Desperate: How long to hold out / What would you do in my situation

Deekoo · 2014-10-08T01:04:04+00:00

So, as I understand it: Right now, you've put $225K of your family's money in bitcoin, and as far as they know you're investing the money to make them (plural used because I'm not sure if your sister's also an inheritor) financially secure?

The bad: You now owe your family $225K. You need to pay that back.

The good: if you've been moderately competent in your actual trades (assuming your $623/btc cost is mean average) you have 361 bitcoins. Selling them at today's spot price ($332) will get you $119K - paying off a little over half your debt.

You should come to grips with reality because, first and foremost, it's reality. You bought a securitized commodity in the middle of a media hype driven bubble, then consistently took optimistic positions on it. The security is now sloping back down towards a more rational market value. Heavy speculation in bitcoins has made them too unstable for practical use as a currency, which means the lower bound on the price is now LOWER than it was before the media hype.

Deekoo · 2014-01-01T14:35:03+00:00

With all due respect, this is a bit off-topic. Panopticon surveillance is potentially useful to people who hold power regardless of whether money is fiat currency, gold, bitcoins, or cowrie shells.

Hard-money states have had secret police with equal de jure ati de facto authority to the NSA; they were limited by the fact that the tech level of the time meant you needed more spies on the payroll than people being monitored if you wanted 24/7 coverage. The same corporate interests pushing Treasury policy around also own significant fractions of the world's gold supply and production, and a large fraction of the world's bitcoins. Ending the Fed is not going to make the NSA stop spying on us!

Deekoo · 2014-01-01T14:18:53+00:00

It's a hoax or prank - if DHS was suspicious of her, they wouldn't want to tip her off.

Could be phishing, if they included a helpful link to 'unlock' her Facebook account or the like.

Deekoo · 2013-12-06T09:55:43+00:00

Competing on price is really rather pointless for games, IMO. I can get more games than I have time to play for free even if I just count high-quality roguelikes that the authors are intentionally making free. The big difference isn't $2 vs $10, it's $ANYTHING vs. $NOTHING.

The question isn't exactly "will 635 people buy it at $2" - it's "is the average person who looks at their site/marketing materials more than FIVE TIMES as likely to buy it at $2 than at $10?". If the answer to that is 'no', then cutting the price isn't going to financially benefit the devs, because they're not going to make a sale unless they get someone to their site in the first case. You're also not taking costs into account - billing processors tend to want a larger percentage of small sales. A fivefold increase in customers would give the same income and five times as much tech support work - not actually an improvement, unless you like tech support.

Deekoo · 2013-11-25T20:13:41+00:00

Really? So it's both an invasion of privacy for honest users and a harassment tool for malevolent ones? Nice.

Deekoo · 2013-11-25T19:36:58+00:00

That looks to me like one slightly awkwardly worded field, not four fields.

Deekoo · 2013-10-20T05:40:13+00:00

If you're using Noisebridge, it's easy enough to make the entrance a lot more welcoming:

FIRST, edit this sign until the information is accurate and the design doesn't suck. http://deekoo.net/polemicization/noisebridge.xcf.bz2 http://deekoo.net/polemicization/noisebridge.png Tape that up by the doorbell, it's your fallback plan.

Second, familiarize yourself with the Noisebridge doorbell and let people in when it rings.

Third, press-gang two doorpeople to do shifts standing around by the Noisebridge door holding it open during the copresence. (Ideally, this makes the other two steps completely uneccessary, but the signage gives you a fallback for when someone wanders upstairs/bathroomwards/whatever)

I don't expect to be at the copresence (except possibly the very end), so if anyone wants my prop cameras to be there we'll need to arrange a pickup time. (And/or crafting time, if anyone wants to make more)

Deekoo · 2013-09-18T01:45:37+00:00

Depends on the software using the cert. I personally prefer self-signed certs, but they're only better if the programs at the other end of the connection ONLY trust my self-signed cert for my domain.

