Daily Archives: April 1, 2018

Why the crypto-backdoor side is morally corrupt

Crypto-backdoors for law enforcement is a reasonable position, but the side that argues for it adds things that are either outright lies or morally corrupt. Every year, the amount of digital evidence law enforcement has to solve crimes increases, yet they outrageously lie, claiming they are "going dark", losing access to evidence. A weirder claim is that  those who oppose crypto-backdoors are nonetheless ethically required to make them work. This is morally corrupt.

That's the point of this Lawfare post, which claims:
What I am saying is that those arguing that we should reject third-party access out of hand haven’t carried their research burden. ... There are two reasons why I think there hasn’t been enough research to establish the no-third-party access position. First, research in this area is “taboo” among security researchers. ... the second reason why I believe more research needs to be done: the fact that prominent non-government experts are publicly willing to try to build secure third-party-access solutions should make the information-security community question the consensus view. 
This is nonsense. It's like claiming we haven't cured the common cold because researchers haven't spent enough effort at it. When researchers claim they've tried 10,000 ways to make something work, it's like insisting they haven't done enough because they haven't tried 10,001 times.

Certainly, half the community doesn't want to make such things work. Any solution for the "legitimate" law enforcement of the United States means a solution for illegitimate states like China and Russia which would use the feature to oppress their own people. Even if I believe it's a net benefit to the United States, I would never attempt such research because of China and Russia.

But computer scientists notoriously ignore ethics in pursuit of developing technology. That describes the other half of the crypto community who would gladly work on the problem. The reason they haven't come up with solutions is because the problem is hard, really hard.

The second reason the above argument is wrong: it says we should believe a solution is possible because some outsiders are willing to try. But as Yoda says, do or do not, there is no try. Our opinions on the difficulty of the problem don't change simply because people are trying. Our opinions change when people are succeeding. People are always trying the impossible, that's not evidence it's possible.

The paper cherry picks things, like Intel CPU features, to make it seem like they are making forward progress. No. Intel's SGX extensions are there for other reasons. Sure, it's a new development, and new developments may change our opinion on the feasibility of law enforcement backdoors. But nowhere in talking about this new development have they actually proposes a solution to the backdoor problem. New developments happen all the time, and the pro-backdoor side is going to seize upon each and every one to claim that this, finally, solves the backdoor problem, without showing exactly how it solves the problem.

The Lawfare post does make one good argument, that there is no such thing as "absolute security", and thus the argument is stupid that "crypto-backdoors would be less than absolute security". Too often in the cybersecurity community we reject solutions that don't provide "absolute security" while failing to acknowledge that "absolute security" is impossible.

But that's not really what's going on here. Cryptographers aren't certain we've achieved even "adequate security" with current crypto regimes like SSL/TLS/HTTPS. Every few years we find horrible flaws in the old versions and have to develop new versions. If you steal somebody's iPhone today, it's so secure you can't decrypt anything on it. But then if you hold it for 5 years, somebody will eventually figure out a hole and then you'll be able to decrypt it -- a hole that won't affect Apple's newer phones.

The reason we think we can't get crypto-backdoors correct is simply because we can't get crypto completely correct. It's implausible that we can get the backdoors working securely when we still have so much trouble getting encryption working correctly in the first place.

Thus, we aren't talking about "insignificantly less security", we are talking about going from "barely adequate security" to "inadequate security". Negotiating keys between you and a website is hard enough without simultaneously having to juggle keys with law enforcement organizations.

And finally, even if cryptographers do everything correctly law enforcement themselves haven't proven themselves reliable. The NSA exposed its exploits (like the infamous ETERNALBLUE), and OPM lost all its security clearance records. If they can't keep those secrets, it's unreasonable to believe they can hold onto backdoor secrets. One of the problems cryptographers are expected to solve is partly this, to make it work in a such way that makes it unlikely law enforcement will lose its secrets.

Summary

This argument by the pro-backdoor side, that we in the crypto-community should do more to solve backdoors, it simply wrong. We've spent a lot of effort at this already. Many continue to work on this problem -- the reason you haven't heard much from them is because they haven't had much success. It's like blaming doctors for not doing more to work on interrogation drugs (truth serums). Sure, a lot of doctors won't work on this because it's distasteful, but at the same time, there are many drug companies who would love to profit by them. The reason they don't exist is not because they aren't spending enough money researching them, it's because there is no plausible solution in sight.

Crypto-backdoors designed for law-enforcement will significantly harm your security. This may change in the future, but that's the state of crypto today. You should trust the crypto experts on this, not lawyers.

Risky Biz Soap Box: Network detection is dead! Long live network detection!

This Soap Box edition is brought to you by ICEBRG.

ICEBRG is in the business of network-based response and detection. In simple terms they drop a box on your network that strips network metadata and shunts it up to their cloud for analysis. This allows incident responders in particular to really, really speed up their investigations. We know that a lot of internet traffic is encrypted these days, and that’s made some people take their eye off the network ball. The focus and buzz these days is very much on endpoint detection and response. Our guest on this edition of Soap Box, ICEBRG’s VP of Strategic Partnerships Jason Rebholz, thinks we’ve wound up with a blind spot as a result.

It’s true that a lot of network security tech fell behind the times, but there are some fresh approaches emerging these days that are pretty bloody useful. ICEBRG started off as a product to accelerate incident response, an example use case is deploying it in 15 minutes when you’re starting an IR job; it gives you amazing visibility for the time invested. But, they’re broadening the product a bit these days. They’re not turning it in to an IDS, but they’re able to give clients some very, very high quality signalling. I think this is what you get when you get a bunch of ex-govvies and incident responders together and they develop a product. Their alerts are more along the lines of “you’re owned by this APT group” not so much “hmm, that’s some strange ICMP traffic hitting your mail server. Maybe some router in Azerbaijan needs a reboot, ."

So the thinking is definitely fresh, and I’m increasingly seeing companies play in the network security space again. Network detection is dead! Long live network detection!

Show notes

Information Security and the Zero-Sum Game

A zero-sum game is a mathematical representation of a situation in which each participant’s gain or loss is exactly balanced by the losses or gains of the other participant. In Information Security a zero-sum game usually references the trade-off between being secure and having privacy. However, there is another zero-sum game often played with Information […]

Meet FORTUNE COOKIE

VirusTotal is always working to improve our users' experience and our partner ecosystem. We have a robust community of security professionals who research, study, and collaborate through VirusTotal's diverse tools and capabilities.

In our labs, our top engineers are working hard to develop new ways of understanding how samples relate to each other, to campaigns, and to the users who ultimately fall victim to them.

We're thrilled to share with you the brand new VirusTotal Free Object Randomized Tester Utilizing Nil Evaluative Code with Object Oriented K-means Inference Engine, or FORTUNE COOKIE for short.

FORTUNE COOKIE is a bleeding edge system that brings about a highly accurate randomized verdict for your entertainment and enjoyment. It knows very little about malware, reverse engineering, or file analysis, but could theoretically be capable of leveraging machine learning, blockchain, and/or random numbers to bring about an entirely new class of verdicts.

An example of its detection capabilities can be found below:


We think FORTUNE COOKIE will change the way you use VirusTotal, and due to the incredibly amazing power it offers, it will only be available for a short time.

Enjoy!