Food for thought: safe browsing and blocking scripts

@noone_particular

Not able to connect to link you posted above (prox-config-sidki_2011-12-22rc1.zip/)

If I use ProxBlox do you recommend Sidki filterset or is there another filterset available that would be better
or newer? I think Request Policy handles Etags.

 

Apparently it needs to be accessed from their forum. Link is on this page.

 

Regarding the OpenSSL DLLs and whether they work on XP, see the last few posts on this thread at prxbx. VC+ 2008 needs to be installed for these DLLs to function.

 

Have MS VC++2010 installed .

 

I don't know if that covers all the dependencies for VC+2008. At prxbx, they asked me to test this version of the OpenSSL DLLs. On a virtual XP-Pro-SP3, they worked with Proxomitron. See if they work for you. That should answer the question of whether the 2008 version is necessary.

 

I thought I already tried those DLL's and ended up with Proxomitron error message which I posted.
Then you recommended using OpenSSL 1.0.1 win32 DLL's. I don't want to have to install VC+ 2008 .
Other programs run on VC+ 2010 so that is why I needed to install.

 

That is up to you. All things being equal, I'd choose to keep OpenSSL up to date. That said, I question if it's worth the effort. Did you see the latest on this mess? I've reached the point that I don't consider HTTPS to be any more secure than HTTP. I'm more concerned about protecting myself from the content.

These are yet another set of DLLs. As far as I know, same versions compiled in a different environment. IMO, it's becoming total chaos to keep up with.

 

Yes I've already used delete or distrust with some of these certs in MS store and Mozilla. AFAIC would like
to clean house on these certs. HTTPS definitely has it's problems. Will continue to work on filtering content.

Those set of DLL's do work for Proxomitron so that's good.

 

Then at least search for DANE, I think you'll have interest.

I thought PGP is also targeted, correct me if I'm wrong.
More I learn and more revelation come, more I'm convinced they could/can do nothing against properly implemented encryption including https. See how much effort they spent to implement other backdoor, and they even invested quantum computer and got poor result (very silly as quantum bit type of quantum computer is far from practical use).
In my view there're undeniable difference btwn breaking crypt itself and breaking other points like service provider or hardware as it determined what you can and can't. If they can break crypt, simply there's no means for protection, and most probably all secure communication will be doomed too. But that's not the case, thus there're room to protect you to some extent unless you're specifically targeted.

BTW, compromised CA don't mean your TLS session can be tapped, it means attacker can make MITM with fake cert but it also requires some other trick like DNS poisoning which proper DNSSEC can prevent. If one want to tap TLS connection he have to steal server key, which is possible by NSA class attacker but still not always easy, tho I admit there're enough server which don't fairly protect the key. But if they have all needed keys they don't need to ask major service provider to provide info, implement malware/backdoor, or save encrypted communication in encrypted state for future analysis. As to recording/XKeyscore this is one reason I want to see details in actual encryption in TLS which MITM proxy make it impossible. I want to confirm if connection uses (perfect) forward secrecy. If it does, recording is no use. Even if it doesn't, decrypting 256 bit key in real time is impossible, well, not only in real time, as of 2015 today even with world's best super computer you can't bruteforce AES256. Some block cipher mode like CBC have problem, but they are not sth it allows immidiate decryption. AES' weakness? If you read what it means, you'll find it is not of concern just like DES' vuln. But I'm not comfortable if I can's know what cipher the connection uses, as weak cipher spoil all effort like seen in FREAK.

Also note, NSA is not the only threat. I gave it as example of the toughest enemy. Given even they struggled to circumvent TLS by other means, then what other criminal can do? Well, actually there're still many room for those criminals or spy to attack, but most of them can be prevented if you control your TLS.

Interesting thread, thanks for the info. I gave it as an example to show info leak is most often achieved w/out crypt attack.

Agreed, and it's too bad there're not many FW which can filter localhost communication remained.

Did you read this part?

So actually it can be prevented by HPKP which MITM proxy effectively disable (Chrome disable HKPK when you use MITM proxy). Also I can say everyone should remove/disable CNNIC and related certs, they are very notorious in this field.

