Governmental Hacking

palettentreter · Tux's lil' helper Joined: 06 Feb 2006 Posts: 104

Hiho...
As you may have heard, the german government is planning on legalizing governmental hacking into personal computers. We definitely have to consider these guys EXTREMELY potent, as they have (in principle) all the necessary infrastructure to manipulate any unencrypted traffic that's going through german ISPs. Which means, that it's (theoretically) no problem for them to manipulate, say, my portage rsync, providing me with a crafted Manifest that matches the manipulated kernel-sources I'll be receiving with the next update.
So I think that, in the long run, we'll need an improved system of integrity checking for source downloads. The Manifests shouldn't be transmitted unencrypted. Furthermore, source checksums should be compared within several sources over an AES encrypted connection, preferrably through an anonymizer network such as TOR.
I know this sounds seriously paranoid, but the threat we're facing is not just some well-paid professional hacker, but the legislative force which enjoys support from major parts of the citizens. And we have to be faster than they are.
So I'd very much appreciate some comments on this...

thx guys, and keep up the great work!!

nixnut · Posted: Wed Nov 28, 2007 5:30 pm Post subject:

Moved from Networking & Security to Gentoo Chat.
Not a support request, so moved here.
_________________
Please add [solved] to the initial post's subject line if you feel your problem is resolved. Help answer the unanswered

talk is cheap. supply exceeds demand

JuNix · Posted: Thu Nov 29, 2007 12:20 am Post subject:

I have a few suggestions.

I would suggest installing, and learning how to use, chkrootkit, rkhunter, and aide.

I use an AES encrypted file containing a loopback filesystem to contain my aide database. I run aide every day to see which files have had any of their metadata or contents changed. If some other entity other than myself changes a file on my system, I know about it

Also, why not configure your syslog daemon to log onto a separate machine?

Could you not set up TOR and set FTP_PROXY and HTTP_PROXY to go through your TOR? Then use emerge-webrsync? I've never used TOR so I am unsure as to whether or not this would work.

Good luck. Stay safe

Ctrl+Alt+Del · Guru Joined: 04 Jul 2004 Posts: 326 Location: .de

Tor won't help since it's a.) no encryption and b.) in a case of govermental spying it's likely that your isp cannot be considered trustworthy... only thing that can actually help is encrypting traffic between the client and the remote end. SSL and GPG signing for everything...

edit: The current scenarios on the "Bundestrojaner" Subject are actually different. The government wants to break into your appartement, analyze your infrastructure and using that information, create a customised trojan which is then installed on your system during a second break-in. Go figure how likely that is to happen...

your_WooDness · Tux's lil' helper Joined: 25 Oct 2007 Posts: 77

Hi,

best solution for this "bundestrojaner" hacking or what else would be, if every german internet user would place a file on his PC with fictive assault datas like date, time, who and how.
Then the government would get a lot of hits and I think more than expected. They would be flooded with informations and I hardly can believe that they would be able to handle this amount of data, neither do I think that they have enough man power to check this.
For all those who think that it's a good thing to find terrorist via hacking into a computer. Hey come on, those terrorist guys are not dumb and they also know how to use computers.

WooD

tabanus · l33t Joined: 11 Jun 2004 Posts: 638 Location: UK

I've often wondered about this sort of thing. The weakest point of attack is surely the rsync mirrors. How secure are they? How easy would it be to hack an ebuild on a mirror, or even set-up a nice fast mirror with ebuilds altered that point to a malicious file?

Are the ebuilds themselves checksummed to compare with a master copy somewhere?
_________________
Things you might say if you never took Physics: "I'm overweight even though I don't overeat." - Neil deGrasse Tyson

Cyker · Veteran Joined: 15 Jun 2006 Posts: 1746

Tor would be no help whatsoever here.

Tor is designed to anonymize your IP, but it makes it EASIER for third parties to sniff your data and perform man-in-the-middle attacks unless you are using some sort of secure tunnel, e.g. https or, better, ssh/hamachi/vpn etc., but then you'd need a secure end-point with which to pass traffic in such a way.

