
Encrypt your Google chats and make the NSA sad - salade_verte
https://github.com/nicolas-t/gAES
======
freshhawk
This would definitely be the level of security that falls under this statement
from Snowden:

Q: Is it possible to put security in place to protect against state
surveillance?

A: "You are not even aware of what is possible. The extent of their
capabilities is horrifying. We can plant bugs in machines. Once you go on the
network, I can identify your machine. You will never be safe whatever
protections you put in place."

(from [http://www.guardian.co.uk/world/2013/jun/09/nsa-
whistleblowe...](http://www.guardian.co.uk/world/2013/jun/09/nsa-
whistleblower-edward-snowden-why))

~~~
cowkingdeluxe
Why did he not give even a small technical overview on what they are capable
of? He should've been able to given he has a lot of technical expertise and it
would've helped his evidence a lot.

Did they figure out how to tap complicated SSL? Is it hardware based? He gave
no hints but could have easily.

Instead it's this blanket statement that's supposed to imply that all
encryption is pointless.

~~~
ryanmolden
This is not my area, so excuse the ignorance, but this statement:

A: "The NSA has built an infrastructure that allows it to intercept almost
everything. With this capability, the vast majority of human communications
are automatically ingested without targeting. If I wanted to see your emails
or your wife's phone, all I have to do is use intercepts. I can get your
emails, passwords, phone records, credit cards."

Specifically the part about 'all I have to do is use intercepts. I can get
your emails, passwords, phone records, credit cards'. Does that not imply they
have found a weakness in TLS/SSL? Once the information is transmitted (say my
Facebook password) to an https endpoint it is already encrypted, no? So them
'sniffing'/intercepting the packets would do no good, unless they could
decrypt them.

~~~
gkop
Intercept could also mean man-in-the-middle.

~~~
XorNot
Which would be trivial if they had agreements with the various mostly US
providers to quickly get man-in-the-middle signed keys from their CA's.

Although this seems like it would be quick to spot since if you were watching
certificate fingerprints change then you'd see the switchover and switchback.

~~~
Amadou
I use the Cert Patrol plugin (
[http://patrol.psyced.org/](http://patrol.psyced.org/) ) and I've noticed
periods of a few days to a week where SSL certs on major sites like google
have changed rapidly. Usually they were all from the same authority so I
didn't think much of it. But now I am even more paranoid. Thanks man.

~~~
toyg
Me too, I stopped using that plugin because Facebook and Google would
constantly change their certificates, so I'd end up just clicking OKOKOKOK,
never looking at the certificate, defeating the whole point.

At the time, I assumed it was just a snag with the umpteen layers of caching
and content-distribution networks that they must be using. Now it looks quite
a bit more sinister.

------
sweis
As far as I can tell, this is using CBC mode without any authentication:
[https://raw.github.com/mdp/gibberish-
aes/master/dist/gibberi...](https://raw.github.com/mdp/gibberish-
aes/master/dist/gibberish-aes-1.0.0.js)

If that's the case, then this implementation is vulnerable to a variety of
attacks.

~~~
salade_verte
Thanks, can you suggest me a better AES implementation ?

~~~
bdamm
Your implementation is vulnerable to MITM attacks. That will be the case no
matter which AES mode you choose.

You are on the tip of the greatest problem with modern cryptography, which is
that there is no real way for widespread confidentiality to be created without
trusting a third party such as a CA. But once you trust a CA, then you become
vulnerable to the backdoors available through the CA community (not just one
CA.)

Personally, I'm hoping for a bitcoin-like protocol (such as namecoin) to
create a peer-to-peer trust network for distributing public keys.

