Tor's First Crowdfunding Campaign

When we launched this first crowd funding campaign, we weren’t sure what would happen. We knew we wanted to diversify our funding sources; crowd funding gives us flexibility to do what we think is most important, when we want to do it. It allows us to fund the development of powerful new privacy tools. Or make the ones we have stronger and more resilient. Or pay for things we need like a funded help desk or an Arabic version of our web site.

But we didn’t know if people who like Tor would actually invest in our independence.

Now we do.

Together, our community has contributed $205,874 from 5,265 people to support Tor in this first crowdfunding campaign. We are so excited.

What we’ve seen, we think, is our community in action—our whole community finding ways to support us—by making a donation, or by sending us a bug bounty as GitHub hackers did. By making a matching donation, or just pinging their friends to help out.

Following our theme "This Is What a Tor Supporter Looks Like," you sent in photos of yourselves in Tor t-shirts doing back bends or teaching your daughters how to use Tor browser, or covering your face to preserve your anonymity but trumpet your support for Tor.

You sent fundraising notes to giant email lists. You tweeted screenshots of your donations. You bragged about your Tor relays (thank you) to inspire others. Some of you pointed out that Tor has saved your life.

The international Tor community rose up to support Tor’s independence in every way it could think of. And independence is power. Power to defend the rights of human rights activists. Power to defend the privacy of all of us.

Even though we’re a privacy organization, we found out what a Tor supporter looks like. It's someone who takes action to support their right to privacy.

Thank you.

Our deepest thanks to Tor’s wonderful champions, who put on the T-shirt first and took the plunge to support Tor in our first-ever campaign:

Laura Poitras

Roger Dingledine

Amanda Palmer and baby Anthony

Nick Merrill

Andy Bichlbaum

Molly Crabapple

Rabbi Rob and Lauren Thomas

Shari Steele

Cory Doctorow

Ben Wizner

Daniel Ellsberg and Patricia Marx Ellsberg

Alison Macrina

Edward Snowden

Giordano Nanni

Susan Landau

Ethan Zuckerman

Jacob Appelbaum

By Kate Krauss, for Tor's fundraising team:

Isabela Bagueros, Juris Vetra, Leiah Jansen, Mike Perry, Shari Steele, Sue Gardner, Katherine Bergeron, Nima Fatemi, Sebastian Hahn, Roger Dingledine, Nick Mathewson, Ben Moskowitz, Jacob Appelbaum, Katina Bishop, Colin Childs, and Kate Krauss.

Mateus

January 23, 2016

Permalink

Time to start thinking about the *next* funding drive.

Here's one idea: you know who has no freaking privacy whatsoever? US military enlisted service people, that's who!

Does TP have enough fearless supporters (esp. former military) in places like Norfolk, San Diego, Ramstein, to set up tables outside, er, off-base entertainment establishments?

What about setting up tables on the National Mall (once the snow clears)? Because congressional employees need Tor too (point to the CIA spying revealed by that absurdly unlikely whistleblower, Sen. Feinstein).

What about New York City Hall? Or the Liberty Tower?

What about reaching out to US university colleagues to get in touch with student groups which might be interested in "Tor tabling" on their campus?

(To prevent possible misunderstanding: I see all the difference in the world between taking money from the USN and taking money from individual Tor supporters who happen to be sailors in the USN.)

I can understand why you are upset, but anger alone won't solve any of the challenging global problems faced by human society at the dawn of the 21st century, which were created by three generations of misgovernment and cynical self-serving economic policies pursued by the ruling elite, mostly US but also China, Russia, Saudi, EU, etc.

Unreasoning rage makes authoritarians electable in countries like USA, Turkey, Poland--- which poses a problem for the entire world.

The answer is not to get mad, but to get smart. Talk to people, brainstorm possible responses, identify those which might prove practical and effective, and then tell TP what you think will help and why.

> Cloudflare==nsa

You appear to claim that Cloudfare can be identified with NSA. That agency does have a longstanding practice of attempting to "shape" to world to suit its own interests, in utter disregard of every other consideration (e.g. human rights, the Constitution, wider political considerations), as is amply confirmed in the Snowden leaks (and by previous whistleblowers). But your claim goes well beyond that. Do you have any evidence?

