MindSet

View on Encryption,Decryption for security purposes

25 posts in this topic

Hi,

I've made my way here by searching google.

I must say, quite a nice forum.

Aside from that, let's get on topic.

For my first post, I'd like to ask you...

What is your view on Encryption, Decryption for security related purposes?

How well are you secure?

Everyone uses an instant messenger, are your convo's encrypted?

Do you protect your files with an encryption?

Alot of times, you are vulnerable to attacks and not even realise it. Email accounts can be taken over and all your convo's etc... can be easily readable. Are you encrypting the text in your conversations?

0

Share this post


Link to post
Share on other sites

Cryptography is a wonderful tool. It has its uses in many different areas. Full-disk encryption helps protect against offline attacks. IM encryption, if done right, helps protect against Man-In-The-Middle (MitM) attacks and eavesdropping. However, cryptography isn't meant to be the end-all-be-all of security. With any piece of data, humans are involved. Humans are the weakest link. We can secure our systems, data, and networks by using sophisticated tools including encryption. But even the best digital security practices can be easily foiled by a simple phone call.

We use encryption at work for certain pieces of data and certain protocols. We use it to secure our VPN traffic. We use it to secure IMs. When IllumOS supports ZFS encryption, I will definitely make use of it.

Overall, encryption is a great resource. But don't mistake it for being the solution to all security-related issues.

1

Share this post


Link to post
Share on other sites

In addition to encrypting sensitive information and personal e-mails, I also don't use IMAP e-mail or leave my messages on POP3 servers. While having everything available everywhere is convenient, especially if you have more than one computer you use often, it leaves your messages out in public. Besides, after a period (90 days officially, IIRC) the e-mail is considered abandoned. No search warrant is required for abandoned e-mails.

Mostly I encrypt magneto-optical disks with personal data on them. I store a lot of records for my part-time business as backups on them, and consider it sensitive information.

0

Share this post


Link to post
Share on other sites

Very much agreed. Strong point.

Although I do understand it's not the solution for all security related issues, but if you are needing that extra security, I'm positive it can add that extra hmph.

In my field experience from the interwebs, gaining access of others email's, i.m's or files is far too easy.

If you are an everyday person, some of these things may help you, and overall, if someone was that much into protecting themselves, they should know by now to NOT save passwords. lol

Later in the thread, I'll reveal my reason of topic.

Edited by MindSet
0

Share this post


Link to post
Share on other sites

I think too much is made of encryption.

I don't bother encrypting my emails. I don't do full-disk encryption. I don't encrypt my instant messenger conversations. I really don't see the point. MITM attacks are not possible in my home environment. My computer being compromised is so improbable that it's not worth the effort of going through defensive measures other than my typical router + closed inbound ports combo. Plus, if it was compromised, full-disk encryption would do nothing.

The only thing I do is that I keep an encrypted file on my hard disk, where I put my pron when I travel to other countries. I do this because some countries will do very bad things to people who have adult-adult pron (even the US). So I do that, wipe my swap, wipe my history, and overwrite empty sectors when it's all done. But only when I plan to travel.

The only time I would ever take any additional precautions is when I'm at a hacker con. Because it's only there where the threat of an actual MITM attack or passive network sniffing is beyond negligible. For that, I'll tunnel everything through SSH with a pre-verified RSA key. If there's a key mismatch, I drop the connection.

Edited by Seal
0

Share this post


Link to post
Share on other sites

So, you are telling us, you aren't vulnerable in anyway?

Also, If you are saying that you don't hold any valuble info stored on your pc, that is very doubtful.

0

Share this post


Link to post
Share on other sites

So, you are telling us, you aren't vulnerable in anyway?

Also, If you are saying that you don't hold any valuble info stored on your pc, that is very doubtful.

The risk of compromise is negligible. So the question becomes: is it thus worth it to me to spend all this time maintaining extra layers of security, most of which is largely illusionary, to reduce by a negligible amount the already negligible risk? No. It is not.

Cost versus benefit.