 

I think Sordid and MisterB made good points, but still limiting reliance on online/degital media is good counter measure against survailance. But it highly depends on each individual situation. I have to pay through online payment for taking TOEFL-iBT cuz simply there's no other option at least in my country.
Also you have to make risk assesment based on damage and probability. In my country most ppl use currency as there's very little chance of robber or theft, but when I'm in U.S I mainly use card and only carry a little currency.
It's not a simple discussion if online activity is better/worse than offline.

Not all, some are compatible with 2008, others not.

 

Good to hear. At prxbx, this explanation was posted.

Before this, I wasn't aware of the Fulgan binaries. The only Windows versions of OpenSSL that I knew of were from SLP. Small wonder some refer to Windows as DLL hell.

 

@142395
We could end up way off topic with this discussion. Did you see this article? As I see it, this wasn't built for foreign intelligence or overseas surveillance. This is for storing and decrypting domestic traffic and breaking domestic encryption. What are the most common domestic encryptions? The standards of course, HTTPS and AES. There's several long discussions here regarding AES and the NSAs involvement in making it a standard. I don't share your trust in AES.

Regarding the threat model, I'm not concerned with credit card thieves, account hackers, etc. They can't compromise what doesn't exist or take what isn't there. I don't regard the NSA as a separate threat. Government and big money are one and the same. We are not the "country" that the NSA is protecting.

 

It will be my last post about TLS problem, but what I tried to make it clear is, MITM proxying for TLS exposes added attack surface against MITM attack, your link in #232 is one example cuz while Fx and Chrome are originally immune to this, if you use Proxomitron then you're vulnerable unless you disabled CNNIC cert. Actually, addon approach also has other attack surface, so I don't say anything if one choose proxy approach while knowing its risk, but real problem is most ppl aren't, they simply don't know what the MITM is.

Whenever you read an article about crypt, it's always good to carefully see details. When you see

you may feel as if NSA made some magic. No, NSA have never been magician nor god, and after carefully read all the article, you'll find it is actually not that sensational.

Firstly as a basics, it's necessary to know how much processing power is needed to bruteforce 256 bit AES key.
http://www.reddit.com/r/theydidthem...e_and_energy_required_to_bruteforce_a_aes256/

Tianhe-2 have 33.86 PFLOPS which is superior to NSA's supercomputer mentioned in the article, except their future-planned EFLOPS computer. Tianhe-2 costed $390 mil. by just itself (entire Utha facility is estimated $2 bil.). Even if NSA completed EFLOPS computer, it's still far from enough to bruteforce 256 bit key. Then their effort is meaningless? No. The article well explained the trick.

Actually I can say for sure, there're still very many server which uses weak cipher including but not limited to 128 bit AES. This is, you see, one reason I want to confirm actual encrption used in communication. I believe NSA can decrypt AES128 (AES192 is somehow not commonly used). Then, 256 bit key is safe? There's another trick.

It suggests they have other means except simple bruteforcing. Also,

It's not clear what modification they made, but I guess it's more than just optimizing algorithm for faster processing. Those who have bit of knowledge on crypt may think of differential attack, but AES is mathematically proved to be immune against the attack (NSA or whatsoever can do nothing against mathematical truth). However, it easily made me remind of artistic BEAST attack, a kind of chosen-plaintext attack (CPA). Usually CPA is not a practical attack as attacker need to control plain texts which is to be encrypted or have thousands of those plaintext, it most likely means you already have intruded the victim. But NSA is the one who can gather numerous amount of data, and in some cases you can predict part of original plaintext in a encrypted message (there can be pattern in encrypted header; victim may always start email with "Hello!", etc.). A problem is, currently AES itself is not yet fully broken by CPA, BUT certain implementation such as CBC on TLS1.0 is vulnerable! So even if you used AES256, if there's problem in implementation like AES-CBC/TLS1.0 which still are widely used, NSA may decrypt it provided they target specific person/organization and consistently gathered tremendous data from them. Again, I don't think they can do anything against strong cipher, so I want to confirm cipher used by my eyes. The fact they spent such a silly money for the facility and not yet satisfied itself talks a lot, it's very unlikely they have hidden backdoor in AES algorithm. But as computer have been evolving, some day finally AES256 will be broken, and NSA might be the first one to achieve this.

