up control to one type of "encryption" (signing, in point of fact) to save a few pounds on their media computer, there's no fighting this technically. If the authorities say no encryption, every "normal" (x86/Android) computer manufactured in the last decade can be made to make sure your keystrokes are logged and display monitored.
Scary world, innit?
"At least with a decent Linux kernel you can check your keystrokes aren't watched and build up from there."Can you?You need a decent userland around it. You can start with that kernel but then wrap it in layers of opaque binaries and it doesn't matter what the kernel is.
Have you read the source code of everything compiled into the kernel?
What about the compiler, have you read the source code of that? Do you know if it compiles only what's in the kernel source code files and does not inject its own code into the final binaries? What did you compile the compiler with?
What about the firmware in the USB controller? Did you inspect the source code of the firmware, compile it yourself with a trusted compiler (see above), and is the code that was compiled from that inspected source code and trusted compiler the code that was actually loaded into the firmware? The keylogger could be in there, logging everything between the keyboard and the kernel before it gets to the kernel.
How about the secure controller most commonly available processors (Intel, AMD, ARM, Apple, IBM, etc.) have embedded in them/their chipsets? The same caveats apply as for the USB firmware. Same for HDD/SSDs, NICs, PCIe controllers/switches. They all have embedded microcontrollers with their own firmware.
And they're coming to take me away ha-haaa
They're coming to take me away ho ho hee hee ha haaa
To the funny farm
Where life is beautiful all the time
And I'll be happy to see those nice young men
In their clean white coats
And they're coming to take me away ha haaa
Quick correction, IBM is one of the few without one of these signed nasties. RISC-V and a bunch of the weaker ARM chips also lack them.
And really, you only need to be concerned about the firmware of things that have direct network and CPU internal access. What's your keyboard going to do, radio the key out somewhere? Needs a modem and antenna to do that, so spend 5 minutes looking at the PCB for one -- it's not hard.
The ME, PSP, and TrustZone on the other hand, are perfectly suited based on their position in the system and more importantly that there is *no* way to use the system without them or replace them with something you compiled from source. None, nada, zilch -- they're signed "for your protection".
More like Google, GCHQ, and Hollywood's protection, but we'll just handwave over that. It's better PR.
If you have compromised firmware, then there is no requirement for comms between devices to pass through processing done by software. E.g. a compromised USB controller on the motherboard doesn't have to go through the O/S to access the NIC. If the NIC is separate from the processor, e.g. a PCIe expansion card, it could go point-to-point along the PCIe bus.
If you compromise the firmware of the entire system, the UEFI, then you can do what you like without any CPU involvement (assuming you don't want or need the horsepower above the embedded microcontrollers).
And, depending on what the firmware does, the firmware could inject into the O/S it's own malware that can't be seen by the O/S, to do its own nefarious tasks, like capturing data coming in from the attached keyboard and then sending out out through the NICs. No extra hardware required. There are known HDD firmware that do this, they inject malware into the system so it runs as a rootkit, has full access to the system. When someone detects a virsus/malware and removes it, even does a reformat/reinstall, the firmware in the HDD re-injects the malware after the reinstall. Some security researchers found this HDD firmware a few years ago (2015 I think) and presented it at a BlackHat conference.
What about the compiler, have you read the source code of that? Do you know if it compiles only what's in the kernel source code files and does not inject its own code into the final binaries? What did you compile the compiler with?
A proof-of-concept of this attack was done decades ago...
https://scienceblogs.com/goodmath/2007/04/15/strange-loops-dennis-ritchie-a
Essentially, Thompson modified the C compiler to insert a backdoor into the login command. He then modified the compiler to add the code to do that into itself when compiled, compiled the compiler, then removed his extra code from the compiler's source code, so that when you compile the compiler, it adds the code to backdoor the login command on compilation back into the compiler, even though the mechanism to do so is nowhere in the source code.
The only way to get around this is to hand-compile the compiler, and then you have to trust the hardware it runs on anyway. Get your soldering iron out, and start hand-rolling your own capacitors...
> At least with a decent Linux kernel you can check your keystrokes aren't watched and build up from there.
That is not sufficient. You need a completely trusted tool chain leading to that kernal and all software running on top of it.
Cf. https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf
True end-to-end encryption is physically impossible without brains
I think you just redefined end-to-end.
Now if you'd just pointed out the risk of malware on a user's 'puter, you'd be right. But this Newspeak seems to me just to confuse the issue. Your end isn't final either in a world where spyware might read the human mind (even if that world is still SF).
True end-to-end encryption is physically impossible without brains that can directly grok encrypted data
Nah, dead simple. Using a random process to create a one time pad. Hand deliver pad to recipient. Encode message by hand and send via snail mail. Destroy one time pad, repeat.
Oh you want a system which is scalable and quick? Why didn't you specify that?
