The Chat Room

[Vela Nanashi]

One can open one on one chats on irc (the chat this forum uses is on irc), but they are not truly private, just like personal messages on the forum is not, to get true private messages one would need to use encryption, for instance by getting a free proton.me mail account and chatting over encrypted email, or getting one of the chat programs that actually do that right.

[staci]

Vela, I have been on here for quite some time and the subject of PM privacy has been discussed often and I have been assured it is indeed not breached nor compromised. Maybe I am too naive but I believed the succession of moderators who have told me.

[Vela Nanashi]

I am not saying that the admins/mods will or have ever breached pm privacy.

What I am saying is that it is not mathematically impossible for them to do so, since there is no encryption to prevent it, anyone with server access or database access, can (not will or have) read pms on forum software.

That same level of trust exists on irc, most people trust that server admins of (in this case the Rizon network) do not in fact log what is being said in channels and private chats, but again it is mathematically possible for them to do so, since there is no encryption in the irc protocol itself.

Also that this forum is possible to access via unencrypted http:// rather than being forced over encrypted https:// means that anyone who browses the forum over an insecure network, say at an internet cafe, or hotel, can have people easily read whatever they browse including their pms, and also it will travel across the internet in the clear, so anyone who in fact browses the site in http mode is leaving their pms and forum activity open to every router owner across the internet from their isp to the isp of the server.

That is all I am saying, nothing more implied or meant, I believe the mods and admins here are nice people, who do and try to do the right thing.

[Swampthing99]

Thank you to everyone for your replies.

[Guy Fawkes]

Vela, I have been on here for quite some time and the subject of PM privacy has been discussed often and I have been assured it is indeed not breached nor compromised. Maybe I am too naive but I believed the succession of moderators who have told me.

In theory, it is possible for someone with database access to see PMs; in practice, I have been led to believe that this is not an easy process -- in other words, it's not something someone would do just on a whim -- it's a difficult, time-consuming process.

If you are that concerned with the privacy of PMs, I would suggest that:

1) You exchange PGP keys and encrypt your PMs to each other; or

2) That you take your discussions off-board to email (preferably PGP encrypted).

[Guy Fawkes]

I am not saying that the admins/mods will or have ever breached pm privacy.

What I am saying is that it is not mathematically impossible for them to do so, since there is no encryption to prevent it, anyone with server access or database access, can (not will or have) read pms on forum software.

That same level of trust exists on irc, most people trust that server admins of (in this case the Rizon network) do not in fact log what is being said in channels and private chats, but again it is mathematically possible for them to do so, since there is no encryption in the irc protocol itself.

Fair enough.

Also that this forum is possible to access via unencrypted http:// rather than being forced over encrypted https:// means that anyone who browses the forum over an insecure network, say at an internet cafe, or hotel, can have people easily read whatever they browse including their pms, and also it will travel across the internet in the clear, so anyone who in fact browses the site in http mode is leaving their pms and forum activity open to every router owner across the internet from their isp to the isp of the server.

Now, that is an excellent point, one that is raised far less often than it should be.

That is all I am saying, nothing more implied or meant, I believe the mods and admins here are nice people, who do and try to do the right thing.

I think so too, but my preference nonetheless is to PGP-encrypt PMs wherever possible.

[staci]

In layman terms, a summation-

keep it in your pants and don't believe all you hear.

[Vela Nanashi]

Guy I do agree that proton is not as secure as I would like it to be, but it sure as hell beats gmail for security and privacy, even if it is not in fact perfect. It is much better to entirely trust no one, like you say by keeping your own keys, and I would not personally trust public key crypto if I was really doing some sketchy shit, I would try to exchange large secret keys and use public key and secret key crypto in layers to properly secure things, and bijective compression of the content first, then padding it with random data to some fixed size that does not reveal anything by message size, making sure the meta data of the email does not reveal anything such as subject too. Then secret key crypto that blob, then ephemeral encrypt a second secret key that is used to encrypt the encrypted blob, then do public key crypto on top of that with signing, using a secure elliptic curve crypto 25519 or such. Of course if you want to be extra secure you won't send that over email, but you embed the data in png images in the low bits of the color channels and post those to some place, maybe it is five hundred frames of animation at super high resolution in png format of something, or AI generated art Something you can churn a lot of out and post where the png will be kept in the form it is uploaded in and not be clear who you directed that to, in that case there should be no header information on the embedded data that tells it apart from random data so every image has to be processed by people looking for messages, and then when they use the right key they detect it is a message for them.

