NHacker Next
  • new
  • past
  • show
  • ask
  • show
  • jobs
  • submit
Second Swiss firm allegedly sold encrypted spying devices (swissinfo.ch)
thefounder 1214 days ago [-]
This makes you give second thoughts when you see privacy and security services(i.e email, vpn) making a big deal they are based in Switzerland. The truth is that you cannot trust a 3rd party with your data. A zero trust mode is the only one that you should trust.
dragonelite 1214 days ago [-]
I just pretty much assume US spy agencies can track everything from all the logs they can gather and have access too. Want to keep a secret keep it in your head. Those so called neutral parties like Switzerland are just US proxies with a good imago that only recently got tarnished.
matheusmoreira 1214 days ago [-]
The US is able to do that now. Humanity as a whole should work to change that. Agencies like the CIA, NSA and whatever other group that does "clandestine" operations shouldn't even exist in the first place.

We achieve this by making encryption easy, powerful and ubiquitous. That will take care of their dragnet espionage.

colechristensen 1214 days ago [-]
> Agencies like the CIA, NSA and whatever other group that does "clandestine" operations shouldn't even exist in the first place.

Such organizations are simply necessary to run a nation. Global politics is a game, and everyone plays it. It involves gathering intelligence and acting on it. The work isn’t beyond reproach, and the nature of secrecy makes doing dirty things an unavoidable consequence... but ultimately you have to accept that reality is messy, the world isn’t very nice, and sometimes you don’t have a choice as a nation but to do some detestable act for some higher purpose... and rarely will it be possible for the whole story to be told publicly in order to be judged fairly.

Sure it would be nice if everybody stopped being so awful to each other, but you can’t pretend like that is already true if you don’t want to lose everything.

In plenty of circumstances intelligence agencies have done things that never should have been done, but that isn’t an argument to stop all together.

tsimionescu 1214 days ago [-]
> sometimes you don’t have a choice as a nation but to do some detestable act for some higher purpose

It's always important to force yourself to remember that essentially all detestable acts are done for detestable purposes, no matter how selfless the rhetoric tries to make them sound. There may have been a handful of exceptions in history, but they are so vastly outnumbered by the other kind that they can safely be ignored.

The narrative of doing something for the greater good should be treated as a lie until the burden of evidence is so high that you are forced to accept that it was indeed good. In particular, spy agencies have produced far more terrorism, coups, and disinformation for their own people, with the goal of supporting the monetary interests of their nation, all others be damned, than they have ever defended anything. The exceptions almost always happen when the goals of empire happen to be aligned with those of the people, like during WW2.

colechristensen 1214 days ago [-]
> The narrative of doing something for the greater good should be treated as a lie until the burden of evidence is so high that you are forced to accept that it was indeed good.

An obvious impossible standard, more than that you can’t really know if an action was right or wrong without an oracle to tell you what would have happened if different forces had been made.

tsimionescu 1213 days ago [-]
Yes, that was mostly the point - you should assume that nefarious actions are done for nefarious purposes. Assuming they are done for noble purposes risks normalizing them much more than the opposite. Your president has assassinated a foreign dignitary? Assume they are a criminal now. Perhaps in 50 years you will find out that it was of the outmost importance for world peace and prosperity, but it is far more likely that it was some petty revenge or power struggle.
csunbird 1213 days ago [-]
That is why you should never be doing that kind of things. Nefarious acts almost always produce nefarious results. I agree with the parent comment completely.
rorykoehler 1214 days ago [-]
The natural next question is whether or not nations are necessary. To me they look like a stepping stone from kingdoms to ???
colechristensen 1214 days ago [-]
Nation states are more or less required until a post scarcity economy becomes realistic and then basically they devolve into more and more voting entities that do things everyone agrees are necessary but generally less and less interesting unless a person has a particularly strong interest in a topic. (like say building codes, traffic engineering, licensing, etc.)

Nations can’t just disappear, anarchy always transitions to tribalism to monarchy to ... etc.

rorykoehler 1213 days ago [-]
It's certainly not an easy system to unwind. I often wonder why we accept living in an emergent system rather than a designed one though. Our systems now can only be described as a patch work with all the baggage of history attached (colonialism etc). Right now feels like a great time for a large refactor though unfortunately given our path dependency, the political in/out-fighting and stagnation, it makes this near impossible to implement.
0xBA5ED 1213 days ago [-]
It's easy to think you could scrap a mature system and design a simpler one from the top down (or do a sweeping refactor). Sometimes this is true, but often you're simply overlooking years of edge cases and bug fixes that allowed the system to become as robust as it is. Emergence in itself is not a bad thing. It means the system grew from the necessities of reality rather than someone's imagination.
saalweachter 1213 days ago [-]
I'm also not sure what the real-world realization of scrapping a mature political system looks like if not violent revolution.

Rewriting my entire home operating system to be the ideal may be a fool's quest, because one person will never be able to do as much work as the hundreds or thousands who developed the code he is replacing, but if you want to try it is entirely on you. I can putter away in my basement for years without bothering anyone.

Replacing or reforming a political system is fundamentally different because it requires the buy-in of a large portion - a super-majority ideally, but at least a powerful minority if you're willing to play violent or dirty - of the population to get started. And you can't just show up out of the blue with A Plan and expect people to all be on board - even if your plan is really quite good, human nature means almost no one will want to commit to someone else's plan. So you have to develop your plan in a group, making compromises that you may personally disagree with to get larger and larger groups of people on board, until, unless there really was a large number of dissatisfied people in your camp all along - which we all want to believe but is seldom the case - you end up politicking your way to a revolution that is barely different than the status quo.

excalibur 1213 days ago [-]
There might have been a shot at this 30 years ago. "We have a real chance for a new world order" wasn't just empty talk. The US as the sole remaining superpower could have led the world under an increasingly potent UN. But it was sold poorly. People correctly identified it as dystopian, but failed to recognize that NOT doing it would almost certainly lead to something worse.
inglor_cz 1213 days ago [-]
"I often wonder why we accept living in an emergent system rather than a designed one though."

Because we ourselves, our bodies, are an emergent system rather than a designed one?

Human biology seems to be even more chaotic than various political systems on Earth, but both have one great advantage under their belt: they survived unexpected crises in the past.

