Let me put my tinfoil hat on

Discussion in 'privacy technology' started by amarildojr, Aug 25, 2013.

Thread Status:
Not open for further replies.
  1. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,989
    Location:
    Brasil
    So, I was thinking that I should care more about what I use on my Debian install after what Snowden said and adding historical facts like that episode where Sony put a Rootkit onto CP's (copy protected CD's, http://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal).

    For those who don't know, Debian is a GNU/Linux distro where no proprietary software is installed by default, thus giving 100% assurance that no malicious software gets intentionally installed by default.

    After doing some thinking I came to the conclusion that, at this point in my life, I can't have a 100% free-software based PC. I tried Gnash but it doesn't work well on all sites, so I need Adobe FlashPlayer or some replacement for it. I also run Steam (natively on Debian Testing) and for that I need a nvidia driver as well. These three are not free-software, and I have some questions regarding them.

    For I all know the US government is powerful, and if they decide to force Adobe into putting a back-door or some malicious tool into FlashPlayer than I believe they could do so, either by direct pressure or creation of new laws. Does somebody know of anything on this subject? I'm accepting conspiracy theories as well.

    What about Steam? And NVIDIA? How "strong" are these companies against NSA/FBI or any other government agency?

    Another question is: Are Linux users more protected? I ask this because although Linux in itself is invulnerable to Windows malware, it still can be infected, say, by an infected .deb or .rpm, and so when users grant root access to software they are granting that software (depending on the particular program) unlimited access to the system currently running.
    I never install software from unknown sources, but I'm concerned that someday the government might have the power to corrupt every major company in the software market, if they don't do it already. I mean, who would imagine that Sony would put malicious software into it's products? Who grants that these non-free software companies will not do the same?

    Please treat this thread with respect as I didn't disrespect those who might read it. It was created after concerns about current and historical facts (not only Sony's scandal) that might represent the future.

    Regards.
     
  2. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I would go by my rule. If the software has more then (1) Hundred Thousand Unique (Users), then that is 100,000 sets of data to get through and unless you are a target you will be hidden like a gorilla in the mist.
     
  3. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,101
    As I understand it, Adobe Flash's days are numbered due to HTML5. I have even encountered some websites that offer rendering via either Flash | HTML5 and they rendered fine with it (HTML5) which is now supported in browsers afaik.

    Alternatives to Flash aside from Gnash are LightSpark, Swfdec, and Scaleform GFx (commercial).

    -- Tom
     
  4. wearetheborg

    wearetheborg Registered Member

    Joined:
    Nov 14, 2009
    Posts:
    667
    Another option is to use SELinux or AppArmour to restrict the programs rights when they are running.
     
  5. x942

    x942 Guest

    This is a good idea, but you will need a hardened kernel for this to really be usefull. A MAC like AppArmour or SELinux is just +1 vulnerbility to get out of conifinment.

    With that said at the very least using a MAC. At best use a MAC + Hardened kernel.
     
  6. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    This is one of the reasons that im trying to move into Linux and free myself from Windows. I think at this point we can assume the worst from NSA.
     
  7. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,989
    Location:
    Brasil
    Specially when you know that MS gives their security patches to NSA so they can have a look at it, then NSA returns the patches to MS in a modified version :p
    Some might say "NSA modifies it so they can safely use in their computers", but I disagree. There's no need to push their mods into Windows Updates that will ship to everybody. In addition, unless some researcher do some reverse-engineering on in, there's no way to know exactly what the software does.

    I don't care much about being hidden, but to be safe when I'm not hidden.
    Say flash has 1 billion users and then NSA says "either you modify the next update as we want or we will f*ck your company". Then, all users that update to the next version will have a backdoor that was officially released by Adobe and nobody will be hidden because, well, that was the purpose of the backdoor, to give outer users control of the machine infected. They can even install a backdoor that puts everybody out of the hidden path, controlling all machines at once with the help of a script.

    That's my concern. I want to (at some degree) know that this will likely not happen, either with Steam, Nvidia or Adobe (this last one I'm almost ditching).

    But HTML-5 for what I read isn't free (as in freedom). IIRC there must be something to do with Vendor Lock-In. But I could be wrong, I'll read more about it.

    I'm starting to get interested in AppArmor. Can I lock any app to do just what I allow it to?

    Whatever helps, get's in =)
    I think it'd help a lot, considering my security measures.
     
  8. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    I just wish getting linux working was a bit easier. Hard road aheah but no choice if one wants any kind of privacy.
     
  9. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    It may not be practical for everyday use, but for stuff other than checking your sports scores and news headlines, etc, you could opt for a secure operating environment from a Live CD running something like Ubuntu Privacy Remix.