The Kim Darroch affair proved conclusively that this administration can't even keep its own internal secret communications out of the newspapers. Whether the leakage route be politicians grinding axes, crooked employees or coppers with dubious connections to the tabloids, I can't see why anyone with any sense would trust sensitive information to any arm of the British state.
Given that end-to-end encryption isn't going to go away for those determined enough to set it up, I guess we'll see something like the password reveal law to catch those who don't roll over and accept backdoored apps, and those who really don't want their business pried into will be finding other jurisdictions.
>I hope the leaker gets a holiday at Her Majesties pleasure.
Not just the leaker, but also the journalist/editor. There is no public interest defence to the publication of classified UK gov information, and it is a clear breach of the OSA for *both* the leaker and the publisher.
The only issue is whether it is decided not to prosecute as it is not in the public interest.
No, no, no
Otherwise everything, no matter how trivial gets classified as a secret... and that was trivial (sure it caused embarrassment, got Trump ranty (but so do most things) but not e.g. putting spies at risk of being uncovered etc,)
Already very little gets into the public realm due to over use of OSA (e.g. it's amazing how many bits of govt IT work want you to sign OSA, still means people get to be at risk of prosecution for revealing juicy bits about many govt IT project failures)
A couple of things:
Signing a document that refers to the Official Secrets Act is simply stating that you understand your responsibilities in terms of the act and this is done because you are expected to routinely come into contact with classified material.
Everyone in the UK is still covered by the act; you are just acknowledging that you really understand your responsibilities. I Have had to sign said pieces of paper more times than I care to remember over the past few decades.
When I was in the service (many many years ago), it was clear that items were routinely over-classified. Even the magazines that were delivered were stamped 'Restricted' - the lowest level but still a security classification.
I'm sure there's a secret gov farm/lab/tank where they grow them, and when the time comes, hose, rinse, insert the battery, and out comes your new Home Sec, each one horribler than the one before.
I suspect that this is simply a very extensive dossier of particularly horrible true cases of child abuse at the hands of child pornographers and retrospectively obtained encrypted emails where the security services (quite rightly) say that "if we'd have been able to read these messages at this point, these kids wouldn't have been abused. These kids/people would still be alive." before then coming out with the same for terrorism etc, etc, etc, etc, etc. Do that for a few hours worth of briefings, and pretty much anybody (even if you have a heart of stone) is going to take the department line that "we need to do something about this".
The question is "what?".
There is a legitimate need in certain situations for law enforcement to lawfully get access to encrypted communications. The problem is that as noted, you can't trust any key you give them not to get leaked allowing remote access to pretty much any device.
I'd think the eventual response will probably be more along the lines of breaking encrypted storage on a device in a way that requires local access to exploit.
@Peter2: I wish I could agree with you about the dossier. Even if I did, I would have to think that the next words would be "It would be a shame if your knowledge of any of this were to come to the public's knowledge, wouldn't it, Minister? What would people think?" Someone senior in the Home Office has a serious obsession with regard to not being able to access everything they think they should be able to, and will do anything to get their own way, regardless of how disproportionate the result.
"I suspect that this is simply a very extensive dossier"
Something like that. The last Home Sec, shortly after being appointed was interviewed in the Times describing being shown an alleged chat room and a child being groomed. This, he said, persuaded him. In other words he described the brainwashing without even realising that that's what was being done to him. He didn't even stop to wonder whether the entire thing was staged. Nor did he stop to ask whether, if this wasn't encrypted why breaking decryption should be necessary. This is the standard of thought that makes a good Home Sec from the HO's PoV.
If those are the 'pro's' of banning encryption, perhaps we ought to be highlighting the 'con's' as a counterbalance?
How about:
-No more online banking/bonking by phone/contactless
-Power utilities hacked and we get taken back to the Victorian era (without the horses to do all the work)
In fact, we only have to lose the power for *everything* to fall apart very quickly..
-no food
-no fuel
-no heating
-no help (police/fire/ambulance)
The thing is, frankly people rely on encryption and security software where frankly, I feel it's outright inappropriate.
People talk about "oh, you could hack that nuclear power plant and cause a disaster", but the controls in the control room of the nuclear power plant that I have seen were done in ways that were secure beyond any possible doubt.
The controls for each reactor were on physically separate hardware with appropriate backups, on physically separate consoles with a purpose built 1970's OS that had never heard of networking. No remote access at all, everything was done via access to the console. They had a new computer next to the old box for searching digital copies of the manuals, but it was a completely separate system entirely and physical manuals, checklists, procedures etc were maintained as a fallback in hardcopy on shelves next to the control stations.
While I suppose that it's possible that the gas power plants that now make up most of our power generation could be disabled remotely, i'd doubt it given that they would have been built from the 1970's-1990's, and so the control software is almost certainly incapable of being connected to the internet; even if built with the OS's commercially available at the time it appears unlikely that either the software or hardware could possibly be connected.