PKI is only useful when the root are truly trusted and tightly controlled (or
even supervised with highly transparent audit programs). The current
generation of Internet CAs don't even come close - they are not trusted by
anyone except themselves, and they sure are willing to take your money if
it'll make you feel better!

~~~
jafaku
Does bitmessage have anything to do with this?

------
sspiff
While this is a nice effort, why use Google Talk at all for chatting if you're
going to do all this effort (per user configuration etc) if you could just use
an XMPP client with OTR[1] support, or use an XMPP server you can trust?

[1] [https://en.wikipedia.org/wiki/Off-the-
Record_Messaging](https://en.wikipedia.org/wiki/Off-the-Record_Messaging)

~~~
patrickaljord
Because then you'd be talking to yourself as nobody uses XMPP with OTR.

~~~
drdaeman
At least Adium, Gajim, Kopete and qutIM have built-in OTR support.

So, I guess, it's a bit more than nobody.

~~~
patrickaljord
Yeah I remember using OTR on kopete when I was in college. I had one instance
opened on my laptop and the other on my PC. It was pretty cool and easy to set
up. What wasn't easy was finding anyone I knew to talk to with beside the few
other linux nerds at school.

~~~
dgesang
Because people don't know about it.

------
rogerbraun
I like this, but the easiest way to do this without pretty much any
configuration is to log in to Google Talk with a Jabber client that has OTR
support, such as Adium or Pidgin.

~~~
gohrt
Google Talk is being replaced by Hangouts, it might not be practical to keep
your existing Google Talk client long-tem.

------
mtgx
Still waiting for Google to implement OTR and ZRTP in Hangouts by default...
_especially_ now after all this.

~~~
peter487
Probably not gonna happened, but it would solve so many problems with public
key crypto. Key distribution? No problem, tie your public key to your gmail
account. Need to communicate with someone? Just send them your public key.
Goole would verify that key X belongs to mail Y, another problem solved. Mix
it together with some javascript library (source code available by design) and
you have almost perfect and simple to use public key crypto for masses. Oh
well time to wake up….

~~~
ef4
Both Google and Facebook are in excellent position to actually bring public
key crypto to the masses in a usable, it-just-works, kind of way. But of
course both have every incentive not to do it.

~~~
EliRivers
Also, they can't. Be. Trusted.

------
dlss
"A" for effort, but I won't be happy until something like this also obscures
who you are talking to.

~~~
Groxx
Be happy:
[https://github.com/prof7bit/TorChat](https://github.com/prof7bit/TorChat)
(description:
[https://github.com/prof7bit/TorChat/wiki](https://github.com/prof7bit/TorChat/wiki)
)

~~~
dlss
Wow -- that does make me happy. Thanks for the link!

(Also: Pascal?! I guess I can't complain -- I'm just glad this exists :)

------
cupcake-unicorn
Why doesn't Google up the security in its own apps? The government may "force"
them to provide access, but can it "force" them to remove safeguards like
encrypting email/chats/etc? Even if they just gave us the option to check a
box, and it wasn't on by default. The problem I'm seeing with all these
solutions is that they're very specific to two users, they both need to have
everything set up. Well, great, the NSA will see one less conversation when
they peek through your stuff. I'd like to have ALL my messages encrypted.

~~~
nano111
can't force them not to encrypt emails but it can force them to give out the
keys

~~~
nano111
for some reason, it won't let me delete my duplicate comments that were
created because of errors on postings...

------
akkartik
tptacek doesn't seem to have found this thread yet, but he's said many, many
times here that doing crypto in js is a bad idea:
[http://rdist.root.org/2010/11/29/final-post-on-javascript-
cr...](http://rdist.root.org/2010/11/29/final-post-on-javascript-crypto)

------
leot
Google, Yahoo, and Microsoft could all make the vast majority of email vastly
more secure by implementing PGP-by-default. Send: You enter an email address,
a little key appears beside it if it's recognized as having an associated
public key, and a warning appears that the email can't be encrypted if an
additional email address is entered that doesn't have an associated key.
Receive: email encrypted with your public key is colored "green" (for
"secure") and the from address is colored "green" if it's been appropriately
signed. With (and, I'd argue, only with) a webmail client can PGP be rapidly
deployed and almost completely transparent.

But, this would make "intercepts" far more difficult, now, wouldn't it ...

~~~
sliverstorm
_this would make "intercepts" far more difficult_

Yup, Google is doubtless completely in cahoots with the NSA.