0

Share this post


Link to post
Share on other sites

Besides, after a period (90 days officially, IIRC) the e-mail is considered abandoned. No search warrant is required for abandoned e-mails.

i have never heard this before... could you provide more information on where i can read about this, or what laws this relates to?

i find it difficult to believe that this is true, if i have documents that i store in a file cabnet that are older than 90 days they are not considered abandon, and i believe that the same should be true for any digital forms of media that may be stored on an email server - just because the message is >90 days does not mean that i have abandon the message

what if:

i place it into a folder, and do not just leave it in my in box? this would indicate that i have read it, and archived it for future reference...

i have never opened the mail yet, or set it to unread? can i truly abandon something that i have not yet read? also, since i am unaware of the contents, how could that even be used as evidence?

i have flagged if for follow up? which would indicate that i have not abandoned it, and will be returning to the message for a follow up

i have opened the message every <90 days? this would indicate that it is not abandon, but just being stored on the email server...

you have really peaked my interest, as i do not like to delete my email, so that i can refer back to it in the future... i even make attempts to put messages in relevant folders to make it easier for me to find messages relating to a certain topic, or from a specific person/company - but this also would make an intruder or feds job easier if there were actually anything in my email worth going thru, which i highly doubt that there is - the only thing in my email of much concern is my direct deposit alerts from my bank...

0

Share this post


Link to post
Share on other sites

Well, It's not just about an extra cost for security. It's about knowing you, yourself is secure, along with your files and such that are of importance.

I'm not sure about some of you, but there are certain things I would just really like to be kept 100% private. Even the most simple text encryption could help you in a way.

If you think you aren't vulnerable to attacks as such as exploits, then you are highly mistaken. It only takes going to 1 site to get exploited, and the thing is, you will never even know it.

Like I said, It's about knowing you are safe, secure and protected.

0

Share this post


Link to post
Share on other sites

Well, It's not just about an extra cost for security. It's about knowing you, yourself is secure, along with your files and such that are of importance.

I'm not sure about some of you, but there are certain things I would just really like to be kept 100% private. Even the most simple text encryption could help you in a way.

If you think you aren't vulnerable to attacks as such as exploits, then you are highly mistaken. It only takes going to 1 site to get exploited, and the thing is, you will never even know it.

Like I said, It's about knowing you are safe, secure and protected.

I think the underlying ideology you're starting to argue can be turned into a broad debate. I don't want this thread to turn that way, so I'll say only what time has proven: security is a tradeoff, usually one that involves time and money. Risk analysis can be done to determine the seriousness of the weaknesses. That's what I'm in charge of at work: finding vulnerabilities, classifying them by seriousness, and making cost-effective suggestions. Management may approve or disapprove based on budgetary constraints or otherwise. If Seal thinks his current setup correctly handles the risk he's willing to take, then he'll continue what he's doing. Remember that there is not a single system (and, being networked, neither Seals' nor your systems are part of a complex system) that is 100% secure.

That being said, I'd prefer we stick to the topic of encryption. What items do we choose to encrypt? What do we let go?

0

Share this post


Link to post
Share on other sites

Interpretation of the Fourth Amendment provides for warrantless search of property or goods that have been deemed "abandoned," such as when one checks out of a hotel room, ditches a car in the desert, or throws something away in a public place. You can find many examples of these kinds of searches via Google. Of course, with property, showing a clear intent to abandon something is a lot easier than with data. I'm trying to locate the case I'd heard about this from, as I'm aware of at least one actual incident in which old e-mail was deemed abandoned by a server's policy and no warrant was required to get it. I suppose I should have been clearer than offering "90 days" as the limit for abandoned status, as it usually varies somewhat by provider. I know my university considers mail abandoned and batch-deletes it some time after 90 days on their server, and it seems Yahoo! Mail follows a similar policy.

But yeah, abandoned data can be searched without warrant under the Fourth Amendment just like anything else. Check out State v. Howe, in which the state of New Hampshire was allowed to extract data from media left behind when a guy moved apartments (yes, it was child porn, but it applies to anything you might "abandon.")

EDIT: to address a specific of your question, certainly you can abandon something without having opened it. I do it all of the time with both e-mail and snail mail. You get stuff that you can tell from the outside you have absolutely no interest in opening, and cast it aside. It either gets thrown out (abandoned as soon as it hits the trash), or can fall into the abandoned category based on your server's policy.