Well, everyone have different threat model based on different value, knowledge, circumstances, etc. If we started to talk about this, absolutely it will go off-topic.


Finally, I just want to say thank you for your patience.

 

Surveillance problems are privacy problems--not financial-security technology problems, IMO.

They are often even exclusive of each other. CCs leaving a paper trail is seen as a financial-sec advantage: proof of ownership and payment reversal.

"It's not a simple discussion if online activity is better/worse than offline."

Yes, and it currently can't be. I cannot pay a restaurant bill online. Buying a VPN with a CC would also be silly. However, I must stress that remote POS hacks like MisterB experienced are the leading site of card fraud when doing risk assessment. This is why I suggest VCCs/online. Things like Apple pay at POS kiosks should tighten the gap.

Good luck on your TOEFL.

 

Security and privacy are inseparable. Without security, there is no privacy.

 

I'm not entertaining whole "security" but rather the nuance of privacy security versus financial security and the gaming matrix it forces the user into. Privacy and financials are always entangled and directly related when you consider a crime-kitted computer leaks privacy or privacy info can be used to dox and move better financial hacks. However, I just demonstrated how they may be exclusive of eachother based on implementation. Using cash enriches privacy but forgoes other advantages. This by its very nature requires risk assessment and where I totally agree with Yuki.

& I'd really prefer not to get held up on linguistics/logic/semantics when I am showing the problem directly.

 

In most financial transactions security means authentication: Both parties must be sure that they are who they claim to be before money is transferred. Privacy is required to keep outsiders from seeing the details of the transaction but anonymity is not.

Anonymity is not privacy and paying for a VPN with a credit card or other traceable means is not problem if what you want is a wall of privacy around your internet connection. If you want anonymity, security is a different ball game and different standards apply.

It is always best to analyze what the security needs are for a given circumstance. What works for someone in danger of persecution by a totalitarian government is not what will work for securing an online business transaction.

 

You are confusing my response and word relation; yes, privacy does not need imply anonymity but it also does not instrinsically imply financial security either. With regard to anonymity and privacy, the relation here is "surveillance" (a state of observation). Here, privacy is relevant to the seclusion of identity and lack of proper observation (likewise, anonymity is a state of private identity). Using cash offers anonymity via it being "nameless" while it also bolsters privacy since purchases can not be observed via CC statements that would otherwise have existed. In other words--I could have used either word relative to this exercise. But I am not in defense of cash nor trying to reason its use. It's the lack of paper trail w which concerned me; any motivation or choice of words for using cash is moot in that regard. I'm not here to distill another person's argument against me.

Things like SSL are data privacy to implement financial security; similar data privacy can also facilitate anonymity when applied to Tor. So again, all these concepts can remain hand-in-hand, but that doesn't stop them from being exclusive at other times either. One must consider and assess the actual implementation and its risks.

And if you dislike my word usage, fair enough--but based on your previous post, you do get my point which is slowly losing its function as we sort through split hairs.

Actually, you succinctly make my latter point here:
"If you want anonymity, security is a different ball game and different standards apply."
IMO, all shapes and sizes of "security" must be handled uniquely; I think we may all agree here. However, using VCC online is most often the scenario with the most winning outcomes and is certainly by no means just an affair for the brave. Money launderers, arms dealers need not apply.

 

Actually I'm speaking in broad terms when I differentiate privacy and anonymity. In a crowded situation like a street in a big city, you have relative anonymity but no privacy whatsoever. If you put a 10 foot wall around your home, you have privacy but no anonymity. The same principle applies online.

 

As my post #238 is no more editable, want to correct some problem in the post.

1) It seems even AES128 is robust enough against brute force attack (so probably they target weaker algorithms such as RC4 or Triple DES, other than CPA or side-channel for specific condition).
2) My way of writing about CPA was confusing as I didn't distinguished CPA from known-plaintext attack. Ofc they are different and AES is robust against KPA. But I won't be surprised if NSA have some control on victim's secret.
3) Maybe I should also consider attack against asymmetric encryption which is used to deliver symmetric key. Currently RSA2048+ are secure enough, but there can be some concern in ECC.