[clug] The biggest mass surveillance scheme in Australian history

[Scott Ferguson]

On 28/02/15 11:33, jhock at iinet.net.au wrote:
> ---- Scott Ferguson wrote ----
> 
> <snip>
>> 1. make 5Eyes work easier - metadata is the key to the existing bulkdata
>> collection. The metadata enables you to locate a needle in a haystack,
>> the point is in the needle (not it's location). (i.e. you connected to a
>> forbidden site - which your ISP already knows for billing purposes
>> unless you use a VPN or Tor, but 5Eyes (and some peering providers) do
>> stateful packet inspection... (BGPs compromised, likewise submarine
>> cables*2).
> 
> So does Tor affect what metadata is stored?

Not really. Your ISP still (obviously) "sees" the Tor connections, and
in many cases "knows" you are using Tor. So the effect on metadata is
simply that your metadata will show your connection to the Tor network.

Personally I believe Tor is a trap - even if properly used (no email, no
chat, no logins to your usual sites, etc) it's been compromised in the
past - and wholesale compromise is certainly on the NSA to-do list.

Though you don't ask - for the benefit of search engines I'll explain
basic OpSec for those who have a legitimate reason for wanting to ensure
the *secrecy*[*1] of their internet usage.

Use a dedicated computer, broadband connection and modem, from a
different location to your usual net usage, with a different browsing
profile if you want any level of secrecy. Each of those activities and
hardware can be "fingerprinted" and *any* lapse compromises your
secrecy. That includes your use of syntax, vocabulary, and, probably,
your typing patterns (keystroke rates). Security is hard, Secrecy is
harder, and neither are intuitive.

[*1] Privacy is something you can reasonably expect in your own cave.
It's an unrealistic expectation though. And the further you, or your
digital agents stray from your cave the less you can expect privacy.
Throw in a permanent record, currently (legally, soon) expected to be a
two year record - but not subject for review for another four years, and
unlikely to be repealed. Consider that "review and analysis" of previous
records when listening to those who claim Tor is "safe". Even if you
disregard future exploitation of software using Tor (e.g. variations of
Firefox holes) there still remains the exploitation of exit nodes.

> 
> I set Orbot and Orweb up on my smart phone but how does one force all
> connections to use the Tor component?

Orweb has/(had?) problems[*1], and any "app" is only as secure as the
hardware it runs on. AFAIK FinnFisher et al can monitor Tor tools.


[*1] website administrators, ISPs, operators of exit nodes (etc) and
compromised backbone routers can modify the server response and grab
your IP from the raw HTML.
For Android the Firefox addon is "OK", but Orweb and Anonymous Private
Browser TOR (EVDA) all leak IP address (HTML5 Multimedia leak). If you
must use them - avoid pages with video elements (autoplay can be used to
get a HTTP and DNS request outside of the Tor proxy (SOCKS). There are
also problems with Download related leaks.
For iOS, Onion Browser and Red Onion aren't susceptible to the HTML5
multimedia leak - Onion Browser has a unique HTTP header problem.
> 
> Frankly I find Orweb a pain to use so I most often use CM browser with
> incognito browsing. Does that do the same as Tor?

No. It works the same way as most browsers in incognito mode - in that
it only provides privacy from other (non-savvy) users of the same device.

> 
> I also use duck duck go for searching but how does one know that this is
> actually encrypted searching other than seeing https in the URL?

You don't. Personally I wouldn't trust the guy behind duck duck go
unless he's undergone a major conversion of ethics since the venture he
undertook prior to becoming a privacy advocate.
Even if you do trust him/them - you still need to trust all the hardware
they employ - and let optimism triumph over experience when it comes to
the NSA/FiveEyes and https compromise.

> 
> Many thanks in advance for information.

Thanks for taking the time to inquire (and not lowering the standard).

> 
> John.
> 
> <snip>
> 

Again, though you don't ask - trusting VPN, *especially* ones you don't
control is a (losing?) crap shoot. Some of the most popular use broken
encryption, almost all would be trivially compelled to de-anonymise
users, and the Snowden[*1] leaks show many have been compromised by the
NSA, and the compromise of all are on their wish list. Again, consider
my earlier point about retention of metadata and how it's very unlikely
(despite not being "legal") that the bulk data is not already being
captured somewhere - so future compromise of encryption(anonymity) will
likely lead to decryption(deanonomisation) of past activities[*2]

[*1] I'm certain there are two NSA leakers, and reasonably sure there
are three. I refer to them as "Snowden" for simplicity.
[*2] My greatest concerns are:-
1. that sysadmins all over the world *are already* targeted "just in
case" data of interest can be targeted via their access
2. Even ASIO is allowed to target non-players in the off-chance they may
be a stepping stone to targets of interest.]
3. Anyone I exchange encrypted communications with can be compromised in
the future which will lead to compromising past secure communications
4. Private/secret information will be misused to advance business
interests (Snowden worked for Dell, most of information of interest to
US companies is processed by US business).

My best advice is employ encryption on your hard-drive, deploy NoScript,
FlashBlock (if you 'really' must use Fffflash), avoid Java like the
plague and encrypt all your emails as *a matter of course*. And most
importantly - don't do anything likely to justify invasion of your
secrecy unless you have very compelling reasons *and* are prepared to
accept the worst case outcomes.

"So far, so good" said the bloke who jumped off the tenth floor, as he
passed the fifth floor.


Kind regards