Supervised by the NSA: how to stay protected (Recommendations by Bruce Schneier)
From the translator: Bruce Schneier is an American cryptographer and information security specialist. Among his other articles, which have already been translated to Habré for some reason, there is no article with specific recommendations on how to escape from under the cap. In this regard, I submit it to your court. I hope it will be useful to someone.
Now, when we have enough details about how the NSA listens on the Internet, including today's drain on the fact that the NSA purposefully weakens cryptographic systems , we can start thinking about how to protect ourselves.
For the last two weeks I have been working with The Guardian on NSA articles, and read hundreds of top-secret documents provided by Edward Snowden.
Now I feel I can give some advice on how to defend myself against such an adversary.
')
The main way the NSA is to collect information is online. This is where their capabilities are greatest. They invested in a huge program of automatic collection and analysis of traffic. All that requires them to attack individual nodes is much more expensive and riskier for them, and they will do these things carefully and economically.
Such opportunities provide secret agreements with all telecommunications companies in the US and England, and many other “partners” around the world — the NSA has access to the communication highways of the Internet. In cases where they do not have such friendly access, they do everything to secretly monitor communications - branches from submarine cables, interception of satellite signals, etc.
These are large amounts of data, and the NSA has equivalent large capacities to quickly sift out unnecessary and find the traffic of interest. “Interest” can be defined in many ways: by source, by purpose, by content, by related parties, etc. All of this is sent to numerous NSA systems for future analysis.
The NSA collects much more traffic metadata: who communicated with whom, when, for how long, and in what way. Metadata is much easier to store and analyze than content. This data can be very personalized, and represent valuable data.
Intelligence leadership is in the course of data collection, and the resources that are spent on it are astounding. I read a report on these programs, a discussion of possibilities, details of operations, planned improvements, etc. Each task — recovering signals from an optical fiber, working with terabyte streams, filtering traffic of interest — has a separate group for solving. Their achievements are global.
NSA attacks network devices directly: routers, switches, firewalls, etc. Most of these devices already have built-in monitoring capabilities; you just need to know how to turn them on. This is a particularly successful way to attack; routers rarely update, they don’t need security software, and they are often ignored as a vulnerability.
The NSA also allocates significant resources for attacks on end computers. This is done by the TAO - Tailored Access Operations team. TAO has a set of exploits that can be used against your computer - whatever you use for Windows, Mac OS, Linux, iOS or something else - and tricks with which you can send them to your computer. Your antivirus will not detect them, and you will not find them, even if you know where to look. These are hacker tools created by hackers with a virtually unlimited budget. I understood from the Snowden documents that if the NSA wants to penetrate your computer, it will penetrate. It's a question of time.
The NSA works with any encrypted information more often cracking cryptoalgorithms than using secret mathematical holes. Now a lot of bad cryptography. If they detect a connection protected with MS-CHAP, for example, it is very easy to break and repair the key. They crack weak user passwords using a dictionary attack similar to hackers.
Today's information revealed that the NSA is working with security product manufacturers to make sure that commercial encryption products have a secret vulnerability that only the NSA knows about. We know that this has been happening for a long time: CryptoAG and Lotus Notes are the most famous examples, there is also evidence of a backdoor in Windows . Several people told me fresh stories from my experience, I plan to write about them soon. Basically, the NSA asks companies to slightly change their products in a difficult-to-find way: make the random number generator less random, somehow show the key, add a common exhibitor to the public key exchange protocol, etc. If they find a backdoor, this is due to an error. And, as we now know, the NSA is very successfully operating in this direction.
TAO hacks computers to steal keys for long-term use. If you use a VPN with a long, complex shared key to protect your data, and the NSA will be interested in this, they will try to steal this key. Such operations are conducted only against high priority targets.
How, then, to defend? Snowden said this on an online Q & A session shortly after the publication of the first document: “Cryptography works. Properly implemented strong cryptosystems are one of the things you can rely on. "
I believe that this is true in spite of today's discoveries and tantalizing statements about “innovative cryptanalytic capabilities” made by James Clapper (James Clapper), director of national intelligence in another secret document. These features use weak cryptography.
Snowden continued with a very important phrase: “Unfortunately, the security on the end nodes is so weak that the NSA can bypass it.”