To stay on-topic, I mostly encrypt things that I fear could harm others if they were to be found. For instance, if someone is sending me something that could be personally incriminating to them -- even if it's not something that would be illegal -- I encrypt it if it gets saved. A particular case that I can think of involved a female friend who occasionally sends me creative writing bits to read over. It's nothing illegal, but we're friends with the same people and some of them wouldn't be happy about the subjects. I started doing this after an incident like that involving a document being left on my desktop. Same with my business correspondence and data...some of it contains financial information, but I suppose even a competitor finding out what one of my buyers pays per item vs. what they pay could be a problem.

Edited by systems_glitch
0

Share this post


Link to post
Share on other sites

Interpretation of the Fourth Amendment provides for warrantless search of property or goods that have been deemed "abandoned," such as when one checks out of a hotel room, ditches a car in the desert, or throws something away in a public place. You can find many examples of these kinds of searches via Google. Of course, with property, showing a clear intent to abandon something is a lot easier than with data. I'm trying to locate the case I'd heard about this from, as I'm aware of at least one actual incident in which old e-mail was deemed abandoned by a server's policy and no warrant was required to get it. I suppose I should have been clearer than offering "90 days" as the limit for abandoned status, as it usually varies somewhat by provider. I know my university considers mail abandoned and batch-deletes it some time after 90 days on their server, and it seems Yahoo! Mail follows a similar policy.

But yeah, abandoned data can be searched without warrant under the Fourth Amendment just like anything else. Check out State v. Howe, in which the state of New Hampshire was allowed to extract data from media left behind when a guy moved apartments (yes, it was child porn, but it applies to anything you might "abandon.")

EDIT: to address a specific of your question, certainly you can abandon something without having opened it. I do it all of the time with both e-mail and snail mail. You get stuff that you can tell from the outside you have absolutely no interest in opening, and cast it aside. It either gets thrown out (abandoned as soon as it hits the trash), or can fall into the abandoned category based on your server's policy.

To stay on-topic, I mostly encrypt things that I fear could harm others if they were to be found. For instance, if someone is sending me something that could be personally incriminating to them -- even if it's not something that would be illegal -- I encrypt it if it gets saved. A particular case that I can think of involved a female friend who occasionally sends me creative writing bits to read over. It's nothing illegal, but we're friends with the same people and some of them wouldn't be happy about the subjects. I started doing this after an incident like that involving a document being left on my desktop. Same with my business correspondence and data...some of it contains financial information, but I suppose even a competitor finding out what one of my buyers pays per item vs. what they pay could be a problem.

ok i found some links about the abandon email thing... http://news.cnet.com/8301-13578_3-20002722-38.html in where yahoo actually fought back against the DOJ for requests for emails with out a court order, and this document http://www.eff.org/files/filenode/inreusaorder18/MotiontoCompel.pdf which allows email to be read by the phedz after 181 days with out the need of a warrant... which is twice the time stated by you previously... which IMO is still completely unacceptable, but at least provides a more reasonable amount of time for someone to make a determination if the message is worth storing, or deleting...

as for the encryption part of the conversation - i do not have anything encrypted... i see little need for my home network to have any encryption..

0

Share this post


Link to post
Share on other sites

In a way encryption leads to a false sense of security.. A lot of my friends think it is okay to give out their C.C./personal info as long as it is over a TLS/SSL connection. They fail to realize that a lot of companies are vulnerable to things like SQL Injection, not securing backups, rogue employees, etc... and that's how most personal info is compromised, not sniffing it over the LAN (where SSL comes into play). Also people are taught to look for an ssl connection from the padlock in the web-browser and not a valid session. Browsers are getting better and better at giving a warning, but some people still don't get it.

I guess full disk encryption, if used can help with unsecured backups, but thought still has to be put into developing a database application with security in mind. Or the best encryption standard in the world is useless.

0

Share this post


Link to post
Share on other sites
Plus, if it was compromised, full-disk encryption would do nothing.
It only takes going to 1 site to get exploited, and the thing is, you will never even know it.

MindSet: Seal knows this, look at the above quote. If you own his box via the latest Windows 0-day, full-disk encryption is not going to help. Your disk will have already been decrypted if you booted in Windows. The data is now yours.