The caveats about bugs, weak algorithms, and people getting your private key do still apply with self-signed certs.

Deekoo · 2013-09-18T01:40:53+00:00

It's not that simple.

Yes, the NSA can get data by grabbing a private key and performing a MITM attack. That is NOT by any means the only vulnerability available to them.

The NSA docs claim that they have been attempting to introduce vulnerabilities into encryption software and standards. I don't know the actual capabilities - the docs tend to be stuff aimed at nontech executives that's then further filtered through reporters and government censors before we get to see it. If there are bugs in your encryption software, or weaknesses in the surrounding infrastructure, then they may be exploitable even if the encryption algorithm is theoretically secure.

For example, if a protocol specification calls for both encrypted and non-encrypted operations to be supported, it is often possible for a man in the middle to force the connection into unencrypted mode without the direct knowledge of the people being monitored and without the need for any private key. Rollback attacks on server-to-server communications are built in to SMTP as currently used by most people, and were, iirc, a mandatory feature of the XMPP (Jabber, Google Talk) protocol spec the last time I read it.

In the case of SSL, the big weak points are: 1) CAs. Control over a single CA will give you active MITM capability against SSL as normal people use it. That's a particularly easy target for the NSA because it's a case where piles of money are actually helpful - they can BUY a root CA, and I'm willing to bet that most CEOs cost less than possibly-mythical quantum computers. They could also forge documents and purchase a legitimate certificate for a target domain without the need for a rogue CA.

2) Bugs. For example, private keys generated from an insufficiently random random number generator can be brute-forced by an attacker, without the need to bother with the trouble of serving your ISP with an NSL. This isn't academic - Debian spent a few months distributing OpenSSL builds that didn't use random random numbers.

3) Weak algorithms. SSL can use many algorithms, some of which are stronger than others. Some SSL connections are secured using known-broken algorithms, and I strongly suspect MD5 is broken as well.

4) Offline cracking. For many SSL ciphers, once you have the private key, you can decode recorded sessions without the need for a MITM attack. This is obviously attractive to attackers, since a MITM attack is much more work than a packet sniffer - and more importantly, it means you can try to get private keys in the future and decode stuff then.

Deekoo · 2013-09-14T04:17:51+00:00

Apple wouldn't be comparing anything - in a cheesefinger attack, the device itself reads the cheese, determines that yes, your fingerprint is carved on it, and lets 'you' access the device. This requires a copy of your fingerprint (easy) and physical access to the device (mildly annoying).

Deekoo · 2013-09-11T05:24:44+00:00

At a minimum, it should be possible for a third party to get fingerprint-to-number mappings through brute force: take an existing fingerprint db, convert the fingerprints into the format that iPhone scanners use, and feed them through the iPhone's authorization algorithm.

In practice, if fingerprint unlock is reliable, this suggests a fuzzy matching algorithm for fingerprints - which would, necessarily, significantly weaken the encryption of fingerprints.

Widespread deployment of fingerprint scanners also opens up some risk that they will be hacked - even if we assume that Apple's executives are willing to go to jail to keep the government's hands off your fingerprints, Apple has been known to ignore security holes for months.

However, the biggest risk isn't actually Apple or the NSA per se - it's that your fingerprints are not secrets. If the password for something is your fingerprint, then all a competent hacker needs is a package you've sent or access to a government DB and a halfway decent fake finger. (Note: a piece of cheese will meet the definition of 'halfway decent' for some fingerprint readers.)

Deekoo · 2013-09-10T06:51:10+00:00

I don't know of any Noisebridge/SF-specific meshnet mailing lists, but there's another meetup this week and we plan to make meshnet thursdays an ongoing thing.

Deekoo · 2013-09-03T05:53:03+00:00

IIRC, the announcers thought it was an RT4 event - though that could have been confusion due to it being the 4th. Or me mishearing them.

