Android Call Encryption

[tekio 117]

not trolling here, but give me a scenario where i would need to use this, being a civilian.

https://www.eff.org/nsa-spying

[Zapperlink 2]

As a civilian it really depends. Is defining yourself as a civilian meaning you do not care about privacy or are you assessing your needs based on risk? One could say that everyone needs it as a baseline, because as technology evolves, the ability to add basic line of features is more and more possible, and now people are saying that it SHOULD be a baseline to have end to end call encryption. However does the average person actually carry a conversation that would be considered confidential enough to matter, not likely. I think the conversation opens up more as a standardization opportunity with the recent events of infrastructure security and spying.

[tekio 117]

As a civilian it really depends. Is defining yourself as a civilian meaning you do not care about privacy or are you assessing your needs based on risk? One could say that everyone needs it as a baseline, because as technology evolves, the ability to add basic line of features is more and more possible, and now people are saying that it SHOULD be a baseline to have end to end call encryption. However does the average person actually carry a conversation that would be considered confidential enough to matter, not likely. I think the conversation opens up more as a standardization opportunity with the recent events of infrastructure security and spying.

But what about the Obama administration and IRS targeting the Tea Party? Well, what if I'm a tea party supporter? All of a sudden the IRS could be paying particular attention to me just because I text/call my fellow Tea Party supporters. Maybe even, I end up getting pulled over all the time, screened by TSA, etc... Just because my name ends up on some government database as a "Tea Party supporter".

Or if somebody eaves dropping on my conversations just decides to make life difficult because they dislike my person beliefs for whatever reason? That's why its illegal and unconstitutional. However, that seems to no longer apply.

[Zapperlink 2]

 

As a civilian it really depends. Is defining yourself as a civilian meaning you do not care about privacy or are you assessing your needs based on risk? One could say that everyone needs it as a baseline, because as technology evolves, the ability to add basic line of features is more and more possible, and now people are saying that it SHOULD be a baseline to have end to end call encryption. However does the average person actually carry a conversation that would be considered confidential enough to matter, not likely. I think the conversation opens up more as a standardization opportunity with the recent events of infrastructure security and spying.

But what about the Obama administration and IRS targeting the Tea Party? Well, what if I'm a tea party supporter? All of a sudden the IRS could be paying particular attention to me just because I text/call my fellow Tea Party supporters. Maybe even, I end up getting pulled over all the time, screened by TSA, etc... Just because my name ends up on some government database as a "Tea Party supporter".

Or if somebody eaves dropping on my conversations just decides to make life difficult because they dislike my person beliefs for whatever reason? That's why its illegal and unconstitutional. However, that seems to no longer apply.

 

 

Well we can speculate scenarios of targeted attacks, but from the goal of information, who you call is already information obtained, what you do and say on that call is what I believe people generally want to protect. I could be entirely wrong from my perspective but the value of protecting communication technologies as a standard for both the citizen and the government should be just that, a standard, a minimum level of expectation of the devices leveraging the communication technologies.

[NimitySSJ 8]

@ SirAnonymous and all re privacy

 

I think Bruce Schneier wrote the definitive essay on this a while back. It might help you.

 

https://www.schneier.com/essays/archives/2006/05/the_eternal_value_of.html

 

@ mSparks

 

Reports on those slides are misleading. RedPhone is strong enough to be immune to passive network surveillance. If you're not important, they don't see your communications. However, they have 0 days on Android. So, they hack Android and bypass RedPhone crypto. That's why I advocate a holistic approach. NSA and even sophisticated blackhats are targeting every level. Security is only as strong as the weakest link. So, each level must be protected and most current solutions don't do that.

 

I used to say "no FOSS has used high assurance methods." I make exception these days for one: Tinfoil Chat. Markus Ottela was one of the few to pay attention to the lessons others and I gave on high assurance (esp on Schneier's blog). His solution combined several strong techniques, from data diodes to my physical separation approach, into a novel solution that might be immune to remote attacks in a rigorous implementation. At my request, he also added a cascading cipher variant for practicality. The sooner people start applying proven methods, like he did, the sooner we'll have secure solutions to our problems. Still waiting on market and FOSS to get some sense. At least academia is building useful solutions: crash-safe.org processor, Cambrige CHERI processor, hardware CFI, CodeSEAL, and so on.

[tekio 117]

 

 

As a civilian it really depends. Is defining yourself as a civilian meaning you do not care about privacy or are you assessing your needs based on risk? One could say that everyone needs it as a baseline, because as technology evolves, the ability to add basic line of features is more and more possible, and now people are saying that it SHOULD be a baseline to have end to end call encryption. However does the average person actually carry a conversation that would be considered confidential enough to matter, not likely. I think the conversation opens up more as a standardization opportunity with the recent events of infrastructure security and spying.

But what about the Obama administration and IRS targeting the Tea Party? Well, what if I'm a tea party supporter? All of a sudden the IRS could be paying particular attention to me just because I text/call my fellow Tea Party supporters. Maybe even, I end up getting pulled over all the time, screened by TSA, etc... Just because my name ends up on some government database as a "Tea Party supporter".