    Kind of. Of course you just have to do a search for "security through obscurity" to find all the pitfalls in that rule.

    Yep.

    Source?

    Source?

    ? Maybe I'm missing something...part of the whole appeal of HTML5 is avoiding vender lock-in...(this is why I'm curious where you get the idea it's not open format)

    "Some manufacturers (notably Apple) will be strongly motivated to create developer tools that make native apps superior to HTML5-based apps, but the advantages of cross-platform portability and pricing, not to mention anxieties about vendor lock-in, privacy, etc., will likely make HTML5-based apps a strong, if not dominant, part of the app market. "
    -Alexandra Samuel

    "The benefits of an open, standards-based approach include avoiding vendor lock-in, leveraging the skill-set of developers trained in the enterprise Web, and ensuring that your apps can benefit from the vast array of JavaScript and HTML5 tools available as open source or from third parties."
    -Dr. Dobb's
     
    Last edited: Aug 25, 2013
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Typical modern machines can run VirtualBox and several VMs with acceptable performance. You can compartmentalize and isolate your activities in various workspace VMs, with networking (VPNs, Tor, etc) in separate gateway VMs, and no network connectivity among workspace VMs.

    For example, you could dedicate one pair of workspace and gateway VMs to watching Flash videos, another to Steam, and so on. With enough host RAM, VMs can perform amazingly well, because VirtualBox uses RAM for disk caching.

    Another good solution is Qubes, which basically does the same thing, but much more efficiently, and with far better VM-VM isolation.
     
  11. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    :thumb:
     
  12. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I don't see companies like Adobe and Steam being that useful to government snoop agencies. On Windows for instance, what would flash give them that they can't get directly from Windows? The fact that it isn't being kept updated for linux tends to make me believe it's not "officially compromised" (for lack of a better term ATM). IMO, Flash is more of the product of plain corporate greed.

    The people who coined the term "tinfoil hat" should be choking on it about now with recent revelations, and after seeing conspiracy theories become conspiracy facts. That said, there's several separate but overlapping issues being merged in this thread. IMO, there's 3 things official snoops would want from operating systems and/or software.
    1, Remote access and/or control.
    2, Unique identifiers and de-anonymizing.
    3, Usage tracks, what, when and where.

    Staying with the "tinfoil hat" theme, these are what I would most worry about in regards to government infiltration and snooping. I'm limiting this to PC equipment owned by the user or that is supposed to be under the users control.

    1, Remote access and/or control requires a reliable way to access the equipment. For internet equipment, this requires either open ports to receive incoming connections or the equipment has to automatically connect out to predefined IPs. IMO, services which can't be disabled and also open ports are prime candidates for containing or being backdoors. The newer versions of Windows are getting more and more of these. While routers and modems can block direct connections, UPnP and automatic port forwarding are potential ways around that problem.

    For myself, I won't have an OS that doesn't allow me to close all of the open ports, not just block them with a firewall. Obviously, apps like Tor that require an open port to function as a relay are an exception. If I can't completely disable autoupdating, I won't use that app or OS. If an OS or application won't work properly unless it can call home or doesn't allow me to shut off "features" that make it call home, I won't use it. UPnP is disabled or removed from everything I use.

    2, Unique identifiers and de-anonymizing behaviors are more common than most realize. Anyone remember ID-Blaster? It partially anonymized the user by changing the unique identifier numbers of Windows, Internet Explorer, and the Windows media player on demand or at regular intervals. Back when I had dialup service, I integrated ID-Blaster with the dialup interface. Every time my IP changed, so did the UUIDs. Has anyone looked into Win 7 or 8 to see how many UUIDs they have and if they can be changed?

    Browsers are a better at de-anonymizing users than most realize, even if you're using extensions or separate apps that change user agents, block javascript, etc. Focusing on just the browser headers for the moment, there's more than one way that they reveal what browser you're actually using. It's not just the data contained in the headers. It's the order the browser sends those headers. If you're a Proxomitron user, you can easily see this by using its log window and set it to display the headers. Each browser sends the headers in a slightly different order. AFAIK, this can't be altered, even by Proxomitron. I don't know if there's a linux equivalent for Proxomitron or what would be an easy way to view the actual header on linux. Proxomitron will run on linux with Wine. When you factor in the order of the headers as an identifying factor, changing or hiding your user agent can actually make you easy to identify. Is this by accident or by design? You decide. Anyone remember tracking with ETags? I haven't seen those mentioned in quite a while.

