gmane.comp.security.cryptography.randombit

Re: skype backdoor confirmation

James A. Donald — 2013-05-26T00:31:37

Oh come on.  "We will not tell you" tells us.


_______________________________________________
cryptography mailing list
cryptography-JWVWRpNfo5ceIZ0/mPfg9Q< at >public.gmane.org
http://lists.randombit.net/mailman/listinfo/cryptography

Re: skype backdoor confirmation

ianG — 2013-05-25T18:48:00



I found that patent snippet interesting.  Has Microsoft really patented 
the MITM?  Is this a cunning plot to defeat Mallory by hitting him with 
IPR violations?  The bind moggles...



iang

Re: skype backdoor confirmation

Jacob Appelbaum — 2013-05-25T16:58:33

Dear Eric,

Eric S Johnson:

There is also no useful definition of safe. Does that include secure?
Does that mean safe from Skype? Safe from the Syrian government? Safe
from anyone without a super computer?


We have all kinds of information that clearly shows evidence of
interception capabilities. That information leads to many questions. I
outlined a number of those issues in this post:

  http://lists.randombit.net/pipermail/cryptography/2013-May/004264.html

It is not simply 'are we included to suspect' - we are past suspicion,
now we are looking for explanations about the *scope* of the compromised
communications channel.

Please feel free to address the points I made in that email - both how
each thing isn't concerning and how you imagine the system is built such
that this evidence shouldn't concern anyone.



Indeed.


How have you verified that a specific person cannot be targeted and that
this setting is impossible to disregard? Generally, we require source
code for such a verification. Furthermore,

Re: skype backdoor confirmation

Eric S Johnson — 2013-05-25T16:21:46

Sauer: We answer to this question: We provide a safe communication option
available. I will not tell you whether we can listen to it or not.

 

In other words, no evidence there, either.

 

(NB the question is "do we have evidence." Not "are we inclined to suspect,
based on our intuition / religion / ideology / paranoia .")

 

skype can force update itself 

 

Skype's "tools -> options" allows the auto-update feature to be turned off
(I'm running 6.3.0.107).

 

"At a meeting with representatives of ISPs and the Austrian regulator on
lawful interception of IP based services held on 25th June, high-ranking
officials at the Austrian interior ministry revealed that it is not a
problem for them to listen in on Skype conversations.

 

I agree-this one (from 2008, thus well predating Skype's acquisition by MS)
seems categorical. It seems like such an outlier, though, that one wonders
whether it's based on a misunderstanding (as so many other reports of "Skype
can be monitored" have been (usually because they'

Re: skype backdoor confirmation

Eric S Johnson — 2013-05-25T16:13:50

Sauer: We answer to this question: We provide a safe communication option
available. I will not tell you whether we can listen to it or not.

 

In other words, no evidence there, either.

 

(NB the question is "do we have evidence." Not "are we inclined to suspect,
based on our intuition / religion / ideology / paranoia .")

 

skype can force update itself 

 

Skype's auto-update feature can be turned off (at least, every version of
Skype I've ever run allows that, including the one I'm running now,
6.3.0.107).

 

"At a meeting with representatives of ISPs and the Austrian regulator on
lawful interception of IP based services held on 25th June, high-ranking
officials at the Austrian interior ministry revealed that it is not a
problem for them to listen in on Skype conversations.

 

I agree-this one (from 2008, thus well predating Skype's acquisition by MS)
seems categorical. It seems like such an outlier, though, that one wonders
whether it's based on a misunderstanding (as so many other reports of "Sk

Re: skype backdoor confirmation

ianG — 2013-05-25T16:29:13


What happened was rather different to what Heise led readers to believe, 
if it's the meeting I'm thinking it was.  I wasn't at that meeting but I 
got a first-hand briefing a few days later (I was in Austria at the time).

 From memory:  at that time there had been a rash of complaints from the 
police about not being able to listen to skype, in many countries. 
Pressure was on.

At that meeting, the noise was from one agency (police?), grumbling 
about not being able to read skype.  The austrian intelligence agency 
had already gained the ability to do the intercepts, and they had said 
it was easy enough, and here's the method.  The other agencies then said 
"aha! we need to get us some of that."

The method was rather more boring:  it was an attack kit which infected 
the victim's PC and copied the encrypted content out (see URLs below).

It was also discussed how this had come about.  Austrian intelligence 
agency got it from the German intelligence agency, who got it from the 
Brits.  So basically th

Re: skype backdoor confirmation

Ethan Heilman — 2013-05-25T14:26:22

Also adding to the evidence there was this story in which minutes were
leaked from an Austrian counter terrorism meeting that stated that skype
has a backdoor that helps the Austrian government listen to communications:

"At a meeting with representatives of ISPs and the Austrian regulator on
lawful interception of IP based services held on 25th June, high-ranking
officials at the Austrian interior ministry revealed that it is not a
problem for them to listen in on Skype conversations.