You ask:

> are you going to "KILL" nsa?

Whom are you addressing? Tor Project? Human rights campaigners?

By "kill" do you mean "cease to operate"? Or do you mean killing actual people?

Human rights campaigners and privacy rights activists are working to cause NSA/CIA and other USG-sponsored terrorism agencies to cease to operate, for example by defunding these agencies, declaring them illegal terrorist organizations, etc., and we are working to ensure that those persons who have committed war crimes (air strikes on MSF hospitals, "signature" drone strikes, "kinetic effects" targeting children, and a long long list of other horrors) are brought to justice in special tribunals which charge the worst of the worst with war crimes. We especially seek to ensure the imprisonment of the higher ranks, but we also seek the arrest of lower level functionaries, with the goal of inducing them to provide evidence against their superiors in return for a reduced sentence.

We also seek to bring to justice all other persons involved in the planning and execution of war crimes, such as persons involved in Russian air strikes targeting defenseless civilians in Syria, or Saudi air strikes targeting MSF ambulance drivers in Yemen (for example).

We believe we are making significant progress towards these goals, for example by compiling extensive evidence that specific persons have committed specific war crimes. Prosecuting genocide tends to be a long drawn out process, but we are determined to persevere until everyone who has participated in war crimes is brought to justice.

War Crimes tribunals are fully functioning courts which operate openly under strict rules of evidence and follow rules of procedure, and they provide skilled defense lawyers to defendants. The contrast with NSA/CIA assassinations, where an NSA/CIA algorithm acts as judge, jury and executioner under conditions "above Top Secret", could not be greater.

Does that answer your question?

>> Cloudflare==nsa
>You appear to claim that Cloudfare can be identified with NSA. That agency

Please sit and wait for another whistleblower if you don't have opinion of your own. Or you can try to think of Cloudflare and nsa intentions to get access to encrypted connections. Google Apple Microsoft are "officially" compromized. Common people have become less naive and want https connections. And oops... have a look nsa has a solution - Cloudflare (and of course investors - Google Microsoft ). Lets 'advise' website owners to use Cloudflare service(bamn). Common internet user sees https mark and believs he connects to the right server which has certificate and the private(!) key. But that mark is fake now. How to trust 'secure' https connection when it can be falsified by Cloudflare?

You see the problem are not captchas they are just for ad purpose. Wait a minute, maybe you think it is Saudi not nsa?

>You ask:
>> are you going to "KILL" nsa?
>Whom are you addressing? Tor Project? Human rights campaigners?

Can;t you read?
anonimous1>>>Every time I use Tor I want to KILL everyone who works for Cloudflare.
anonimous2>>are you going to "KILL" nsa? Cloudflare==nsa.
anonimous3>Whom are you addressing to? Tor Project? Human rights campaigners?

Thus any sane person can see the flow of comments. Time to educate yourself? Please try to read it again and do not slant the comments.

>...
Are you sure that Cloudflare is the subject for "War Crimes tribunals"??
If you want to tell us about "War Crimes tribunals" you can start another thread. Or a more advanced solution is to create an official "War Crimes tribunals" onion site with a blog and give us the reference. It is quite simple btw.

I believe you will "bring to justice" noone. It is just imposible in modern "new order" - opposite to those days of 1945-1946. As for the russian kgb state... nostradamus warned about disaster from north.

And i don't have questions btw. I wonder whom you are answering to you think...

Mateus

January 25, 2016

Permalink

That's an average donation of 40 $, increasing the number
of donors and the average donation is the goal for the future.
With the richest nations having the bigger users base it would
be great to have those campaigns addressing a wider audience
than the global "english" world.
Ask your spanish, french, japanese, ... friends to be part of "what a tor
supporter looks like" for example, not so much a language problem
but to include or reflect more on the diversity of the world.

There is enormous public outrage in Spain over the "vomit law" and other repressive measures, which have already been used by the government to target a key TP partner, Riseup Networks.