    3, Usage tracks. It's no secret that Windows is a babysitter. Each new version of Windows stores more user activity records than its predecessor. That data is kept in more places than ever before. It's not only harder to find and securely remove, it's hard to know what to remove. One that I don't see discussed much is the DNS service. Obviously, if it's obtaining and caching DNS records, it's also storing them. While a user can empty that cache, there's no built in means to securely delete its contents. It's as recoverable as any other deleted file. The DNS service is one of the first that I disable on XP. The event log service is another major snitch on Windows. I haven't spent much time in linux, and I doubt that it's due to official coercion, but linux logs a lot of info too.

    Some user apps keep way too many logs or don't provide an easy way to disable that logging. VirtualBox comes to mind here. Others don't seem to respect their own settings. With some like Privazer and Eraser, logging what you remove or overwrite defeats the purpose of the app entirely. When I'm trying out new apps or major updates to existing apps, I've made it a habit to record their actions with Inctrl5. If the app is creating log files or storing a lot of data in the registry, I'll find out before I add it to my real system.
     
  13. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    1,989
    Location:
    Brasil
    Not hard at all. You can install things as easy as in Ubuntu, if you're using Debian Testing, because getting things to work on Wheezy is a PITA (pain in the )

    Wait. You're confusing.

    1) What exactly is not practical? Install software just from trusted sources?
    2) Secure and Ubuntu can't be in the same sentense. Are you for real? :D

    Not only the source you asked, but some more:

    http://news.yahoo.com/microsoft-waits-fix-software-bugs-nsa-them-first-140237627.html

    http://www.cnn.com/2013/07/12/tech/web/microsoft-nsa-snooping

    http://www.theguardian.com/world/2013/aug/23/nsa-prism-costs-tech-companies-paid

    As I said, I could be wrong. My reading on this subject hasn't been long enough to make that claim. My fault.

    You know, you read my mind.

    I was thinking about using VM's for all that is not free-software, but the performance on these are poor on my computer:

    AMD Athlon II X2 250 @3.76Ghz
    Corsair Vengeance 4GB DDR3 @1666 Mhz
    MSI Nvidia 9800GT (overclocked by factory)
    1TB WD Green - (I didn't get a firm answer to wheather it's 5400 ir 7200RPM).

    So, unfortunatelly, I can't play Steam games on VM's. But I totally would if, somehow, I was able to redirect 90% of my machine's sources to it.

    Yes, that was my plan. One VM for each companiy (one for Steam, one for flash).

    In my understaing, once you give root-access to a program it can even program itself to modify the MBR and install a rootkit. So even if I use two OS's, root-access is going to be a b*tch anyway.

    Is it really not updated to Linux? For all I know Flash is updated to all systems, I remember this because I needed to check for the version that was installed, via the website. This was back when I used Ubuntu.

    I know. I was taught that lesson. In fact, some people say to me even to these days "go put your tinfoil hat on, you dumbsh*t", thus the title of this thread. I would never make fun of anyone who believe in conspiracies.

    Any tips on how you're doing so?

    I'm looking forward to see how can I do so.

    I don't mind people trying to crack my Linux box. They will be faced with a very-strong root password so even if they somehow get access to my machine via web they won't be able to do much.
    What I worry about is an app (Steam, for ex), that would be intentionally infected by it's corp (Valve in this case). In this case the system wouln't reccognize the difference because this app was already given access and could do whatever it wanted, if it's actions were done by digitally signed software (from the infected program itself).

    I use Chromium, which for all I know is open-source (not free, but it's one freedom). Any thing you'd like to comment? I'm currently thinking in sticking with Iceweasel or just Firefox itself. I'm willing to sacrifice some conveniences in return to freedom =]

    I don't mind usage tracking so much, unless there are known risks like a gov gathering info to decide wheather or not to destroy the population of a certain area.

    They can see where I've been, which sites I visited and all that. They can find all info I'm willing to give them, but it will be nearly impossible for them to find things I don't want them to find.

    BTW: I use disk encryption, so I'm rather safe if somebody would come check my HD for data.

    If anyone is interested in my encryption scheme:

    1) Partition setup

    1.a) 1 GB for /boot, unencrypted*.
    1.b) 60 GB for "/", encrypted. My root partition is big because of FlightGear. The complete game has around 16 GB, so in order for me to have plenty of space for the next years I decided to make it big.
    1.c) 8 GB for /swap, encrypted. I currently have 4 GB of memory but I plan to upgrade to 8 GB in a near future.
    1.d) The rest (around 860 GB) I use for /home, encrypted.

    *You can't encrypt the boot partition. This is why I save copies of it on a regular basis and upload them to cloud-storage sites, encrypted.

