Secure communication and the CIA

The eye of our Big brother is spying on us all. Edward Snowden revelations have taught us that there is no place to hide. However, we can protect our communication by using a bunch of tools and apps. Come and start using them right away!

This was a little bit of “improv” part of LibertyCon Prague 2017, where Institute of Cryptoanarchy in Paralelni Polis organized a half-secret (meaning some were not part of the official program) track of talks :).

The co-author of the slides and talk is Pavol Luptak.

Slides are available…

Bitcoin as a store of value

A little bit more “technical” talk about using Bitcoin as a store of value, not as a transactional system. Does the value of Bitcoin in terms of state currencies actually have to be stable and/or not volatile?

Is there a market in storing wealth in cryptocurrencies? Should all people save in one currency?

This was a little bit of “improv” part of LibertyCon Prague 2017, where Institute of Cryptoanarchy in Paralelni Polis organized a half-secret (meaning some were not part of the official program) track of talks :).

Slides are available…

On tourists and astronauts


On tourists and astronauts

“Have you ever tried not being a tourist when you travel?”, asked my friend. He meant not checking into a hotel, but living where the locals live, buying groceries where locals buy groceries, cooking food and doing your day to day business. We had an interesting conversation that evolved from a question I used to ask a lot in the past year, after the sadly violent events in Ukraine unfolded (Ukraine borders with the country I live in – Slovakia). The question is: “If your country started to turn into chaos, with tanks and bullets possibly flying around, how would you know it is the right time to leave and where would you go?”. My thoughts were about Asia, somewhere far from the chaos, other people say Great Britain or Canada. This friend was different. “You know, when I was younger, I thought I was a world citizen, a perpetual traveler. But have you ever tried not being a tourist when you travel? Imagine there is a dispute, you don’t know anyone, you don’t know local customs, laws, you are going to lose even if justice is on your side. I would go to the countryside in my country, as close to my current home as is safe, I want to be able to return at a moment’s notice. I want to be close to the people I know and speak the language, understand the customs and have something familiar.”

Continue reading “On tourists and astronauts”

Turris Omnia review


Turris Omnia review

I was eagerly awaiting for my Turris Omnia which I preordered on their Indiegogo campaign almost a year ago. The campaign raised more than 1.2 million dollars and the router was created by a team from Czech Republic’s .cz domain administrator CZ-NIC. I was always a little bit sad that the ISPs sell you a 300Mbit Internet connection and then give sell or rent you a router which can barely perform switching at that speed. So my default answer for a shitty D-Link router with no firmware updates and rare need for reboot was – I’ll just wait for my Turris Omnia to arrive.

Continue reading “Turris Omnia review”

Solve the world’s problems as your career

Solve the world's problems as your career

In recent months I have met many inspiring people. They are generous, fun to be around and solving the world’s problems. Diabetes, partnerships, waste, security, retirement – all of these are huge problems, and I met people that are doing all they can to fix these problems. I think this is the best career move any individual can make; and for me, these people are an inspiration.

Many things in this world piss me off, and there are some things I can fix. On the other hand, I met a lot of young start-up entrepreneurs that are working on “apps” that just seem profitable. They don’t fix a pressing issue that people have. I think making the right decision in your career is important and “fixing world’s problems” is the most overlooked guiding principle in our careers. People study law, business or medicine just because these professions “pay well.”

Solving pressing problems usually pays well too. If it is something that people care about, they are willing to pay for the problem to go away.

The solutions don’t have to be perfect. Some products and services solve huge problems, and it took two weeks to implement them! One of the main misconceptions of entrepreneurship is that it is hard, that only certain people know how to create a profitable business and that you need to attend business school, read business books, become part of a startup networking group or a mastermind. It is not true. You need to find the right problem to solve, find the right financial model that works for you and do it.