You would be better off subscribing to Relakks or similar. (Alas running redirection tunnels through shell servers like SDF is no longer allowed I think).
This also anonymizes your IP, but all traffic leaves your system in a VPN and exits their end-point node, so in theory no evil snoopers can sniff the traffic, and it exits somewhere in Sweden along with a few hundred+ other peoples IP traffic so they'd have a hard time tracking your thread so they could modify it.
Of course, they could just hack the entire gentoo portage service, but if that ever happened I think we've got bigger problems to worry about...!

And of course, all this assumes you trust the Relakks people enough that they aren't selling backdoors to the CIA, and that theire servers haven't been compromized, but this sort of thing always depends on how far your paranoia and trust will take you...

Edit: Damnit, how comes there are 3 posts in the time it take me to write this?! MY typing isn't THAT slow!!!

your_WooDness · Tux's lil' helper Joined: 25 Oct 2007 Posts: 77

This is getting a really paranoid thread. It wouldn't protect you from hacking if you open a secure connection via ssh, vpn or what ever to a "hacked" rsync mirror where you download your "hacked" source codes. Then you would download the hacked source code via secure connection. Wow! Very secure hacking.
Even if they manage to hack one or more rsync mirrors, they also should hack the portage tree to alter the checksums of the ebuilds and source codes. Just try to change one sign or letter in an ebuild and emerge that package afterwards. It won't start to compile, but complains about that the checksum doesn't fit.
Besides, there are easier ways to infect your system and collect informations of your computer and you, than hacking hundreds of servers.

WooD

Genone · Posted: Fri Nov 30, 2007 10:20 am Post subject:

No amount of encryption will help if you can't trust your ISP (unless you can verify the integrity of the other side over a second channel).

GTrax · n00b Joined: 02 Jan 2007 Posts: 40 Location: Hampshire UK

Er.. surely the only thing that needs to be sent encrypted, and untangled at the user end by using the Gentoo public key is the MD5 for the download.

If there is a government meddling to fit rootkits and trojans in downloads, it would become obvious. At that point, the entire download could be encrypted.

About paranoia: The main engine for these concerns is actually paranoia among individuals in government agencies who can role-play themselves into a lather. They truly fear unfettered secure communication between citizens, and you may assume that if we thought of the mechanism, they already did.

In the end, even the downloading and adoption of a Gentoo system is an act of trust. The number of folk who can affect the content of an ebuild is not high, and the trust part is that nobody has had an arm twisted, (this being way cheaper and easier than codebreaking).
_________________
Living with: Ubuntu, Sidux and Gentoo

Roman_Gruber · Posted: Sun Dec 02, 2007 3:57 pm Post subject:

Same thing happens in Austria, now.

I`m afraid of my privacy.

I have read a lot of "Hack" words in this thread! Someone should count these words.

FcukThisGame · l33t Joined: 20 Apr 2005 Posts: 776 Location: /lost+found

speeddemon · Apprentice Joined: 27 Sep 2003 Posts: 162

GTrax · n00b Joined: 02 Jan 2007 Posts: 40 Location: Hampshire UK

This is what 2-part keys and digital signing is all about.

So many sites I see offering a package to install, same name as the one on the official site, but you don't know if its got some scammy back door to a keylogger rootkit, let alone a government funded snooper. We now have the mechanism to distribute the software encrypted - or at least the MD5 encrypted, and within that package, a digital signature that can only be verified from the owner's public key. We can make the any ISP action irrelevant here. You cannot mess with either key without breaking something.

The motivation to mess with downloads is not confined to snoopers and identity theft criminals. Deliberately distributing broken software mixed with spyware is common, for example to harm the function of media-related software while at the same time giving it a bad name to discourage users. Bit torrents are contaminated in this way, though its not beyond the wit to arrange a auto blacklist in the same way PeerGuardian does.

Regardless of how the code is securely transported and verfied, speeddemon is right in that if the software is messed with at the source with the connivance of the originator, there is no fix except one. ie. The thing must be open source, and preferably the work of several contributors. If it is the source you compile, rather than the binary you let run, then you can read it, and alter it, or know that that some clever fellow somewhere might read it! This is how we know FireFox (for example) does not have backdoors and corporate snoopers. Nobody wanting to plant covert code would risk it being found in open source code.