    2) Encryption scheme:

    On some distros encryption is poor. openSUSE is a very good system, but doesn't allow you to encrypt the root partition, it also doesn't allow you to chose the encryption algorightm. So, if you use openSUSE you'll have to leave the root partition unencrypted, but you can encrypt /var, /tmp, /swap and /home (but I don't think it's enough), and you'll have to use only AES-cbc-plain. AES is one of the least secure algorithm regarding the AES finalists.

    I use Debian because it's free-software based, it's a strong distro and it's releases are consistent. It allows me to encrypt the root partition, so I don't hve to use VLM or leave it unencrypted.

    So, I use a strong password* along with the Twofish algorithm, IV algorithm being xts-plain64 (reffered to be more secure than cbc-plain).

    * For my password scheme, reffer to https://www.wilderssecurity.com/showthread.php?t=351635
     
  14. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    I don't game, so maybe I'm making too many assumptions. I do crunch data, and SQL Server can work quite well in VMs. But that doesn't require much video I/O.

    In VirtualBox Video settings, I see "Enable 3D Acceleration" and "Enable 2D Video Acceleration". Have you tried that?

    With more host RAM, it might be possible to put the whole VM in a ramdisk. But I'm not sure how much that would help.
     
  15. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I know for me at-least using using Virtual-Box is slow and lags. I have a GT 540M / 4GB RAM and a Dual Core i5. Which should be more then enough to run a VM but two main issues is the VM does not have my full screen resolution 1920x1080 and even in lower resolutions it lags a lot and feels like i'm using TeamViewer over a slow connection.
     
  16. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    I loved Linux. I had a decoy Windows partition set up on C:\ and had Ubuntu on D:\ with \boot on an SD Card. dm-crypt/LUKS, etc... worked great. Best battery life I've ever seen on a CoreI3 laptop...we're talking 8-9 hours of actual use.

    No Plausible Deniability though, and that was more important to me, so back to Windows I went. (I also had trouble spoofing the MAC).

    It took about a week of using it constantly, but after that, it was easy. There was a 10 part series on YouTube that covered a lot (Vim - Essayboard.com)

    PD
     
  17. JackmanG

    JackmanG Former Poster

    Joined:
    May 21, 2013
    Posts:
    284
    I apologize if my statement was confusing. I often forget that even though it's an English language forum, not everyone may have that as their native/proficient language.

    The part you quoted is a compound sentence made up of two independent clauses separated by a subordinate clause that modifies the first. The first word "it" refers to the suggestion offered in the third clause: "opt for a secure operating environment from a Live CD".

    So to rearrange the sentence, one might say:

    "You could opt for a secure operating environment from a live CD, although that may not be practical for everyday use..."

    I was simply saying that many people may not find it practical to operate from a live CD 100% of the time, each and every day...especially if much of the time they're doing innocuous things like checking sports scores or reading news headlines.

    Do you have some evidence showing the setup is insecure?

    https://www.privacy-cd.org/



    I looked at each of those and could not find a single mention of any one of the three claims you made. Could you please quote the part(s) in those articles that state:

    1) "MS gives their security patches to NSA so they can have a look at it"

    2) "the NSA then returns the patches to MS in a modified version"

    3) "[Microsoft then will] push their mods into Windows Updates that will ship to everybody."


    VM is secure, but somehow a live CD is not?
     
  18. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    IMO, that's a problem with linux. It doesn't provide any easy way to control or restrict individual applications. Take a firewall for example. Out of the ones I've looked at, linux firewalls don't let you control traffic on a per application level. There's no mechanism that will alert you if an installed app behaves differently or if it performs activities that the previous version didn't. IMO, linux seems to have a black or white view of software. You either trust it completely or you don't trust it at all. It seems to me a 3 letter agency could own a lot of linux units by compromising a repository. I consider this implicit trust of repositories and installed software and the constant auto-updating, which is the default behavior on many distros to be a gaping hole in its attack surface. IMO, being digitally signed doesn't insure that software is trustworthy. Wasn't Stuxnet or parts of it digitally signed? On my Windows units, the security apps disregard digital signatures completely. All of the rules are based on file hashes and paths.
    I can't comment on Chromium. I've never used it. If I understand it correctly, its origins are Google's Chrome, which I will not use. Regarding Firefox, I very much dislike their rapid update policy. The rapid updating strikes me as a marketing gimmick and adopting change for its own sake. It doesn't allow enough time for proper testing and increases the likelyhood of bad code slipping by. Firefox was good when they focused on being a fast light browser. Now it seems that they're trying to be everything to everyone and are trying to imitate chrome. They've lost sight of what made them good to start with.
    I can think of several examples where usage tracks can be a problem. In some places, visiting sites that the government considers subversive is a crime. Even in so called "free" countries, usage tracks can determine if you're a good little sheep who gets his news from official, censored sources or gets it overseas so they can see the rest of the story. In this country, I would totally expect that someone who regularly visits Wikileaks, Al Jazeera, or the Voice of Russia will be watched much more closely than someone who gets news from MSN.
     