By end nodes we mean the software that you use, the computer that you use, and the local network that you use. If the NSA can change the cryptoalgorithm or give you a trojan, all the cryptography of the world is useless. If you want to remain protected from the NSA, you must be as sure as possible that cryptography works without interference.
Having all this in mind, I have five parts of the board:
1) Hide in the net. Use hidden services. Use Thor for anonymity. Yes, Torah users are under the NSA's aim, but for them it works. The less noticeable you are, the more secure.
2) Encrypt your communications. Use TLS. Use IPsec. Once again, despite the fact that the NSA holds encrypted connections under the gun, and it has exploits against these protocols, you are protected more than without encryption.
3) Suppose that your computer can be hacked, then it will require the work and risk from the NSA - they may not want to do it. If you have something really important, use the “air barrier”. When I first started working with Snowden documents, I bought a new computer that never connected to the Internet. If I want to transfer a file, I encrypt it on this protected computer and transfer it to my network computer using a USB flash drive. In order to decrypt something, I do the same in the reverse order. This is probably not bulletproof, but very good.
4) Be suspicious of commercial encryption products, especially from major manufacturers. I assume that most crypto products from major US vendors have backdoors for the NSA, and many foreign ones, probably, too. It is reasonable to assume that foreign crypto programs also have backdoors for foreign special services. Systems working with original keys are vulnerable to the NSA.
5) Try to use widespread cryptography that is compatible with other implementations. For example, for the NSA it is more difficult to install a backdoor in TLS than in BitLocker, because the implementation of TLS from any manufacturer must be compatible with other implementations of TLS from other manufacturers, while BitLocker must be compatible only with itself, giving the NSA more open space for changes. And, since Bitlocker is proprietary, it’s much less likely that someone will know about these changes. Use symmetric algorithms over public key algorithms.
Since I started working with Snowden documents, I started using GPG, Silent Circle, Tails, OTR, TrueCrypt, BleachBit. I understand that most of these things are difficult for a typical Internet user. Even I do not use all these things for all the things I work on. And I mostly use Windows, unfortunately. Llinux would be safer.
The NSA has turned the Internet into a huge controlled platform, but they are not wizards. They are limited by the same economic realities as we, and our best defense, to make their control as expensive as possible.
Believe in math. Encryption is your friend. Use it, do everything to make sure that nothing is compromised. So you can be safe even in the face of the NSA.
Now, when we have enough details about how the NSA listens on the Internet, including today's drain on the fact that the NSA purposefully weakens cryptographic systems , we can start thinking about how to protect ourselves.
For the last two weeks I have been working with The Guardian on NSA articles, and read hundreds of top-secret documents provided by Edward Snowden.
Now I feel I can give some advice on how to defend myself against such an adversary.
')
The main way the NSA is to collect information is online. This is where their capabilities are greatest. They invested in a huge program of automatic collection and analysis of traffic. All that requires them to attack individual nodes is much more expensive and riskier for them, and they will do these things carefully and economically.
Such opportunities provide secret agreements with all telecommunications companies in the US and England, and many other “partners” around the world — the NSA has access to the communication highways of the Internet. In cases where they do not have such friendly access, they do everything to secretly monitor communications - branches from submarine cables, interception of satellite signals, etc.
These are large amounts of data, and the NSA has equivalent large capacities to quickly sift out unnecessary and find the traffic of interest. “Interest” can be defined in many ways: by source, by purpose, by content, by related parties, etc. All of this is sent to numerous NSA systems for future analysis.
The NSA collects much more traffic metadata: who communicated with whom, when, for how long, and in what way. Metadata is much easier to store and analyze than content. This data can be very personalized, and represent valuable data.
Intelligence leadership is in the course of data collection, and the resources that are spent on it are astounding. I read a report on these programs, a discussion of possibilities, details of operations, planned improvements, etc. Each task — recovering signals from an optical fiber, working with terabyte streams, filtering traffic of interest — has a separate group for solving. Their achievements are global.
NSA attacks network devices directly: routers, switches, firewalls, etc. Most of these devices already have built-in monitoring capabilities; you just need to know how to turn them on. This is a particularly successful way to attack; routers rarely update, they don’t need security software, and they are often ignored as a vulnerability.
