Is time for crypto for non-techies class?

From: Rod-Lists 
with all the news l8ly should someone do a  class for the non-technical on personal crypto?

=============================================================== From: John Aldrich ------------------------------------------------------ Quoting Rod-Lists : Sounds good to me. Bet if we held it at the library, we could get a decent crowd. I've never bothered with crypto, because I don't think my emails, etc are that interesting to the government. That being said, it does bug me that they are collecting the "metadata" on who I call, how long I"m on the phone, etc. Makes me wonder if maybe it's not time to start using some sort of telephone encryption, just in case they decide to start listening either with or without permission from a FISA court! I mean, if they decide to start investigating journalists, it can't be long until they start investigating the average citizen!

=============================================================== From: Stephen Kraus ------------------------------------------------------ I'm sure they have something that can crack most open source encryption solutions. Just playin' devils advocate

=============================================================== From: Stephen Haywood ------------------------------------------------------ I'm sure they have something that can crack most open source encryption solutions. Just playin' devils advocate Don't be too sure. Currently the courts are trying to force people to disclose passwords because they can't get past encrypted drives without bruteforcing. Most attacks against crypto are agains the implementation not the math. -- Stephen Haywood Owner, ASG Consulting CISSP, GSEC, OSCP T: @averagesecguy W:

=============================================================== From: Rod-Lists ------------------------------------------------------ No need to make it easy. They thermal scanners that look thru walls. Doesn't mean my next house will be made of glass. ----- Stephen Haywood wrote:

=============================================================== From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Therein lies the rub. Crypto by definition and nature is NOT EASY. You think explaining a distributed PKI infrastructure is difficult, try configuring/installing/maintaining one.... Regards, dtb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - iQEcBAEBAgAGBQJRt0whAAoJEMP+wtEOVbcdCycH/3Vxkwdoqi2jozgna05xIMTY QS/RkIAcmfGqLmuxFaNyZ3vJ0y5L5ma+74X9UlUWg1pmpwJmPQLqiXMABFPncPS3 CYwLkWAAxymsikytx1L0i7KsrVSIbEwe3Lqc9dFqMhhT+CrQ8ae/i6zHRRvY3yiN bMC6lfWxFAPEq7r58E7WMnCsX0pxJfLHX2bcDnroPHWx8lY1IfVW6RaTiQ8qer3K oyOY/JWzw9zL/Rqxw5+IlcgPFTd6jfzrgwJhfVyiIiTqsHXJ36lrEjDvR+IaftVP 29RDiLB8EJMMP0hjn0JfTzfpmyoqurY2hewLkmvdVmcFMXV5QTwnmdq9mjoDECs= =FfD3 -----END PGP SIGNATURE-----

=============================================================== From: John Aldrich ------------------------------------------------------ Quoting Dave Brockman : There are plugins for a number of popular mail clients for the commercial PGP. I'm betting there's similar plugins for GPGP. I may be wrong. Who knows. Something worth thinking about though. I know at one time I had to configure PGP for Outlook a few years ago.