[staci]

 

[Vela Nanashi]

woo staci

[Guy Fawkes]

Guy I do agree that proton is not as secure as I would like it to be, but it sure as hell beats gmail for security and privacy, even if it is not in fact perfect.

Absolutely, no question about it -- Protonmail trumps Gmail hands-down.

I just keep thinking about that poor squatter/housing activist that was targeted by the French police -- they actually charged him with a terrorist offense, so they could use the mutual legal assistance treaty (MLAT) to get the Swiss to hand over his information. A similar occurrence, in the context of this board, would be the FBI telling the Swiss police that they want someone for child exploitation material, when what they're actually dealing with would be a written story.

It has not taken place yet, but sometime in the next 10 years, I expect to read a story describing how Protonmail was forced to decrypt a user's encrypted traffic as the result of a legal process. (This is not technically possible with a nymserver, since the nymserver only possesses the public half of the PGP key -- the private half never leaves the user's custody or control.)

It is much better to entirely trust no one, like you say by keeping your own keys, and I would not personally trust public key crypto if I was really doing some sketchy shit..."

Actually, people have used public-key crypto to do some really sketchy shit, as you put it.  There was at least one group of people exchanging child exploitation materials, formed in 2003, busted in 2008 -- they made extensive use of PGP and remailers. (Fifteen years ago, Tor wasn't really a thing, as yet). Despite the fact that they were betrayed by an informer, whose place was taken-up by an undercover police officer, who was in a position to see literally everything the members of the group said or did, the vast majority of the group (between two-thirds and three-quarters, depending on whose numbers you believe) were never identified or apprehended. Their ringleader is still at large.

I would try to exchange large secret keys and use public key and secret key crypto in layers to properly secure things, and bijective compression of the content first, then padding it with random data to some fixed size that does not reveal anything by message size, making sure the meta data of the email does not reveal anything such as subject too.

Most of what you're describing here is already available through the remailer network. I was using symmetric and public key encryption w/message padding almost 20 years ago. One nice thing about the nymservers' back-end remailers is that they wrap the message metadata with a layer of encryption, so when the message arrives in your mailbox, all the Subject; line says is: "No Subject". The sender is listed as Anonymous, and there is no metadata usable to an opponent.

Then secret key crypto that blob, then ephemeral encrypt a second secret key that is used to encrypt the encrypted blob, then do public key crypto on top of that with signing, using a secure elliptic curve crypto 25519 or such. Of course if you want to be extra secure you won't send that over email, but you embed the data in png images in the low bits of the color channels and post those to some place, maybe it is five hundred frames of animation at super high resolution in png format of something, or AI generated art Something you can churn a lot of out and post where the png will be kept in the form it is uploaded in and not be clear who you directed that to, in that case there should be no header information on the embedded data that tells it apart from random data so every image has to be processed by people looking for messages, and then when they use the right key they detect it is a message for them.

What you appear to be describing here is a system where you are attempting to hide the very fact that you are communicating with someone at all. That is a much harder problem to solve. (In particular, using steganography or stego for short) is highly inefficient, and not suitable except for the shortest messages as a general rule. To make matters worse, the government is aware of almost all stego algos in use today, and AFAIK, they search for stego'd traffic.

Bitmessage works on a mass-broadcast principle, i.e. all messages are sent to all potential recipients, and only those recipients with the appropriate secret key can successfully decode the message. Twenty years ago, people on Usenet used to do the same thing by having their nymserver/remailer combo point to a mail2news gateway, and have all messages posted to alt.anonymous.messages (a.a.m. for short). You would have piece of software download all the messages in a.a.m, and deposit the ones for you, in an mbox file. You could then open that mbox file with a mailreader like Thunderbird. FWIW, this anonymous message pool is still being used today, albeit the message volumes are only a fraction of what they were 15-20 years ago.

[Vela Nanashi]

The way I am thinking the stego would be pure noise, but you can also suspect any png with a lot of pure noise to be stego, but you can't actually prove it is stego if that noise does not decrypt or reveal that it is a message unless you have the proper decryption key and that is quite possible to achieve, and yes it is inefficient, but quite possible to do and use, you can also hide the noise in wave/flac files and other lossless formats, that will 100% for sure decompress to the same as the raw source file. You can also choose to be a regular image/flac file poster that produce a lot of stuff and put random noise in everything, then the few times you do want to send a message you do. Nobody will be able to tell the difference and just how many messages you send.