... Really? Is that what you are thinking? Apply some rational thinking here.
It's simpler than that. Google advertises to you based on the contents of your
email. It is not in Google's interests to prevent themselves from being able
to read your email, and if they can read it so can the NSA.

~~~
leot
I don't understand why everyone seems to think this is an issue. It's as
though the only alternative to the status quo is local host browser-level
crypto.

The implementation I'm referring to doesn't preclude Gmail from reading emails
it has of yours. It just means that _only_ Gmail can read them, because _only_
Gmail has your private key, a private key that's associated with two-factor
authentication, and a private key you could optionally use elsewhere, too.

~~~
sliverstorm
That would work fine, if all the NSA did was sniff traffic on the backbones.

~~~
leot
The idea that the biggest reason to have PGP is to protect ourselves from some
nefarious gov't entity is silly, though in the longer-run it can definitely
help make this happen. PGP/PKI affords incredible technological advantages. If
webmail providers offered it, OpenID (etc., etc.) would become quickly
redundant (e.g.).

------
rexreed
XMPP on a Raspberry Pi box with minimal raspbian and OTR. Gives you some
control and a minimally-hackable box.

Some interesting related reading on the XMPP with Raspberry Pi:

[1] [http://russelldavis.org/2013/01/18/setting-up-prosody-on-
the...](http://russelldavis.org/2013/01/18/setting-up-prosody-on-the-
raspberry-pi-for-house-apartment-secret-club-house-wide-chatroom/)

[2] [http://oskarhane.com/make-your-raspberry-pis-and-other-
serve...](http://oskarhane.com/make-your-raspberry-pis-and-other-servers-a-
botnet-controlled-via-xmpp/)

------
switch33
Somewhat relevant(IRC for gmail): [https://github.com/progrium/irc-for-
gmail](https://github.com/progrium/irc-for-gmail)

Also, it sucks that this AES plugin for gmail uses greasemonkey. There are a
bunch of exploits abusing greasemonkey really.

------
tlrobinson
I would prefer to see a plugin that implements OTR instead of this half baked
solution.

[https://en.wikipedia.org/wiki/Off-the-
Record_Messaging](https://en.wikipedia.org/wiki/Off-the-Record_Messaging)

------
marcog1
I've been using encryption with Adium for a long time, but the problem I have
is switching between clients (laptop and mobile) results in me seeing
gibberish on the mobile side. I have yet to find a mobile client that supports
encryption.

~~~
thisisparker
For Android, see the Guardian Project's work, especially Gibberbot:
[https://guardianproject.info/apps/gibber/](https://guardianproject.info/apps/gibber/)

For iOS, you could try ChatSecure:
[http://chrisballinger.info/apps/chatsecure/](http://chrisballinger.info/apps/chatsecure/)

If you want to use the same key on both clients (which carries some additional
risks if, say, your phone gets stolen, given that key is stored in plaintext)
you may find the Guardian Project's documentation of different OTR key file
formats useful:
[https://github.com/guardianproject/otrfileconverter](https://github.com/guardianproject/otrfileconverter)

~~~
marcog1
Thanks! I'll take a look at Gibberbot.

~~~
XorNot
There's also Xabber which has OTR support (and can speak MSN, which is very
helpful).

------
acanby
I might be missing something here, but where is the passphrase negotiated?
Apart from calling or talking to the other person, the only way to define this
common key that I can see would be electronically. Isn't this a bit of a
problem?

------
tn13
I think a better solution to say hello to NSA would be by sending a letter to
your local senator (and other representatives) that you are not going to vote
for them in future unless they raise their voice in the concerned house.

------
rythie
I'm sure they are more interested in _who_ you talk to than what about most of
the time. I would assume they want to track people close to persons of
interest they know about.

------
Tloewald
I think just attach files full of random noise to emails.

------
jaytaylor
Is it possible to use gAES with Google Chrome?

------
Hyrum_Graff
Delete your Google account and make the NSA sad.

~~~
godgod
Doing that today.