Designed machines tend to be nowhere near as robust.

sangnoir 1214 days ago [-]
> We achieve this by making encryption easy, powerful and ubiquitous

Ubiquitous encryption will be pointless if the encryption itself is subverted, like it was for 50 years with the 2 leading Swiss encryption vendors. I imagine the CIA/NSA would target the PRNG hardware as the crown-jewel, and the next-best targets would be "enclaves", then back-dooring the algorithms themselves (or implementations thereof).

Remember - their aim isn't to break encryption (which would be simple to spot) - it's to make it easier for them to break, while remaining hard for everyone else.

matheusmoreira 1214 days ago [-]
> I imagine the CIA/NSA would target the PRNG hardware as the crown-jewel

The cryptography community seems to already be aware of this risk. I've read about random number algorithms that mix the results of many randomness sources so that one compromised source cannot compromise the result.

> and the next-best targets would be "enclaves"

Yeah, we should watch out for this. Secure cryptoprocessors are a great thing but we need to be able to trust them. We already have hardware that runs free software but the chip itself can of course be compromised...

> then back-dooring the algorithms themselves

I trust that the worldwide cryptography community will never let that happen. From what I've read they no longer trust the NSA implicitly.

sangnoir 1214 days ago [-]
> I trust that the worldwide cryptography community will never let that happen.

I wonder who puts in more expert man-hours into safeguarding/defeating crypto: the US alphabet soup agencies, or the rest of the of the "worldwide cryptography community". I'm fairly certain the government spends more dollars (doing things like factoring enough primes AOT to be able to decrypt ~20% of all https traffic in realtime[1]). Often things that community concludes to be "unlikely" or "difficult" are well within the governments ability - cue "SSL added and removed here ;-)"

I think the fact that the cryptography community didn't pick up on Crypto AG's subterfuge says a lot, IMO.

1. https://arstechnica.com/information-technology/2015/10/how-t...

andrewnicolalde 1213 days ago [-]
How much access did the cryptography community have to Crypto AG’s cipher machines? I thought those were mostly sold to foreign military/diplomatic missions.
asymptotically3 1212 days ago [-]
> I've read about random number algorithms that mix the results of many randomness sources so that one compromised source cannot compromise the result.

You might like djb's article "Entropy Attacks!": https://blog.cr.yp.to/20140205-entropy.html

acruns 1214 days ago [-]
And any hardware protection that flows through a supply chain including just FedEx/ups/dhl can be compromised at the hardware level.
op03 1214 days ago [-]
Agencies are just a representation of the human personality spectrum in the population. Saying they shouldn't exist is like saying people driven by ambition, fear, mistrust, aggressiveness should not exist.

When people's needs aren't aligned all these personality variations in the population come to the fore.

ekianjo 1214 days ago [-]
> Agencies like the CIA, NSA and whatever other group that does "clandestine" operations shouldn't even exist in the first place.

Who cares if they should or should not exist? The point is that they are there in most countries already (nothing limited to the US) so worrying about the ideal situation of not having them around is not very helpful. Just like "we should not have nuclear weapons" is a very weak argument as there's no way you can put the genie back in the box.

HappyDreamer 1214 days ago [-]
> Agencies like ... that does "clandestine" operations shouldn't even exist in the first place

If one day they have all disappeared, it just means they hid themselves from you, and fooled you completely.

powersnail 1213 days ago [-]
I just assume that if any nation-level actor wants to "get" me, it can. I really don't include spy agencies in my threat models because I feel like it's a battle already lost before I even begin. If they put a gun at my head, I'll tell them my password anyway. Nothing in my hard drive --- or my head --- is worth my life.

As long as my devices can fend off the generic attacks, like script kiddies, port scanners, DNS hijacking at public wifi, I'm content.

That said, my defeatist attitude is at least partly because I'm a nobody. For high-value targets, they must have their own method of protection that doesn't rely simply on a promise to be neutral.

powerapple 1213 days ago [-]
The question is who do you want to have access to your data. I am fairly confident that the only reason Huawei is such a threat to US national security is that it will lose its power to go through your data. It is far difficult to have Huawei doing something dirty in Europe or US. Store your data with western companies if you are in China, and store your data with Chinese/Russian companies if you are in Europe seems to be the least worse idea to me XD
est31 1213 days ago [-]
If you are a high value target, then "hackers" will get access to your data anyways, and will extort you. Those "hackers" will just speak different accents :).
nix23 1213 days ago [-]
>will get access to your data anyways

No they don't, if you know in the first place that your a "high value target"

https://en.wikipedia.org/wiki/Unidirectional_network

skipnup 1213 days ago [-]
Thanks for that information, never heard of data diodes before.

Crazy, that such a seemingly simple idea was only realized as recently as 2015.

1213 days ago [-]
est31 1213 days ago [-]
That's my point. Don't just use one of the unprotected services that get unencrypted data. They will use your data for their gains. The goals they use them for will just be different, depending on which country it is.
nix23 1213 days ago [-]
>Don't just use one of the unprotected services that get unencrypted data

I think that's obvious, since the days of telnet/rsh.

lucb1e 1214 days ago [-]
Zero trust, so... what about the chips in your system? What about the certificate authorities that Microsoft, Mozilla, Apple, or Google deliver to your system?

It's a nice thing to say but it doesn't work, at least not as a oneliner without further explanation of how you think this could work.

matheusmoreira 1214 days ago [-]
> what about the chips in your system?

We need a way to manufacture our own hardware. Just like we can already write our own software.

Currently manufacturing processors costs billions of dollars. Consequently, the power to create computers is centralized in very few hands. They are easy targets for government regulation and compromise.

What if we had technology that would let individual users fabricate their own hardware cheaply? That would give the power to create computers to everyone. We would then be able to create chips we could trust. Nobody would be able to interfere.

drivebycomment 1214 days ago [-]
Just as it's impossible to build skyscrapers or bridges or ships or cars or pretty much any modern sophisticated structures or machines without specialized equipments and skilled people and organizations - mostly companies, you can't build chips without companies. Modern semiconductor fab are a marvel. It takes amazing concentration of equipments and specialized folks to get a fab working.

This "trust no one" is complete BS. A modern human society can not function without some trust.

deeringc 1213 days ago [-]
And even if you fabricate your own hardware, you're still trusting the open source designs you download from the internet. Being able to audit them is much better than not being able to see them, but it's still very possible to have some incredibly subtle backdoor or vulnerability hiding in plain sight. This happens all the the time in complex systems. There is zero chance that you can design a functioning and useful chip and OS, from scratch without trusting something else along the way. That goes all the way to compilers, toolchains etc... And even if you could, chances are you've created hundreds of accidental security vulnerabilities that can be exploited. Zero trust is a fantasy.
1213 days ago [-]
disown 1214 days ago [-]
> We need a way to manufacture our own hardware. Just like we can already write our own software.