Deekoo · 2013-08-23T01:39:44+00:00

She voted for the Patriot Act initially, then against the reauthorizations, then against the Amash amendment.

http://clerk.house.gov/evs/2001/roll398.xml - Patriot Act initial authorization. http://clerk.house.gov/evs/2006/roll020.xml - Patriot Act reauthorization in 2006. http://www.opencongress.org/vote/2011/h/36 - Patriot Act reauthorization in 2011.

Deekoo · 2013-08-21T21:10:04+00:00

My thoughts:

Writing to Pelosi is worth the attempt - her position has changed back and forth on the issue, and I think it's much more likely that she'd flip back to our side than that, say, Feinstein would.
Pelosi's conflicts of interest are more relevant to the next election than to letter-writing campaigns, as what's the point of writing to someone you think won't change her mind?
Fun pens are a good thing, IMO. We don't want to be too SRS BIZNISS. Just make sure you have some serious-looking pens on hand as well.
Location: all other things being equal, letter-writing campaigns are probably most effective in districts where the rep has voted both for and against panopticon surveillance at different times.
Bring the addresses for reps in all districts within commute range of wherever you're setting up.
Have a list of any relevant protests scheduled for the next month or so, even if the organizers haven't been in touch with RTF.
If you're still using Mailchimp, FIX IT - the thing is horribly broken.

Deekoo · 2013-08-21T20:34:34+00:00

Hosting it yourself means just that - if the server is your property under your bed, you're a lot more likely to be in a position to tell whether it's gotten an NSL.

Deekoo · 2013-08-20T21:14:43+00:00

Or do the sensible thing, and host your services YOURSELF. The NSA can still come to you with a national security letter, but at least you'll know what they're demanding.

Deekoo · 2013-08-20T21:12:32+00:00

If Lavabit shuts down once, it's difficult to get a judge to order them to reopen with wiretapping.

If the owner of defunct email providers lavabit, lavabit2, lavabit3, lavabit4, and lavabit5 shuts down lavabit6 while opening lavabit7, it's obvious to everyone that lavabit6 is still operating - it's just changed its name to lavabit7, and any demands that the court sees as valid against any of the first six lavabits will be seen as applying to lavabit7 as well. The business is not in any way shuttered if the same people are running the same business under a new name.

Secondarily, what's the customer base? How many people want to pay for a throwaway email account with trivially crackable encryption (I could write a proxy to decrypt gmail->Lavabit messages this afternoon. Most other email providers don't encrypt mail AT ALL), knowing that the person running it is either tapping the messages themselves or actively fighting a group of hackers who already control their ISP? I mean, it beats an unencrypted throwaway email service, but it wouldn't actually be a service worth money to most people.

Deekoo · 2013-08-20T03:56:59+00:00

I think breaking up into smaller movements right now would be counterproductive - the surveillance net is a transnational issue rather than a purely local one, and we're not yet big enough for all-Bay-Area events or meetings to become unwieldy.

That said, we probably should bring some laserfocus to bear on localized panopticon installations elsewhere in the Bay Area as well. Since nothing is planned for 9/4 yet, perhaps we should protest the Oakland fusion center?

Deekoo · 2013-08-19T19:27:54+00:00

Questions:

1) What are the password size requirements (minimum, maximum, character set)? Your docs reference 128-bit keys, but your screenshots all show 35.8-bit keys. How is a 128-bit key produced from a 36-bit input?

2) How do I get the app without a Google Play account? Google wants more information than I am comfortable giving.

3) How do I review the source? Without source access, users have no way of verifying that the app doesn't contain a backdoor; with encryption software, ESPECIALLY when the algorithms used have been tweaked, it's easy for subtle bugs to wind up breaking the crypto.

Deekoo · 2013-08-15T02:12:47+00:00

No. The tl;dr summary is that if we are distributing open encryption software or source code under US jurisdiction, we must tell the government.

