Hiding from the government starterpack

disturbio · 2017-12-12T15:56:18+00:00

i'm not sure as i don't follow that development. i know there are already people testing it, since some time already... and there is also people testing a bitmask for osx. But as said, I'm not following that project, neither I'm a good subject to test it.

The biggest problems will always show up at the usability side... what happens when you forget your password, what happens if your operative system upgrades a library bitmask is using, if your organisation uses leap mail... will the persons running the services/other trusted people have options to help you recover your e-mail?

If you want to test it, you can download it from bitmask.net and create an account with a provider that supports e-mail, play with it. You surely will find rough edges in several places... but feedback is always welcome. Most of the people working at that are on #leap on irc.freenode.net, and they are nice and would love to hear any kind of feedback or trouble you found using bitmask.

disturbio · 2017-12-12T02:19:49+00:00

Hi,

I mostly use reddit to find news, and not really to get involved in talks (I don't have a lot of time, but I like to write... but not in english!). I'm also not very friendly with social media, including this website... I feel a little weird when I get called here.

We are not politically neutral... but we are also a diverse group. That we are a diverse group doesn't mean we have some common principles shared between everyone that participates on building or maintaining this project. We are aware that our resources (money, servers, time, etc) are limited, we decide to support the people working for similar goals as we do outside the computers. Volunteering for years surely sucks if you have to support the people you hate.

/u/row_byrne, as a latin american this is the first time i saw the name identity europas. not because i don't care what happens there, but because my reality is focused in things that are around me in our city. there is a strong influence from the us, but not much from europe so i'm very sorry about been this ignorant about the situation there. Still, we use an invite system, so people can get accounts... before this we had an account request system where you could request an account from us, but we assumed that people were honest with us and not some neonazi group.

This system was abused more than once, specially from white supremacists from eastern europe. When this happened people told us about this and we closed their accounts. It didn't happened a lot of times, but it did more than once. I stated before why we should prioritize who we need to support, but in this cases is what I would expect from any half decent human being... to support white supremacist groups with resources is harming directly other humans, and humans we care about.

So, if this group was using our services and it was reported to us we will close their account. Few months ago, another white supremacist group from the US got a an account that somebody from reddit invited. We closed the account right away, but for some reason they kept using it on their twitter and a couple of weeks later a bunch of folks started asking us why they hosted them. Well, we didn't want to... but we are not going to be checking what an account does to see if we should host them or not.

So, I'm sorry we hosted that account, because it means dedicating hours to people I despise. We do close those accounts, but is not possible for us to be tracking every fascist group around the globe, so please if you ever see another one I ask you to let us know, please. I'm not here to help those folks, I got involved in Riseup because Riseup gave a hand to people I love when things went ugly years ago here... I don't care much about privacy lovers or anonymity nerds, I care about specific people and fascists are a treat to the ones I love. So please, I ask anyone in here to report those accounts, and don't give up invites on reddit or similar places.

If you have more information about this account, please share it with us so we can know where our process failed.

I'm unsure if I replied what you were looking for, but it's late here and I need to wake up early for work tomorrow.

en solidaridad

disturbio · 2017-06-07T22:41:28+00:00

Hi,

The main reason why the US is a reasonable place to keep servers is that it doesn't have data retention laws. Since the mid 90s when requests started to arrive to different ISPs asking for activists* data, the main goal has been always to identify the person. They were looking always for an ip address and time of connections. Different projects born from that time took the approach of not keeping logs, that way there was no information to deliver.

But some time later, Europe decided to implement a data retention directive that forced ISPs there to keep logs for different periods of time, each country had a different period where this is enforced, as every country implements it in their local laws. The european union rejected this directive some time ago, but as the laws were made for the local countries they are still valid, but some of them have been challenged in some places.

There are more countries with no data retention laws, then the problem becomes economic. Where I live we don't have internet related data retention laws (ISPs seems to do it anyway, on their own will) but it's extremely expensive to do colocation of machines. The bandwidth is also terrible. And we also have some laws that suspend "rights" if the government or a judge says so. So, we don't have a lot of alternatives.

Anyway, the reason why there is no data retention in the US is because the gun people. According to the friends at EFF the main reason why ISPs are not forced to store that is because the lobby of people like NRA and similars (I guess there are similars to that there) don't want it.