Or if somebody eaves dropping on my conversations just decides to make life difficult because they dislike my person beliefs for whatever reason? That's why its illegal and unconstitutional. However, that seems to no longer apply.

 

 

Well we can speculate scenarios of targeted attacks, but from the goal of information, who you call is already information obtained, what you do and say on that call is what I believe people generally want to protect. I could be entirely wrong from my perspective but the value of protecting communication technologies as a standard for both the citizen and the government should be just that, a standard, a minimum level of expectation of the devices leveraging the communication technologies.

 

I wasn't speculating much. I was giving examples of stuff that happens. Your claiming it doesn't is more speculative. Why would they illegally spy on average citizens? Because they have nothing better to do, but listen to random people talk about their grandkids? Behavior is motivated, and with a result in mind. That's basic physiology.

 

Why not encrypt communications? I don't know a lot about Edge, 4G, LTE, etc... But I'd guess they have and make use of an encryption standard. But its pretty much law that data providers need to build in access for federal law enforcement to access communications. 

 

What if you're randomly talking about BinRev? You could get flagged. Then one day decide to download something with questionable legality. Then get singled out because as far as the Feds are concerned you're a "hacker".

 

Just look at how many middle-eastern and Chinese citizens are wanting proxies, encryption applications to have some sense of privacy in their lives.

 

EDIT: Please don't try to take my comments that wrong way Zapperlink. I'm just debating my beliefs in the mater. Well... debating my opinion...  I think applications that allow end to end encryption are extemely useful for anybody. Not just James Bond.  

 

 

@ SirAnonymous and all re privacy

 

I think Bruce Schneier wrote the definitive essay on this a while back. It might help you.

 

https://www.schneier.com/essays/archives/2006/05/the_eternal_value_of.html

 

@ mSparks

 

Reports on those slides are misleading. RedPhone is strong enough to be immune to passive network surveillance. If you're not important, they don't see your communications. However, they have 0 days on Android. So, they hack Android and bypass RedPhone crypto. That's why I advocate a holistic approach. NSA and even sophisticated blackhats are targeting every level. Security is only as strong as the weakest link. So, each level must be protected and most current solutions don't do that.

 

I used to say "no FOSS has used high assurance methods." I make exception these days for one: Tinfoil Chat. Markus Ottela was one of the few to pay attention to the lessons others and I gave on high assurance (esp on Schneier's blog). His solution combined several strong techniques, from data diodes to my physical separation approach, into a novel solution that might be immune to remote attacks in a rigorous implementation. At my request, he also added a cascading cipher variant for practicality. The sooner people start applying proven methods, like he did, the sooner we'll have secure solutions to our problems. Still waiting on market and FOSS to get some sense. At least academia is building useful solutions: crash-safe.org processor, Cambrige CHERI processor, hardware CFI, CodeSEAL, and so on.

 

I think the "hunt" for Osama Bin Ladin pretty much proves that if the U.S. Federal Government wants to spy, find, or eliminate you; there's nowhere in the world you can hide for very long. 

Even as good as a great encryption key is: the Federal government has pretty much unlimited resources for clustered super-computers and access to almost anything or anywhere (oh. we had stealth Black Hawk helicopters able to evade in airspace w/i a short distance of Pakistani Military facilities??? ;-)  )

Edited December 31, 2014 by tekio

[mSparks 186]

@ SirAnonymous and all re privacy

I think Bruce Schneier wrote the definitive essay on this a while back. It might help you.

https://www.schneier.com/essays/archives/2006/05/the_eternal_value_of.html

@ mSparks

Reports on those slides are misleading. RedPhone is strong enough to be immune to passive network surveillance. If you're not important, they don't see your communications. However, they have 0 days on Android. So, they hack Android and bypass RedPhone crypto. That's why I advocate a holistic approach. NSA and even sophisticated blackhats are targeting every level. Security is only as strong as the weakest link. So, each level must be protected and most current solutions don't do that.

I used to say "no FOSS has used high assurance methods." I make exception these days for one: Tinfoil Chat. Markus Ottela was one of the few to pay attention to the lessons others and I gave on high assurance (esp on Schneier's blog). His solution combined several strong techniques, from data diodes to my physical separation approach, into a novel solution that might be immune to remote attacks in a rigorous implementation. At my request, he also added a cascading cipher variant for practicality. The sooner people start applying proven methods, like he did, the sooner we'll have secure solutions to our problems. Still waiting on market and FOSS to get some sense. At least academia is building useful solutions: crash-safe.org processor, Cambrige CHERI processor, hardware CFI, CodeSEAL, and so on.

not disagreeing with you exactly.

BUT

and it's a big but.

For a targeted attack they need to identify you -> passive surveillance.

For a targeted attack they need to identify the device you are using -> passive surveillance.

and

Once they have identified you and the device you are using, a targeted attack is trivial, no matter how secure the device.