So I agree that TP should consider prioritize working with our allies in Spain to create a Spanish language fund-drive based upon the premise that Tor can help defend protesters against the governments sharp turn back towards fascism.

Mateus

January 25, 2016

Permalink

While I'm glad to see your crowdfunding campaign go well I agree that cloudflare is an enormous threat that is greatly underestimated.
Many sites now use their services and not only let them decide who is to be filtered out but also give them unlimited access to their traffic. As said, https over cloudflare is nothing else than a MITM attack in which you voluntarily hand out your key to the attacker. And I am pretty sure many of their customers are not aware that they let cloudflare read all their encrypted traffic.

But even without cloudflare, tor has a fundamental problem. It is extremely easy for any site to lock out tor users as the exit nodes list is public. You have made great achievements in protocol obfuscation to make entry guards reachable, but what's the use when most sites block the exit nodes? Thanks to cloudflare we can't even view a lot of websites, let alone post something. Just try to create an email account using tor. Next to impossible nowadays. Even many forums deny account creation with a tor IP.

And the policy of asking companies to unblock tor is both naive and weak. Worked great with wikipedia, didn't it? You could as well ask the chinese government to unblock tor. It would be quite insane from their point of view.

Let's be honest, there are plenty of people who are using tor for vandalism, spamming and the distribution of illegal content. The exit nodes aren't blocked for nothing. And companies like cloudflare, as well as every responsible site admin can and will never ignore this fact and treat tor exits like normal IPs.
Cloudflare's customers expect them to identify and block malicious traffic. And whether we like it or not, the amount of 'good' users lost by blocking all of tor is negligible compared to the threat mitigated by doing so. I was actually surprised they eased tor access for a while last fall. Even posting was possible on some sites for a while. Guess that didn't work out for them too well.

Fact is, tor devs will have to actively deal with this problem at some point or tor will become unusable except for hidden services.

If you think that pretty words and patience are the solution you live in a dream world. I mean, if it was that easy we would not be needing tor in the first place.

"Responsible site admins" should focus on blocking malicious traffic regardless of the source, not cutting off millions of users based on a few bad actors. A dedicated attacker isn't going to stop just because exit nodes are blocked. Like arma says above:
"You are absolutely right that Cloudflare is a pain for Tor users these days. They say they care, but at the same time they won't implement even simple fixes to make things better for most users most of the time."
To me, this smells like behind the scenes NSA involvement like with RSA or what they attempted with Nacchio of Qwest. Why else would a commercial entity like Cloudflare seemingly go out of their way to generate bad will and frustrate users, many of whom work in the IT industry and are potential clients?

You've persuaded at least one ordinary user that TP can't wait to start serious work on finding an effective response to CloudFare censorship.

One easy first step would be a blog post from a TP staffer explaining the two key points in your post

o users who attempt to agree to CloudFare Captchas are actually "agreeing to" MITM in case of an encrypted connection to an https website

o whether the connection to the destination is encrypted or not, CloudFare sees all traffic (webpages visited, logons, downloads)

and adding some more:

o US, EU, and other "blocks" are holding frantic high level discussions about government mandated censorship by ISPs and popular websites such as Facebook of supposed "propaganda" by IS (and other adversaries), or by internal dissidents, and we appear to know little about CloudFare's role in such policies.

o role of content delivery networks (CDNs)

o ties with issues surrounding the apparently NSA engineered backdoor(s) in the Juniper routers used by many firms which sell CDN services to websites

o customer service will become impossible to obtain if you signed up over Tor.

Ultimately I think the only long-term solution is the same as the solution to most of the other political/financial threats faced by TP: "mainstreaming" and growing Tor use by ordinary citizens all over the world. This would presumably help solve our problems with CloudFare by providing an economic incentive to CloudFare (and its customers) to not block all Tor users (who do not agree to MITM) "just because". Of course, we need to be careful to help websites avoid temptation to grant government agencies or third parties free access to their internal networks in order simply to avoid MITM.