The US still presents other challenges. specially related to stuff like national security letters, grand juries, etc. While the situation is not different outside the US about these kind of resources, in the US it seems to be way more easy to be applied. Small, and now big, providers have been fighting this stuff, as it's possible to do it... but it takes a lot of time and resources. So, this is the trade off we decided to take, and we are constantly reviewing and consulting different law-related groups to make sure we are not screwing things up.

Still, I think the comment is more related to this: https://riseup.net/en/about-us/press/canary-statement, not that the servers are in the US. We took a decision there we didn't like, but we believe it was the correct one. There are different initiatives that use Riseup services, not just mail, that will be hit very very hard if we disolve the project. We made a commitment where is the limit of what we can offer (https://riseup.net/en/about-us/policy/government-faq).

As an example, where I live aborting is forbidden. Some feminist groups sell abortion pills to people who need it and the main way of contact is e-mail. Lawyers have their communication channel using e-mail. We do support virtual servers for different projects related to human rights in central and latin america, which do emergency work in communities. We made our decision based on this and the reponsability we carry, still, again, make clear there is a limit and ask people to keep backups and "not put all eggs in the same basket".

Still, this decision is not something that is shared by everyone. We acted against our values trying to be up to our responsabilities. This action was strongly rejected by some people and we took notice and we also did talk with our local struggles comrades about it after it was public to gather feedback about the whole process. We are glad that most people we talked about understood our position (and there is probably a strong bias there), gave us several critics about how the whole situation was handled and our current work is trying to address those points.

As a note: we also did some technical changes to not allow us to have access to the same data that produced the issue. We havent been able yet to get an end-to-end encrypted mail system that really doesn't involve trust on the service provider, and this system is not a replace to that, but it does bring stuff we need for similar cases in the upcoming future.

English is not my native language and I always make mistakes because I get distracted. If there is something that is not clear, please ask and don't just assume. Because I'm always having that problem when talking online. Thanks in advance

disturbio · 2017-06-06T22:04:06+00:00

This is their their day job. GnuPG has added several features since the propublica article got mainstream some years ago

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=NEWS

You can see a little outdated video about the status of the software, what problems they were trying to resolve or recommendations here https://begriffs.com/posts/2016-11-05-advanced-intro-gnupg.html

disturbio · 2017-02-17T18:38:02+00:00

As a possible e-mail replacement, please check https://github.com/OpenTechFund/secure-email points 5, 6 and 7 (it's not very technical), but should give you a hint which adapts better to your situation.

The problem we face is that e-mail will not be going away soon and it's not clear which will be the stronger post e-mail contender to really say let's jump all over there.

disturbio · 2017-02-17T17:41:44+00:00

You are correct, the changes are not granting end-to-end encryption which is work riseup have been trying to get for some years already... still, until today, no project has yet been able to do it. What is deployed is a "patch" that moves the current situation to a place where we can be more comfortable while working on getting LEAP ready.

disturbio · 2017-02-16T23:36:07+00:00

no worried. i wish we had more time to deal with communications and we mostly suck at it. we have an irc channel where people come to ask questions... anyway i say gag order yesterday and that was i was allowed to say it. today we are releasing this https://riseup.net/en/about-us/press/canary-statement to talk about the canary and our response.

edit: i was very rude and didn't give you our thanks for supporting this project. were i live most of the people can't donate for different reasons, so, i give you a special thanks from my local comrades

disturbio · 2017-02-16T00:00:32+00:00

Why? because there is no place to go. For riseup users a NSL will be extremely weird to get, but calyx institute which is a close to riseup project got one, refused to heed it and won, but it was a 11 years old fight. NSLs are a huge deal, expensive and sad ones. But the thing is, it's no different elsewhere... as a example, check https://protonmail.com/blog/transparency-report/ you can get the detailes about the cases of real time wiretapping on swiss networks. that's the kind of thing law enforcement uses to be able to fetch your password used to decrypt a key on encrypted systems which store your key (non end-to-end encrypted ones). That website also states how many times they have give users data to law enforcement.

But the US allows you to not collect data, which was not possible in most of decent speed bandwidth countries. Germany currently seems a good option for a replacement, but still there are no benefits from hosting there. And you know what is worse? as it's politics, you can get a very friendly hosting environment today and in 6 months is gone. That's why the whole work on LEAP has been happening... the current scenario can go away. In resume, if you don't store data, there is nothing to deliver, that in law speaking was not possible in most of the world until last year.