  19. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    I use Chromium, its like Google chrome but without chrome's spy works. Only negative is they lack a few key options that Firefox have like data erasure on close.
     
  20. TheCatMan

    TheCatMan Registered Member

    Joined:
    Aug 16, 2013
    Posts:
    327
    Location:
    sweden
    I have been adjusting my Tin foil hat lately also.

    Was considering Ubuntu toram only installation on a mini pc with 16gig Ram (with no hdd unit), download whonix setup files to downloads folder then Install Virtual box and then Whonix, and enjoy an even more anonymous and secure surfing system ?

    No need to bother with encryption or hidden os or Plausible deniability, you effectively have a kill switch once you unplug the pc power and no Hard drive unit to data recovery from. No need to clean or worry about os or virtualbox logs or anything once unplugged.

    Any good of an idea?
     
  21. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    That should work. But that's quite a bit of downloading.

    If it's OK to have a fresh Whonix install, you could temporarily install a hard disk. Then install a light Linux distro, bootcd, VirtualBox, Whonix, etc. Then run bootcd and write a DVD.

    When the bootcd DVD boots, it loads everything into RAM. That takes a while, but the system is amazingly fast, with everything in RAM.

    However, bootcd uses only half of total RAM, leaving the rest for working RAM and temporary file storage. There's probably a way to change that ratio, but I haven't found it. But with 16 GB RAM, you could fill a DVD and still have more RAM than you need.

    Once you're happy with the bootcd DVD, you can remove the hard disk (after wiping, if necessary).
     
  22. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    100,000 users is virtually nothing to the government. You realize that the government deals with records for billions (dead people) of people, right? They can handle 100k.

    Anyways, @TC,

    You can not be sure that Adobe Reader doesn't have a backdoor. It very well may. But you can take efforts to secure Adobe Reader using open source code.

    EX: You can use iptables, which is fully open and heavily vetted, to prevent Adobe Reader from accessing the internet.

    You can also use Apparmor or SELinux to do so.

    So as long as the kernel and security policies are enforced through open code, you can rely on the system.
     
  23. wearetheborg

    wearetheborg Registered Member

    Joined:
    Nov 14, 2009
    Posts:
    667
    From what little I know of linux, this couldnt be farther from the truth. Linux is infinitely customizable. There *must* be ways to control individual applications.
    Are you comfortable with SELinux/Apparmour?
     
  24. Sordid

    Sordid Registered Member

    Joined:
    Oct 25, 2011
    Posts:
    221
    So the NSA globally installs malware on Flash and Steam, then uploads your cat pics to HQ to be analysed by experts.

    Not happening. The NSA doesn't have interest in making ubiquitous backdoors which can then be exploited by anyone and reduce national security. They'd sooner serve a rouge flash update to an isolated target.

    Even stux, duqu, and German gov'r iTunes all got caught. Way too risky and too much weak data digging really deep. & Why jack Steam when I can just run all your TOR exit nodes. I get better data, well within resources, and otherwise, undetectable.


    Like the DEA/FBI, NSA will watch the "watering holes" and leverage the power of Pat act on huge data crossroads like your ISP/Cellular provider. Pedophiles need pics, drug dealers need precursors, bombers need chemicals and support. Monitor this. So they access your communications records after you visit such a watering hole which is served/comprised by the NSA/Agencies.


    So looking for a tactical nuke? That guy you found on craiglist probably is LEO. A frequent poster of Semtex recipes on letsbombinnocentpeopleinthenameofgod.com -- you're now a target. So rather than backdoor everyone's gear or read everyone's SMS texts, they inject your resources and monitor you and those you connect to.

    This creates a grid of risk. Just don't become part of that grid or hey, you are going to need better techniques to evade the government's tech than Whonix and Qubes.
     
  25. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Regarding an application specific firewall, After failing to find what I wanted I asked about one here. My one option was abandonware. Most said such a firewall isn't necessary, a position I don't agree with.
    Regarding SELinux and Apparmor, they're beyond my understanding right now. I'm not good with linux. There may be ways to do what I want, but most of them will make a classic HIPS appear user friendly by comparison.
     
Loading...
Thread Status:
Not open for further replies.