It's Too Late

  • Posted on: 3 December 2014
  • By: davis

You have already been compromised. Your information is safely tucked away on backup tapes and offline servers. Your internet presence is noted every time you log in to your favorite website.

Your passwords, your emails, your Facebook login. Your patterns, your habits, your secrets, your life. They are all up for grabs.

Many security experts will give you tips, and they aren't wrong. Use Tor. Use encryption. Use third-party OS's. Trust no one. Use TLS.

Unfortunately, due to the continued publication of secret security procedures put in place by our government, it has become increasingly clear that Internet users are playing against a stacked deck - and the only way to win is to not play.

There are, admittedly, ways around the system. But they require previous knowledge - how do you find, for example, a privacy-geared operating system? You're an interested citizen, right? You just want to check out what's up in the world of evading unconstitutional searches of your data. Too bad.

Perhaps you'd like to use an operating system like TAILS - whoops! The NSA's XKeyscore doesn't approve:

// START_DEFINITION
/*
These variables define terms and websites relating to the TAILs (The Amnesic
Incognito Live System) software program, a comsec mechanism advocated by
extremists on extremist forums.
*/

$TAILS_terms=word('tails' or 'Amnesiac Incognito Live System') and word('linux'
or ' USB ' or ' CD ' or 'secure desktop' or ' IRC ' or 'truecrypt' or ' tor ');
$TAILS_websites=('tails.boum.org/') or ('linuxjournal.com/content/linux*');
// END_DEFINITION

// START_DEFINITION
/*
This fingerprint identifies users searching for the TAILs (The Amnesic
Incognito Live System) software program, viewing documents relating to TAILs,
or viewing websites that detail TAILs.
*/
fingerprint('ct_mo/TAILS')=
fingerprint('documents/comsec/tails_doc') or web_search($TAILS_terms) or
url($TAILS_websites) or html_title($TAILS_websites);
// END_DEFINITION
Source: http://daserste.ndr.de/panorama/xkeyscorerules100.txt

Did you google TAILS to find out what it is? You're now on an NSA watchlist for pursuing "a comsec mechanism advocated by extremists on extremist forums." Don't you feel like a terrorist already?

Or maybe Truecrypt - whoops! You're on another watch list! Stop looking at those damn privacy tools, citizen! You've forced the NSA to monitor your behavior because hell, you might just be the greatest threat to humanity since Ebola.

This seems pretty crazy, right? Why is the government vested in tracking citizens accessing these tools? Maybe there's something to this - maybe the terrorists really do use these programs, and we really DO need to... 

"The XKeyscore rules reveal that the NSA tracks all connections to a server that hosts part of an anonymous email service at the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) in Cambridge, Massachusetts. It also records details about visits to a popular internet journal for Linux operating system users called "the Linux Journal - the Original Magazine of the Linux Community", and calls it an "extremist forum".

"The former NSA director General Keith Alexander stated that all those communicating with encryption will be regarded as terror suspects and will be monitored and stored as a method of prevention, as quoted by the Frankfurter Allgemeine Zeitung in August last year." Das Erste

For fucks sake.

Look, what the government does with the Internet is mind bending. You cannot name a layer of the Internet that has not been compromised by the NSA/GCHQ. Just recently, the world has had to recover from the Regin virus.This incredible feat of engineering allowed the controlling nation-state to penetrate GSM systems - this is the first cybertool known to be capable of such a feat. 

 

Regin is also widely believed to have penetrated Belgian professor Jean-Jacques Quisquater's system.

Let's not forget Stuxnet, which marks the first public cyber-attack between nation-states. Stuxnet, in conjunction with physical methods (the assassination of prominent nuclear scientists), crippled Iranian nuclear progress.

All of this is small potatoes, of course, when compared to one of the greatest intelligence coups in human history.

Crypto AG spawned in the vacuum of World War 2. Countries around the globe had become intensely aware of efforts to break encryption for military purposes. In fact, World War 2 had been the proving ground for counter-intelligence agencies. U.S. intelligence had learned how to penetrate the communications of foreign countries - friend or foe. 