Continue reading “Solve the world’s problems as your career”

Barbell strategy for investment


What you’ll learn:

  • Investment is not about picking the right financial product (like stocks or bonds or mutual funds)
  • There’s an investment strategy that is based on your values and relates to other goals of your life – like elimination of stress
  • There is a way to gain from disorder and chaos, not only go through it
  • That your time, money and energy can be used to help both yourself and the world
  • How to be financially secure even if you are not rich

Continue reading “Barbell strategy for investment”

Ethereum and other altcoins

As you all probably know I am a fan of Bitcoin, but I am not that much of an alt-coin guy. What I mean by that is that I think that a main property of money is that it is universal means of exchange. It is good that you can store your wealth as savings (for example in gold or oil). It is also important to choose a unit of account. But what matters is if you can use the money to exchange it for the stuff you actually want. People think they want money, but they are not much thrilled about my one hundred trillion Zimbabwe dollars. Why? Because it can’t buy anything.

I think this is one of the most important drawbacks of Bitcoin right now – it is not universally accepted. On the other hand, it is gaining traction and I like both the ideas behind Bitcoin and its technological ingenuity.

For me, switching to another alt-coin has to be justified by a significant improvement – one that would make the switch worth the loss of the network that accepts Bitcoin. I am all for playing with alternative ideas – I just think that what we need now is not ideas, but acceptance.

So far the main reasons behind developing alt-coins (except for fun and pre-mining profit) has been a different mining algorithm and speed of confirmation. I’ll touch both of these and then I will cover Ethereum.

Commodity mining

Litecoin was the first prominent alt-coin being developed from the Bitcoin source code with a different algorithm for mining. It’s called scrypt and it was supposed to be an algorithm that is hard to implement in specialized mining hardware, meaning that anyone could mine it on their computers. We now know that they have been wrong and KNCMiner just announced their scrypt miners. People have been mining Litecoins and other litecoins running on scrypt on their more expensive GPUs. A CPU is a general purpose processor and of course you may make it more difficult to create specialized mining equipment by being as general as possible (requiring both computational speed and memory access). Eventually, it is always possible to create faster specialized equipment. But the real question here is why to do that? Of course the common answer is that we want common people to perform mining and thus distribute the coins among the people. The beauty of the idea behind Bitcoin is that the mining is not an end by itself. It’s a mean to provide network security. You need to make sure that more than half of the network is honest to maintain security. Mining could be also called block validation. I understand that people freak out when they realize that someone with enough money could take over the network by secretly manufacturing this required computing power and taking over the network. The question remains: Would people still use it? Would they want to undermine the network or just make it stronger so their investment pays off? Of course, there’s no clear answer and depends on their value system. If they feel threatened by Bitcoin, they could do that and undermine it’s legitimacy and trust people put in it. How difficult would it be to start new alt-coin with slightly different algorithm, so their equipment is a piece of useless metal trash?

Now take the “commodity mining hardware” train of thought for a while. Anyone can mine it. How many huge organizations have commodity hardware that is underutilized at least a certain amount of time? Google, Microsoft, Amazon, NSA, … I don’t mean to say that they would do it, but they might as might anyone else. What about computer factories making supercomputers? Don’t they want to test the equipment they manufacture for four days before they ship it to their customers? Oh and when this currency is taken over and another one that works best on commodity hardware is popular, they just change the mining software they use.

What I really see is a socialistic sentiment – an idea that poor people’s old laptops could make this currency. But mining is not only about making new units of currency, it is about making it secure. Making it commodity-only friendly is a bad idea. I would rather trust a huge mining power of Bitcoin ASIC miners than 10 thousand old laptops. And would it work? The more people that invest their computing resources into mining, the less reward they collect (per computational unit). That effectively drives profit margins on mining to zero. So not only the network would be less secure, it would not be profitable for the common men. The incentive may be higher in people who invested in the computing power already – say from taxpayer money – and don’t care about profit. Like the NSA.

Confirmation time

Now about the confirmation time. Litecoin’s mining algorithm is targetted for 2.5 minutes blocks on average. That means that blocks get “confirmed” sooner, because they appear in the blockchain. But do they? Actually, no. For the block to be confirmed it means that it is more difficult to cause the blockchain to fork and undo a confirmed transaction. Satoshi showed in his original paper that the probabilty of this happening decreases exponentially with each new block. But in the end, it’s about computing power. Let’s say that we need a trillion operations for one block in Bitcoin. Then comes Litecoin and says that the block needs a quarter of a trillion operations, so the blocks come faster. Say the mining power is the same in both networks. Say I would trust a transaction to be confirmed after it’s been included in 5 blocks of the blockchain. How many blocks in Litecoin network would I need to do that?

