NSA surveillance: A guide to staying secure (by Bruce Schneier)

[mitzevo]

Sharing is caring!

NSA surveillance: A guide to staying secure

"The NSA has huge capabilities – and if it wants in to your computer, it's in. With that in mind, here are five ways to stay safe"

Full article: NSA surveillance: A guide to staying secure


Excerpt:

Now that we have enough details about how the NSA eavesdrops on the internet, including today's disclosures of the NSA's deliberate weakening of cryptographic systems, we can finally start to figure out how to protect ourselves.

For the past two weeks, I have been working with the Guardian on NSA stories, and have read hundreds of top-secret NSA documents provided by whistleblower Edward Snowden. I wasn't part of today's story – it was in process well before I showed up – but everything I read confirms what the Guardian is reporting.

At this point, I feel I can provide some advice for keeping secure against such an adversary.

The primary way the NSA eavesdrops on internet communications is in the network. That's where their capabilities best scale. They have invested in enormous programs to automatically collect and analyze network traffic. Anything that requires them to attack individual endpoint computers is significantly more costly and risky for them, and they will do those things carefully and sparingly.

[40hz]

A better title for that article might have been: A guide to temporarily being slightly less insecure.

None of his suggestions do much to increase security since the security weaknesses are inherent in the systems themselves. About all his suggestions might do is to reduce your visibility somewhat - or put the required effort over the threshold of cost effectiveness for actively monitoring someone who is not "a person of interest."*

You can't add security to code as an afterthought. It has to be designed and incorporated into the very core to have any real hope of being effective.

Much like any of today's operating systems, network protocols, or applications - security is as much a product of "good enough" engineering as everything else.

Still...every little bit helps. Maybe.

----------------------------------------------------------------------

* Note: just because you ain't paranoid doesn't mean you have nothing to worry about. In addition to checking out tax returns that contain "red flags" and "audit triggers," the IRS also randomly selects a undisclosed number tax returns (estimated to be something like 7-10% of all tax returns filed) for a much more thorough going over - just in case. Supposedly, this process has caught a significant number of 'reporting errors' on otherwise 'low error probability' returns.

Tax bills and penalties inevitably follow for those deemed to have made unintentional mistakes. In situations where it seems to be more than a simple mistake, the consequences for the hapless filer can be significantly greater. Especially if intentional tax fraud is suspected. Once that happens, the IRS will often examine every single tax return the person in question has ever filed since there is no statute of limitations on tax evasion.



Don't think for a moment that our government intelligence agencies don't so something similar with some (or possibly much) of the "of no possible interest" data they gather. It's all automated so it doesn't really present much challenge to pull random samples of data and go at it hammer and tongs. It's a perfect use for spare computing cycles and slow time.

[Vurbal]

You can't add security to code as an afterthought. It has to be designed and incorporated into the very core to have any real hope of being effective.

-40hz (September 06, 2013, 12:18 PM)

Adding security rather than incorporating it doesn't automatically make it an afterthought. In fact I would argue that separating security rather than incorporating it is the optimal solution. Incorporation is the primary weakness the NSA is exploiting right now.

Here's one of the more obvious examples. Let's say you're using Windows 8. If you use a Microsoft cloud-based login, use BitLocker to encrypt your drives, and SkyDrive to store files on the cloud all the NSA has to do is get insider access to Microsoft to compromise all of that. And in fact that's exactly what they've done.

The solution isn't incorporation but rather separation and redundancy. You are absolutely correct that it needs to be designed into the system, but one of the essential elements of that design is that it can't be a single, monolithic system. Eliminating single points of failure is one of the core elements of good security.

Much like any of today's operating systems, network protocols, or applications - security is as much a product of "good enough" engineering as everything else.

That's certainly a good point at least on the OS and application levels. However I would argue network protocols are simply the wrong place to focus on security. The primary focus of networking protocols is, and always should be, reliable connections and delivery. Anything that interferes with or complicates that, including security, will always be an afterthought.

Besides if you haven't already addressed security before you reach the network you've already conceded the battle. Good security needs to use the network, once again to eliminate single failure points, but it needs to be separate from the network. The network needs to be just another (relatively small) component of security.

Like I said you're absolutely right it's a systemic rather than isolated problem, but as I've said elsewhere the solution is to rethink the entire system from the ground up. That means starting with the user and hardware, working your way up to the OS, then the applications. At each point where new hardware or user interaction comes into play you back up and start from that level again. That's how you create a system that's both functional from a technological level and still usable on a human level.

And of course that actually starts with the human element in government. Without transparency and accountability any and all security measures are weakened or even nullified completely. As I've been saying for the last couple months, though, that's already happening and will continue to happen. The US government's primary source of power is the illusion of their significance to the rest of the world.

What they still don't understand is that not only do other countries not need us (meaning our economic infrastructure) the way they did even 10 or 20 years ago, but also that the same goes for US citizens.