See:

http://thehill.com/policy/cybersecurity/267017-top-french-cop-to-meet-w…
Top French cop meeting US officials over terrorist use of social media
Katie Bo Williams
26 Jan 2016

> French Interior Minister Bernard Cazeneuve said Tuesday that he will meet with top U.S. officials in February to discuss how best to stymie terrorist activity on social media, according to The Wall Street Journal. He will also meet with U.S. tech firms to “update our level of cooperation” — a substantial change in tone from a year ago, when he warned that “we won’t succeed in our fight against terrorism unless Internet actors start taking responsibility.”

It's important to understand here that the government of Spain explicitly regards street protesters as "terrorists" who pose the same or greater level of threat as supposed IS terrorists scheming to carry out terrorist acts in Spain. (Not an entirely imaginary threat, to be sure, but it seems clear the government is more worried about massive anti-austerity protests).

http://thehill.com/policy/cybersecurity/267041-house-oversight-probes-f…
Oversight investigating possible backdoor in government networks
Cory Bennett
26 Jan 2016

> The House Oversight Committee is investigating the government’s use of a vulnerable technology that some fear could have allowed foreign governments to snoop on encrypted U.S. communications.

http://arstechnica.com/tech-policy/2016/01/moment-of-truth-feds-must-sa…
Moment of truth: Feds must say if they used backdoored Juniper firewalls
Dan Goodin
26 Jan 2016

> Congressional oversight leaders are requiring most federal agencies to audit their networks to see if they use Juniper-manufactured firewalls that for four years contained an unauthorized backdoor for eavesdropping on encrypted communications.

http://arstechnica.com/security/2016/01/how-amazon-customer-service-was…
How Amazon customer service was the weak link that spilled my data
Even when doing everything right, an Amazon account is all it takes to get breached.
Eric Springer
26 Jan 2016

> After being the victim of these attacks for months, all I'm left with are a few recommendations to offer these services going forward
> ...
> Show support agents the IP address of the person connecting. Is it a usual one? Is it a VPN/tor address? Warm agents to be suspicious.

Clownflare is NS(pider)A controlled company just like gugle. And you can imagine how collected data can force website owners to move to said company which will own even there private ssl keys... just look at governments.
But anyway there is no intention to lock even such a small problem as force the enemy to USE tor to access for tor nodes list...

Mateus

January 25, 2016

Permalink

Hi, what happened to Tor Weekly? Really enjoyed those weekly articles on the blog.

Also, what happened to the user "phobos"?

Mateus

January 25, 2016

Permalink

I'm late to the party. Should I donate now via European Bank Transfer (and support the Renewable Freedom Foundation?) or should I wait for the next round and donate via Paypal?

Whichever you like. Why not both? :)

I talked to Moritz (who controls the RFF account) at 32c3, and we agreed that having that funding go towards dev meeting costs is a great plan. That way he doesn't get into the complicated "European non-profit giving money to American non-profit" situation, but it's also going directly towards a cost that otherwise we would be paying. Win-win.

Thanks for still wanting to donate!

Mateus

January 26, 2016

Permalink

There is a new version of Firefox...the current Tor Browser Firefox is outdated...

Mateus

January 26, 2016

Permalink

I hate to say it, but if services are using "cloudfare" to do the dirty job
instead of them doing it, it means to me that those services are
not even worth using or services i can't trust.
If a service cannot mitigate "threats" but by blocking tor nodes, why this
service is even online ? It's not a service, it's a empty shell like most
of the web trend to become nowadays.

Mateus

January 26, 2016

Permalink

Thanks for being awesome and not letting web surveillance go unopposed!

Not sure if I made it in time for the big count, but the average contribution of $40 shows that no matter what you can give, it will be amplified in force.

Please don't send me a T-shirt.

Mateus

February 02, 2016

Permalink

Why don't you start a project to avoid the distribution of child sexual exploitation material via the tor browser??! Beside "Families" and "Buisness" a lot of pedophiles use the tor browser to share the worst of the worst images and videos! What a shame to promote just the light side of tor even if the dark side is obvious! Are you acting on that???! Are your eyes blind caused by too much onions???!