In his eyes, it's not worth it.

I use full-disk encryption. I also use GPG when dealing with emails and files that I deem sensitive.

0

Share this post


Link to post
Share on other sites
Plus, if it was compromised, full-disk encryption would do nothing.
It only takes going to 1 site to get exploited, and the thing is, you will never even know it.

MindSet: Seal knows this, look at the above quote. If you own his box via the latest Windows 0-day, full-disk encryption is not going to help. Your disk will have already been decrypted if you booted in Windows. The data is now yours.

In his eyes, it's not worth it.

I use full-disk encryption. I also use GPG when dealing with emails and files that I deem sensitive.

Yes, I completely understand what he's saying. But, I'm talking about for security purposes, after the fact.

Encryption will do nothing for you saving your passwords, then go to a random site and get infected.

What I'm saying is, with it being so easy for you to get infected, securing your emails etc... wouldn't really be a bad idea.

Maybe some of you don't understand how easy it is. Not sure.

0

Share this post


Link to post
Share on other sites

Yes, I completely understand what he's saying. But, I'm talking about for security purposes, after the fact.

Encryption will do nothing for you saving your passwords, then go to a random site and get infected.

What I'm saying is, with it being so easy for you to get infected, securing your emails etc... wouldn't really be a bad idea.

Maybe some of you don't understand how easy it is. Not sure.

Well I would go back to lattera's initial argument: encryption is great, if used properly. It's not applicable in all contexts.

If you are already infected, then there's very little protection encryption will afford you. A keylogger would still be able to capture valuable information, your traffic to banks or other secure sites could be preempted and your information passed through an unwanted middle man, etc.

The best protection is education. Understand how basic popular attack vectors such as CSRF and XSS work so that you reduce the risk of compromising your information. The future of compromising your information is not to infect your computer, it's to target the web apps you use. This is much more difficult to protect against, and the bad guys are all over it.

0

Share this post


Link to post
Share on other sites

Well, to stay on topic...

Encryption is used to secure your data, It isn't used to secure your system. That's what AntiVirus's are for. (Not saying that you didn't know that. Just stating.)

My point is (for the original topic), that using an encryption for certain things such as email conversations, I.M. conversations, files and programs can be a useful tool for "IF" you were to ever get infected. It's a security for before the fact. As far as being secure before the fact, using a simple Vulnerability Scanner helps to know what you are actually vulnerable to.

0

Share this post


Link to post
Share on other sites

So, I end my discussion with this...

This is my site (along with my 3 other partners). Online Crypter

We have Text Encryption, Decryption, Anonymous Virus Scanner, Vulnerability Scanner, along with many more tools.

There is a "Free Tools" section for those of you who think 'cost' is not good for a security.

Use the tools if you'd like.

0

Share this post


Link to post
Share on other sites

My main reason for using full-disk encryption is if in an unfortunate turn of events my laptop becomes stolen. Hopefully, it won't be on either.

0

Share this post


Link to post
Share on other sites

My main reason for using full-disk encryption is if in an unfortunate turn of events my laptop becomes stolen. Hopefully, it won't be on either.

Well, It's a good idea. Couldn't hurt anything. Most people I've heard of doing that uses TruCrypt.

0

Share this post


Link to post
Share on other sites

I was just having a conversation earlier with a friend of mine regarding encryption (it actually started along the lines of Paladium and TPM and lead into this).

The general consensus was:

a) If you're likely to grant law enforcement or anyone access to your files anyways just to avoid the legal problem, then why bother.

B) If you're likely to question authority at every occasion, then you might as well go balls deep and employ a defense against the rubber-hose methodology of cryptoanalysis. Because the weakest link in security is usually the person.

0

Share this post


Link to post
Share on other sites

I work for a global corporation, and it is mandated that all laptops have whole disk encryption in case of theft. Personally the only encryption I use is SSH, and KeePass.

0

Share this post


Link to post
Share on other sites

I was just having a conversation earlier with a friend of mine regarding encryption (it actually started along the lines of Paladium and TPM and lead into this).

The general consensus was:

a) If you're likely to grant law enforcement or anyone access to your files anyways just to avoid the legal problem, then why bother.