This has been confirmed to heise online by a number of the parties present
at the meeting. Skype declined to give a detailed response to specific
enquiries from heise online as to whether Skype contains a back door and
whether specific clients allowing access to a system or a specific key for
decrypting data streams exist. "

http://www.h-online.com/security/news/item/Speculation-over-back-door-in-Skype-736607.html


On Sat, May 25, 2013 at 10:20 AM, Ethan Heilman <eth3rs-Re5JQEeQqe8AvxtiuMwx3w< at >public.gmane.org> wrote:

_____

Re: skype backdoor confirmation

Ethan Heilman — 2013-05-25T14:20:27

Sure, here is the translated quote from Kurt Sauer, head of the security
division of Skype:

ZDNet: What is the answer to my question, even if you can not listen to


or in original German

ZDNet: Was ist dann die Antwort auf meine Frage, ob selbst Sie


found here
http://www.zdnet.de/39151472/telefonieren-uebers-internet-wie-sicher-ist-skype-wirklich/

of Skype ever having been in-line-intercepted"? I can't find it.

I would agree there is no smoking gun, but there is not likely to be
smoking gun. The question is can skype if it wanted to, could it allow a
third party to intercept your communications and the answer is yes. The
second question is would it do so, if you believe their privacy policy
which might be there to just cover their ass, then the answer is yes.
Finally what have companies in similar situations done in the past, and the
answer is that they have always cooperated. This shouldn't be shocking,
skype helps with Chinese government censorship.

The central issue for me is that skype can force

Re: skype backdoor confirmation

Adam Back — 2013-05-24T18:26:46

It seems like there is this new narrative in some peoples minds about "all
companies backdoor everything and cooperate with law enforcement with no
questions asked, what do you expect".  I have to disagree strongly with this
narrative to combat this narrative displacing reality!  I've seen several
people saying similar things in this thread.  No I say.

I think the point is not that a company could backdoor something.  We know
that companies that have information for whatever pre-existing reason that
may help investigations will typically be expected to hand it over with
appropropriate legal checks and balances, a court order, subpoena etc. 
Sometimes their lawyers will fight it if the subpoena is ridiculously broad,
and thats not that unusual.  Sometimes there are gag orders to prevent the
fact that a subpoena was received from being disclosed to the target, or
disclosed ever.  The latter is considered fairly obnoxious.

Now and then there are rumours or claims of forced changes that eg hushmail
maybe chang

Re: skype backdoor confirmation

Ethan Heilman — 2013-05-24T14:47:04

The evidence as I understand is this:

1. Skype has said in the german press that they can listen to communications
2. Russian intelligence has said in the Russian press that Skype
allows them to listen to communications
3. The Skype privacy policy explicitly states that they will allow LE
access to all communication when feasable
4. Skype appears to be able to read URLs sent which sparked this email thread

I know of no communication company that refused to cooperate with an
intelligence agency and Skype explicitly says they provide access to
governments in their privacy policy, they have the capability to add a
wiretap into skype since they control the software so it is certainly
feasible. Why would skype lie in their privacy policy and say they
would provide access and then not provide access?

"Skype, Skype's local partner, or the operator or company facilitating
your communication may provide personal data, communications content
and/or traffic data to an appropriate judicial, law enforcement or
govern

Re: prime number pairs

Adam Prescott — 2013-05-24T13:48:51

Superscripts in the original source. :)
_______________________________________________
cryptography mailing list
cryptography< at >randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Re: skype backdoor confirmation

Ethan Heilman — 2013-05-24T13:06:29

Does anyone on this list honestly doubt that intelligence agencies are
intercepting and reading skype given both public statements by skype,
the various news reports about governments state they are doing it,
and the 200 year history of agencies and communication companies
working together?

Is the debate that (1). we don't know the exact method, or (2). can't
prove it 100% or (3). that someone actual believes they aren't doing
this?



On Fri, May 24, 2013 at 3:49 AM, yersinia <yersinia.spiros-Re5JQEeQqe8AvxtiuMwx3w< at >public.gmane.org> wrote:

Re: prime number pairs

Charles Jackson — 2013-05-24T13:01:03



Somewhat confused by the statement
       (the largest pair discovered so far is 3,756,801,695,685 x 2666,669
– 1 and 3,756,801,695,685 x 2666,669 + 1).

I looked on Wikipedia and found the statement that the pair was really
3,756,801,695,685 x 2^666,669 – 1  and +1.

Much bigger and odd rather than even.

prime number pairs

ianG — 2013-05-24T07:53:22

 From the not-sure-why-but-it's-interesting department:

https://www.simonsfoundation.org/features/science-news/unheralded-mathematician-bridges-the-prime-gap/

...
Primes are often much closer together than the average predicts, or much 
farther apart. In particular, “twin” primes often crop up — pairs such 
as 3 and 5, or 11 and 13, that differ by only 2. And while such pairs 
get rarer among larger numbers, twin primes never seem to disappear 
completely (the largest pair discovered so far is 3,756,801,695,685 x 
2666,669 – 1 and 3,756,801,695,685 x 2666,669 + 1).