Mateus

February 02, 2016

Permalink

Should TP be doing more to help people set up HS properly?

http://arstechnica.com/security/2016/02/default-settings-in-apache-may-…
Default settings in Apache may decloak Tor hidden services
World's most widely used Web server often displays geographic locations of Tor sites.
Dan Goodin
1 Feb 2016

> Websites that rely on the Tor anonymity service to cloak their server address may be leaking their geographic location and other sensitive information thanks to a setting that's turned on by default in many releases of Apache, the world's most widely used Web server.

OK, thanks.

About the donated services: Cymru Research provides the TP website and torcheck, correct?

Online documents suggest Cymru Research (whose founder/CEO sits on TP Board of Directors and was featured in the funding drive) is a nonprofit whose income (comparable to TP) is entirely from grants (not otherwise specified). They are involved in USG cyberdefense and apparently work very closely with certain agencies whose priorities may not closely match those of TP. I again ask for clarification.

To prevent possible misunderstanding: I read the latest white paper coauthored by Bruce Schneier and Susan Landau (also featured in the funding drive), and it did not escape my notice that they worked with people like former NCTC Director Matthew Olsen, who is now the CEO of IronNet Security, which apparently makes him the current boss of former NSA/CSS Director Gen. Keith Alexander. (Other former NSA Directors have come out against "backdoors", and even the current Director, Adm. Rogers, may have reversed his previous position to oppose them.)

In this case I think I know enough about the political situation to understand why even after Snowden's leaks, privacy advocates still sometimes work with the bad guys. Eg. if we can eliminate FBI, by all means work with NSA, our ally in that fight. If we can eliminate NSA, by all means work with Google. But in contrast, Cymru Research seems to be very secretive and this worries me, particularly since it seems that two of their employees spent several months working FANX Annex.

All I want is some explanation. Were they working with the IAD people to protect HHS servers? Or with people trying to break Tor?

See the "Problem Set" just published by Cory D for more information on Tor traffic tflow being offered for testing metadata analysis software to FVEY partners, including outside consultants.

About Riseup Networks: just want to make sure you know that Riseup's email server has been targeted by Hacking Team. One documented example is a request for an HT "exploit" made by someone apparently associated with the Czech police (or intelligence?) who apparently wanted to break into the email server. Not saying you should not use Riseup; quite the opposite, TP should work even more closely with Riseup and Citizen Labs to document this kind of abuse.

Mateus

February 17, 2016

Permalink

http://arstechnica.com/security/2016/02/extremely-severe-bug-leaves-diz…
Extremely severe bug leaves dizzying number of software and devices vulnerable
Since 2008, vulnerability has left apps and hardware open to remote hijacking.
Dan Goodin
16 Feb 2016

> Researchers have discovered a potentially catastrophic flaw in one of the Internet's core building blocks that leaves hundreds or thousands of apps and hardware devices vulnerable to attacks that can take complete control over them.
>
> The vulnerability was introduced in 2008 in GNU C Library, a collection of open source code that powers thousands of standalone applications and most distributions of Linux, including those distributed with routers and other types of hardware. A function known as getaddrinfo() that performs domain-name lookups contains a buffer overflow bug that allows attackers to remotely execute malicious code. It can be exploited when vulnerable devices or apps make queries to attacker-controlled domain names or domain name servers or when they're exposed to man-in-the-middle attacks where the adversary has the ability to monitor and manipulate data passing between a vulnerable device and the open Internet. All versions of glibc after 2.9 are vulnerable.
...
> It will take time for engineers and researchers to analyze this latest bug, but at first blush, it appears it poses the biggest threat to routers and Internet-of-things devices that use glibc. Those devices rarely contain the types of No-eXecute and ASLR mitigations that come standard on most production servers, making code-execution exploits much easier to develop. What's more, hardware is rarely updated, making it unlikely vulnerable devices will ever be patched. The good news, as people have pointed out on social media and in Ars comments, is that many home routers use glibc alternatives that have yet to be reported as vulnerable. It could take weeks for a complete list of vulnerable devices to become available.