We may write code but we didn't write the compiler which compiles the code. We didn't develop the runtimes, kernels, etc our software is dependent upon. The security, reliability and trustworthiness of the entire software world is dependent on trust.

You should read Ken Thompson's article on "Reflections on Trusting Trust"

https://dl.acm.org/doi/pdf/10.1145/358198.358210

fsflover 1213 days ago [-]
It still can be detected if you have two identical compilers with and without the backdoor. So we should collect all versions.
saalweachter 1213 days ago [-]
Also, unless your compiler back door is functionally an AI, sufficiently large changes to the software will break its backdoor inserting routines.
nine_k 1214 days ago [-]
There are hundreds if facilities which can produce computer chips, all over the world. The chips would be "old tech", though, e.g. 70 nm or even 120 nm.
ashtonkem 1214 days ago [-]
From a practical stand point, you have written and read 0.0% of the software on your system. You do need to trust someone, otherwise you might as well just swear off using computers.
bergstromm466 1213 days ago [-]
> We need a way to manufacture our own hardware. Just like we can already write our own software.

> Currently manufacturing processors costs billions of dollars.

> What if we had technology that would let individual users fabricate their own hardware cheaply? That would give the power to create computers to everyone. We would then be able to create chips we could trust. Nobody would be able to interfere.

Absolutely. I believe that today's Capitalist/Corporate production (in contrast to Commons-based peer production or communism) undermines human ingenuity. Most of today's industrial production processes are wasteful. The corporate products it creates are non-modular and bloated, and waste energy and resources (especially since barely any e-waste is recycled or re-used).

If all tech was open source and there were no monopolizing and artificial scarcity -generating systems

If all tech was free/libre open source, and if there were no monopolizing and artificial scarcity -generating systems that put artificial limits on digital information systems that allow for a near-zero marginal cost of reproduction (I'm referring to the Intellectual Property systems and the (inter)national courts that enforce these property laws), and if all the latest research and developments were also shared open source - and only a system for authorship claims to help identify successful inventions/discoveries to note who contributed to the experiments that succeeded (to guarantee they those people can continue to be involved and supported to continue to do this work), existed, then the world would be able to radically skill up (growing, over time, what Karl Marx called, the 'General Intellect': "the general social knowledge or collective intelligence of a society at a given historical period") - then we'd be able to more thoroughly tackle so many of the problems we're facing today in new innovative ways. Stated inversely: today we cannot tackle many challenges effectively (collectively) because of artificial limits placed on knowledge and important discoveries/mechanisms.

I believe that the biggest obstacle to successfully averting a fatal climate crisis has to do with how we see, and work with, 'intellectual property' - which is basically privatized knowledge. Today's Global North elite/bourgeois Intellectual Property systems and agreements are facilitating the biggest theft that is happening to the working classes. It could be argued that it is the most violent turn of Capitalism to date, in that it deprives many children the right to ask questions, and forcefully prohibits human curiosity in general. Or at best it puts an exorbitant rentier price on ‘education' (e.g. in the form of an academic degree) and other learning materials. Intellectual Property systems have pushed the privatization and commodification of immaterial Commons to the furthest edges, exploiting and oppressing the working classes; especially alienating, dominating and disenfranchising the working class in the Global South. [1],[2],[3]

I believe the key strategy for proletarians, together with bourgeois class traitors, is to move towards a new Commons/natural-resource stewardship system.

I'll try to further describe what I hope for. Today, Corporations carefully track their total available material resources within a corporation through what's called an Enterprise Resource Planning (ERP) software system. The folks at Valueflo.ws and Holo-REA (REA = Resource Event Agent) are using the open-source distributed data-integrity engine called Holochain to allow groups of people to mutually-'self-sovereignly' peer produce; using what their team, together with Sensorica, have come to call a Network Resource Planning (NRP) system, or software.

This NRP configuration/system replaces ERP systems and instead creates and enables a fractal Open Value Network, meaning that humans are now able to more accurately (+ accountably and transparently) coordinate, map and plan how we'd like to share mother earth's precious resources/Commons.

Most importantly, I believe that by moving away from today's means-of-exchange money system, we lose the need to use artificial scarcity creating systems that privatize knowledge:

"Let's just replace the unit of account with distributed ledgers, let go of transactional mindsets requiring a medium of exchange, recognise our planet's resources as the store of value and be done with it" — @pospigos [4]

Workers of the world, unite!

[1] Vijay Prashad, https://www.thetricontinental.org/the-rate-of-exploitation-t...

[2] Jakob Rigi, https://www.triple-c.at/index.php/tripleC/article/view/487/6...

[3] Wendy Liu, https://tribunemag.co.uk/2019/01/abolish-silicon-valley

[4] https://twitter.com/pospigos/status/1174863182214549504

fsflover 1214 days ago [-]
> what about the chips in your system?

https://www.crowdsupply.com/sutajio-kosagi/precursor

mhh__ 1214 days ago [-]
RISC-V is just a specification, you could quite happily sneak stuff into the RTL if you beat the right hands with a pipe.
fsflover 1214 days ago [-]
Precursor’s mainboard was designed for easy inspection as well, and even its LCD and keyboard were chosen specifically because they facilitate verification of proper construction with minimal equipment
mhh__ 1214 days ago [-]
You still have to trust both the verification procedure and the specification i.e. Given how a modern CPU has to have features to manage itself, it's relatively trivial to design a system to do what VW did and recognize when the device is under test.