NSA's 1993 release of the World War II era "magic" intercepts under FOIA pressure revealed that US military intelligence read not only messages by Axis nations, but also intercepted and decrypted the top secret communications of Allied and neutral nations. Switzerland was among the more than 30 countries whose messages were being read. Since Swiss-made cipher machines were used by many governments at the time, it is likely that the US has been reading such messages for over half a century. An early example is the use of top secret intercepts by the US delegation to the 1945 founding convention of the United Nations in San Francisco. - http://mediafilter.org/caq/cryptogate/

Crypto AG's encryption machines were purchased and operated by over 120 countries. These machines were purchased from the Swiss company because nation-states regarded encryption as a matter of utmost importance. In order to ensure their confidentiality, nations believed that a Swiss company could protect them from the long reaches of counter-intelligence.

These countries were wrong. The U.S. had correctly assessed the state of technology and determined that the fatal flaw of encryption was the machine itself. Cracking codes takes time, money, luck, and more time. It was much easier to bribe Crypto AG.

Crypto AG and an NSA representative met in 1957. Although reports of this meeting were kept quiet for 20 years, evidence began surfacing that the NSA and Crypto AG had definite links between them. Meetings between William F. Friedman (who had cracked the Japanese code during WW2) and Boris Hagelin (founder of Crypto AG) slowly came to light in the mid 1970's.

The timing of their 1957 meeting is rather fortuitous - it came just one year after Field Marshal B. Montgomery issued a "Top Secret" memo.

A document released in 1995 by Britain's Public Records Office indicates that Switzerland and NATO concluded a secret deal in 1956. The "Top Secret" document, dated February 10, 1956, with the reference "prem 11/1224," was written by the famous British World War II figure, Field Marshal Bernard L. Montgomery. While "Monty" was a vice-commander of NATO, he discussed a secret alliance with Swiss Defense Minister Paul Chaudet. In peacetime, Switzerland would be officially neutral, but in wartime, it would side with NATO. - http://discovery.nationalarchives.gov.uk/details/r/C2038042

There were clues to opposing countries that the U.S. had access to their dirtiest secrets. President Reagan referenced information only available through Crypto AG's machine in a live speech regarding the Berlin discotheque bombing. The U.S. then showed its hand to France as a goodwill gesture. When former Iranian prime minister Shahpour Bakhtiar was stabbed in Paris, U.S. intelligence provided decrypted Iranian communications to France ("The Tehran Connection," Time Magazine, March 21, 1994.)

Libya and Iran were shocked to have been caught - and then suspicion kicked in. The common thread between these two countries was their purchase and use of Crypto AG's machines. Iranian authorities arrested Crypto AG's top salesman in 1992 and subjected him to torture and imprisonment for nine months. Crypto AG eventually paid the Iranians a $1M ransom to retrieve their salesman - who they then promptly fired and sued for repayment of the $1M ransom. Yes, really.

Even in 1995, The Baltimore Sun was sounding alarms about U.S. penetration in foreign crypto-machines.It continues to this day - the NSA has tapped world leader's phones, emails, and offices. In the spring of 2011, the European Commission was penetrated by foreign actors. Angela Merkel's phones have been owned repeatedly by the U.S. government. The NSA and GCHQ have collaborated to tap overseas cables (follow that link to play with an interactive map).

But this is all rather tiring. I could go on and on with examples of high-profile, high-security installations being taken down by cyber-attacks. It's really quite boring, much like reading histories of trench warfare in a bygone era. The parameters may change, the methods may change, but one thing is always constant - the need for information. If it comes at the expense of your rights, so be it.

An important lesson to take away from this, I think, is that you can't truly engage in Internet activity without the expectation of losing. Your ISP will cooperate with the government if leaned on heavily enough. As soon as your Internet activity leaves your computer, it is being monitored.

Tor won't help - you will access a hijacked node at some point, and you will be caught. Please look at recent examples of high-profile computer crime cases - in almost every case, the suspects were tripped up by accessing a poisoned source. You cannot independently verify the security of every external service you use. You cannot be sure that your computer hardware is free from rootkits or other embedded malware.

Unless you assemble every piece of your computer by hand, and coded every feature securely, you cannot assume total operational security. 

That being said, have fun! Not every Silk Road user gets caught, and millions of cyber-criminals slip through the NSA nets year after year. If you keep your activity low-key and unimportant, you'll probably never see the negative consequence of the U.S. government capturing your data.