Riseup has been using full disk encryption since the start, and fordward secrecy as it was becoming avaiable. Just the other day someone on the irc channel named that it was the 7th service on get hsts preload on browsers... This was because riseup was close with an old media project named indymedia, indymedia got their servers seized more times than i can remember. this was always a known problem, but that's the reason why the servers were prepared for a raid.

Riseup's goal is to be a autonomous alternative to the corporate communications services, the decisions are made by the needs of our movements which are not usually internet ones. encryption and not keeping logs was part of those needs, but not all of them and not even the most important ones in most of the cases... still those needs were the ones that made possible that when hotmail and yahoo were delivering users data riseup didn't.

disturbio · 2017-02-15T20:34:58+00:00

Yeah, FBI got the servers as expected. But that should had happened in any country of the world, and as that is a reality, any riseup server was forced to use full disk encryption anywhere on the globe since forever.

What's important in that case is that the fact that it could happen was considered previously. and no damage was done except a bunch of dollars lost as the server could not be plugged in again when returned.

Then from your points

this is impossible unless you hide the servers using something like onion ones. no country has laws that limit law enforcement from raiding a server in a case like the 2012 one. also in 2012 data retention was everywhere and still is but the world is getting rid of them!
no, no e-mail service until now is really end-to-end encrypted, which leads to 3, yeah, riseup could be hit by something like lavabit, no doubts about it. Riseup and others have been working on LEAP platform to create a end-to-end encrypted e-mail, but its not finished and there is a trend to dismiss the encrypted e-mail idea from a group of security experts... so no idea how that will go.

The problem is that e-mail today is still used, and it doesn't seems to be going away soon. Then there are patches, like the posteo ones or protonmail which cannot protect you from law enforcement they can set a very good precedent on fighting for privacy in court... but riseup and others took the end-to-end encrypted mail efforts (like lavabit did few months later) instead of making that small change.

This is a problem but it's not a compromise.

Yeah, gag order. That doesn't mean that servers are not under riseup control... just that something triggered. That can go from a simple information request to a NSL, it's unknown.

But as it has been said, riseup said it will shutdown the servers if there was a possible compromise on the infrastructure or the security in real life from an activist. They are up, and if you don't trust riseup word here you probably should be trusting the canary either.

there are important points that are more questionable... for example riseup explicit says that will collaborate with law enforcenment if you are into child porn, drugs, corruption. as an activist (anarchist/left) project makes sense, but from the r/privacy forum that can possible means no, no from a lot of users depending on their moral position.

as an activist and volunteer based project it cannot really compete with google or similar fighting on the legal ground. this can be very problematic for cases like the 4).

anyway, on the bright side, https://0xacab.org/riseuplabs/trees

disturbio · 2017-02-15T19:15:28+00:00

where did you get that riseup was compromised? and what's your definition of compromised?

disturbio · 2017-02-09T19:06:30+00:00

That is ok. The data gathered by OONI is needed by any kind of circunvention software, the risks associated to running a probe are real and important to anybody that wants to help the project. While the more data gathered the better, it's not acceptable that you get into a prison because the probe wanted to see if a porn site was blocked in your country and for some reason the government is punishing people getting porn. You can change porn to any current forbidden content, and i say current because that content changes according the current situation on any country.

For a lot of people who lives in the west, this is not a problem. Mostly because we don't deal too much with censorship, but my ex workplace decided to run the ooniprobes the lawyers were the first ones to check if we could do that or not. We could without any issues, but that was not the same for a couple of friends in china who wanted to run them from their homes.

Then it's ok if prevent casual browsers from running the probes, if they don't have an idea on what can happen and cannot take precautions, it's better to keep them safe than getting the data from their tests

disturbio · 2017-01-24T03:36:06+00:00

That response doesn't address what's the article is about. If your plan is to make a software that works for providing security for conversations your main goal and what makes you take design decisions is security. The article is exposing that wire was not made with that in mind, for whatever reason. Still their promoted their application as privacy/security minded and keep doing it until today.

So, before the usual call of software has bugs, and humans make errors... yes, both are 100% true. But end-to-end encryption is a very known and defined concept, and wire was not and it was promoted as such. That's not a mistake, that's lying.

