Encryption

Linsk

 * https://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html Evil maid attack.
 * Freenet
 * http://fiddler2.com/, http://www.wireshark.org/download.html , http://www.snort.org/start/download

The traffic is coming from inside the target's machine. Thus, you would have to have complete logs, like through Fiddler or equivalent, and cross-reference that to a Snort or Wireshark session running on another machine. When you see traffic that doesn't match normal system or user traffic, then you have a suspect.

Since this is based on two things: (1) a BIOS component, and (2) a hardware transmitter component, working together.... one way to defeat it is to wipe out the BIOS and upgrade it to your own compiled fully free and open source variant, like http://www.coreboot.org/. This could possibly disable the attack even if the hardware transmitter were hard to spot and physically remained.

https://www.schneier.com/blog/archives/2013/09/new_nsa_leak_sh.html

Note how tor must be config on vm, win7 can be bypassed

http://www.loper-os.org/?p=1299

Obfuscated C-code
http://www.peereboom.us/assl/assl/html/openssl.html  openssl deliberately made unreadable by NSA agents part of the core coding team. See http://web.archive.org/web/20140414023227/https://www.peereboom.us/assl/assl/html/openssl.html as peereboom.us warns on fake certificates. Before the the Snowden release, read somewhere that the NSA has its agents as core openbsd,freebsd,linux etc. kernel coders with commit rights to the source tree. I thought this was just to conspiratorial, after Snowden computing from inside a faraday cage should be standard. Using obfuscated C-code the NSA can hack any linux, ssl system at will.

NSA antics
http://www.truecrypt.org is NSA software that uses Intel hardware encryption chipsets which the NSA agents with the complicity of Intel(according to various news outlets) has compromised so that the random key generator is not truly entropic and can be decrypted with specialized custom made ASIC chipsets. The max allowable password length is only 32 chars long, because not even the NSA can decrypt a 100 character password. They are not so stupid as to place any software backdoors in truecrypt itself, this would eventually be detected with a software audit, they did something that nobody even thought about: designed their very own chipset and then forced Intel to adopt it. All Truecrypt encrypted code is decrypted by the NSA when uploaded anywhere unto the Internet. The NSA can track down any person uploading to http://thepiratebay.org by comparing the file on piratebay with their cached copy of the same file that had to traverse an NSA controlled router, gateway, ISP etc. somewhere in this world. The NSA caches the entire Internet in realtime and especially homes in on encrypted files. Only by encrypting(not using truecrypt) a file before uploading to a torrent sharing site is some measure of protection provided. And even then this must start with i2p -> Tor -> clearnet. It seem that there aren't any file uploading sites that allows for encrypted upload or that allows for Tor based uploads. Tor itself is compromised, begin with i2p and then hop unto Tor.

Fact is - the US authorities were confronted with the following situation:

1. It proved politically impossible to force all creators/distributors of encryption software to implement a backdoor in their products (via law).

See a good overview about the history here:

http://www.newyorker.com/online/blogs/elements/2013/08/hard-to-crack-the-governments-encryption-conundrum.html

2. However, government and/or government agencies were absolutely convinced that the only way to guarantee security is for the authorities to be able to read the content of encrypted communications. See the document from the US Department of Justice from 1998 quoted above:

https://web.archive.org/web/20040529211445/http://www.justice.gov/criminal/cybercrime/cryptfaq.htm

Note the conclusion:

"At bottom, it is important to recognize that society has an important choice to make. On the one hand, it can promote the use of unrecoverable encryption, and give a powerful tool to the most dangerous elements of our global society. On the other hand, it can promote the use of recoverable encryption and other techniques, achieve all of the benefits, and help protect society from these criminals. Faced with this choice, there is only one responsible solution."

So what were the US authorities supposed to do? Just do nothing and watch how "Open Source" encryption programs "take over" the market, because they are free and trustworthy, and where it won't be possible to force the creators to install backdoors like they exist in "Bitlocker"? (yes, Bitlocker is backdoored, which is well know in the law enforcement community)

Well, one possible and perfectly reasonable solution for the authorities could be: Take part in the "open source" community, offer the best program, and then dominate the market! Make a program which will be used all over the world, and which includes a very well concealed backdoor. And that's exactly what they did. They used a cover which was barely credible, as it had the elements of an international, well funded organization with considerable funds, personnel, lawyers etc., but it worked for about 10 years. In the future, we all should just be more careful, and, as I said before, should not ignore the obvious warning signs.

Basically it should be clear that privacy does not exist anymore. i2p uses java, how many NSA agents have commit rights to the i2p source tree?

Chat sessions are not encrypted; Pigeon, Aim, Skype etc. You need to encrypt all text with a custom Microcontroller attached to an RS-232 port with a diode that blocks the read signal. The NSA cannot defy the physics of a diode. This encrypted text is then inserted into the skype session, the person at the other end must have a decrypting Microcontroller attached and the read the text from the LCD display of the micro. Anything in software on a pc is compromised.

FreeBSD10 has reverted recent commits to their source on using Intel compromised chip sets back to random key generation in software only.

All Lenovo motherboards have chip sets implanted that "phones home" to China. NSA has so compromised the Android system that no bitcoin wallet is safe on it.

Plastic rocks, thrown over the wall, embedded with electronic signal sniffing equipment that can detect keyboard presses, this was how the Iranian nuclear computer systems were penetrated. Faraday cages, lined with tin-foil is only solution to this.

Password footprint
https://www.schneier.com/blog/archives/2007/01/choosing_secure.html What's happening is that the Windows operating system's memory management leaves data all over the place in the normal course of operations. You'll type your password into a program, and it gets stored in memory somewhere. Windows swaps the page out to disk, and it becomes the tail end of some file. It gets moved to some far out portion of your hard drive, and there it'll sit forever. Linux and Mac OS aren't any better in this regard.

Qubes linux
http://theinvisiblethings.blogspot.com/2012/09/how-is-qubes-os-different-from.html Second, all mainstream desktop OSes, such as Windows, Linux, BSD, even OSX, are all based on a monolithic kernels, which present a significant security problem. This is because a typical monolithic kernel of a contemporary desktop OS contains tens of millions of lines of code, and to make it worse, most of this code is reachable from (untrusted) applications via all sorts of APIs, making the attack surface on the kernel huge. And it requires just one successful kernel exploit to own the whole system, bypassing any security mechanisms that might have been built on top of it, such as SELinux, LXC, etc.

In other words all US citizens can be forced to become NSA agents, the agency will find some means of blackmail such as failed tax return etc. Everything, cloud etc. from the USA and US citizens are compromised. Using Dropbox? Might as well publish your password on pastebin. http://www.mega.co.nz loads javascript locally to prevent man in the middle server impersonation. http://www.ghacks.net/2013/07/20/megas-chrome-app-improves-security-by-loading-javascript-locally/ Loads javascript locally.

NSA password software
http://keepass.info/download.html Attempts to make TCP/IP connections the whole time. All downloads are probably a man in the middle attack, nobody is really connecting to sourceforge, but to an NSA proxy server.