

How to Remain Secure Against the NSA - timw6n
https://www.schneier.com/blog/archives/2013/09/how_to_remain_s.html

======
r0h1n
I know many of us are desperately craving our next Schneier fix (I know I
am!), but this is merely a repost of his Guardian piece dated 6th Sept :-)

[https://news.ycombinator.com/item?id=6336523](https://news.ycombinator.com/item?id=6336523)

------
anologwintermut
At least one piece of advise in this article contradicts everything we know
about the NSA's abilities: using TOR. Tor, including hidden services. was
never designed to protect against someone who could observe all or almost all
traffic in the Tor network. Given that data, it's rather easy to correlate
timing information. Indeed, Tor fundamentally allows this since it aims to be
a low latency network.

Given the NSA's extensive tapping of key fiber lines, we should assume they
can actually observe the necessary traffic.

From the paper: "A global passive adversary is the most commonly assumed
threat when analyzing theoretical anonymity designs. But like all practical
low-latency systems, Tor does not protect against such a strong adversary."
\--- Tor: The Second Generation Onion Router [0]

[0][https://svn.torproject.org/svn/projects/design-paper/tor-
des...](https://svn.torproject.org/svn/projects/design-paper/tor-design.pdf)

~~~
Strom
Yes, but will you be more easily identified & tracked when connecting through
tor, or directly with your own IP? Even when you follow all of his
suggestions, you won't have absolute security. The idea is to make surveilling
you harder and more expensive.

~~~
anologwintermut
So if you have the data, de-anonymizing Tor traffic is easy. Your only
question is does the NSA care about people using Tor? Well, if we remove
people using it to get child porn, i'd imagine an appreciable fraction of Tor
traffic is of interest to the NSA. For the most part it's people who think
they have somewhere to hide. This includes foreign embassies apparently

So to the NSA, Tor is probably a flag that you might have something to hide.
They are probably more likely to look at it than normal traffic.

Put another way, hide in the network should mean hide in the majority of
traffic, not some small subset that partially self selects for doing
suspicious things.

------
hga
Very very weak in perhaps the most important area: metadata collection for
traffic analysis.

Not that this is an easy problem, but it needs to be seriously addressed.

~~~
Zigurd
It's really only about his circumstances: He is a well known, high value,
static target. So he has to live with metadata collection, but his
correspondence partners are already known.

He also points to what part technology can play in shutting down mass
surveillance: If you blind enough of the dragnet surveillance that high value
targets can't be selected, the whole structure loses effectiveness.

~~~
hga
" _If you blind enough of the dragnet surveillance that high value targets can
't be selected...._"

Which is what I've been thinking about. E.g. maintain constant streams of
apparently random data traveling hither and yon.

Problems:

Data caps, especially mobile ones. Could be mitigated by keeping the total
bandwidth really low, and "constant" could be "1 packet per N seconds".

Without something like a mesh network topology (or perhaps something like TOR,
which I haven't studied), you gain nothing, and there's a high value on
compromising nodes in-between endpoints. And at least early on, simply being
participant marks you. Contra-TOR, I'm just thinking about basic
communications, e.g. email and IM, I'm willing to give up low latencies.

And my major point, this all boils down to a political problem: what would be
the national security state's response to losing so much capability,
justification for budgets, people, facilities, etc.? Nothing good unless we
win the political battle, with a big loss resulting in it getting outlawed.

Note my analysis is in the context of an expectation of serious ... messiness
when the "free ice cream" runs out, when one way or another the US Federal
government can no longer run an effective annual trillion dollar deficit.

And I keep coming back to some of your earliest words on this, in reference to
comments by RMS
([https://news.ycombinator.com/item?id=5840210](https://news.ycombinator.com/item?id=5840210)):

" _Until the early 80 's there was no widespread use of mobile telephony and
internet. It's not crazy to think that the surveillance state has ruined the
internet and that there is more value in avoiding it than in using it. Maybe
it's over.

I can recall some TI managers looking at Stallman like he had two heads when
he told them, over 25 years ago, that developers would make money with free
and open software.

The car industry is facing a generation of buyer who find cars a burden. It's
crazy to think that we can't screw this up._"

------
codex
Let me play devil's advocate: as a citizen of the USA, who assumes the NSA has
good intent to protect me and my fellow citizens, why should I make the NSA's
work harder for it? Shouldn't I be helping it? If not, should I also retrofit
my home to be SWAT-assault proof? Should I also refuse to cooperate with the
local police in their investigations because one time I saw a cop run a red
light illegally?

In practical terms, how can the NSA classify your traffic as that of a US
citizen and discard it if they can't read it?

------
diminoten
It's just becoming clearer and clearer to me that we'll all have to make
choices about when we want to be private, and when we don't want to be private
while on the Internet.

The idea of 100% privacy on the web is just not feasible for most people, most
of the time.