When you think about it - this is one of the advantages of having a compiled system - like Gentoo

_________________
Living with: Ubuntu, Sidux and Gentoo

speeddemon · Apprentice Joined: 27 Sep 2003 Posts: 162

GTrax · n00b Joined: 02 Jan 2007 Posts: 40 Location: Hampshire UK

Keeping it simple - I need an explain why the mechanism could be compromised by an ISP replacing the attempt to post a public key with another. If I sent out software anywhere, via any channel at all, that was first encrypted with my private key, it would not be recovered unless my public key remained unsullied. There is one, and only one, number that will work, and the ISP has to pass it unhurt, or the whole thing halts right there.

The scenario you pose, where the ISP uses your public key to recover the stuff, just like any other user, then re-scambles it with a new key of their own, and posts a fake public key is defeated by the digital signature mechanism. In effect the, software integrity is guaranteed by the inability of the ISP to fake one. There are lots of articles that explain the method, and the world is teeming with criminals probing for a weakness.

There is no 'key translation' trick i am aware of that can circumvent this.
The 'easier' way is to bribe me or twist my arm before I send it!

All this assumes nobody has found a fast way of factoring large numbers that are only one count away from being prime.

..as I understand it ..

_________________
Living with: Ubuntu, Sidux and Gentoo

think4urs11 · Posted: Sat Dec 08, 2007 12:07 am Post subject:

As long as you rely on one communication channel only there is _no_ way to assure that encrypted data send to you (or you send out) is untampered. Or to be even more precise you _must_ have one independent+secure+trusted channel to verify the data, e.g. telephone, personal meeting to manually crossverify fingerprints of the data or similar methods. As long as your 'enemy' has full control over your primary communication channel you're lost without this second channel, no way out.
When you rely on one channel only you trust either the data or the keys or the key-signing you receive via that channel - all can be tampered/exchanged with something else - you have no possibility to tell if the data is 'real' without _independent_ verification.
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself

depontius · Advocate Joined: 05 May 2004 Posts: 3509

Just saw this thread, and have to mention something about the "one channel" thing.

Read some of the PGP/GPG documentation on "key signing parties". I prepared for one earlier this week. On a piece of paper, I printed my name, email address, key ID, and key signature. All of this several times, with dashed lines to tear into strips, one printout on each. It was paper, no computers involved. In fact, they sternly suggest no computers in the documentation. You speak with people, exchange pieces of paper, show each other IDs, including photo IDs, etc. When all is done, you can download their key from a keyserver, verify that the signature is correct, sign it with your key. (Then upload, if you wish.)

At the end of this, you have that second channel, and you know you can securely communicate with that person.

PGP/GPG refer to a "web of trust", where you know someone who knows someone who knows someone, etc. As long as all of the trust was properly assigned through personal contact, you can extend your "transitive trust" beyond your personal acquaintances. But it all required that "second channel", personal contact.
_________________
.sigs waste space and bandwidth

steveL · Posted: Sat Dec 08, 2007 3:50 am Post subject:

Interesting post; I've been thinking about something along these lines. One ISP or national subnet could be considered one channel. So if signatures and software are checked across those boundaries, surely that's enough? I think we have that already, but it'd be good to be sure :P

aidanjt · Posted: Sat Dec 08, 2007 8:44 am Post subject:

I highly doubt they're going to chase after every Linux distro known to man, Gentoo even less so, it just isn't feasible. Take off your tinfoil hats gents, you're safe for now.
_________________

depontius · Advocate Joined: 05 May 2004 Posts: 3509

depontius · Advocate Joined: 05 May 2004 Posts: 3509

speeddemon · Apprentice Joined: 27 Sep 2003 Posts: 162

steveL · Posted: Tue Dec 11, 2007 2:18 pm Post subject:

speeddemon · Apprentice Joined: 27 Sep 2003 Posts: 162