by ThatBritGuy
Wed Aug 14th, 2013 at 01:46:34 PM EST
A few random thoughts about this.
1. The most secure comms are the ones where it's not obvious communication is happening at all. This pretty much eliminates email, IRC, and everything that has 'this is a 1-1 communication channel' in its job spec.
However, you can still do things like:
a. Bury content in spam, and send it to millions of people, only one of whom needs to know how to decode it.
b. Bury content in pictures with steganography on popular websites, including Tumblr and Wordpress blogs.
c. Torrent content, and include some 'spammy' pics with content buried in them.
And so on.
This isn't even thinking about custom protocols which do the same job as email but without the standard headers/tell-tales. Using something like Tor it would be pretty hard to keep track of who was sending what to whom, even if you could decrypt the content.
I would be surprised if state- and security-level comms weren't already using these techniques.
2. Single VPNs are probably overrated. No - well, almost no - VPN co admits to keeping traffic records. In reality - it's probably not a good idea to trust them too far, because including a backdoor and/or traffic copy isn't the same as keeping records, but it's just as effective.
Some people are claiming that chaining VPNs makes them more secure. It probably does up to a point. But it doesn't allow for traffic tracking, where you can try to match traffic events to see if they correlate in time, without having to know what the content is. (This is very intensive, but statistical analysis of traffic patterns has been standard issue for the spooks for at least a couple of decades now.)
3. The weakest link in any encryption system is key management. If your hardware, OS, or network has a back door, assume content can be read in the clear, no matter how secure it is while it's getting to you. Linux is the only secure-ish OS. But unless you lock down your network with your own hand-rolled software and hardware, you're going to be vulnerable.
Problem is, the hand-rolled hardware and software are getting cheaper and more accessible. It's possible to run a low-traffic industrial-strength firewall on a £30 Raspberry Pi. The hassle factor is still higher than most people want, but the costs are not going to increase.
4. Conclusion - the NSA has only been successful because hardly anyone has been paying attention to security.
After Snowden, this is going to change. People and corps are going to start inventing workable, secure systems. Open source versions of these systems will be public and easy to use.
Some of these systems will be based on spamming/high traffic & low content obfuscation, which is a much harder problem than simple decryption, because you don't know where the important traffic is, so you have to try to decrypt all of it.
Bottom line - the spooks are actually fucked, or will be soon. The only way to run state-level surveillance is going to be to assume all traffic on the Internet is of interest - only without knowing whether it is or not, or who it's for if it is, or how you can tell, or how you decrypt it, or how you make sense of the content if you do decrypt it.
Interesting times.