The obvious solution and the remaining problem with it

Refocus the Priority of the NSA back onto National Security

• We need a 100% disclosure rate for exploits discovered by the NSA. The NSA should report every single vulnerability it finds to the relevant software vendor within one month of discovering it. The funny thing about exploits is that smart people all over the world are working on finding them every day, and nobody seems to be substantially faster than anybody else. When one person discovers an exploit and reports it to a bug bounty program, 500 hackers sigh with disappointment because they were days or weeks from discovering the same one.

• We need an end to mandatory backdoors into communications systems. Backdoors cannot be relied upon to remain hidden and only available to the law-enforcement or government personnel who are the intended users. Quite the contrary, backdoors render a cryptosystem worse-than-useless because they deliberately cultivate a false sense of security while simultaneously providing a predictable avenue of attack for malicious actors. Eventually, this should culminate in the drastic revision of ECPA and CFAA, and the repeal of CALEA.

• We need to end mass surveillance because it's not helping us identify threats. As a technology, the hypothesis has failed and it's time to stop wasting money repeating the same mistakes.

• We need to focus on combating cyber-espionage and cyber-warfare proactively, by fixing bugs before they can be exploited by malicious actors rather than hoarding exploits, which disproportionately leaves innocent computer users vulnerable. If cybersecurity is to be the purview of the US Government and the NSA, then the NSA must be re-imagined as a security research and bug reporting agency. In this way only can we perfect our computer systems and protect our people from cyber-espionage and cyber-warfare in the long term

Fix the Problems with The Chain of Evidence

• We need something quite bizarre to fix this problem. We need to encourage a criminal escalation in cybercrime and cyber-related crime like online drug trafficking. The escalation we need is an SSL-Encrypted, peer-to-peer Log-Hash-Escrow system, which stores non-reversible hashes of security logs for sensitive sites. This is to assure that all hacking performed by law-enforcement agencies is accurately reported when it is entered into evidence in a court of law. This will also help limit frivolous and excessive inaccuracies of lawsuits on the part of copyright lobbying agencies that stifle innovation like the RIAA and MPAA.

• This is another difficult decision, like Tor itself was, but it is one of the only credible ways of restoring credibility to American cybercrime investigators.

The obvious solution and the remaining problem with it

2:52 PM educational, Featured, informative, privacy, Slider

One last thing, let's talk about Parallel Construction

From the standpoint of due process, perhaps the most unsettling aspect of NSA activity so far is how it's bad processes have spread like a virus, corrupting agencies that have potentially much more positive and useful missions like the FBI. "Parallel Construction" is a practice recommended by the NSA to investigative agencies like the FBI and investigative arms of administrative agencies like the IRS, which entails the use of illegal evidence to discover suspects and directs investigators to fabricate a legal chain of evidence in order to obtain a legal conviction on U.S. soil in a U.S. court of law.

I was recently contacted by a young person who wanted me to help him breach a Facebook account belonging to his mother, believing that she was about to remarry her current boyfriend. The young man believed he would be able to discern his mother's suitor by stealing her private messages. I told him exactly what I tell everyone who asks me to violate someone's privacy, which is no, but I also told him something that I hadn't told anyone before.

"If I were to violate your mother's privacy and steal her messages so you could confront her with the identity of her suitor, she would certainly suspect that the information was obtained by surreptitiously intercepting her messages. That means that you have done wrong, while she has simply chosen to remarry, which is her right and privelege. Doing this is a violation of her trust on your part, which damages your position before you even get a chance to make it. It is better to be honest."

Activities like Parallel Construction undermine the confidence that law-abiding, honest Americans have in the ability of law enforcement, which is compounded by the problem which makes it possible, that any evidence collected in the course of a computer crime investigation comes under the control of an agency that has a vested interest in conceal any practice of Parallel construction. In short, confidence in the very notion of a chain of evidence for cybercrime is rightly shattered and requires an engineering solution.

One last thing, let's talk about Parallel Construction

2:51 PM educational, Featured, informative, privacy, recommendation

Cost-benefit is all well and good, but does it work? Does the technology yield results?