B) If you're likely to question authority at every occasion, then you might as well go balls deep and employ a defense against the rubber-hose methodology of cryptoanalysis. Because the weakest link in security is usually the person.

I wasn't exactly asking because of evading things from the law or doing anything illegal.

Encryption for security purposes can be used for more then just hiding things so you don't get caught. lol

0

Share this post


Link to post
Share on other sites

Personally, I find people's faith in cryptography amusing. From your statements, I think you don't know what "secure" really it. You should listen to lattera: it's all risk management. You determine the value of your assets, those that might want to attack them, what effort they might expend, cost of countermeasures, and then essentially make a cost-benefit analysis. If you want to build systems that truly mitigate risk (read: popular definition of "secure"), then you start with a realistic picture. Most software and systems, including security systems, are developed according to standards that max out at Common Criteria EAL4+. As US Govt said of the standard, these kinds of low assurance systems can only stop "casual or inadvertant" attempts to breach security. You need a lot more to stop determined, sophisticated, government or well-funded attackers. That requires medium to high assurance systems.... my specialty. Assurance is the level of confidence you have that a system meets its requirements, functional or security. Want to know what a secure system takes and costs? Read the old orange book's A1 requirements or DO-178B Level A (safety-oriented). Google Smith's papers on the LOCK kernel and system. Here's a few other high assurance (probably secure/correct) components: AAMP7G and VAMP processors; Integrity-178B, GEMSOS, VXX A1 Security Kernel, and seL4; BLACKER VPN, Type 1 encryption devices (see Safenet, L3 or General Dynamics), and the Tenix Data Diode. Some good medium assurance designs include XTS-400, Tenix Interactive Link, INTEGRITY RTOS/middleware, QubesOS, Perseus Security Architecture, Turaya Desktop, and PikeOS. Just to keep your mind brewing.

If you are targeted, then they will use any method that is cost effective. You think you're encryption products will help? Assuming your software has no flaws (hehe), it will only be secure if your Trusted Computing Base (TCB) is secure. Both hardware and software tend to have flaws, so we try to keep the TCB small to increase assurance. To put this into perspective, here's a typical TCB: hardware's hardwired functionality; firmware/BIOS/initialization; kernel mode code; drivers; trusted functionality in operating system, interfaces, common libraries, and applications/tools/input a given app depends on. That easily corresponds to tens to hundreds of megabytes on many systems. That's a lot of code to trust. You don't just trust that the components and modules are implemented securely: they must also maintain a secure state when they interact in myriad, unexpected ways. Guess what? The average Windows or Linux PC have huge, untrusted, poorly documented and hard to secure TCB's. If your software runs on them, it can undoubtedly be attacked on one of these levels. I'll run through a few possibilities for you.

The first is that your protocols, input validation or application of crypto isn't as good as it appears. This happens in peer-reviewed cryptosystems designed by experts, so it's quite possible in minds of a potential customer. The next attack is a buffer overflow, privilege escalation technique, or social engineering for privilege escalation to get an app privileges it needs to compromise security. If that doesn't work directly, the exploit could replace your software or its dependent libraries with subverted ones that record the key or encrypt with a 2 bit key. An exploit of a bug in kernel-level code, esp. drivers, may allow it to read the encryption keys from memory. Leave your computer unattended at Starbucks for a bathroom break and I just use the Firewire port to insert kernel-mode code or power it off and steal your RAM. (You probably won't think someone's doing a cold boot attack on you.) Perhaps I get an EE major from the local University to model the emanations on an identical laptop or desktop, then use an antenna to pick up yours and extract the key. Your AES or RSA algorithm might not be designed to prevent timing channels, meaning cache misses give a sneaky program hints about your key (see side channel attacks & AES covert channels). If all this plus a plumbing wrench won't get the info, I can get the same EE major to follow certain steps and perform an active EM attack against your system to get the key or sensitive data. It's kind of like shining a flashlight and figuring out whats hidden by the retina piecing together the information from the reflections. This attack was used by Soviets to monitor a US building by firing microwaves at a hollow piece of wood, transmitting the vocal vibrations back as altered microwaves. Paying a qualified individual to do the nearly untraceable attack might cost a few tens of thousands of dollars, less if its talented college students with "borrowed" lab equipment. Is that a worthy price to pay for an executive's bank account or the password to a TrueCrypt/YourCrypt protected master accounting ledger?