That is used by russians and others where they have a constant link between two sites that is pure noise and sometimes they drop an encrypted message in there that sounds and looks like pure noise, but on the other end the keys reveal it to be a message and bring it to the attention of people. It is really no that hard to do.

Also it may be possible to use error correcting codes to make the images able to survive lossy compression too, of course within limits. So there could be messages hidden in jpg and other lossy formats as well.

Honestly though email needs replacement for many reasons

Also I have been thinking that I want to make a client that runs on top of proton.me that adds actual trust noone encryption to it, of course proton still tracks who talks to who, so if that is important to hide the other methods talked about here are better.

Ideally a tor/i2p site is set up where people can dump messages, that only the recipient can read, sender anonymous via the network, receiver(s) anonymous too, maybe if that tor site wants to save on resources the messages only persist for a certain amount of time, maybe only from people who have sent monero or similar anonymous currency to pay for their used space. Who knows.

I have many ideas about this too, just slow to implement them also slightly weary of the techniques being used by actual bad people, but I know they will be, still as non criminals are being hunted by the governments we non criminals need to protect ourselves so the governments kind of are forcing us to make it impossible to hunt anyone, it is their own fault.

[Guy Fawkes]

The way I am thinking the stego would be pure noise, but you can also suspect any png with a lot of pure noise to be stego, but you can't actually prove it is stego if that noise does not decrypt or reveal that it is a message unless you have the proper decryption key and that is quite possible to achieve, and yes it is inefficient, but quite possible to do and use, you can also hide the noise in wave/flac files and other lossless formats, that will 100% for sure decompress to the same as the raw source file. You can also choose to be a regular image/flac file poster that produce a lot of stuff and put random noise in everything, then the few times you do want to send a message you do. Nobody will be able to tell the difference and just how many messages you send.

That might actually work, but to be honest, I'm not sure it's worth the effort, at least at this point in time.

That is used by russians and others where they have a constant link between two sites that is pure noise and sometimes they drop an encrypted message in there that sounds and looks like pure noise, but on the other end the keys reveal it to be a message and bring it to the attention of people. It is really no that hard to do.

My understanding is that what the Russians (and other governments) used in the past -- and still do -- are numbers stations. If you have a shortwave radio, you can still hear these if you tune in to the right frequencies at the right time. These messages are encrypted with one-time-pads, which are the only cryptographic system that is unbreakable in theory as well as in practice. (Naturally, that assumes that the pads themselves are not compromised, and that they are never re-used.)

Because the messages are widely broadcast, there is no way to know who the intended recipient(s) are. The proper use of one-time-pads (OTPs), will ensure that these messages can never be broken. 

Also it may be possible to use error correcting codes to make the images able to survive lossy compression too, of course within limits. So there could be messages hidden in jpg and other lossy formats as well.

I experimented with stego in image files, but that was so long ago, I can scarcely remember the details.

Honestly though email needs replacement for many reasons

Email has its' flaws, but also its' advantages: it's ubiquitous, for starters. Many of the disadvantages of using email are more than compensated-for by use of nymservers and remailers. The infrastructure is already in place, it's just a matter of learning how to use it. The Cypherpunks designed these services very well, and they have stood the test of time.

Also I have been thinking that I want to make a client that runs on top of proton.me that adds actual trust noone encryption to it, of course proton still tracks who talks to who, so if that is important to hide the other methods talked about here are better.

There is no need to re-invent the wheel, so why bother? You can use a protonmail account as a nymserver target. Any email from the nymserver is processed by a backend-remailer, and all metadata is stripped-off. Anyone examining your Protonmail  box would not be able to see who has written to you, and Proton cannot be forced to decrypt your email, because they have zero access to the private half of the PGP key used to encrypt your email.

As far as Proton tracking who talks to who, that can be overcome by using a remailer to hide your correspondents' email  addresses. All anyone who looks at your outgoing emails can see is that the emails are going to a remailer; they cannot see inside the message, as it is encrypted with the remailer's PGP key. (The same is true for nymservers -- any messages send to the nymservers are encrypted with the nymserver's PGP key -- so the most anyone can learn is that you are using nymservers and/or remailers.) Anyone looking in your Sent box or your Inbox sees only PGP-encrypted messages, with all metadata stripped-away.