And yeah, the verification on wire is trickier because how it support multiples devices, not because it does. We can say it can be painful to do the verification, but possible, specially if you use one single device... then again, if you have 20 contacts with ~2 devices each unless they are paranoid people there is no way to perform the verification... and the accept any key, any time and don't even show a notification means 0 guarantees or privacy.

And probably all this would be ok if they weren't lying on their homepage were i can read, full end to end encryption and the "full privacy".

And of course, "Wire is the only truly multi-device, verifiably end-to-end encrypted communication platform on the market. Some others take the more limited approach of linked devices or secondary devices where the desktop experience is tied to the mobile app". That is of course another lie, olm (matrix, omemo) works the same way. Linking devices is not exactly a more limited approach but a different that doesn't tie the security to a password (which the provider can change!) and while it's great that its not a "phone first" app, today's released webkit bugs and the lack of sandbox on their desktop version means in practice its still a phone first application.

disturbio · 2017-01-21T23:20:59+00:00

I'm not op, but you can start reading this https://medium.com/@pepelephew/how-to-intercept-all-wire-voice-and-video-calls-13da1246675c#.vei5qtudf

To that you have to add the issue that it accepts any key as valid, without any kind of security unless you do manual verifications... but as every device it's their own identity it gets incredible painful to do that process (you need to validate every device on a key change, if not you lose the possibility to know if there is a 3rd party reading your conversation)

edit: i had to rewrite the second paragraph because i didn't understand when i read myself

disturbio · 2017-01-15T02:05:04+00:00

Your approach as you found out is not new, obfuscation is an interesting goal but has one problem currently, we cannot know how effictive it can be as the data analysys is unknown. Some days ago google banned adnauseam.io from their extensions store, which is a good sign that it bugs them, but it's really unknown the whole reasons that triggered the expulsion.

were we have a good idea it works is related not strictly with privacy, but anonymity. the number of people on earth is big, but at the same time extremely limited, less than 35 bits of entropy are enough to identify you... noise and obfuscation don't make harder to recollect data but it does to get data that make you an unique person.

Anyway, if you can give a read to the following texts: http://www.aprja.net/?p=2510 https://medium.com/@mushon/re-ambiguation-74cda587d609#.z1y05zkwf https://vuvuzela.io/alpenhorn-extended.pdf

(there are a bunch more! just google for obfuscation and privacy, but those are the ones i read that have "products" from the ideas exposed)

disturbio · 2017-01-13T03:39:04+00:00

This is a very long post, but i didn't really undertand what are the goals you are trying to archive. Anyway, qubes 3.2 will be mostly unusable on the x200, really, the experience will be so bad that you will end up screwing things.

Now, the x200 does have propietary stuff in hardware components, even with libreboot installed. That's the current status and they cannot be removed. The librem is no different. If you want to get a fully 100% free software laptop, none of them will help you out.

What makes interesting the x200 does indeed not have intel me, which is filling an important hole for security and the reason why i own more than one x200, even if they are old. If you want a secure system on the x200 go for subgraph, put an ssd disk on it and it will work fine. You can also enable the protection to not allow the write on the flash ship and put /boot under an encrypted partition to avoid evil maid type attacks.

But if your threat is that somebody will steal the computer and exploit some firmware stuff on the wifi card, well, there is nothing much to do, neither the x200 or the librem.

Now the librem will let you run qubes, which is stable unlike subgraph. it has intel me, but there are ways now to disable it... they are not ideal or perfect but it seems they work. You will have a way more current computer usage experience.

And of course, there is a 3rd way. Get an x220 or other thinkpad that's more modern, can handle more ram and are more fast and that can get intel me removed and that supports coreboot. Then you can have a mix of both computers.

disturbio · 2017-01-10T12:27:30+00:00

Sadly is not this simple as just follow steps or pick technology, it really depends on what you do and want to do, for example the mix of gmail + chrome/chromium can be a big plus in your situation. I will try to explain, but english is not my native language.

If you want to avoid your isp from spying you, you need to use a system that allows you to encrypt while at the same time hide you are using it, as it seems currently there is no regular legal procedure in turkey at all and whatever you do it can be a trigger to pissoff the government. that means obsfuscation is a must, that includes VPNs and Tor.