For example, if you've seen Christopher Domas's talk/s on finding undocumented features of CPUs, any backdoors in a modern CPU will be buried deep in the vendor-specific features or require an extremely esoteric combination of register values and the like.

fsflover 1213 days ago [-]
> You still have to trust both

Yes, you can never 100% get rid of some trust, but it does not mean that you should give up and verify nothing. The more you (are able to) verify, the more secure you are.

bobthebuilders 1214 days ago [-]
The CPU architecture is open source for one, and the boards are designed in such a way as to make outside verification easier. Excited to get my hands on one!
mhh__ 1214 days ago [-]
The architecture isn't the chip itself.
tsimionescu 1214 days ago [-]
So is a lot of malware, that doesn't mean the specification matches the final build. And even if you can verify the board, you can't verify the chip itself or any other IC.
vaccinator 1214 days ago [-]
zero trust means no computer devices around you... (including TVs, toasters, etc...)
machinelabo 1214 days ago [-]
You trust your can of baked beans? The entire society runs on the concept of trust. At some point, you're gonna have to trust someone.
TeMPOraL 1214 days ago [-]
The trick is to avoid trusting parties that have incentives to abuse that trust and means to do so. Free market working the way it does, sooner or later one of such entities will abuse that trust.

So, baked beans are probably OK in terms of SIGINT. Depending on how well food regulations are enforced in your area, I might or might not worry about the edibility of them, though. But on-line services are definitely suspect with respect to data handling. Doubly so, if they pop up where they shouldn't be in the first place - like e.g. IoT - as that's already evidence of a business model built on abusive relationship.

lucb1e 1214 days ago [-]
> Doubly so, if they pop up where they shouldn't be in the first place - like e.g. IoT

Hanlon's razor, "never attribute to malice that which is adequately explained by stupidity", does seem to apply to that particular one, though. But I'm no war historian or politician or something; while the security of these devices is stupidity to the point of criminal negligence, I find it hard to say for sure whether some of this might be on purpose.

TeMPOraL 1214 days ago [-]
I have my own razor[0], that I tend to call Hanlon's Handgun: "Never attribute to stupidity that which can be adequately explained by systemic incentives promoting malice". I think it applies here more than Hanlon's Original.

Also, I wasn't thinking about security. I was thinking about intentional abuse of data, that starts with collecting and processing data that doesn't need to be done for a device to function.

--

[0] - Introduced in https://news.ycombinator.com/item?id=21691282, named after me in https://news.ycombinator.com/item?id=21691718 :).

fsflover 1213 days ago [-]
You razor is also described here (and called "moloch"): https://slatestarcodex.com/2014/07/30/meditations-on-moloch/.
TeMPOraL 1213 days ago [-]
Yeah :). That's one of my favorite articles on the Internet and meditating on these meditations had a big role in shaping my current set of beliefs.
1213 days ago [-]
nmlnn 1214 days ago [-]
That's just something people repeat over and over again until it seems true. In reality it just provides cover for malicious actors/actions.
bilbo0s 1214 days ago [-]
I agree.

The CIA, NSA, DHS, etc are all much, much smarter than me, and I would use IoT to compromise targets if it were my job. So there's that data point.

machinelabo 1214 days ago [-]
That's why we have regulations and regulatory agencies. You'll need to trust them to their job (just pegging the trust one more level up).
lucb1e 1214 days ago [-]
TeMPOraL does seem to be aware of the existence and enforcement of food regulations:

> baked beans are probably OK in terms of SIGINT. Depending on how well food regulations are enforced in your area

Unless you meant the IoT part, I'd love to see regulations, let alone enforcement, there.

machinelabo 1214 days ago [-]
Definitely, new technologies always had this issue though. Regulatory agencies move at a snails pace to adopt new changes - for good or for worse - that's up for debate. Good because new tech doesn't exploit consumers. Bad because haphazardly put together regulations can harm busineses and progress in general.
hutzlibu 1214 days ago [-]
True. But I like to reinforce my trust with open and verifiable information.

Meaning, I would prefer the can of baked beans from a company that is open about where their beans come from and in what conditions. That would be possible today, and is already done to some extend but in early stages.

But getting your food from the local farmer, where you can actually visit the farm, it is much more easy to trust that it is good.

And regarding software, well - open source, preferably with a open community (or company) around it, where you can at least look through the actual dev logs and git submits to see if they sound solid and if you have the time and skills, jump into it to verify that they do as promised.

Then I can have trust. Otherwise the trust would have to be blind. And society has spoiled that for me, for various reasons.

machinelabo 1214 days ago [-]
Huh? That's why we have regulations. Every country has one, in the US it is the FDA.

Please don't try to shoehorn open source principles everywhere in life. It becomes a chore and a burden for a common citizen to verify the hazards of Baked Beans. Citizens offload this to a regulatory agency. You don't have the time to verify a fucking can of baked beans like a million other things in life.

If you buy a measuring tape, do you ask for a NIST certificate? Where does the chain of trust end? Somewhere at the measurement standards in the pyramid of trust. Your personal role in this chain ends at the brand name "STANLEY", because you trust them to make a measuring tape that measures within specified tolerance.

The whole movement around "I don't trust unless the information is freely available" is a pipe dream. It grinds the society to a halt.

I urge you to look around 99% things in life that you just blindly trust. We need better mechanisms for building trust than "Don't trust unless verified". It is applicable in high risk situations, but the society pays a huge price for such an inefficient way to live.

hutzlibu 1214 days ago [-]
How do you know what things I trust blindly?

But I agree, it is not efficient to question everything. I do not want to question everything! But I do know enough, to question a lot of things.

Secrecy just allows bad things to stay hidden.

If the default would be openness, then people who do bad things would hesitate more, as it would be easier to detect those things, don't you think?

Whether it be government, food production or software.

machinelabo 1214 days ago [-]
I think one common theme we both can agree is that open available data only helps. It doesn't take away from anything. For those who want to verify, they can. They can look up FDA reports and inspection results.

Transparency builds trust overtime.

hutzlibu 1214 days ago [-]
"Transparency builds trust overtime."

Yep. This is what I mean.

I come from east germany, a former post sowjet state. A state which was build on blind trust on the state and no way for the common person to verify anything (or even dare to question anything openly). And big surprise: lots of dark things happened regulary.

Now things are still far from perfect in my opinion, but much, much better. And I think they can still improve a lot with even more transparency, because there are still lots of dark things happening behind closed doors. We probably just disagree on the degree of those things.

tsimionescu 1214 days ago [-]
> A state which was build on blind trust on the state

The former Soviet states and other USSR satellites were not built on trust, they were built on force. You had to act like you trusted the state to avoid the repressive force of the state.