For that matter, it isn't even necessary to use Protonmail -- there are any number of Tor-hidden-service based email services that are free to use -- the operators have no idea who you are. These services do not use JavaScript, and plain-text emails are better for security, as typically do not contain embedded executable (i.e. HTML) code. Some examples are:

Darknet Email Exchange (DNMX): http://hxuzjtocnzvv5g2rtg2bhwkcbupmk7rclb6lly3fo4tvqkk5oyrv3nid.onion/

Sign-up is free, and the service does not require JavaScript. DNMX uses Squirrelmail, which is plain-text, as opposed to HTML. 

N.B.: Do NOT click on any of the ads.

Daniel's EMail: http://danielas3rtn54uwmofdo3x2bsdifr47huasnmbgqzfrec5ubupvtpid.onion/mail/register.php

Like DNMX, Daniel's Email also uses Squirrelmail, and plain-text. Unlike DNMX, Daniel's Email is run by a identifiable person, so the potential for LE raids is there -- but the fact that the service is run as a Tor Hidden-Service means that Daniel has no idea who his users are, nor can he be compelled to find-out. Use of PGP/remailers will prevent any usable information from ever falling into the hands of the authorities.

One nice thing about Daniel's Email, (unlike DNMX) is that you can delete an account after you're done with it -- there are two options:

a) Delete an account such that the account name is locked for a year, meaning no one else can register with that name; or

b) Delete an account such that the account name is released immediately for re-use by someone else.

Ideally a tor/i2p site is set up where people can dump messages, that only the recipient can read, sender anonymous via the network, receiver(s) anonymous too, maybe if that tor site wants to save on resources the messages only persist for a certain amount of time, maybe only from people who have sent monero or similar anonymous currency to pay for their used space. Who knows.

I have many ideas about this too, just slow to implement them  

Sites such as you are describing already exist -- temporary email services exist that hold emails for only a number of days, usually a maximum of 30. Some of them even allow additional password-protection. Two examples are: flashbox.5july.org and https://tempr.email/en/ (N.B.: Tempr.email appears to require JavaScript).

also slightly weary of the techniques being used by actual bad people, but I know they will be, still as non criminals are being hunted by the governments we non criminals need to protect ourselves so the governments kind of are forcing us to make it impossible to hunt anyone, it is their own fault.

I suspect that you meant to write: "leery of the techniques used by actual bad people" instead of "weary of the techniques used by actual bad people". I don't see that as a valid argument, frankly.

Security researcher theGrugq, in his posting, "Yardbird's Effective Usenet Tradecraft, Survival in an Extremely Adversarial Environment" [1] says:

"If your secure communications platform isn’t being used by terrorists and pedophiles, you’re probably doing it wrong. – [REDACTED]"

In his notes from the Editor to the above-referenced post, he says:

When analyzing the activities of groups operating in an adversarial environment to learn what works, what doesn’t, and why, (unfortunately) the pool of covert organisations is somewhat limited: intelligence agencies; terrorist groups; hacker crews; narcos; insurgents; child pornographers… Few other groups face such a hostile operating environment that their security measures are really “tested”.

The group examined in this post had an incredibly effective set of security practices. They imposed strict compartmentation, regularly migrated identities and locations, required consistent Tor and PGP use, etc. They had legitimate punishments for people who transgressed the rules (expulsion) and they survived a massive investigation effort. Clearly, they were doing something right (actually a number of things). Just as clearly, they are reprehensible people who engage in activity that is immoral and unethical, by any measure. (Paying for child pornography to be produced is flat out wrong, regardless on where you stand on the spectrum of opinions regarding child porn laws).

The thing is, there are basically no nice people who provide case studies of OPSEC practices. Most are engaged in violence, serious drug trafficking (at the “kill people for interfering” level), theft and manipulation of human beings, etc. Thats the nature of the beast.

People with well funded, trained and motivated adversaries have the strongest incentives to practice the highest level of security. They’re the ones to learn from.