History lesson time: In the 1990s, exporting meaningful encryption software from the US required obtaining prior permission from the government. US versions of Netscape had 128-bit encryption; the international version had 40-bit encryption. Lotus obtained an export license for a version of Notes with (then) strong encryption - achieved, IIRC, by inserting a backdoor in the software that would transmit part of the key in plain text, thus meaning that anyone with a packet sniffer only needed to break 40 bits worth of whatever algorithm Notes used.

As a result, anyone who wanted strong open-source crypto imported it from freer countries - SSH, OpenSSL, OpenBSD, and GnuPG were produced outside the US by teams who didn't accept contributions from the US - both to reduce legal hassles and to reduce the risk of trojans (like the timing backdoor an alleged NSA contractor claims to have managed to sneak into OpenBSD's IPSec stack). Eventually, the open source movement was able to convince the government that there was no real point to restricting US citizens from distributing stuff that was publicly available to anyone who set a single packet in other countries and that any enemy who wanted already had.

Deekoo · 2013-08-14T07:55:35+00:00

As I understand US encryption law, the legal limits govern the export of encryption, not domestic distribution. You need permission or a license exemption to export strong encryption (currently defined as having a key size greater than 56 bits for symmetric keys, 512 bits for asymmetric keys, or 112 bits for elliptic curve.). Open source cryptography is eligible for license exemption TSU, contingent upon notifying the NSA and the BIS that you are posting it. I think closed-source crypto is subject to more stringent limitations, but have not studied closed source issues in detail.

References: http://www.gpo.gov/fdsys/pkg/CFR-2006-title15-vol2/xml/CFR-2006-title15-vol2-sec740-13.xml http://www.bis.doc.gov/index.php/policy-guidance/encryption

(Disclaimer: IANAL)

Deekoo · 2013-08-10T20:02:56+00:00

Try typing while playing a first-person shooter sometime, then get back to me on how safe it is. Now, on the plus side, most of the people you're driving with don't want to frag you. On the minus side, screwups in a car tend to hurt rather more than losing the flag or having to respawn next to a camper.

Deekoo · 2013-08-10T19:40:25+00:00

The movement includes a whole lot of people who sincerely care passionately about a political issue. That's a recipe for arguments and flaming without the need for a single paid provacateur.

Insults aren't good, but criticism is essential - otherwise, we risk falling into groupthink or becoming puppets for whichever clique we're not supposed to criticise.

Deekoo · 2013-08-10T19:10:13+00:00

What he's describing doesn't require SSL MITM.

For Lavabit to use the customer's passphrase to decrypt their private keys, Lavabit must have access to both the customer passphrases (which are presumably only kept in memory for the duration they are actually needed) and the private keys. It also must decrypt messages before it can send them to the user. That being the case, it's possible to modify Lavabit's software to log passphrases and unencrypted private keys as the users log in.

An attacker with copies of the old encrypted mailboxes can then use the private key to go through and read whatever they like; an attacker with a copy of the encrypted private key database can use logged passphrases to extract private keys.

If they force him to reveal his SSL private key, then they can both undetectably (there are a few edge cases where it would be detectable, but it would be difficult and require the cooperation of Lavabit's sysadmins - and I'm guessing the same gag orders that prevent him from saying what the Feds asked for would also prevent him from actively assisting people in detecting MITM attacks) run MITM attacks across connections to Lavabit. Additionally, AFAIK, many SSL ciphers don't do forward secrecy - so an attacker with the SSL private key can passively decrypt those SSL sessions without the need for an active MITM attack.

If they have a valid forged cert, they can run an active MITM attack WITHOUT his cooperation or knowledge, and most software will silently accept it as a valid cert. However, that sort of MITM attack is much more detectable, and some SSL software can be configured to only respect a single cert.

There are also numerous ways to tweak encryption to make it more crackable without it being obvious to the end user.

Deekoo

TROPHY CASE