The NSA also allocates significant resources for attacks on end computers. This is done by the TAO - Tailored Access Operations team. TAO has a set of exploits that can be used against your computer - whatever you use for Windows, Mac OS, Linux, iOS or something else - and tricks with which you can send them to your computer. Your antivirus will not detect them, and you will not find them, even if you know where to look. These are hacker tools created by hackers with a virtually unlimited budget. I understood from the Snowden documents that if the NSA wants to penetrate your computer, it will penetrate. It's a question of time.
The NSA works with any encrypted information more often cracking cryptoalgorithms than using secret mathematical holes. Now a lot of bad cryptography. If they detect a connection protected with MS-CHAP, for example, it is very easy to break and repair the key. They crack weak user passwords using a dictionary attack similar to hackers.
Today's information revealed that the NSA is working with security product manufacturers to make sure that commercial encryption products have a secret vulnerability that only the NSA knows about. We know that this has been happening for a long time: CryptoAG and Lotus Notes are the most famous examples, there is also evidence of a backdoor in Windows . Several people told me fresh stories from my experience, I plan to write about them soon. Basically, the NSA asks companies to slightly change their products in a difficult-to-find way: make the random number generator less random, somehow show the key, add a common exhibitor to the public key exchange protocol, etc. If they find a backdoor, this is due to an error. And, as we now know, the NSA is very successfully operating in this direction.
TAO hacks computers to steal keys for long-term use. If you use a VPN with a long, complex shared key to protect your data, and the NSA will be interested in this, they will try to steal this key. Such operations are conducted only against high priority targets.
How, then, to defend? Snowden said this on an online Q & A session shortly after the publication of the first document: “Cryptography works. Properly implemented strong cryptosystems are one of the things you can rely on. "
I believe that this is true in spite of today's discoveries and tantalizing statements about “innovative cryptanalytic capabilities” made by James Clapper (James Clapper), director of national intelligence in another secret document. These features use weak cryptography.
Snowden continued with a very important phrase: “Unfortunately, the security on the end nodes is so weak that the NSA can bypass it.”
By end nodes we mean the software that you use, the computer that you use, and the local network that you use. If the NSA can change the cryptoalgorithm or give you a trojan, all the cryptography of the world is useless. If you want to remain protected from the NSA, you must be as sure as possible that cryptography works without interference.
Having all this in mind, I have five parts of the board:
1) Hide in the net. Use hidden services. Use Thor for anonymity. Yes, Torah users are under the NSA's aim, but for them it works. The less noticeable you are, the more secure.
2) Encrypt your communications. Use TLS. Use IPsec. Once again, despite the fact that the NSA holds encrypted connections under the gun, and it has exploits against these protocols, you are protected more than without encryption.
3) Suppose that your computer can be hacked, then it will require the work and risk from the NSA - they may not want to do it. If you have something really important, use the “air barrier”. When I first started working with Snowden documents, I bought a new computer that never connected to the Internet. If I want to transfer a file, I encrypt it on this protected computer and transfer it to my network computer using a USB flash drive. In order to decrypt something, I do the same in the reverse order. This is probably not bulletproof, but very good.
4) Be suspicious of commercial encryption products, especially from major manufacturers. I assume that most crypto products from major US vendors have backdoors for the NSA, and many foreign ones, probably, too. It is reasonable to assume that foreign crypto programs also have backdoors for foreign special services. Systems working with original keys are vulnerable to the NSA.
5) Try to use widespread cryptography that is compatible with other implementations. For example, for the NSA it is more difficult to install a backdoor in TLS than in BitLocker, because the implementation of TLS from any manufacturer must be compatible with other implementations of TLS from other manufacturers, while BitLocker must be compatible only with itself, giving the NSA more open space for changes. And, since Bitlocker is proprietary, it’s much less likely that someone will know about these changes. Use symmetric algorithms over public key algorithms.
Since I started working with Snowden documents, I started using GPG, Silent Circle, Tails, OTR, TrueCrypt, BleachBit. I understand that most of these things are difficult for a typical Internet user. Even I do not use all these things for all the things I work on. And I mostly use Windows, unfortunately. Llinux would be safer.
The NSA has turned the Internet into a huge controlled platform, but they are not wizards. They are limited by the same economic realities as we, and our best defense, to make their control as expensive as possible.
Believe in math. Encryption is your friend. Use it, do everything to make sure that nothing is compromised. So you can be safe even in the face of the NSA.
Source: https://habr.com/ru/post/193424/
All Articles