It really doesn't look like it. Here's the thing. If you're willing to take a few fairly simple precautions, you can and will be able to avoid NSA, GHCQ, or cranked-out Russian teenager surveillance for sensitive communications. People who really need to hide from the U.S. Government, generally already do. It is possible to avoid the BitLocker key escrow/ password reset backdoor by powering on your machine on an offline connection and disabling that section of the backup software. Off-The-Record messaging, which uses a different key for every chat session and thus any intercepted key is only useful for a single conversation, has been widely available for a very long time and can be applied to any messaging protocol. The most dangerous people are already capable of avoiding mass surveillance. What it comes down to is a choice. Do we want these products, which are not going anywhere, to be protecting innocent people as well as they do soldiers, journalists, victims and criminals, or do we want to leave innocents exposed by leaving known problems in critical infrastructure in order to mostly fail to track criminals?

Cost-benefit is all well and good, but does it work? Does the technology yield results?

2:50 PM educational, Featured, privacy, Slider, Tutorial

Let's start with blanket surveillance, can compromising privacy en masse save lives?

Balancing selection and privacy

How about programs that provide proactive intelligence based on so-called "Selectors?" Do they save enough lives to justify the invasiveness and expensiveness of mass archival of personal, potentially sensitive information?

The NSA currently claims that it's intelligence has prevented 55 terrorist events or cyberattacks this year. This is not likely to be true. As a matter of fact it's much more likely that this figure was made up on the spot. Statistically, the likelihood that 55 terrorist attacks on Americans were planned this year is almost inconcievable. I cannot find a calculator capable of turning that into a Z-score. We're like more than 30 standard deviations above the mean here. It's that unlikely. Bottom line, either the NSA has perjured itself or in the years since the US started the War on Terror the likelihood of a terrorist attack on Americans has exploded at a unprecedentedly catastrophic rate. Either way, that is a Really Big Problem.

But let's take them at their word for a moment and assume that they have actually prevented 55 terrorist attacks. The NSA spends about $10 billion per year, roughly 14% of the total national budget. $10 billion divided by 55 is an average cost of $181818181.81 per attack. Almost 200 million dollars per attack. It is not callous to call for this process to be more efficient.

Another potential analysis of the costs and benefits of this information is the problematic factors of putting such tempting information at the fingertips of fallible human agents. The widespread sharing of private love letters, especially those containing nude photos intended for personal messages between lovers, has occurred many many more than 55 times, although the actual figure is as yet indeterminate. Instances of stalking are also common among NSA employees, civilian contractors, and police all over the world, including in the US.

And let's not forget, if the NSA can get it, so can anyone else.

Let's start with blanket surveillance, can compromising privacy en masse save lives?

2:49 PM educational, Featured, informative, privacy, Slider

But does it do any good? Can it do any good?

So we know that if the NSA can get it, anyone can get it, but if the NSA can do it's job efficiently enough to prevent loss of life or destruction of property does the end justify the means, if only in terms of cost-benefit analysis? In order to examine this we need to break internet surveillance into several categories.

First, a distinction needs to be made between Privacy and Anonymity.

Privacy in this context pertains to the contents of messages sent between users on the internet.

Anonymity pertains to the identifiable characteristics pertaining to the sender and recipient of a message.

Next, a distinction needs to be made between two types of surveillance.

Selection is defined as the process of distinguishing the majority of collected internet traffic from a potential risk. This is the "Needle in the haystack" analogy.

Targeted is defined as the use of exploits to compromise targets in order to gather evidence or determine the identity of a suspect.

But does it do any good? Can it do any good?

2:48 PM educational, Featured, informative, privacy, Slider

So what is the point?

The point is that if the NSA can get it, anybody can get it. Accomodating NSA spying, far from being a way of preventing attacks on critical infrastructure, actually preserves dangerous attack vectors for criminal use. If the NSA discovers an exploit and does not report it to the developers of the vulnerable application, that application remains vulnerable for everyone who uses it, the vast majority of whom will by definition be non-criminal actors within the developed world. People with jobs, paying taxes that are, also by definition, making them less safe.