You might say that it’s after five blocks (and they take a quarter of the time), but that’s actually not true. If an attacker had significant mining power, the probability is not dependant on the number of blocks, it’s based on number of operations performed.

So given that the mining power (operations per second) is the same, you would need to wait 20 (5 times 4) blocks in Litecoin network to have the same confidence and that’s exactly the same amount of time (probabilistically speaking).

Ethereum

I have to admit, that Ethereum is the first alt-coin that has significant changes to Bitcoin that would make me consider it. One special exception is Zerocoin, which I love and hope to see implemented in every alt-coin and possibly the main Bitcoin blockchain.

Ethereum has this idea of advanced scripting language at it’s core that is Turing-complete. Being Turing-complete, it can compute any function there is, making it a programmable currency. A little bit more about it later.

They also play the “commodity hardware” mining tune which I totally dislike and do something which has been a big “no-no” in alt-coin community and that is called pre-mining (or creating units in advance). The idea is that to fund the development of Ethereum, some of the currency will not be allocated to miners, but will be taken by a development team and redistributed to authors and contributors. There’s also this idea that they will pre-sell some units for Bitcoin, which makes me wonder – do they even trust it’s going to be the currency that they are willing to sell their superior currency for some older currency? I understand that they want to make it valuable and that they hope that the artificially set pricing will be set and go on with the currency. This all reminds me of social engineering and central planning. Bitcoin is simple. It is not overengineering, it does not have many weird arbitrary rules. It is simple and that’s probably the author’s intention. Now Ethereum has not even started yet and I already see the discussions about how it will be allocated and who will vote about who gets the “development” money. It is exactly this reason why I don’t like democracy. There’s no direct relation between those who pay and those who receive.

I understand that people want to get paid for their work and I have no problem with it. But this smells with committees, voting and conflict. What about making a Kickstarter-like crowdfunding. Want to have this project done? Contribute some Bitcoins. Create a prediction market for Ethereum prices and you can even denominate a crowdfunding idea in Ethers. Make people vote directly with their money.

Please learn from Bitcoin. There is this “official” Bitcoin foundation that people are talking about. People are saying that it should not represent Bitcoin users, talk to politicians, … I understand that there are people who are for it. But what is wrong with people wanting to vote with their money? You want this feature? Pool resources with others who do it and crowdfund it. Then it will be about users’ will – what gets funded, gets done.

No arbitrary pre-funding, constants, distribution, votes, …

I also don’t believe that unlimited (but slow) inflation is neither required nor wanted, but I can live with it (unlike with traditional fiat money, the inflation rate will be known in advance to everyone and it will directly affect the future price of Ethers).

The halting problem

In computational theory, there is a well-known and proven fact that you can’t tell about any general program if it will ever halt or just compute forever. It’s not that we have not yet found an algorithm to do that, we know for a fact that it’s impossible (in general Turing-complete programs). This is one of the basic findings of computer science that we have to live with.

I believe that the fact that Bitcoin’s scripting language is not Turing-complete is a design feature. If you can’t create loops (and jumps), you create a limited language that you know for sure will end in a limited time. If you don’t allow loops and instructions take certain amount of time, you know that the program will end after umber_of_instructions*slowest_instruction_execution_time. This trick is not new and there are many languages that are limited on purpose this way, for example, DTrace scripting language used for debugging kernel and user-level programs in some operating systems (Solaris, Mac OS X, …). The miner fees are also directly related to the size of a transaction, meaning that the longer program you write, the more you have to pay in fees to process it.

The problem with the scripting in the blockchain is that every full node has to process it and store it. Bitcoin also limits the number of external inputs making the execution completely deterministic – meaning that all nodes interpret the code in the blockchain exactly the same way. You can not rely on current time (you can rely on block number to represent time). You cannot rely on external inputs (like a content of a website) because they can change over time.

