
COMSEC: Beyond Encryption [pdf] - grugq
http://grugq.github.io/presentations/COMSEC%20beyond%20encryption.pdf
======
MichaelGG
This is great. Explicitly calling out Communication Events helps to remind us
that everything we do is leaking information.

Also like the mention of cover. Every action you do should have some
explanation. Why were you here? Why were you doing that? Why were you taking
to them? How will these questions be posed and answered to random LEOs,
lawyers, judges, etc.?

People seem to focus on some flashy part, like using Tor, but forget overall
basics.

Like that kid nailed for making bomb threats. He had no cover story for why he
was on Tor. He didn't shut up, and cracked. All be had to do was get
embarrassed and say he was looking for porn, or looking at drug prices, and
he'd have been fine.

Edit: It might be good for the cover to be slightly illegal, or damaging.
Investigator grills someone, finally gets them to confess, and it's cause they
were buying weed, or having an affair with illegal prostitues or hiding
something from their family. Then the all the covert actions and software and
nervousness make sense. (And the investigator will move on cause a simple
possession charge isn't worth their time.) Just make sure the story checks
out.

~~~
pakled_engineer
The police/interrogators want you to lie to them with a cover story so your
alibi can be picked a part easily, correct response is to say nothing and get
a lawyer. Even worse is admitting something illegal to them thinking they will
just let it slide, more likely they will use your confession as cause to
search your property.

~~~
MichaelGG
Yes if you can avoid saying anything, fine. In the case of the bomb threat
kid, there is no way to verify an alibi of "I was looking for drugs using
Tor". And, a nervous seeming kid finally admitting he was looking for drugs
fits pretty well and may have gotten the investigators to move on. They've
limited time and resources.

At other places, like border crossings, you might not have the ability to
refuse to say anything (especially as a non citizen). Being able to have a
good cover may be the difference in being let go after a cursory look versus
being detained for in depth examination.

And I really cannot imagine counter terrorism agents bothering to actually go
forward charging that kid with attempting to buy pot or something. After all,
if they suspect him off terrorism, that alone should be enough to get a search
warrant and take his computers.

~~~
pakled_engineer
He was a bomb threat suspect so of course they would charge him with any petty
crime he admitted to so they would get the excuse to further search his dorm,
confiscate his laptop to get physical evidence of the bomb threat and detain
him for further questioning. If he had said nothing and asked for a lawyer
he'd still be in school.

This law professor explains why you should never talk to police, even if
innocent [http://youtu.be/6wXkI4t7nuc](http://youtu.be/6wXkI4t7nuc)

~~~
MichaelGG
So you're saying that, as a bomb threat suspect, they would not be able to
convince a judge to give them a warrant for his laptop anyways?

------
shitlord
Also relevant, and by the same author: [http://www.slideshare.net/grugq/opsec-
for-hackers](http://www.slideshare.net/grugq/opsec-for-hackers)

~~~
mirimir
I don't get why he says "VPN connection to TOR => GOTOJAIL".

How is it OK that your ISP sees you connecting to Tor, but dangerous if your
VPN provider does? Or is this about some other issue?

~~~
RachelF
Yes, hard to understand why he says that, maybe he meant TOR connection to
VPN?

~~~
mirimir
He says that Tor to VPN is OK, as long as you buy the VPN service anonymously.
So I don't think that there's semantic confusion. Also, there is a clear
downside to tunneling VPNs through Tor, in that it prevents circuit switching,
which increases vulnerability to deanonymization.

------
contingencies
More on the same theme... interesting grug, though pond author states _Dear
God, please don 't use Pond for anything real yet. I've hammered out nearly
20K lines of code that have never been reviewed. Unless you're looking to
experiment you should go use something that actually works._

------
zvrba
Page 36: "Windows is currently the most secure mainstream OS. I mean, we can’t
stand _using_ it, but that doesn’t change the facts. The kernel is golden, the
userland protections are stellar, and the user experience is somewhere between
the 8th and 9th circle of Hell."

------
rpdillon
I'm genuinely surprised to see Linux being dismissed as laughably insecure.
I'd like to learn more -- particularly given that the main criticism is that
the defaults are so bad. Does anyone know which distribution/kernel is being
referred to?

Up until now, I'd thought of distributions like TAILS as offering excellent
defaults, while providing good compartmentalization. I remember reading that
Laura Poitras, Glenn Greenwald and Bruce Schneier all made use of TAILS when
reading leaked NSA documents.