=============================================================== From: Dan Lyke ------------------------------------------------------ On Tue, 11 Jun 2013 10:58:22 -0400 Stephen Kraus wrote: I doubt it, and I certainly wouldn't trust any closed-source encryption system, but... The big issue with crypto isn't the crypto itself, it's the procedures that flow around it. For instance (and this is a non-academic discussion), say I want to have secure communications with my family: * First, I need to generate keys on a machine I believe is relatively secure, and they need to generate keys on machines they believe are relatively secure. Given that many banking scams these days are happening through Man-In-The-Browser attacks, this probably means a Linux box with trusted provenance. Especially given that Apple and Google were listed in that Prism slide, this suggests that we should treat iOS and Android as suspect. Windows we treat as suspect because even without Microsoft's involvement it could easily be compromised. That might even mean Gentoo, so that I have some notion that I'm using signed source packages, but we'll say that for whatever reason I trust the various Ubuntu packagers, so everyone's running Ubuntu. * Second, we need to exchange public keys. This probably isn't too bad, we can email them, and then verify key fingerprints via a secondary channel, say, voice over telephone. In the process of doing this, if one of those channels are compromised, we've then removed plausible deniability for statements made with a message decrypted by one of those keys. * Now we need to use that encryption, and have a mechanism for refreshing those keys when they expire. My email client is pretty good for encrypting point-to-point if it knows the target email is encrypted, but I'm not sure how it does for CC lists. * So that leaves two big remaining gaping holes: The first is that I need to encrypt everything I say to my family, so that encrypted traffic isn't an obvious red flag. This might even mean intentionally sending unencrypted messages to some people on CC lists so that there's a trail of "this message was innocuous but encrypted to these recipients", but the second is... ... as the Verizon Wireless stuff demonstrates, the fact that the message was sent at all is evidence. And encrypting the message doesn't hide the sender and recipient, or the size of the message. * And if a machine is compromised (sister clicks on a virus, I compile and run from a source repo that has a diff in it), then we have a set of issues involving those messages, and what happens with archived messages, that we should be careful of. (For instance: At the border, DHS searches my laptop and notices I save all the cute pictures of my nephew, but delete a few messages in there at a time that might correlate with something else. That's a signal.) So given all of that, the hard part isn't generating the keys, or even exchanging the keys, it's thinking about how we use them that's the critical part. And, frankly, this is the part where I'm confident that I haven't worked out all of the holes. Dan

=============================================================== From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You would lose that bet. GPG works with Thunderbird. No Outlook plugin works reliably past Outlook 2003, or at all beyond Outlook 2007. Regards, dtb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - iQEcBAEBAgAGBQJRt16rAAoJEMP+wtEOVbcdfoIH/jfwh56NNPFH6841Z9IP59iS 9yt1rgG4h97WwzlNygODbHT4V7x47wA3B1wvCNhPj8QRh8LJe9qgcjQ+dEKK4qK4 pzB8+ZjNt5Bh8iEH8V/Vcl1KIUpR95gMQcKJBvpbEHKI+nUrVXk3xpvJ/uDawWJi E2vzWhB+dX/hH46iuxqsi6QLRnv2XA0j5YXxKWIehTIe3knU+PM+4oUmV3olFFhS no3a/M1gJfGWoz3u9bfBG7e1z1CyyuQ0gHEH5sSVarbmQZXlu3qojKRP/dRsxxJ5 skmY+UL9wueUO22zy36Ocys5X4kjVGBDM5ywm+JiSaVK0ri8F1JeuAZduYwswFc= =2tUE -----END PGP SIGNATURE-----

=============================================================== From: John Aldrich ------------------------------------------------------ Quoting Dave Brockman : Well, maybe some enterprising programmers need to build said plugins. :D

=============================================================== From: Mike Robinson ------------------------------------------------------ I think that people ought to know how to make their e-mail "as secure as = https," and for the same reasons =96 not in some vain attempt to thwart = the NSA. You can teach them about "OpenPGP," which is a plug-in, and you can = especially teach them about "S / MIME, aka PEM," which actually is = built-in to most email clients already. (But, strangely enough, not in = webmail clients.) Both of these are open standards. The most significant pragmatic benefit to these is simply, "message = signing." It gives you some degree of confidence that the message that = you just received actually came from your mother, and that your evil = little sister didn't alter the message to say that YOU had to take the = garbage out from now on. I wish that the use of message-signatures had long ago become "routine = practice." If, say, Southwest Airlines routinely signed all of their = e-mails with a publicly available key, then it would be possible to get = rid of a lot of spam =96 as well as intentionally false or misleading or = even harmful messages =96 just by creating a filter (say, on a mail = junction server) that says, "if it comes from such-and-so but does not = bear a valid signature from such-and-so, kill this message." Message encryption is also nice, but a lot less called-for than signing. There are legitimate reasons for crypto which have nothing to do with = paranoia or mind-control. Pay no attention to the little man behind the = curtain. Be sure that your aluminum-foil hat is in its full upright and = locked position. Truth is false. Wrong is right. You are getting = sleepy, very sleepy. These aren't the 'droids you're looking for. Move = along. Move along.=