http://www.theinquirer.net/inquirer/news/2447451/glibc-major-bug-threat…
Glibc: Major bug threatens thousands of Linux apps and IoT devices
Open source? More like open season for hackers
Seven-year-old bug threatens Linux apps and smart devices built on open source code
Roland Moore-Colyer
17 Feb 2016

> A SEVERE BUG in a widely used open source library has left hundreds of thousands of Linux apps and hardware open to hackers and malware...The flaw is in a function known as getaddrinfo() when used by apps and hardware such as routers based on glibc code to communicate with IP addresses using domain name servers (DNS).

http://fortune.com/2016/02/17/google-glibc-big/
Google and Red Hat Found a Dangerous, Widespread Bug
David Meyer
17 Feb 2016

> Engineers at Google and Red Hat independently found an egregious bug in very widely-distributed computer code library known as “glibc”. The bug, which dates back to 2008, affects hundreds of thousands of devices and programs that use software derived from the GNU free-software project. The products, which range from servers to routers to Internet-of-things devices, are vulnerable when they try to use a certain function to translate web addresses into their underlying, numerical IP addresses. If an attacker controls the web server or domain name the victim is trying to communicate with, or if someone is intercepting the communications between the victim’s device and the server or domain name, it’s possible to make the victim’s computer crash — or, with some effort, to even insert malicious code in that machine.

https://googleonlinesecurity.blogspot.fi/2016/02/cve-2015-7547-glibc-ge…
CVE-2015-7547: glibc getaddrinfo stack-based buffer overflow
Fermin J. Serna, Staff Security Engineer and Kevin Stadmeyer, Technical Program Manager
16 Feb 2016

> Our initial investigations showed that the issue affected all the versions of glibc since 2.9. You should definitely update if you are on an older version though. If the vulnerability is detected, machine owners may wish to take steps to mitigate the risk of an attack.
>
> The glibc DNS client side resolver is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used. Software using this function may be exploited with attacker-controlled domain names, attacker-controlled DNS servers, or through a man-in-the-middle attack.

https://sourceware.org/bugzilla/show_bug.cgi?id=18665
...
> When the thisanssizp pointer variable on line 1257 is updated, thisanssizp = anssizp2, i.e assigned a new address, this change causes the thisanssizp pointer variable used in the recvfrom function on line 1282 to use the wrong size if a new buffer is created after the thisanssizp address has been changed at line 1257....The recvfrom function will
not crash, but any further accesses to the buffer where the bytes read was 0 from the recvfrom function will crash the program.

https://lists.torproject.org/pipermail/tor-talk/2016-February/040280.ht…
The CVE-2015-7547 glibc getaddrinfo() vulnerability, and you.
Nick Mathewson nickm at freehaven.net
16 Feb 2016

> summary: New glibc bug. If you use glibc, install your vendor's
patches as they become available. Tor is not an easy target for this
attack, but you should upgrade anyway.

Question: thanks to Nick M for clarifying wrt tor client itself, but is Tails 2.0.1 vulnerable? As far as I could tell in a quick look, Tails does not use glibc itself, but I have the impression that the vulnerability has existed unfixed for so long that it might propagate to seemingly quite different packages such as python or perl.

Dan Goodin ends his article by asking:

> It remains unclear why or how glibc maintainers allowed a bug of this magnitude to be introduced into their code, remain undiscovered for seven years, and then go unfixed for seven months following its report. By Google's account, the bug was independently uncovered by at least two and possibly three separate groups who all worked to have it fixed. It wouldn't be surprising if over the years the vulnerability was uncovered by additional people and possibly exploited against unsuspecting targets.

I think that's a good question. If I am not mistaken, the problem was public information for seven months, during which time the maintainers apparently did nothing to fix it. I am not a coder, but have the impression that the problem would have been easy to fix.

Another question: most ordinary Tor users must rely on SOHO routers to get on the Internet in the first place. Many of these appear to use hardwired default name servers. Before Debian 8 I knew a clumsy and possibly dangerous way to make /etc/resolv.conf point to a name server I hoped I could trust to promptly install security critical patches, but systemd has confounded all my attempts to do this under Debian 8. Tails 2.0 and later use systemd also. Why does Debian make it so difficult to find an explanation of how to point to a DNS resolver you trust (wisely or not)? If Nick knows how, can he share an explanation? I imagine the instructions would be short.