But people did not trust the state at all, much more so than in today's world. Everyone assumed their telephones were listened to. Everyone assumed that the walls had ears. The lies of the state were often obvious, and often discussed with very close friends and close family, and anything that wasn't an obvious lie was thus considered a likely lie anyway.

hutzlibu 1213 days ago [-]
Yeah well, sure. Thats one ofmthe reasons, why I am highly sceptical when I have to trust authority blindly. Which goes back to the main point. I cannot really trust a closed encryption source, when I assume they are infiltrated by (western) intelligence agencies. And those agencies I do not trust. And I believe with the open information about them, rightfully so, even if they are not (yet) on par with the Stasi or KGB.
Spooky23 1214 days ago [-]
Fear and trust are not the same.
vaccinator 1214 days ago [-]
They'll probably figure out a non-suspicious way to include a computer in a can of bean soon enough... maybe it will let you know if the beans are still edible... in exchange, it will record everything you say.
CamperBob2 1214 days ago [-]
Coming soon: Juicero for Beans!
markdown 1214 days ago [-]
Watties FTW!
unixhero 1214 days ago [-]
Well I often use G5 PowerPC
vmception 1214 days ago [-]
Email and VPN is the most obvious even without this “proof”

Will otherwise intelligent people want to fight tooth and nail if I mentioned any specific VPN provider being incapable having privacy assurances you can rely on? Of course so lets do it anyway

Protonmail

NordVPN

ExpressVPN

every one

It doesnt matter what you want to believe, the entire concept doesnt do what people think it does.

You would simply have no way of knowing if a VPN suddenly did start keeping logs.

gruez 1214 days ago [-]
>Will otherwise intelligent people want to fight tooth and nail if I mentioned any specific VPN provider being incapable having privacy assurances you can rely on?

I agree if your threat model requires that nobody eavesdrop/log your traffic, then a commercial VPN service probably isn't the right tool, and you should probably use tor instead. That said, it doesn't mean commercial VPNs are placebo/snakeoil. They still provide:

* anonymity from the websites you visit: your home internet connection's IP typically uniquely identifies you/your household (assuming no CGNAT). Meanwhile, a VPN server might be used by tens of hundreds of people, which greatly increases your anonymity set. It's further improved if you rotate VPN servers, because a VPN service might be used by millions of people.

* extra degree of separation: your ISP knows a lot of info about you (name, address, payment info, maybe even credit score), whereas a VPN service might only know your email and the ip you connect from. If your VPN service decides to go rogue and sell your browsing habits, they'll have a much harder time associating it with your real life identity.

vmception 1214 days ago [-]
correct and those are valid use cases

anything that requires a government not knowing is outside of the use case

ampdepolymerase 1214 days ago [-]
Don't forget HN's favorite, Mullvad. Hey if Mozilla trusts them, it must totally mean they are not compromised by the government right?
speedgoose 1214 days ago [-]
I trust Mozilla as much as my mom to keep secrets.
upofadown 1214 days ago [-]
I think the big deal they are making is that Switzerland has reasonably good privacy laws, not that Swiss people are somehow more resistant to subversion by national intelligence agencies. It's a fundamentally different thing. People avoiding entities that consider themselves above national laws have the advantage that they don't have to care about privacy laws either.
schoen 1214 days ago [-]
The other big thing is the Swiss neutrality policy

https://en.wikipedia.org/wiki/Swiss_neutrality

which has also contributed to diplomatic meetings often being held there, treaties often being negotiated there, and headquarters or offices of international and intergovernmental organizations often being based there.

Just in Geneva you have https://en.wikipedia.org/wiki/Geneva#International_organisat... and that doesn't include all the treaties, one-off diplomatic conferences and meetings, or confidential diplomatic interactions.

The Swiss neutrality policy would seem to imply that you would be safer overall meeting there or that you could trust the government not to have an alliance which would mean it was helping some other country undermine your activities in Switzerland. So this reporting on Crypto AG as well as this company can be seen as a criticism that the Swiss government failed to uphold its principles of neutrality, or perhaps (depending on the degree to which the government was involved or aware or not) that the companies were getting a benefit from the international perception of the famous Swiss neutrality while themselves having political dealings with particular governments.

I think Snowden also mentions in his autobiography that, because there is so much international activity and discussion in Switzerland, other countries' spy agencies also like to spy on Switzerland and goings-on there -- including him when he was working for the CIA. People who are trying to rely on Switzerland's neutrality might hope that Switzerland succeeds in deterring much of that spying activity, and at least doesn't participate in, condone, or encourage it.

_trampeltier 1213 days ago [-]
A couple of years ago, there was a discussion here in switzerland about the US embassy had antennas on the roof for spying. But of course, the swiss gouverment said, there is nothing.

Just first best Link: https://www.20min.ch/story/spionage-verdacht-gegen-die-berne...

hkon 1214 days ago [-]
Not only that, but any service advertising their security and privacy. You can't really know unless you roll your own. But what kind of rabbithole that could be is insane, iirc even consumer hardware is compromised to some extent.
CleanMirage 1214 days ago [-]
Zero trust mode is also the only way to keep secrets in real life. Share it with someone - friend or relative - & sooner or later it always gets out most of the time as relationships/priorities change.
stunt 1213 days ago [-]
Talking sarcastically, perhaps the next time we will hear about Swiss luxury smart watches, since they are often given as a gift to executives and politicians.
kebman 1214 days ago [-]
This is the trust level on some embassies around the world. Special typewriters and no computers, in a soundproof room.
astrophysics 1213 days ago [-]
Makes one wonder about too good to be true services like ProtonMail, ProtonVPN and ProtonDrive. I was so excited about those, but recently I've started wondering whether they are just the continuation of Switzerland taking money to act as a facade for the CIA...
dannyw 1213 days ago [-]
Specifically calling out ProtonMail here especially after they started basically requesting all new signups through VPNs give their phone number; email; etc and they say it will be "deleted".
caymanjim 1214 days ago [-]
If hardware is compromised, can you even trust yourself? It's not like you can build your own in any meaningful sense.
matheusmoreira 1214 days ago [-]
No private company can be trusted with anything related to encryption. They are either already in bed with the government or can be coerced by force, and that's assuming they aren't themselves interested in people's data.
LeonB 1214 days ago [-]
It’s much cheaper for society to be just generally quite trusting, and then shoot any spies it finds.
milofeynman 1214 days ago [-]
It's why a lot of people had pause with the new owners of PIA, iirc
Shacklz 1213 days ago [-]
I was at first very disappointed to read Ueli Maurer's name in the article; I attended quite a few of his lectures. According to the interview with him on the "Rundschau" (unfortunately in Swiss German), he hasn't known about anything and was certain himself that Omnisec didn't have anything to do with the NSA. However, I still struggle to see what exactly his involvement was with them - he was a "Berater" (consultant), but says that he didn't really have any insight into the algorithms etc. and couldn't have possibly known about their issues; so what exactly did he do for them, just sell his name?