Exploit hoarding disproportionately harms Americans. Whatever else happens, the NSA's exploit hoarding programs, including but not limited to BULLRUN, must be stopped.

So what is the point?

2:46 PM educational, Featured, informative, privacy, recommendation, Slider

And if that weren't bad enough

There are vulnerabilities available in many operating, communication, and encryption systems which require greater or lesser degrees of sophistication to exploit. Some of these are deliberately placed by a developer, manufacturer, or other intermediary in the software/hardware supply chain and qualify as backdoors, but most are the result of honest mistakes, lack of funding, insufficient testing, or run-of-the-mill incompetence. This is where the NSA's so-called "Advanced Intercept Capabilities" come in, and we actually have much less to be worried about here. Advanced Capabilities are usually targeted techniques against specific computers which, rather than passive eavesdropping, exploit them to give up non-standard information, like the various side-channel attacks carried out on Tor.

The critical issue with Advanced Capabilities is two-fold, first, we must cease the NSA's sabotage operations carried out against products used by U.S. persons, and second, we must provide an effective bug-disclosure policy which does not allow computer vulnerabilities discovered in the course of signals intelligence gathering to remain exploitable by criminals and enemies of America.

And if that weren't bad enough

2:44 PM android, educational, privacy, Slider

And it gets way worse...

In order to tolerate when those routers go down, those requests can be sent to many different routers, potentially. One router might be a backup in case the other router is experiencing heavy traffic, for instance. If an attacker has compromised one router, he can target messages by simply flooding the other router with fake traffic. That's just one of many, many ways. Some of them are even scarier.

Because of the voluntary nature of encryption use, anyone can do this, not just state actors like the US Government or the NSA.

It also means that you only need to compromise a fraction of the routers on the internet to compromise nearly all the traffic on the internet.

And it gets Way Worse

2:43 PM android, educational, privacy, Slider

A General Overview of Eavesdropping

Communications traveling over the internet are routed through many intermediate computers, called routers, which direct messages as they are sent by the programs that send them. If the programs that send them send all or part of those messages in an unencrypted format or in an encryption format known to be breakable those routers can intercept and copy those messages as they are routed, if necessary decrypting them at their leisure.

But NOTHING is encrypted unless the program tells it to be

Also, the NSA isn't compromising home computers directly, it is monitoring them by compromising routers and stealing the messages they communicate.

A General Overview of Eavesdropping

2:42 PM educational, Featured, privacy, Slider

Dispelling the key misconception about online tracking

Most people believe that online tracking is primarily contingent on the exploitation of vulnerable computers. While that does exist and is a serious concern, the reality of mass surveillance is much more banal and terrifying.

Think of it like Archimedes in the bath. The internet is like a bathtub, filled to the brim with water. As a function of getting into the bath, an equivalent volume of water is displaced, just as a function of connecting to the internet you disturb the activity of the surrounding network. For instance, in 1986, hacker and scientist Clifford Stoll was able to pinpoint the location of spy and mercenary Marc Hess in Germany by timing how long it took for Hess's computer to respond to a network diagnostic "Ping" request. This is one of the most basic, essential, and long-standing internet protocols and isn't going anywhere because something like Ping will always be required for computer networks to work. This kind of data will always be available to some degree or another. But the problem is that there is an immeasurable amount of superfluous water being displaced, figuratively speaking, just waiting for anyone to come along and calculate your volume.

Everything you do on the internet is easy to steal because nobody is doing anything right in the commercial space with regard to privacy.

Dispelling the Key Misconception about Online Tracking

2:41 PM educational, Featured, privacy, Slider

What's so great about UNIX?

<p>I've always liked this video as an explanation of what makes the UNIX
architecture so cool and useful. Pay especial attention about 5 minutes in,
when he writes a surprisingly capable spell checker in one line of shell script.</p>

What's so great about UNIX?