Mateus

February 18, 2016

Permalink

The PR offensive by our enemies in Cryptowars II continues with a new coordinated offensive. Both Admiral Michael Rogers (NSA Director) and John Brennan (CIA Director) are once again blaming their agencies's multiple recurrent failures on, you guessed it, "encryption":

http://arstechnica.com/tech-policy/2016/02/nsas-director-says-paris-att…
NSA’s director says Paris attacks “would not have happened” without crypto
Tells Yahoo News encryption prevented "insights" that could have raised alarms.
Sean Gallagher
18 Feb 2016

> In an interview with Yahoo News chief investigative correspondent Michael Isikoff published today, National Security Agency Director Michael Rogers declared that the terrorists involved in last November's attacks in Paris used at least some encrypted communications to plan their actions, preventing NSA from being able to warn French officials in advance. Because of encrypted communications, he said, "we did not generate the insights ahead of time. Clearly, had we known, Paris would not have happened."

https://www.techdirt.com
CIA Head John Brennan Says CIA Failed To Prevent Terrorist Attacks Because Of Encrypted Communications
from the now-he's-just-fucking-with-everyone dept
15 Feb 2016

> As has been noted here in several posts, the terrorist attacks in Paris had nothing to do with encryption (or the Snowden leaks), although many government officials (and the French government itself) were quick to demonize both.
>
> The facts:
>
> The Paris attackers communicated mostly through unencrypted SMS.
> That the attacks were carried out successfully appeared to be the result of an intelligence failure, rather than the terrorists "going dark."
> Evidence shows terrorists' communications methods have gone largely unaltered despite the Snowden leaks, meaning intelligence agencies still have the access to communications they've had for years.
>
> Never mind all that, says John Brennan. It may have been an intelligence failure -- but only because encryption got in the way.

Mateus

February 18, 2016

Permalink

@ Shari:

Want to make sure you know about this and are formulating a response to a possible similar order directed at Tor Project which might be handed down any day:

A judge has ordered Apple to create a device or software which would enable agents to bypass built in security features in order to "brute force" unlocking by very rapidly presenting possible passphrases without invoking the feature which causes the phone to wipe itself when ten incorrect guesses are entered in rapid succession:

http://arstechnica.com/tech-policy/2016/02/why-tim-cook-is-right-to-cal…
Why Tim Cook is right to call court-ordered iPhone hack a “backdoor”
Custom version of iOS could undo years of work Apple put into securing iPhones.
Dan Goodin
17 Feb 2016

> It would remove normal iOS functions Apple created to intentionally increase the amount of time it takes to repeatedly enter passcodes, and it would allow an unlimited number of guesses to be made without destroying any data. The Apple-produced software must also allow the FBI to submit PIN code guesses through the phone's physical device port or through Bluetooth or Wi-Fi connections, a requirement that would allow investigators to use speedy computer scripts rather than manually enter each PIN candidate. Based on the wording of the order, the customized iOS version probably wouldn't be directly installed on the phone, but rather loaded into the phone's memory, in much the way OSes can be booted from a USB drive.
> ...
> It's always risky when judges with little or no technical background make legally binding orders compelling the design of software with so many specific requirements. How can US Magistrate Judge Sheri Pym know if it's even possible for Apple to design a version of iOS that will install on only a single, designated phone? And how is anyone supposed to know that such a measure can't be bypassed the way so many other software restrictions are hacked? The answer is she can't know, and neither can anyone else.
>
> Besides the potential for abuse, some critics argue that a court-ordered exploit sets a dangerous example on the international stage. "This move by the FBI could snowball around the world," Sen. Ron Wyden (D-Ore.) told The Guardian. "Why in the world would our government want to give repressive regimes in Russia and China a blueprint for forcing American companies to create a backdoor?" If countries know Apple already has created the software needed to bypass iPhone security, the temptation to order Apple to use it would be strong, critics say.