I really appreciated him as a prof (even though he was known to be a complete hard ass when it came to exams with high bars to pass) and would be surprised if anything turned up that would question his integrity further; still, it does leave a bit of a bad taste after all his preaching...

And as a Swiss, this is a complete fiasco. That the issue with Crypto AG didn't send a few heads in the NDB rolling was an absolute disgrace, they didn't even pretend to be humbled by this or anything of that sort. And now another such story emerges, and while I do hope that we finally see some action now, I wouldn't be surprised if nothing happened again.

nix23 1213 days ago [-]
>And as a Swiss, this is a complete fiasco.

Yes, and whats even worse, the politicians where kind of proud what they achieved with CryptoAG and called it a "grand coup". It's disgusting, first Switzerland is neutral, and second, trust in any security related product are absolutely smashed now.

patrickk 1213 days ago [-]
Protonmail users must be getting nervous.
Craighead 1213 days ago [-]
... nothing about Switzerland is neutral
xyquadrat 1213 days ago [-]
As a current student of Ueli Maurer and a Swiss citizen, I completely agree with you (the exam part is hard for me to judge... that's coming up in January for me). He claims that he did review algorithms for them, but only once did he look into one which actually got used in production.

I strongly hope that such cases where our NDB is passively allowing foreign nations to interfere with security equipment that is even used by Swiss companies will not become more frequent. It cannot be allowed that the secret service of a neutral country like Switzerland continues to act like this.

feralimal 1213 days ago [-]
What kind of action do you expect to see?

You do realise that governance is how corporations manage the people, not how people manage corporations, right?

vmception 1214 days ago [-]
My favorite part of these stories is where the employees across decades keep finding the super nuanced cryptographic flaws and get told not to fix that specific thing by higher ups

On to the next sprint! Its just Technical debt! Not sus

octoberfranklin 1214 days ago [-]
This article fails completely to state exactly what an "OC-500" does. Google is unhelpful because (a) it's a 30-year-old device and (b) there are a bajillion copies of this news story flooding the search results.

Poor journalism is poor.

andreasley 1214 days ago [-]
Here's PDF that has specs for some Omnisec products: http://www.universal-defense.com/UD/Communication_files/11_C...

It's probably 20 years old, but still interesting I think. They also seem to have sold a VPN client.

gadtfly 1214 days ago [-]
_threads 1214 days ago [-]
It’s terrible because I don’t trust ProtonMail & ProtonVPN entirely anymore because of this
rch 1214 days ago [-]
If you're worried about state agencies intercepting your communications, you're going to have to give up certain conveniences, like web based email and consumer VPN.

The services you mentioned should have superficial security that's at least on par with dominant providers, and will hopefully keep your information from being intercepted for the sake of advertising. I think that's still worth something.

upofadown 1214 days ago [-]
>...web based email...

https://www.mailvelope.com/en/

bitL 1214 days ago [-]
Just get one crypto device from the US, one from Russia and one from China, and then encrypt your stuff using all of them, one by one. Then no single secret service could decrypt it all.
DethNinja 1214 days ago [-]
How do you know rulers of China, Russia and USA aren’t best friends ever and share information at top levels? You simply cannot trust a third party vendor anymore, no matter where they reside and this includes your cpu too.

Any information that needs security from nation state level requires physical data diodes.

I guess you can use the method you mentioned for protection against lower level actors.

machinelabo 1214 days ago [-]
What does this mean in practice? Can you walk us through how to secure email using such a process?
ampdepolymerase 1214 days ago [-]
What he's describing only works for symmetric encryption. Assymetric is the problematic one. There is no real way to verify the trustworthiness of VPN/proxy systems.
1213 days ago [-]
Shacklz 1213 days ago [-]
I still trust it to not sell my data to the highest bidder for marketing purposes and such.

The NSA and other state agents may or may not be capable of reading my emails, but I don't think they would care about anything I write/receive and for sure won't sell/publish it because of the risk of the world knowing about their possibilities. It's still opposed to my interest in privacy, but the main thing I care about is my life not being an open book on the internet for everyone to see (or even just marketers), and ProtonMail sells that to me as a business model, which I still believe in.

_threads 1213 days ago [-]
yes, you're right. I chose them in the first place because they made me realize that there is no such thing as "free email", and I was glad to pay for mine to avoid ads and private data exploitation
StanislavPetrov 1214 days ago [-]
You shouldn't trust anything completely. All you can do is manage your risk to the best of your ability and be aware that unless you are talking to someone on top of a mountain and neither one of you have a phone with you, everything you communicate, digitally or otherwise, is very likely being recorded or logged somewhere by someone.
PestoDiRucola 1214 days ago [-]
You shouldn't have been trusting them in the first place. At least not completely. You're just taking their word for it and trusting a company blindly based on only their promise.
stunt 1213 days ago [-]
There is no way to run anything substantial like ProtonMail without getting tapped by agencies or even worst they will force you to integrate and cooperate. There are just many regulations and you have to comply.
legulere 1214 days ago [-]
Or Threema
nix23 1213 days ago [-]
Or Wire...they probably belong already to a 3-Letter Service (with the swiss-stamp of security and trust on it)
cybralx 1214 days ago [-]
Linked to US intelligence services. Makes you wonder how many VPN services are run by governments?
ardy42 1214 days ago [-]
> Linked to US intelligence services. Makes you wonder how many VPN services are run by governments?

I don't recall details, but IIRC, there are (or were) a few popular VPNs in China that were used to circumvent the firewall that functioned fast and reliability despite the anti-VPN crackdowns. I've read speculation that they were likely collaborating with Chinese police/security forces to help them keep tabs on the VPN-using community in order to better anticipate threats to their power.

