Cops hate encryption but the NSA loves it when you use PGP
https://www.theregister.com/2016/01/27/nsa_loves_it_when_you_use_pgp/
* Originally in MOBILE
* Crossposted in PUBLIC_KEYS
https://www.theregister.com/2016/01/27/nsa_loves_it_when_you_use_pgp/
A bit old, but still interesting!
So you need to hide your pgp/gpg communication, in for instance
encrypted binkp sessions! And not use email... ;-)
A bit old, but still interesting!
So you need to hide your pgp/gpg communication, in for instance
encrypted binkp sessions! And not use email... ;-)
I failed to notice the date of the original. A lot of things
have changed in gpg/pgp usage and implementation since 2016.
I bet gpg is more wide-spread in usage now than then.
Collecting and analying meta data NOW seems like a make-work
project that wastes time and resources.
So you need to hide your pgp/gpg communication, in for instance
encrypted binkp sessions! And not use email... ;-)
But binkp is only sound during the initial transfer. The
resultant fidonet content become public info once it lands on a
bbs that opens the echos for public viewing. :(
Cops hate encryption but the NSA loves it when you use PGP
https://www.theregister.com/2016/01/27/nsa_loves_it_when_you_use_pgp/
A bit old, but still interesting!
So you need to hide your pgp/gpg communication, in for instance
encrypted binkp sessions! And not use email... ;-)
Cops hate encryption but the NSA loves it when you use PGP
https://www.theregister.com/2016/01/27/nsa_loves_it_when_you_use_pgp
/
A bit old, but still interesting!
So you need to hide your pgp/gpg communication, in for instance
encrypted binkp sessions! And not use email... ;-)
Or use steganography to hide in pictures, mp3, whatever.
* Originally in MOBILE
* Crossposted in PUBLIC_KEYS
But binkp is only sound during the initial transfer. The
resultant fidonet content become public info once it lands on a
bbs that opens the echos for public viewing. :(
You wouldn't normally send your private mails in public echomail areas. You would use netmail, preferably direct, so I don't see that down side...
Oh yeah.. netmail could work that way exclusively. Good point.
That could be reasonably invisible to the NSA/spy. But the use
of the binkp can still be deteted, no?
And if that's the case, they can start focusing their observations on systems that use it and probe deeper.
Oh yeah.. netmail could work that way exclusively. Good
point. That could be reasonably invisible to the NSA/spy.
But the use of the binkp can still be deteted, no?
Yes. With or without pgp/gpg content.
And if that's the case, they can start focusing their
observations on systems that use it and probe deeper.
Why would they want to do that? And if they would, they
would have already started doing so decades ago...
Oh yeah.. netmail could work that way exclusively. Good
point. That could be reasonably invisible to the NSA/spy.
But the use of the binkp can still be deteted, no?
Yes. With or without pgp/gpg content.
Hmmm.. Too bad networked (via FTN) BBSes don't stress that
opaqueness as pretty-good-isolation from internet collection
then.
And if that's the case, they can start focusing their
observations on systems that use it and probe deeper.
Why would they want to do that? And if they would, they
would have already started doing so decades ago...
Well.. I thought that if it becomes known that BBSes are the
transport mechanism for secret/suspect messages, then the spys
could investigate the BBS and owners and choose to knock on
their doors some day?
Hmmm.. Too bad networked (via FTN) BBSes don't stress that
opaqueness as pretty-good-isolation from internet collection
then.
Probably everything is collected. And btw binkd doesn't use a very good encryption algorithm. So if they wanted/needed to break it, they
probably could.
So the hiding gpg traffic only works as long as we
remain small and under the radar...
Well.. I thought that if it becomes known that BBSes are
the transport mechanism for secret/suspect messages, then
the spys could investigate the BBS and owners and choose
to knock on their doors some day?
Of course, but that is true for any kind of
communication... The point is not to become suspect! ;-)
So you need to hide your pgp/gpg communication, in for instance
encrypted binkp sessions! And not use email... ;-)
Or use steganography to hide in pictures, mp3, whatever.Do you have experience with this?
But it also might attrackt some unwanted attention. And you don't know
how good the NSA (etc) have become at detecting it...
Probably everything is collected. And btw binkd doesn't use a very
good encryption algorithm. So if they wanted/needed to break it,
they probably could.
I thought binkd's encryption only extended to the
authentication part. If the whole transfer, ie. the PKTs are
encrypted, that's interesting.
I recall a movement that suggested that people simply FLOOD the
channels with messages that bore "suspect" text in the Subject
lines: super secret, terrorism, murder.. etc. The idea being
that then they will have too much data to analyse.
* Originally in MOBILE
* Crossposted in PUBLIC_KEYS
I bet gpg is more wide-spread in usage now than then.
I don't see any evidence of that.
Collecting and analying meta data NOW seems like a make-work
project that wastes time and resources.
Why do you think so. The NSA (and likes) wouldn't turn of
their 2016 systems, if they still keep working and giving
them valuable data...
I bet gpg is more wide-spread in usage now than then.
I don't see any evidence of that.
Well.. Thunderbird has supported PGP/GPG integration for years
via plugins, and now it is practically built-in and part of the
whole program. An implementation like that only begs to be
discovered and used. If the coders for TB have done this, they
must have had the evidence or requests for that.
Then there are all the other programs such as GPGTools
GPGshell, etc.. that exist and continue to be supported.
I am sure friends tell two friends and so on, about these
options to integrate more privacy in comms.
Collecting and analying meta data NOW seems like a make-work
project that wastes time and resources.
Why do you think so. The NSA (and likes) wouldn't turn of
their 2016 systems, if they still keep working and giving
them valuable data...
Sure.. even for them change is hard. So, they just keep
investing more and more resources to maintain this beast of
collecting everything - but with a very limited feasible
outcome.
They are forced to focus on narrow sets of data: a particular
suspect or small group.
I am sure friends tell two friends and so on, about these
options to integrate more privacy in comms.
Support/availability doesn't automatically mean usage...
And you will have to configure it in Thunderbird. Most
users won't bother.
Sure.. even for them change is hard. So, they just keep
investing more and more resources to maintain this beast of
collecting everything - but with a very limited feasible
outcome.
You don't know that! ;-)
They are forced to focus on narrow sets of data: a particular
suspect or small group.
You don't know that! ;-)
Or use steganography to hide in pictures, mp3, whatever.
Do you have experience with this?
Little and a veeeeery long time ago.
But it also might attrackt some unwanted attention. And
you don't know how good the NSA (etc) have become at
detecting it...
Well you can always embed a PGP file steganographically.
In that case they would just know that something is there
if they are able to detect it.
Or use steganography to hide in pictures, mp3, whatever.
But it also might attrackt some unwanted attention. And
you don't know how good the NSA (etc) have become at
detecting it...
Sysop: | Nitro |
---|---|
Location: | Portland, OR |
Users: | 4 |
Nodes: | 10 (0 / 10) |
Uptime: | 217:23:54 |
Calls: | 139 |
Files: | 752 |
Messages: | 87,368 |