Break passive surveillance and you also break 90% of their means to launch a targeted attack. (with the other 10% being already knowing who you are, such as via attending demonstrations and signing your real name on that petition the geeky kid was asking everyone to fill in)

OTOH, I'd say there is a lot of disinfo going round atm, rsa key exchange is still about as strong as feather duster

( http://www.loyalty.org/~schoen/rsa/ ) (I was posting about this in 05.....)

Since I guess all this investment isn't really paying off, because everyone knows the security model is broken, and no one is using any mainstream app to post anything they can use as ammunition.

So I'd have to recommend a redphone fork, rather than the facebook backed version....

(also I see the rasberry pi has its own hwrng now, I might fit one to my server stack)

Edited January 3, 2015 by mSparks

[mSparks 186]

Why is a targeted trivial once they know who you are:

If they have a tuple of your device ID and your ID, and your device has any kind of RF emmission (i.e. not a hardwired, isolated device)

The cell towers will locate you.

And since you have no control over your environment (and virtually no protection against surveillance cams and laser mic's), once they can track your location it is straight forward to install really cheap equipment additional to your secure device to monitor everything you do and say.

And as the Aaron case proves, the two, three and four letter agencies have tons of resources they don't know what to do with, are looking to make examples of anyone who gets a following and wants to upset the status quo, so if you get picked up and identified by passive surveillance, you better be ready to be sent to the front line of WWIII.

On the upside,

the wrong side of the CJS is a great place to recruit soldiers

Edited January 5, 2015 by mSparks

[NimitySSJ 8]

Don't forget the easiest method to target people: financially. Wikileaks leveraged anonymity and INFOSEC techniques to protect their work. Hackers, governments, media types, businesses, and more wanted them gone. Took enormous resources and they fortunately had steady funding. Then, they were about to target a major bank in America like they did Julius Baer. Bank of America's net worth dropped by several billion in a day after that announcement given it was believed they were the target. The core banks, arguably the elites of the elites, showed their power: all reliable funding mechanisms to Wikileaks were cut. Visa, Mastercard, Paypal, and so on. Wikileaks then burned through money until it finally collapsed. The internal breakup didn't help.

 

The U.S. government can find ways to imprison you for not complying with their wishes. FBI can seize your machines before charging you. IRS can freeze your assets before charging you. U.S.P.S. can monitor or seize your mail (eg checks). Apparently, banks can cut off your funding as well. This doesn't even factor in CIA N.C.S. efforts like torture flights. Anyone creating a high assurance product that the NSA or FBI couldn't circumvent under any conditions could experience all of this. The Tor project has been lucky so far that they've rarely been a factor in stopping FBI or NSA from hitting their targets. Otherwise, they'd be next after Wikileaks.

 

Note: I'd love to talk to Tor lawyers to see how they avoid what companies like Lavabit and Google can't. Maybe the strategy could be copied.

[mSparks 186]

Don't forget the easiest method to target people: financially. Wikileaks leveraged anonymity and INFOSEC techniques to protect their work. Hackers, governments, media types, businesses, and more wanted them gone. Took enormous resources and they fortunately had steady funding. Then, they were about to target a major bank in America like they did Julius Baer. Bank of America's net worth dropped by several billion in a day after that announcement given it was believed they were the target. The core banks, arguably the elites of the elites, showed their power: all reliable funding mechanisms to Wikileaks were cut. Visa, Mastercard, Paypal, and so on. Wikileaks then burned through money until it finally collapsed. The internal breakup didn't help.

The U.S. government can find ways to imprison you for not complying with their wishes. FBI can seize your machines before charging you. IRS can freeze your assets before charging you. U.S.P.S. can monitor or seize your mail (eg checks). Apparently, banks can cut off your funding as well. This doesn't even factor in CIA N.C.S. efforts like torture flights. Anyone creating a high assurance product that the NSA or FBI couldn't circumvent under any conditions could experience all of this. The Tor project has been lucky so far that they've rarely been a factor in stopping FBI or NSA from hitting their targets. Otherwise, they'd be next after Wikileaks.

Note: I'd love to talk to Tor lawyers to see how they avoid what companies like Lavabit and Google can't. Maybe the strategy could be copied.

But now we have a whole army of crypto currencies, they don't even have the ability to seize assets or funds anymore.

Erm, wikileaks didn't "break up" afaik, although the last leak was 21st December 2014

Today, 21 December 2014, WikiLeaks releases two classified documents by a previously undisclosed CIA office detailing how to maintain cover while travelling through airports using false ID – including during operations to infiltrate the European Union and the Schengen passport control system. This is the second release within WikiLeaks' CIA Series, which will continue in the new year.

Tor is a different story, in that it has now replaced much of the SIPRNet functionality.

Edited January 5, 2015 by mSparks

[mSparks 186]

always fun to come back after a few years and see how something like this turned out.

 

https://github.com/signalapp/Signal-Android/issues/5474

http://www.bbc.com/news/technology-41776215

 

At this point is there any trust left?

 

Edited March 30 by mSparks