3:09 AM educational, informative, UNIX, video, vintage

Android: How to run a script or system application at boot

Android devices are inexpensive, highly capable computers which are easy to purchase discreetly, even though their out-of-the-box privacy leaves something to be desired. This makes them extremely useful to modify into more fully fledged single-purpose computers, and it is possible to use them as tiny servers or even as the basis for computing clusters. In order to do this, however, the most essential thing you need to know how to do is how to run applications at boot time, and some of the applications you might want to run as their native versions and not as Android APK's, for example an SSH server like Dropbear or OpenSSH or a networking stack like cjdns. Unfortunately, all the Android variants have slightly different ways of launching startup scripts. Here, hopefully, is how to find yours and use it to launch an ssh server, so you can take control of your phone via SSH instead of ADB in order to use our phones to do USB tethering without having to install ADB on the host computer.

Requirements:

• A rooted Android device, newer ones work more reliably
  AND
• A desktop or laptop PC running a copy of the Android SDK
  OR
• A Terminal Emulator application
  AND
• An app you want to run as an init script on your Android system, for example, Dropbear. For instructions compiling Dropbear for Android, see this excellent tutorial

You'll need to push dropbear into a folder in the PATH. To push "dropbear" to the Android device after compiling:

    adb shell 'mount -o remount,rw /system'
    adb shell 'chmod o+w /system/etc'
    adb push dropbear /system/bin/dropbear
    adb shell 'chmod o-w /system/etc'
    adb shell 'mount -o remount,ro /system'

This tutorial is written assuming you are executing all these functions on a PC with the Android SDK.

The Concept

Operating Systems of all types must contain a mechanism for starting essential programs when the system is booted. These programs are things like desktop environments and service daemons and on DOS and older versions of Windows for example, the programs that were launched at boot time were run by "C:/autoexec.bat". On the best Operating Systems, however, these applications are launched by the so-called "init system," which exposes an easy to use, regular interface for adding scripts to be run when the system is launched. Android uses a script-based init system, which makes our lives a little easier. In order to add your own programs or scripts to run at boot you will have to do one of two things.

1. Add your custom scripts to the init system and, if necessary, the boot image.
2. Hijack another init script by adding your own code and use it to launch your own script.

Stock ROM's

Stock ROM's are the hardest ones to run startup scripts on, because they tend to use many different ways of launching thier startup scripts. In order to track down clues as to your Android device's way of handling initialization, run the following command.

    adb shell 'ls -l /etc'

This will most likely indicate that /etc/ is a symbolic link to the /system/etc/ directory. Once this is clear, re-mount the /system partition as read-write and add write permissions to the /system/etc/ directory.

    adb shell 'mount -o remount,rw /system'
    adb shell 'chmod o+w /system/etc'

Now you have the ability to read and write the files in the /system/etc/ directory. Once you've done that, you need to locate the other init scripts that have already been set up. You will modify one of these files to also run your init script.

    adb shell 'find /etc -name "*rc"'
    adb shell 'find /etc -name "init*"'

These files search for candidates which might be init scripts. You might see the directory /system/etc/rc.d/, /system/etc/init.d, or /system/etc/init.rc, these are all possible places where you might be able to embed the launcher for your application. You'll need to pick one of those files and, at the end, add a line which starts your application.

    adb shell 'echo "dropbear -s -g" >> /path/to/initscript'

Finally, re-mount the system as remove write permissions from the /eystem/etc/ directory and make /system read-only.

    adb shell 'chmod o-w /system/etc'
    adb shell 'mount -o remount,ro /system'

Android Open Source Project

In order to add your startup script to a running AOSP ROM, you need to overwrite the init.sh file and add the new script to the /boot partition. In order to do this, you absolutely need a PC, preferably running GNU/Linux. The first step you need to undertake is to back up your /boot partition.