That said, IMO anything capable of causing physical harm IRL shouldn't be directly connected to the internet. Losing websites would be an inconvenience. Losing power and major infrastructure could be a civilisation ending event if certain people in certain positions aren't as paranoid as i'd hope they are.
"Losing power and major infrastructure could be a civilisation ending event if certain people in certain positions aren't as paranoid as i'd hope they are"
You would be amazed, and not necessarily in a good way. I'm not saying there aren't plenty of people who care, but they are fighting a *system* that isn't designed to deploy security best practice in all situations. Bureaucracy will be the death of us all I expect.
Also, whilst I'm not going to go into details (for obvious reasons) you don't have to disable a power station to turn off the power. Plenty of real-world examples of honest mistakes that have taken down large sections of the power grid in various countries.
"That said, IMO anything capable of causing physical harm IRL shouldn't be directly connected to the internet. "
I couldn't agree more, but that isn't the world we currently live in.
Poor Pritti and other embarrassed politicians and various 3 and 4 letter agencies.
If the governments around the world (particularly the five eyes as revealed by Mr. Snowden) had not been trawling everything possible, then the push for end to end encrypted personal communications might not have been as hard, but after the revelations that they were spying on their own populations without good reason (other than trying to use computers where a real brain would be better and of course for the power trip) and slurping everything (which makes them no better than China in that respect) people decided it was none of their business what they were chatting about.
Given that the various acts in the UK leave basically no privacy otherwise, it is of no surprise to anyone in technology that end to end encryption is very popular indeed. Methods to defeat (admittedly currently highly inaccurate) facial recognition are continuing apace, apparently.
As it is, I personally use Signal for messaging (which is indeed end to end encrypted and I cannot give any keys because I simply do not know them).
So my perspective is tough shit; you all brought it on yourselves.
Why on Earth would Ms Priti Patel create almighty invisible foe and invincible intangible enemies for herself and self-serving friends with the fielding and fronting of a folly riddled with holes to its core?
Whatever is she smoking?
It's too strong for you, Priti. Try something else, not so powerful and overwhelming. It'll be doing everyone a great favour.
Or is it a mental health problem for her and supporters which rejects the evidence and views of experienced experts mastering in the subject matter?
We deserve better from those who choose to present themselves as a government representative of the people.
Because she doesn't understand mathematics, doesn't want to understand, and thinks her career will be improved by refusing to listen to experts in whichever field she's currently trying to break.
Same as every Home Secretary in living memory. There's something very rotten in that department.
Or is it a mental health problem for her and supporters which rejects the evidence and views of experienced experts mastering in the subject matter?
It's not just her and supporters: There is a view by a large proportion of the population that experts are to be derided, that Gary down the pub knows more about a subject than someone who has spent his whole life working with or studying it. They also deride politicians and the media for being untrustworthy, unless of course they agree with what that politician or reporter is saying.
We have taken confirmation bias to the extreme, and the internet has aided the creation of almost perfect echo chambers to encourage this (even though it should do the opposite, with all that information available at our fingertips).
Problem is, a true true echo chamber is actually immune to outside influence, as it is able to turn that information against itself by using things like confusion-fu to make them look like they're "out of the loop" and don't really know any better. That's why it's so hard to argue with someone irrational: they're not thinking the same way we are.
Watch Priti Patel in debates on Question Time. She comes across as a very nasty person indeed. Scary to think that she is now home secretary.
On a separate note, as much as the intelligence agencies complain about encryption, the truth is that this is a golden age for electronic surveillance. Never before have the agencies been able to gather, store and process so much data about so many people. End to end encryption only impairs a small part of that,
Shame the horse has already bolted, not like openssl hasnt been available for decades, so as much as they would like to, crypto (and its source) is out there, nothing can stop end to end, and at best all that would happen is that face book or what ever comes along and makes that curly haired pricks website the next myspace will end up in court, years pass by mp's get bought off one way or another and everyone is happy, decision comes down one way then appealed the other too many day to day tech interactions the great unwashed will rely on will use end to end by the time a decision is made to render it all moot, as denying them conveinience will cost the assholes their seat in parliment or unpractible to enforce anything anyway. perhaps crypto will be the new tobbaco industry, the popular liars must be shitting it thinking they will only have landmine manufacturers to give them bungs by 2030...
Oh don't worry, that's been fixed. The Intel Management Engine and AMD PSP will ensure that despite what you try to run open source, a copy of the key or direct keyboard input is taken from underneath the kernel and sent to the authorities (think some kind of unblockable multicast or HTTPs via DoH to some master provider that won't let you online if you're not talking to it).
That's what years of just chasing the cheapest thing without caring about whether you actually have control of it or not will do. Welcome to 1984, comrade!