~~~
sarciszewski
Among other reasons, the outright refusal of the Linux kernel developers (and
Linus himself) to consider implementing the grsecurity patches have rendered
it somewhat of a joke to the blackhats I know.

------
comex
According to the Pond docs:

> What a global, passive adversary (one who can observe all Internet traffic)
> can achieve:

> A GPA can learn who is using Pond and where their home servers are located.

It's probably a great piece of software, but how exactly does it fit into the
theme of cover over concealment? At its current level of popularity, simply
using Pond, without a proxy at least, paints a giant target on you in the eyes
of such an adversary. GPG and Tor, for all their faults, do not have this
property.

~~~
mirimir
Pond works through Tor, and Pond servers are hidden services. I consider that
using Tor makes me a target, so I go through at least three VPN services.

~~~
angry_octet
Would have been better that you hadn't mentioned using tor then hmm?

~~~
mirimir
Maybe I'm lying ;)

~~~
angry_octet
We need to start writing apps that use an embedded tor, not for anonymity, but
to increase the noise floor.

NB Just remember that lying to the FBI is in itself a criminal offence :-(
[https://www.youtube.com/watch?v=6wXkI4t7nuc](https://www.youtube.com/watch?v=6wXkI4t7nuc)

------
rdtsc
I have been trained well by now. Every time I see stuff like "try Pond" or
click and use this tool. I am thinking -- I will be bumped up on the black
list somewhere. I guess it is called thought self-censorship...

~~~
contingencies
Know what you mean. I know grugq to some extent, and really doubt this was his
motivation. However, yes .. passive global network analysis (eg. NSA) can
benefit. So I still have the same thought process, and switch signatures
(browser+IP) before reading things like this. Just for compartmentalization...

------
vesche
This is cute, but it's also just a bunch of noise. Makes a lot of speculative
claims without proof or citation. Reads like an overly verbose front page junk
article of some non-existent cyberpunk gossip magazine.

~~~
Estragon
I don't know why this was downvoted. A lot of this presentation is hard to
take seriously for exactly the reasons vesche outlined, especially when the
authors make howlers like praising Pond to the skies while the Pond author
begs people not to make serious use of it.

------
asapragusnuts
FWIW this is the talk that got them (Ben Nagy and The Grugq) thrown out of
Kiwicon ([http://kiwicon.org/](http://kiwicon.org/)) for being transphobic,
sexist and otherwise disrespectful to women and trans people.

See
[http://geekfeminism.wikia.com/wiki/Kiwicon_2014_expulsion](http://geekfeminism.wikia.com/wiki/Kiwicon_2014_expulsion)

IMO it was justified, but guess you had to be there.

~~~
woah
"A transgender Mongolian in the desert"? Is this really so gravely offensive?

~~~
woah
I asked a friend and she gave me this explanation:

"It's not compassionate to remind transgender people that they're a minority
that often has trouble "passing" and face extreme violence bc of that...if you
were a trans woman in the audience who'd been beat up for not being able to
pass as cis, how would it make you feel to have that treated like a joke"

Seems reasonable. I retract my previous comment.

~~~
Dylan16807
It does seem reasonable, but does that mean it's not okay to joke about unfair
bad things in general? What makes a similar argument valid/invalid?

------
magian
The guy is simply an Apple fanboi who like to rehash the same old tired
security tropes while providing almost nothing new or of much value.