Facebook ran similar free VPNs for a similar reason: to gather intelligence on users to anticipate competitive threats: https://en.wikipedia.org/wiki/Onavo.

fakedang 1214 days ago [-]
Well.... Tor started off as a government tech right?
lucb1e 1214 days ago [-]
That a government funded mixnet research in the 80s doesn't mean that VPNs are government-run, if that's what you are trying to say (honestly I'm not sure what exactly you're saying, the two have very little to do with each other).
schoen 1214 days ago [-]
By the way, you're off by a decade on when NRL did the onion routing research -- it was in the 90s rather than the 80s.

https://en.wikipedia.org/wiki/Onion_routing#Development_and_...

lucb1e 1214 days ago [-]
Thanks, I didn't know that. It was meant more illustratively than as an accurate time indication, but nevertheless it's good to be correct and now I know.
fakedang 1214 days ago [-]
My point was that one of the most secure ways of browsing the internet was essentially a government spin off from the 90s. So it's not hard to presume that the government has its fingers in a lot of other things built to hide/obscure user activity.
lucb1e 1214 days ago [-]
Well please prove me wrong but having talked to people like Roger Dingledine and Jacob Appelbaum in person and knowing a thing or two about how the Tor Project works, I have zero reason to think that this funding influences the security of Tor in any way, which is what "having its fingers in it" sounds like. The USA not funding the Tor project would, as far as I have been able to discover, not have changed anything about how likely it is that the USA or any other government has access to Tor users' data. If there are intentional bugs (bugdoors) inserted by any contributor, then those would be kept separate from any public funding it receives. Perhaps I'm not cynical, skeptical, or well-read enough though, so again, please point me towards anything that would suggest otherwise.

Then as for VPNs, they're again a very different thing. Funding research or a non-profit is very different from operating a commercial entity under a guise while abusing the trust anyone places in it. The comparison seems to me like comparing funding for general car safety or emission research with suggestions that the government operates one or multiple taxi services in order to learn who goes where. It's not that governments don't setup fronts or operate commercial entities under a guise ever, but rather that I have yet to hear of doing it for the purpose of surveilling random people (you have to get lucky in that anyone of interest signs up for yours, targeted marketing or no) that are not suspected of anything. Aren't fronts usually to enable targeted investigations or do specific actions unnoticed? Like, they might operate a VPN so it doesn't look weird if their secret operators use those IP ranges as well, but the main goal wouldn't be to spy on users (not saying they wouldn't do that on the side, of course, but it's getting more far-fetched).

grahoho 1213 days ago [-]
This link should explain it:

https://surveillancevalley.com/blog/fact-checking-the-tor-pr...

The author of this book did FOIA requests to various entities but most of them got predictably shot down for national security concerns. This one obscure government agency, Broadcasting Board of Governors, wasn't covered by these exemptions.

So the author read the emails between BBG and the Tor Project maintainers and found that when they received a bug report, rather than fixing it they reported it to their sponsors. The government would then exploit the bug for years before the Tor guys got around to fixing it.

lucb1e 1213 days ago [-]
That link reads very much like a conspiracy theory blog, "shocking revelation", "Anyone who questioned this [was] attacked, ridiculed, smeared and hounded into silence", "But the facts wouldn't go away."

The content is worth following up on, though. Those emails are as if written in an alternate reality, where Roger Dingledine is a government agent. They seem hard to believe, but scrolling down there is a PGP signature with the right key ID. I can't verify the sig, the email that I'd have to type over is many pages long and I'd be fighting line endings and it might never match and I'd not know if it's due to a mistake on my part or because the message doesn't match the sig so it wouldn't prove anything anyway. The signing key ID is also a short one (64 bits) so it could also be forged with some effort. I've reached out on IRC some hours ago to see if they deny it, as there is nothing on the Tor Project's blog, but have yet to get a response.

lucb1e 1210 days ago [-]
arma.exe is not responding. The plot thickens...
nyolfen 1214 days ago [-]
the US state dept funds the tor project to this day
markus_zhang 1214 days ago [-]
So is the real solution such that you purchase internet service from another country and build your own VPN?
lsllc 1214 days ago [-]
It's trivial to set up a FreeBSD instance with IPSec using StrongSwan on something like a Digital Ocean or Vultr instance in a country that suits (both D.O. and Vultr have regions in US, Europe and Asia/Pac Rim).

But it depends on what you're trying to do. If it's something like get access to shows on Netflix or the BBC iPlayer, then this is a good technique. I think for privacy, it might be OK; while the German or Australian govts. might share data with the US, probably Singapore, Korea, Japan or India doesn't. if you're up to something more nefarious then maybe you need something stronger like Tor.

novok 1214 days ago [-]
Part of the point of a VPN service is your IP represents thousands of users and no or very temporary logs are kept. Spinning up a one or dozen user VPN on a data-center IP where they definitely keep logs gives you none of that. Any complaint will immediately be forwarded or linked to your credit card. To see this in action go make one and then bittorrent some hollywood movies. You will get the scare letter emails forwarded to you within a month.

Want to get a data center account that takes crypto only? They are often shady, bad, unreliable and expensive, probably run by another gang that have their own issues.

HideousKojima 1214 days ago [-]
>and no or very temporary logs are kept

If, and only if, the provider isn't lying

fnord77 1214 days ago [-]
side note: BBC now checks that IPs using iPlayer are coming from a residential IP address in the UK. It won't work from a UK-based VPN endpoint.
markus_zhang 1214 days ago [-]
Thanks. I have always been wondering how the "hackers" (not in the sense of the way described in "How to be a hacker") managed to protect their traces while hacking other people's computers/networks. For sure many of them are gov entities so natually it's a lot easier to cover their tracks, but many of them are not.
Someone900 1214 days ago [-]
I'm not sure what is currently beeing used, and I guess that really depends on what exactly you are doing. But I know that often infected Computers are used as a VPN or Shadowsocket to cover ones tracks. Combine that with several layers of protection and it gets harder and harder to track one down
markus_zhang 1214 days ago [-]
Thank you, this makes sense!
Firerouge 1214 days ago [-]
>If it's something like get access to shows on Netflix or the BBC iPlayer, then this is a good technique.