[1] https://grugq.github.io/blog/2013/12/01/yardbirds-effective-usenet-tradecraft/


Tell you what... generate a throw-away DNMX email account and drop me a line at: guy_fawkes@nym.mixmin.net

I can walk you through the process via email. Reading me talk about it is one thing; it's another to try it out for yourself and see how useful/effective it is.

Let me know if you're willing, ok?

Guy

[Vela Nanashi]

No leery is a fine word, but I did mean weary as in:

reluctant to see or experience any more of; tired of.

I am tired of things I make being used for things I do not like them to be used for, and seeing others things be used for the same, sure it does mean the thing is thought of as secure by people who need it to be, just not for what I wanted it to be.

Number stations are used when you don't want anyone to know who is going to receive a short message, good for a government to send instructions to their agents via, but the high bandwidth wired communications between two non secret bases are different there you have an optical or copper wire running at full speed noise 24/7 and send either no, some, or a lot of actual traffic along it, but nobody can tell the difference and they use a stream cipher to extend high quality cryptographic random numbers in those. Also they can be used to blanket a certain number of radio frequencies with the same noise and hide when those links are being used for actual traffic, though you do waste power doing it that way, and you shout your locations out too, but it is worth it in certain cases when the 'when and that' you communicate is important, more so than where you are. Also laser based links is a thing now too and those are not as easy to spot if done right.

One time pads are indeed somewhat impossible to get any useful info out of if used correctly, but they do need to be padded, and you can tell if someone is communicating and that alone can matter, if message length is known that can tell you things too, so that is why the padding is needed. Ideally you would always be communicating at much higher a rate than you need to ever use, and just have it be noise and preferably not directed at a specific person, then the few times you send a message people can't really tell that you did.

For relays and nymservers, they are kind of operating like tor nodes right? You encrypt the message to final recipient, then you encrypt the 'please forward this to X@Y.Z' with the public key of that hop of the relay chain and so forth, you have to trust the last one enough to want it to know that a message was sent to X@Y.Z, of course you can hide that you sent it, so that is better than what regular email offers, I may try to look into that stuff later though I will if I do so send you a pm here to say it is actually me

Also if you study a relay's traffic, unless they add random padding to the messages as they keep relaying it, you can tell by the traffic that a message came in here and see it shrink for each hop and then probably trace the message across hops.

I have other reasons than privacy and security to want to fix how email works though, that we probably should not babble about in this very drifted out of original topic thread I do have ideas though to make spam cost money to send to and actually get received by people, everyone would issue their own stamps that they sell to people who want to mail them (actually an automated server would sell the generated by you stamps), and without stamps the emails are dropped when they get to the server, they can also tell their server/node that the messages signed by that person's key is to be received freely without stamps, everything else has to pay for access to the mailbox. That will remove spam for the most part or let people earn money from it, and also will make malware less likely to be sprayed across all of the internet, as that tactic will cost money to do. Also I would make ephemeral strong encryption mandatory, not optional in that protocol. Designed to not trust the servers, senders or receivers of messages. I am sure you already know of some things that do part of that.

[luvsum]

SPOT ON!!!!  I would Woo you it I had one.  Thanks for adding clarity to the discussion.
I"m reasonably sure no one is passing "nukular" secrets here.  Find it hard to believe there is much to be kept ultra private. Not that there is no reason to want to whisper in another's ear upon occasion. Just that there is minor reason for  anyone else caring enough to try to decrypt.

[Vela Nanashi]

Just want to post this in case people are unaware. When you use the web chat link from a mobile phone browser, it will refuse to show you the list of users, so the room will appear empty, so it is a good idea to say hi, and wait a bit for any people who may be there to notice you arrived in chat and have time to say hi back.

A lot of people go into chat and then disappear a few seconds later, that is not enough time for anyone to notice and type hi to them, I know that must be people who are using the web client from a cell/mobile phone broswer.

On a desktop browser or a browser set to desktop mode the web chat will show a user list, even then some people need time to notice people getting into chat and say hi as chat is not active enough for most people to keep a close eye on it.

You may also get a mobile phone irc client that will better show a list of users for you. All that said I leave my client open there whenever I have power and internet connection, 24/7, does not mean I am there all the time, but I try to relay messages to people and it is good to see what happened in the chat in case I need to moderate things.

Anyway, just felt I should tell you guys about that. I have sadly got no way to modify the web chat client to not have this problem, it is a stupid problem for it to have though.