=============================================================== From: Stephen Kraus ------------------------------------------------------ Signing is a great idea, but for the time being and considering the capabilities I've seen for breaking encryption (hint: they broke the encryption on the previously mentioned dudes hard disk) I'm going to assume any and all communications across the WAN are compromised and monitored. he in ou ut id d y,

=============================================================== From: Mike Harrison ------------------------------------------------------ My assumption is that it CAN be cracked, but it raises the bar of who/what and specifically when they can crack it. Encryption buys you time and cuts out the riff-raff wannabes. Makes the cracker expend some effort and demonstrate skill.

=============================================================== From: Stephen Haywood ------------------------------------------------------ Who's encrypted hard drive was cracked? Bruteforcing a password is not the same as cracking encryption. -- Stephen Haywood Owner, ASG Consulting CISSP, GSEC, OSCP T: @averagesecguy W:

=============================================================== From: Stephen Kraus ------------------------------------------------------ Network engineer who was arrested for child porn, refused to de-encrypt his hard disk. They finally broke the encryption enough to show he DOES have child porn On Jun 11, 2013 3:27 PM, "Stephen Haywood" wrote:

=============================================================== From: Stephen Kraus ------------------------------------------------------ Also:the I think its pretty foolish to assume that every encryption crack was simply a matter of brute forcing a password or using rainbow tables. The encryption on a system does not suddenly turn it into a one-time pad, if someone like the government decides its work breaking your encryption they are going to break it. Not to mention I know things like open source encryption has been highly examined by the NSA, after all they need to know what systems their adversaries might use and what systems might also be useful to them. By the way, tinfoil hats ECHELON was a real system. Not some massive government controlled AI (sorry conspiracy theorists) but it was real none the less. Am I saying you shouldn't encrypt? Of course not, especially as the courts have determined encryption is protected by the Fifth Amendment, but just be aware its safe to assume its already compromised somehow

=============================================================== From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 They brute-forced a HDD that contains an index of file names and structures that they ASSUME is CP, and they also ASSUME the data files themselves are on the as-yet unencrypted volumes. I assume there is some basis to the assumptions based on actual file names, but that level of detail has not been published that I have seen. At no point did they break encryption. They broke a particular user's implementation, at best, based on what I have read. Brute Force != Breaking Encryption. Regards, dtb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - iQEcBAEBAgAGBQJRt5vkAAoJEMP+wtEOVbcd7AEH/jFQXGx8gL/Ts2wTr7TFFbkc JfhR+5b1Y5rfbOFxNSV4/cN7qzLXD90GoXxBOKTXiRsjJV5b014CrBuMuN3KdbVP mOchOI3juU2HSsMBJ1pC66LJhyaf9oRo7vIe4CUdgXOzBXrsIG9pWQ+6vkleNqsk lfOW03O8hIvG1CSFtCxwckDCXp/CHowp07utBl9HXUM6pyURU9MXn3b5XbQElHCu tdtRKmBGjsTHBoVvQ5CDMxBjBjcnmTvr4l7zsaE9I91Tbd/D5vmqnRXp8Xzzu1pG B2UB7PH3/7RCDKA4f9d0nO/lZkfXIvoqP2dsUWUhpRaB8s58PC3fTQM/kRb5flA= =rvCl -----END PGP SIGNATURE-----

=============================================================== From: Stephen Haywood ------------------------------------------------------ They bruteforced one of his passwords. -- Stephen Haywood Owner, ASG Consulting CISSP, GSEC, OSCP W: T: @averagesecguy Network engineer who was arrested for child porn, refused to de-encrypt his hard disk. They finally broke the encryption enough to show he DOES have child porn On Jun 11, 2013 3:27 PM, "Stephen Haywood" wrote:

=============================================================== From: Dave Brockman ------------------------------------------------------ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm not sure I'm following. If the crypto algorithms are solid, then brute-force, or even educated-massaged force (ala rainbow tables) is pretty much exactly what happens. The encryption on a system does not suddenly turn it into a Clarifying, I think we are in agreement. Given enough resources, time and motivation almost(?) all encryption is breakable. And there are lots of "clouds" with lots of resources in this world.... Funny thing about crypto is, you get too good with it, you end up working for alphabet agencies.... Cold War Era tech for Satellite Intercepts of (former) USSR, no? I wouldn't go quite that far. But I think applying and educating about the benefits of layering. Keypass might be good enough for some things. Keypass on a TrueCrypt volume might be required for others. A hidden TrueCrypt volume with key material from a random FLAC on my thumb drive might be required for other information. A hidden truecrypt volume on a software raided encrypted volume built on external flash drives, blah blah blah, you get my point. They will get it eventually, yes. Is my data worth the effort, probably not. Regards, dtb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Thunderbird - iQEcBAEBAgAGBQJRt5+pAAoJEMP+wtEOVbcdrXUH/iObay6ntfnTE8UwQgQSRe5K HTbCDjyc/+lHNRfUpKW18rfi9oM1D3yGC+UAKHO/q4p4Dww8Eonhp21kmVHHPSdY XnqWFTScU1+PY+QbVEKrJb5YW0lABr2SdJMCJVCkOKfw7wjFlzBxn0B6LzQvUYJ4 Z1Z87m0NTfxEIMY6GqHXGCz4U9n4l98D7qU0P3TBHjiM0PGM9nJfkhxwMP9ukPMi wuEMxVo2sAd80TGw5qQg69pKzcXbk8OKrRgjnrARHrAYQ0aupb6tI6j1RtvSd8B2 OE+RFQmYiTM0FquBoskziYCKkjmSIrF00tGjDJ63J7WfQNOqWO6JgScDW7AY9sc= =G5ZK -----END PGP SIGNATURE-----

=============================================================== From: Stephen Kraus ------------------------------------------------------ My mistake, I thought they had cracked it On Jun 11, 2013 5:11 PM, "Stephen Haywood" wrote:

=============================================================== From: Mike Robinson ------------------------------------------------------ Although it's entertaining to think about "creating something that's = impossible for anyone to crack" ... (a) You probably can't do it ... we're paying those guys bezillions of = taxpayer-dollars for (presumably...?) some reason ... but also: (b) You most likely don't have anything super-secret or illegal to say, = anyway ... and: (c) If you ARE a crook, then "I =3Dhope=3D that you get busted, you = a*shole!" ;-) ;-) Naahh... I think that we =3Ddo=3D need to teach people about = encryption, as it applies to things other than "https" web-sites... most = especially to e-mail... ... but we shouldn't even bother to talk about "hermetically sealing = messages such that they cannot be retrieved." Or anything else that = makes such good advertiser-attracting fodder on talk radio stations. = :-> Frankly, I think that our emphasis should be on teaching people how to = manage their e-mails in such a way that they can actually have the same = degree of confidence about them, that they take for granted with regard = to snail-mail that's sent in sealed paper envelopes. The problem is = that people "erroneously assume" this about their emails already. When = you send a letter, most of the time it arrives still folded-up in an = envelope that's still sealed. Believe it or not, that's a fair bit of = pragmatic security! Whereas, every e-mail is not only "sent on a = postcard," but it's absolutely forgeable. You actually have no way to = know that this-or-that email really did come from your mom. The current problem is that, even though the technology to do so exists, = e-mail encryption and/or signing is not routinely done because it's not = easy. (Perhaps we now know why GMail never made it easy, eh?) Still, = it's implemented in every e-mail client that I know of ... on all three = operating-systems ... and there are PLENTY of real-world business = settings in which you really do need to know about it and really do need = to use it. You're talking with your salesmen, your suppliers, your = investors and shareholders . . .=20 We do need to teach people: (a) that the technologies exist; and (b) = when it's appropriate and/or necessary to use it with email = communications; and (c) how to set it up. Not to create "the = impregnable message," but simply, "the message that's folded-up and = sealed into an envelope."