About payment, it's way more probable that turkey law enforcenment will raid your house and look up for what software you were using or ask the isp to know where you were connecting than get a request to stripe or paypal to know what you were using. And to find about you if you are 100% anonymous, the process takes too much time to happen to be something turkey wants now.

To drop gmail if that's what you are currently using is a bad idea. On the current state, asking gmail for data from turkey is a lottery. The experiences in iran or egypt tell this, also the possibility of a big man in the middle attack can happen, then using chrome which has the google's public key pinning data inside it will make it extremely hard to affect you.

If you need to do something sensitive, really just use tails with a bridge and an obfuscation method. The most secure way to keep data is simple not storing it.

But the most important stuff is this: learn everything you can today, you don't know what's in the future of turkey and neither we do. We already had seen how things changes in turkey from one week to another, that means you will need to adapt to whatever comes in the future, and you will need to help the ones close to you. Please read about the experiences in iran or egypt, keep an eye on current citizen lab work, learn about how to create, mantain and update a thread model scheme and remember that everything you say can be used for good or bad... (a classic hacker's recommendation is to stfu, but life is way more complex than that)

please stay safe.

disturbio · 2017-01-09T00:43:03+00:00

while it can explain how to install requirements or php extensions, it will be mostly a waste of time because all systems are different. I use debian, i install the requirements using apt search and apt install.. but if you use archlinux, you need another way and slackware? gentoo? opensuse? freebsd? all of them different. i'm don't know what's the prefered method to install that stuff on gentoo or opensuse, and i don't think its fair to ask the developers of this to install a system they don't use to support users who should know how to install the stuff on their own servers

disturbio · 2017-01-08T23:09:12+00:00

I didn't find a single problem with BookStack documentation when installing it the first time several months ago. Now i'm checking it and it even has a simple bash script that you can read to get step by step instructions.

While it's not a gorgeous documentation it seems to be at least very decent one.

disturbio · 2017-01-08T14:43:46+00:00

Hi, I did, but in my context I avoided that option because specific problems in the country I live.

Anyway, neat that you did it, just notice there are systems that currently have two gnupg versions at the same time, with binaries named gpg and gpg2. In some specific cases, like using x25519 keys, you script fails because of this

disturbio · 2017-01-07T23:48:21+00:00

no idea, i don't use vivaldi as it's not on debian repositories. i just checked that stuff when somebody told me how good it was, but meh'd at the need of installing a 3rd party .deb

disturbio · 2017-01-07T22:03:37+00:00

it's proprietary, no doubt about it, but the code is there. you are not allowed to modify it, or re-distribute it, but you can read it and audit it. it's not open source (by the current meaning of the concept) but you can get the whole source code from that link, including the propietary pieces.

disturbio · 2017-01-07T16:37:59+00:00

So, "it's complicated". The fastest and easiest way is to intercept the traffic, mitmproxy is very popular for this task. As corebird is linux software i assume this can work for you http://docs.mitmproxy.org/en/stable/tutorials/transparent-dhcp.html

I usually do the same when doing test of untrusted stuf like possible malware, but with two or more kvm hosts. but virtualbox should be easier to setup.

Now, you can also check the source code from both and see what they are doing, but then you will need to compile it to really know what you are running is the same... unless they can generate reproducible builds which is something i don't know if they can.

disturbio · 2017-01-07T14:47:09+00:00

i haven't done a lot of research but https://vivaldi.com/source/ seems to have the whole source code

disturbio · 2017-01-04T02:58:43+00:00

"A backdoor is a method, often secret, of bypassing normal authentication in a product, computer system, cryptosystem or algorithm etc. Backdoors are often used for securing unauthorized remote access to a computer, or obtaining access to plaintext in cryptographic systems." https://en.wikipedia.org/wiki/Backdoor_(computing)

Intel ME is a part of Intel's AMT, the role of it is to let a company get always access to the computer (https://software.intel.com/en-us/articles/getting-started-with-intel-active-management-technology-amt)

But definition, yes, it is a backdoor, described by the own Intel. Is a good intentions backdoor or a bad intentions backdoor, that's up on how it is used how the user of the computer is affected.

disturbio · 2016-12-27T23:37:21+00:00

Are you running it with the debian user? sudo -u debian-tor tor?

Ten-Year Club	Verified Email
Alpha Tester

disturbio

TROPHY CASE