For hundreds of years, mathematicians have speculated that there are 
infinitely many twin prime pairs. In 1849, French mathematician Alphonse 
de Polignac extended this conjecture to the idea that there should be 
infinitely many prime pairs for any possible finite gap, not just 2.

Since that time, the intrinsic appeal of these conjectures has given 
them the status of a mathematical holy grail, even though they have no 
known applica

Re: skype backdoor confirmation

yersinia — 2013-05-24T07:49:09

I am sorry. Typo.

https://scrambls.com/

Re: skype backdoor confirmation

James A. Donald — 2013-05-24T03:05:40

You also directly quote government officials saying this stuff is too 
hard for them, and it is easier to sweep up stuff at the server.

Plus FinFisher is far from being the super clever, super covert, super 
customized system that you described.  It is scripting for script kiddies.

A bit better than your mother could do, but not a lot.  But enough 
better that most cops cannot handle it.

Re: skype backdoor confirmation

Jacob Appelbaum — 2013-05-24T00:16:06

( James - Please don't write my privately off-list about on-list topics. )

James A. Donald:

Actually, we know that they do it on fiber backbones as much as 'at the
server' or in other places.


Between Mark Klein, Bill Binney, Thomas Drake, and the FBI agent
speaking about analyzing the phone calls of the Boston Bomber's wife,
what remains unseen? We've seen the block diagrams of the NSA fiber
splitters installed in San Francisco, we've seen ex-NSA people speaking
out and loudly, with lots of details; we even have ex-FBI agents
bragging on national television.

Are you saying that you're still having difficulty seeing these things?


Did you even read the reports that I linked about companies like
FinFisher selling these tools directly to "governments" and "law
enforcement" by their own admission? Did you see that this malware is
found in dozens of countries, including the US?


We're not just talking about Microsoft. I know a number of people who
have been targeted in the 20{10,11,12,13} time-frame. I sho

Re: skype backdoor confirmation

James A. Donald — 2013-05-23T22:46:19

Skype's claim was that it was end to end, except for the possibility of 
man in the middle attack by Skype, and only by Skype.

Re: Certificate expiry reminder tool?

Jeremy Stanley — 2013-05-23T16:04:35

[...]
[...]

Did this for years with Nagios (formerly Netsaint), using the
check_ssl_cert plugin. Technically speaking Nagios plugins are just
simple command-line utilities, so you could call that plugin with
the appropriate command-line options from a cron job, rely on cron
to E-mail you the output on warning/critical condition. Of course it
doesn't have any built-in scanning or automatic discovery of contact
addresses from the cert material, but for >=80% of use cases none of
that is necessary.

http://exchange.nagios.org/directory/Plugins/Network-Protocols/HTTP/check_ssl_cert/details

Re: skype backdoor confirmation

Dominik Schürmann — 2013-05-23T19:12:04

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

About the SAS:
ZRTP uses a so called Hash Commitment with traditional Hashes before
generating SAS values for voice comparison.

See http://zfone.com/docs/ietf/rfc6189bis.html#HashCommit

"The use of hash commitment in the DH exchange constrains the attacker
to only one guess to generate the correct Short Authentication String
(SAS) in his attack, which means the SAS can be quite short. A 16-bit
SAS, for example, provides the attacker only one chance out of 65536
of not being detected. Without this hash commitment feature, a MiTM
attacker would acquire both the pvi and pvr public values from the two
parties before having to choose his own two DH public values for his
MiTM attack. He could then use that information to quickly perform a
bunch of trial DH calculations for both sides until he finds two with
a matching SAS. To raise the cost of this birthday attack, the SAS
would have to be much longer. The Short Authentication String would
have to become a Long Auth

Re: skype backdoor confirmation

Wasabee — 2013-05-23T18:59:04

can someone give a few lines of explanation on how the Retained shared 
Secret (RS) is used in ZRTP?
second, is it possible for an attacker to force an RS validation error 
(e.g. simulating network connection error by having a router drop 
packets) and then MiTM the DH handshake?
the SAS is only 4 characters. presumably this is ascii so 2^27 = 531441 
possibilities. On average the active MiTM attacker would need to try 
only half of them (real time) to find a collision.
Do parties first commit (e.g. send H(N,g^x)) prior to sending their g^x 
to avoid the latter problem?
If so, then what's the use of the SAS?

Sorry if all those questions are trivial...

Wasa

On 23/05/2013 19:05, Dominik Schürmann wrote:

_______________________________________________
cryptography mailing list
cryptography-JWVWRpNfo5ceIZ0/mPfg9Q< at >public.gmane.org
http://lists.randombit.net/mailman/listinfo/cryptography