Building a secure system is a bottom up process. You have to do it in a layered fashion, securing each level and its interaction with other levels. You have to take steps to minimize covert channels as you do. Brian Snow explained the security problem as trying to build a Separation Paradigm on top of machines designed for sharing. It's hard and sometimes impossible. Sophisticated, well-funded attackers going for high value assets will use any method that makes financial sense. Each method I've mentioned has been used in real-world attacks and high assurance systems are usually designed to prevent one or more of them. Your stuff will only protect against casual or ignorant attackers who aren't very motivated. That's my prediction and history gives credence to the claim. Your crypto wouldn't stop me. I probably wouldn't need esoteric, technical attacks to get the data. Neither would lattera. You're products as a "secure" solution are a joke. They are just one piece of a large, complex puzzle. A puzzle that most organizations and individuals can't fully piece together. If your customer is insignificant, they are safe. If they have high value assets, they are compromised. Imho, might as well not used that product.

I've recently been compiling a compendium of papers on building high assurance systems, on systems that were built, on sophisticated vulnerabilities, and on what's being offered now. People with an ACM or IEEE account are best off, as they are gold mines. Citeseerx too. Anyone without access who wants to start might read these papers: Saltzer and Shroeders Protection of Information paper (see their principles); Berstein's lessons learned from Qmail; Perseus Security Architecture web site; INTEGRITY RTOS's design/features; Ross Anderson's Security Engineering book; Cleanroom development methodology papers; LOCK papers; Kris Kaspersky on processor bugs, the AES/RSA side channel papers, TEMPEST attacks/standards; Lessons learned MULTICS; Tanenbaum vs Linus Part 2 on microkernel advantages; "Formal modeling of secure systems Banks 2009." Those are just a few samples. Have fun learning about what real security or assurance requires and why it's not so common in the market. Also, feel free to join us on Schneier.com's blog. There's quite a few people who regularly discuss topics like these with quite a bit of expertise. Since my clients and friends sometimes read my posts, I go by Nick P on that blog. If you want to see how deep the rabbit hole goes, google Clive Robinson and I's posts on side channels, inline-media encryptors, and high assurance. Good luck.

(Note: I mentioned lattera more than once in the paper. I'll be clear that I'm not implying he supports the claims in my post. I only mention him because he'd probably agree, from vast experience, that beating crypto is usually much easier than 128-256 bit brute force search due to pervasive vulnerability at every level. The only way to eliminate almost all vulnerabilities is to eliminate almost all profitability, organizational flexibility, productivity and profit. Would you agree with this statement lattera? Isn't this the effect nearly perfect security would cause in most real world circumstances?)

0

Share this post


Link to post
Share on other sites

Currently testing on:

http://www.creditcrunch.co.uk/forum/index.php?showforum=64

When its ready, would it be welcome/wanted here as well?

<ecode>

4wKJL47/zXgYme+dv6Qtdvp0d5+4QLfJpD4/eR5UND6BmKb/7

<esign>PiuK9jtOGrCw0ZsdW8SMC72PpvOknha7cYePKW9D

QL0FRQPuq2/6C27ZcPVFup1eGC6uIB8lwi3ueASV

VuLUKIX1u4lztE4vCoywtHMBcMuGJRNp5t9/HKCu

MYdXDGskc+M3WOOuPgxocSr5qligkLk2bJoQHiYN

SY7iYjJEhdw=</esign>

</ecode>

_

http://slashdot.org/comments.pl?sid=997305&cid=25396783

Being from the UK, dealing in AI work that is both time sensitive and something the idiots in power really want to get their hands on, this affects me directly. My solution: I developed a simple 'cryptocard', its a postscript file that consists of several random numbers printed on a credit card size piece of paper (and several different cards per page), all you do is remember a simple, constant password, that joins these random numbers together, new password needed, no problem, just print a new card with new numbers and use your old password to link the new numbers. This has the added benefit, that if some idiot in a uniform wants your password, all you have to do is burn the card, and the key can never be recovered.

post-23313-056554300 1288282667_thumb.jp

Edited by mSparks
-1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now