http://thehill.com/policy/cybersecurity/269668-trump-slams-apple-for-re…
Trump slams Apple for refusing to unlock San Bernardino phone
Katie Bo Williams
17 Feb 2016

> GOP presidential front-runner Donald Trump is insisting that Apple unlock the iPhone of one of the shooters in the San Bernardino, Calif., terrorist attack. "To think that Apple won't allow us to get into her cell phone," Trump said on "Fox and Friends" Wednesday morning. “Who do they think they are? No, we have to open it up."

https://www.eff.org/deeplinks/2016/02/eff-support-apple-encryption-batt…
EFF to Support Apple in Encryption Battle
Kurt Opsahl
16 Feb 2016

> We are supporting Apple here because the government is doing more than simply asking for Apple’s assistance. For the first time, the government is requesting Apple write brand new code that eliminates key features of iPhone security—security features that protect us all. Essentially, the government is asking Apple to create a master key so that it can open a single phone. And once that master key is created, we're certain that our government will ask for it again and again, for other phones, and turn this power against any software or device that has the audacity to offer strong security.

https://theintercept.com/2016/02/17/apple-slams-order-to-hack-a-killers…
Apple Slams Order to Hack a Killer’s iPhone, Inflaming Encryption Debate
Jenna McLaughlin
17 Feb 2016

> Many top tech companies, from Adobe to Yahoo, have made statements not only in defense of strong encryption, but also opposed to the government mandating any sort of technological design that would weaken security.
>
> But few leapt at the chance to stand with Cook. And some corporate executives took critical stands. “I don’t think it is Silicon Valley’s decision to make about whether encryption is the right thing to do,” Randall Stephenson, CEO of AT&T told the Wall Street Journal. “I understand Tim Cook’s decision, but I don’t think it’s his decision to make.”

http://www.slate.com/articles/technology/future_tense/2016/02/apple_s_s…
Apple vs. the FBI
The company is taking an unlikely stand for consumers’ right to privacy. It may also be helping itself.
Will Oremus
17 Feb 2016
Feb. 17 2016 7:44 PM
FROM SLATE, NEW AMERICA, AND ASU

> Apple is taking a stand. It’s a strong stand, and an inescapably political one. It’s standing up to the FBI, a federal district court judge, and, by extension, the United States government

More:

https://www.washingtonpost.com/world/national-security/us-wants-apple-t…
Apple vows to resist FBI demand to crack iPhone linked to San Bernardino attacks
Ellen Nakashima
17 Feb 2016

http://www.slate.com/blogs/the_slatest/2016/02/16/judge_orders_apple_to…
Judge Orders Apple to Help FBI Hack San Bernardino Shooter’s Phone
Elliot Hannon
16 Feb 2016

https://www.salon.com
Apple CEO Tim Cook pens open letter to FBI: We will not build a backdoor into iPhone, not even to investigate terrorists
Once there, it would be as if the government had a "master key" that allowed it to enter any business or home
Scott Eric Kaufman
17 Feb 2016

Question: if USG effectively outlaws Tor by ordering TP to insert a backdoor or assist NSA/whomever in developing effective dragnet style cracking machines/software, what is our plan? TP appears to be vulnerable because it is a US nonprofit and many key Tor people are based in US. I really think TP needs to be prepared to evacuate key people/documents outside US territory.

I fear that ordinary Tor users all over the world may shortly be confronted with the unpleasant alternative: obey laws in your jurisdiction by not using any product or device which "the authorities" cannot trawl though at will, or no longer try to obey all laws in your jurisdiction. Or slightly less dire: to possibly disobey laws of other nations (NSA) in order to help other Tor users in the USA by (for example) providing unbackdoored Tor in EU software repositories.

Mateus

February 18, 2016

Permalink

@ Shari:

Want to make sure you know about an opportunity to provide input into how CISA information sharing is implemented by DHS:

http://thehill.com/policy/cybersecurity/269608-dhs-reveals-privacy-guid…

> While the agency has until June to complete the final privacy document, the bill directed the DHS to release the interim guidelines to give time for outside input.
>
> "We welcome feedback from privacy advocates and private sector participants," Johnson said.