Ethereum can “solve” the halting problem by collecting fees per processed instruction. On the other hand, do we actually need this complexity to do what we need to do? The power of Bitcoin contracts is still not fully used to this day and yet we want to create something better. But if we regard the determinism and time-bounded execution constrain as a feature, not a bug, is it an improvement?

Conclusion

I am not against anyone developing a new currency. I am not expecting huge popularity of Ethereum either. Vitalik Buterin explained in his Bitcoin Magazine article that he wanted to make cryptocurrencies more general. He compared it to creating something more like TCP/IP instead of SMTP. I have another analogy: Everyone is using e-mail to communicate. There is also a clear room for innovation here – encryption and fighting spam. Why hasn’t anyone switched yet? It’s because of the network problem – the more people use it, the more difficult it is to make everyone switch. And if encryption and spam aren’t good enough reasons for people to ditch good old SMTP, I think Ethereum has to offer something more than a new philosophical approach to be an attractive alternative to Bitcoin.

On the other hand, I wish them well and I hope they succeed. I may even buy some Ethers just for the casino-like rush and being able to tell people I was one of the first owners of Ethers. I will be really excited when there are 10000 shops accepting it as a payment. And unless there’s much better PR and significant practical improvements over Bitcoin, I doubt that’s going to happen.

Report from 30C3: There’s no privacy

Chaos Communication Congress is the oldest hacker conference in the world and the largest of its kind in Europe. It takes place at the end of each year in Hamburg and brings current research in the field of security, networking and increasingly also politics and other topics related to “hacking” – the unconventional use of ideas, technologies and things around us.

For the past few years, I was always left with the similar impression after coming back from the conference: Our “paranoia “ is not paranoid enough; technologies are vulnerable and (rich, big) states increasingly breach our privacy and other rights. This year was no exception, on the contrary: Jacob Appelbaum presented new documents leaked by Edward Snowden, along with technological analysis. In his talk To Protect and Infect (Part 2), he revealed among other things an NSA-internal “Catalogue of spying technologies and products” they use against their targets. I had a feeling that I was in a dystopian spy novel – that all the conspiracy theories about what the NSA can do are true, and conspiracy theorists lacked the imagination to describe what is actually happening.

30C3 entrance, photo by Blinkenarea.org Photo credit: Blinkenarea.org CC-BY-SA-3.0

Sooner last year, we learned that the NSA is intercepting most of the major Internet services and companies such as Gmail, Yahoo, Microsoft and so on. Some of these parties clearly cooperated with the NSA, in some cases they easily intercepted Internet traffic or traffic between data centers of the company. Many mobile operators had to abandon any hope for the privacy of its customers under a court order, issued by a secret court, which is not under public scrutiny.

]Jacob Appelbaum presented other documents leaked by Snowden) that describe, among other things that the NSA can install malware in the BIOS or in the firmware of your hard drive (such malware survives a full reinstallation of the operating system). In cooperation with the U.S. National Institute of Standards and Technology (NIST), they influenced standardization process and approved a random number generator algorithm that had a NSA backdoor built in. Anyone who wants to sell products that comply with FIPS (a federal security standard) had to implement this algorithm. Some companies, such as RSA used it for several months as a default random number generator in some of their products. RSA was blamed that they were “bribed” by the NSA to have this default setting, which caused several security researchers to boycott the RSA Security Conference and withdraw their papers. The backdoor means that there’s a secret to this algorithm, which allows NSA to predict the numbers generated by the algorithm and guess private encryption keys that were generated using this algorithm. Aris Adamantiadis showed a proof of concept how this backdoor can be used.