Find your partitions by examining /proc/mtd(Preferably. Sometimes it doesn't exist, but that's a whole article in and of itself.)

    adb shell 'cat /proc/mtd'

It will show something like this, which tells you alot of information about the device's partition table. Look for the line that says "boot" in the name column and make a note of the device in the "dev" column.

    dev:    size   erasesize  name
    mtd0: 00040000 00020000 "misc"
    mtd1: 00500000 00020000 "recovery"
    mtd2: 00280000 00020000 "boot"
    mtd3: 04380000 00020000 "system"
    mtd4: 04380000 00020000 "cache"
    mtd5: 04ac0000 00020000 "userdata"

Now that you know where the boot image is, (On GNU/Linux) run

    adb shell 'cat /dev/mtd/mtd2' > ./boot.img

to put the contents of the boot partition into an image file in the current directory.

Now, Download this script called "split_bootimg.pl" and use it to extract the ramdisk from boot.img

    wget https://gist.githubusercontent.com/jberkel/1087743/raw/5be96af0e1c1346678379b0c0f0330b71df51f25/split_bootimg.pl
    ./split_bootimg.pl boot.img

Now that you have the two files you need backed up, you need to unpack the img-ramdisk.gz file. to do this, you need to create a new directory, change into it, and unzip the boot.img file in the new directory. On GNU/Linux, run the following commands from the directory containing boot.img.

    mkdir boot && cd boot
    gunzip -c ../img-ramdisk.gz | cpio -i

Now you have access to the files in the ramdisk and can change and repack them. Find the file named "init.rc" and add your script to it's contents. Finally, re-pack the boot image and flash it to the boot partition of the device.

    mkbootimg --cmdline 'no_console_suspend=1 console=null' --kernel boot.img-kernel --ramdisk ramdisk-new.gz -o boot-new.img

Upon restarting, your device will now start the application when the phone is booted up.

CyanogenMod, OmniROM, and Replicant

CyanogenMod-Based Android ROM's are the easiest to modify, and even come with an accessible mechanism for setting scripts to run after the system is booted. CyanogenMod keeps a file called "20userinit" in it's /etc/init.d/ directory. This directory contains files that are executed sequentially when the system boots up, and you could easily add the script that launches your app here, but have a look at the contents of 20userinit.(Comments do not exist in original version, I added them to explain what the code is doing for people unfamiliar with shell scripting.)

View the contents of /etc/init.d/20userinit"

    adb shell "cat /etc/init.d/20userinit"

You will see:

    if [ -e /data/local/userinit.sh ];  # Test if there is a file at /data/local/userinit.sh
    then    # Only if the file exists, execute the following code
        log -p -i -t userinit "Executing /data/local/userinit.sh";  # Mark this event in the log
        busybox chmod +x /data/local/userinit.sh;   # Use busybox to make the script executable
        logwrapper /system/bin/sh /data/local/userinit.sh; # Add the output of the userinit.sh script to the log
        setprop cm.userinit.active 1;   # set the CyanogenMod Userinit Active property to true
    fi; # Close if statement

In a nutshell, /etc/init.d/20userinit will run the script /data/local/userinit.sh, if it exists, which can in turn be used to launch apps by providing their path and options. So in essence, CyanogenMod has left you a way to add your own scripts to run after you boot by adding them to this file. In order to write to this file, use the terminal to direct the output of the echo command. Remember that ">" starts over at the beginning of the file, and will overwrite any previous contents, and that ">>" appends the echoed string into the end of the file without overwriting the contents.

    adb shell 'echo "" > /data/local/userinit.sh'
    adb shell 'echo "" >> /data/local/userinit.sh'
    adb shell 'echo "" >> /data/local/userinit.sh'
    adb shell 'su -c "busybox chmod o+x /data/local/userinit.sh"'

Now reboot your device and try connecting to the SSH server. If the server didn't start, your /etc/init.d/20userinit.sh script may not be marked executable.

    adb shell 'su -c "busybox chmod o+x /etc/init.d/20userinit'

Citations: Boot Image Information Stack Overflow Thread

Android: How to run a script or system application at boot

4:26 AM android, educational, tinkering, Tutorial