Not very true anymore, at least Netflix outright blocks streaming to most ip blocks owned by VPS providers/datacenters.

machinelabo 1214 days ago [-]
Not trivial at all for vast majority of the VPN users. You know the people that buy VPN services because they saw it in a Youtube video as a sponsor.
lsllc 1214 days ago [-]
Fair point.
claudeganon 1214 days ago [-]
Both Korea and Japan are client states in the U.S. empire, with large US military presences and drastic interventions in their domestic politics. They absolutely collaborate with the US on everything.
markus_zhang 1214 days ago [-]
So I guess the best thing is to route through say US, Russia, EU and China?
nix23 1213 days ago [-]
You don't need the EU, they are probably more infiltrated then Japan, just listen to the german/french discussion (Germany believe that Europe can't have it's own army without US support...because of "nuclear"...France is pissed)
chiefalchemist 1214 days ago [-]
Why only VPN services? If you were in the Intelligence business would you stop there?
java-man 1214 days ago [-]
pretty much all of them, no?
lucb1e 1214 days ago [-]
No
java-man 1213 days ago [-]
How do you know?
PradeetPatel 1214 days ago [-]
As naive as this may sound, but is there an internationally recognised ethics framework for signal intelligence?

Something similar to the Geneva Convention perhaps?

lucb1e 1214 days ago [-]
Certain things are illegal to do even to the actual soldiers of a country you're at war with. I'd be interested to learn if these rules have been updated since the Internet (or ARPANET for that matter) created a whole new realm of possibilities and connections, but I assume not. I think you're right in saying that conventions for this sort of thing are a good idea.

The rules will have to be very permissive for aggressors or even friendly nations to actually follow them to some degree, but it could still cover things that directly cost civilian lives like hacking a hospital in a way that risks lives. (Recently someone in Germany died because of malware in a hospital, though the public prosecutor concluded--as expected--there was too little causal evidence to press charges, even if they could find the perpetrator in the first place.)

alecco 1214 days ago [-]
If you were a spy agency with virtually unlimited resources, wouldn't you try to infiltrate it? Or even start one from scratch?
raincom 1213 days ago [-]
How does ethics framework help? In every country, almost all politicians and bureaucrats engage in lawful yet unethical acts.
slim 1213 days ago [-]
there could never be one. since (non open source) intelligence is by definition outside the realm of ethics
FreshFries 1213 days ago [-]
The fact that this happened / happens does not bother or shock me. What really does grind my gears is that my government does not go full HAM on these that participate in these games.

This is not just bad for our image as neutral country, but really puts the current (security related) tech market in a very bad spot light.

vages 1213 days ago [-]
I thought the article never really stated in cleartext (sic) what Omnisec's actual misdeed was. Have I gotten it right?:

- Omnisec sold devices it claimed would encrypt stuff.

- The company was really just the CIA.

- Omnisec's devices would encrypt the data in such a way that the CIA could decrypt it.

durnygbur 1213 days ago [-]
This reminds how deceitful are American intelligence agencies with their industrial impersonation. Other example being Soviet Union providing raw materials for the production of SR-71.
pablooliva 1213 days ago [-]
"The CIA is a Terrorist Organisation" https://www.youtube.com/watch?v=_2khAmMTAjI&feature=emb_logo Kinda related.
ketsa 1213 days ago [-]
How much trust can you still give a company like ProtonMail, The "secure encrypted Swiss" email service...? Zéro.
nix23 1213 days ago [-]
As a swiss, and after that second accident i would say ZERO.
thinkingemote 1214 days ago [-]
This firm and their competitor ran by spies both made physical devices like secure fax machines, pagers and the like from the cold war to relatively recently.

Are there still companies that do that, or is all the attention on software these days?

durnygbur 1213 days ago [-]
If you believe in the "privacy marketing" coming from any of the DACH countries and buy their "privacy" products and services, it only means you are not familiar with the 20th century history.
bogomipz 1213 days ago [-]
>"In reality, the firm belonged to the CIA and Germany intelligence service, which could freely read what it encrypted. Information intercepted with the help of Crypto’s devices changed the course of events, including the Iran hostage crisis of 1979."

Does anyone have any further information on how exactly the Crypto AG device affected this event?

upofadown 1214 days ago [-]
It is interesting to consider how profoundly obsolete such devices are these days. We live in a world where anyone with a bit of knowledge can establish encrypted communications anywhere in the world without having to trust any third party. This state of affairs is recent enough that we still don't know the long term ramifications.
tatersolid 1214 days ago [-]
There was plenty of strong crypto available to non-governments back in the late 80s and early 90s.

We’re 30 years in; the ramifications are clear: one just compromises the insecure memory-and-type-unsafe code on all the endpoint devices instead of trying to bug or break the crypto.

upofadown 1213 days ago [-]
That is why we have air gapping now.

Added: ... and to be clear, these days, air gapping could look like PGP running on something like a Yubikey.

nix23 1213 days ago [-]
>It is interesting to consider how profoundly obsolete such devices are these days

Do you know how many of those "obsolete" in my case VPN devices i installed? Hundreds...from CheckPoint (Israel) to Zyxel (Swiss) and Sonicwall (USA).

upofadown 1213 days ago [-]
Not sure how VPNs fit in here. The devices in question provided privacy, not anonymity.
nix23 1213 days ago [-]
A VPN in a Enterprise is used for privacy and security NOT anonymity.
upofadown 1213 days ago [-]
Then those are fundamentally different sorts of devices. Message privacy vs link privacy. Data at rest vs data in flight. You would never use a VPN for the sorts of messaging encryption tasks required by an embassy for instance.
nix23 1213 days ago [-]
>Data at rest vs data in flight.

Ah so this machine encrypted a Faxmessage then you got your horse and a USB-Stick and you transport that FAX on the USB-Stick to the other embassy?

If your link is encrypted you messages are too..from point to point....like you know the fax-encryptor...secure from starting point to the endpoint

ummonk 1213 days ago [-]
I don't see how this is possible. Will you exchange one-time pads in person? That has always been possible. Any of the modern convenient ways to establish encrypted communications certainly require trusting a third party.
upofadown 1213 days ago [-]
Dunno. Checking a number over the phone is pretty darn convenient compared to securely shipping one time pads and/or machines.
ummonk 1213 days ago [-]
If you're referring to Signal, there are multiple third parties you need to trust - from the phone manufacturer could be logging your keystrokes to the App Store owner that could be substituting a spyware binary (most people don't verify package signatures) to the Signal developers one of whom could be introducing a backdoor security flaw into the code that wasn't noticed by others.
1213 days ago [-]
1213 days ago [-]
slater 1214 days ago [-]
gopfridli!
nix23 1213 days ago [-]
Gopfridstuetzli namal!!! Noed scho widder die Schaffseckel :)
Stierlitz 1213 days ago [-]
And water is wet :]
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact
Rendered at 19:19:54 GMT+0000 (Coordinated Universal Time) with Vercel.