A lot of people thought that NSA is passive during their mass surveillance operation. Although the majority of interception points probably cannot really change the data, another of the NSA program called Quantum Insert “solves” this problem. The NSA controls an unspecified number of routers around the world (including home routers) which allows them to “insert” data into an existing TCP connection. This tool is used to infect the computers with their “uninstallable” spying malware. They can infect a software package you are downloading from the Internet. It is time to start verifying digital signatures of software downloads (and use HTTPS everywhere)…

The NSA also has a special program for installation of hardware “backdoors”, which are installed into notebooks and servers between the time they leave the factory and come to you. They are intercepted during transport and modified to include a hardware backdoor. Of course, I would suspect the NSA to use this technique for really interesting targets, not as a general surveillance tool, but still: This really seems like a story from a bad spy novel, but it seems it’s a reality.

ATMs, beware!

NSA is not the only bad guy in the world. Researchers described a special kind of malware that has been found in several infected ATMs. The criminal organization that created it used it to steal bank notes. The method of installation was relatively simple – the thieves cut out a hole in plastic and inserted their own USB key. Then they forced the ATM to reboot from the USB key. When the machine has been infected, they could gain access to a special menu by entering a short secret code on the keypad. This enabled them to see the number of bank notes in each cassette inside the ATM.

When they wanted to steal the content of one or more cassettes, they had to call “the headquarters” of the organization and say a unique challenge code displayed on the ATM screen. Using a challenge-response algorithm, the HQ told them a unique answer code for withdrawal. This made sure that the headquarters knew who steals from the ATMs and how much.

The malware is actively developed and reminds me of a bitter taste of the old joke about the pickaxe hackers who “hack” the ATMs.

30C3 lounge, photo by Moritz Petersen 30C3 Lounge, photo credit: Moritz Petersen CC-BY-SA-3.0

The Year In Crypto

A follow up to the last year’s talk on developments in cryptography suggests that Dan J. Bernstein, Nadia Heninger and Tanja Lange started another tradition. And I like it. In “The Year in Crypto” they describe what happened in the field of cryptography. In addition to backdoors in algorithms, they mentioned problems with TLS, random number generators, etc. We learned about the upcoming “cryptocalypse”, which is very likely to be caused by the arrival of quantum computers. At least NSA is trying to build one, and its goal is to break ciphers. What ciphers should be used after some of us upgrade our old Pentiums to quantum computers? Check the recording of this talk online.

We must also praise Google for introducing Perfect Forward Secrecy in their HTTPS configuration and the introduction of encryption between their data centers. We do not know if Google willingly cooperated with the NSA, what we do know is that they are trying to make it more and more difficult for others to spy on the traffic between their servers and their users.

Perfect Forward Secrecy ensures that even if HTTPS private keys of servers are compromised, this does not allow the attacker to decrypt previously recorded sessions. The keys are used to verify the identity, and the exchange of encryption keys is done by separate instance of asymmetric key exchange algorithm (ECDSA or DSA). In practice, this means that if anyone gets the private key and also has a huge worldwide interception network, they must actively attack each connection (using the so-called man in the middle attack), passive listening is not enough. Do you think that such an organization does not exist? According to the available information, an e-mail provider Lavabit was forced to disclose their server’s private keys by a secret court order. And coincidentally, the NSA has a worldwide eavesdropping network. I believe that perfect forward secrecy will make it difficult to do untargeted mass interception of innocent people…

Knock, knock, internet!

For a couple of geeks like me, it is important to know how many computers on the Internet are live, whether they use encryption and whether they have up to date software. And some of us have dreamed of doing an internet-wide scan to seek answers to their weird geeky questions. Zakir Durumeric of the University of Michigan and his team are the ones who woke up and made their dream a reality. They wrote a scanner that can do an internet-wide scan in a matter of hours. In this way, they were able to collect SSL certificates used online and evaluate how many of them use compromised keys. Also, they were able to determine how many computers have vulnerable implementations of UPnP or IPMI. The results can be found in this talk, or on zmap.io, but if you have any illusions about Internet security, I recommend breathing deeply before watching the lecture…

Journalists & whistleblowers

In addition to technical issues, freedom and politics were main issues. The keynote was presented by Glen Greenwald, an independent journalist who publishes Edward Snowden leaks. He talked about the right to privacy and huge impact of the surveillance state. From WikiLeaks, we could hear Julian Assange (who unfortunately had a crappy video connection – he still cannot leave the Ecuadorian embassy in London) and Sarah Harrison, who according to WikiLeaks saved the life of Edward Snowden when he had to leave Hong Kong suddenly.

Malware in your SIM card

Karsten Nohl presented new attacks that target SIM cards. The GSM mobile phones have many more processors than most of us think. The main ones are the baseband chip, which handles communication with the mobile network (and attacks on it were presented in another talk), application chip (that’s the one that runs the applications and the operating system with which users interact) and SIM card – yes, the SIM card itself can also run stored programs. SIM card can detect your location, turn on your microphone, send data and SMS, etc…

Karsten Nohl presented another attack, which can be used to install spyware (or any other code) to the SIM card. It can, for example, turn on the microphone and call a toll-free number or regularly send your physical location to the attacker.

By saying “presented” I mean that he showed the attack live on stage using fake GSM network and a phone which he infected on stage. So this is not a weird academic paper, but a very practical reality. This type of attack is undetectable by the user. Enforcing encryption can prevent the attack. For this reason, Karsten released GSM Map which maps various security parameters of GSM operators around the world.

It’s no surprise that this “new” attack that was presented at the conference was already being used by the NSA at least since 2008. However, just in case the NSA does not have direct access to the mobile operator, their mercenary hackers simply break in, as one Belgian GSM operator experienced on their own. Who knows what other networks are hacked by the NSA (or other countries, which have no Edward Snowden yet, but still have huge spying and hacking programs).

Satellite antenna in the backyard

Travis Godspeed presented a project of a satellite antenna, which he built in his backyard. He can track satellites in low earth orbit and record what they transmit. Unlike the satellites in geostationary orbit, these are moving around and the antenna has to be rotated to follow the satellite. At first we envied the amount of free time Travis had, but I have to admit I would love to play with such a thing that not many people can have hands-on experience with.

Bitcoin Trezor

In 2013, Bitcoin – a decentralized alternative currency – gained even more popularity, the exchange rate (or value) increased, and more general acceptance followed. Unfortunately, the Congress did not follow this trend – you could not buy tickets with Bitcoins, pay for food or T-Shirts. Some hackerspaces accepted it, and you could use it to pay for some nerdy stuff like electronics kits, etc.

The only Bitcoin-related talk was by my friend Pavol Rusnák, who presented his project Bitcoin Trezor. It allows secure storage of Bitcoins even when your computer can be infected with malware. If you have any Bitcoins, I recommend looking at this project. Many people got infected or hacked, and their Bitcoins were stolen.

Ztohoven

Czech art group Ztohoven (with my help) presented its three projects – Media Reality (atomic mushroom in a live broadcast of Czech public television), Citizen K. (exchange of identities) and Moral Reform – drama for parliament, government, the president and journalists. Watch it, it’s cool!

The Venue

Hacking is not just playing with computers or soldering iron. The lounge presented bands that are close to the hacker culture. On the top floor, there were several places where you could prepare coffee in different ways (for example you could use the bike-powered grinder). If you wanted to communicate with someone, it was possible to use the internal telephone network. However, if by communication you rather mean a message in a bottle, you could use pneumatic tube mail that was all in and around the building.

Check it out:

Conclusion

Chaos Communication Congress has traditionally been the place to meet hackers, artists, cryptology and security experts and developers. All lectures are streamed live, so in addition to the direct participants, there were hundreds of people watching around the world, mainly from hackerspaces that organized viewing parties. If you missed the opportunity to see the presentations live, recordings are available. I hope you could join us next year, it’s a remarkable experience.

Hacking the Czech Parliament via SMS [30c3]

Hacking the Czech Parliament via SMS A parliamentary drama of 223 actors

The Czech art collective Ztohoven’ project “Moral Reform” was accomplished in collaboration with web security experts. Together they created the unique art concept of a mobile phone mass-hack.

“Am I the only one who sees all the bad things we do? It’s impossible to govern in a decent way anymore. Let’s finish it once for all. I am ready to overtake the responsibility. I am ready to reveal the full truth.”

Messages like these were received by Ministers from their government fellows.