Tiger of freedom on the web scared offline.

[palladin9479]

There are ways around the monitoring systems, the Chinese have perfected this (not the government ones).

Not entirely. Hiding the contents of your communications isn't so hard with available software. Hiding that you're communicating with or via a given entity is much harder, and enough in itself to attract regime ire if the entity communicated with is identified with disfavor. For a nation without a tradition of free speech, using a service that facilitates anonymous communications may be a crime.

Solutions exist for metadata snooping resistant communications, at least in theory, where no single 3rd party in isolation can see which pair of people is communicating. But to my knowledge no services set up to do so, and uncertainty whether a surveillance state could be snookered or forced to allow them.

Not if you know what your doing. I just gave a very good method above on how to do it. We use encrypted data all day every day, literally billions of connections all across the globe. The trick is to make your data look just like everyone else's. Snooping systems work by heuristics, they look for specific indicators to flag items for further analysis. It's simply not possible to analyze every single connection / packet sent over the internet, so once you learn to become just another straw instead of a needle, finding you in that haystack becomes impossible. Security guys are constantly bitching that SSL traffic is by far their biggest problem as they have no way to look inside it.

[hanelyp]

I'll repeat, since you seem to have missed my point:
What you are saying is easy enough to hide from 3rd parties. Who you're communication with is much harder to hide.

An example of what can be done with metadata to identify leaders among opposition groups, http://kieranhealy.org/blog/archives/20 ... ul-revere/. If the tyrants can silence the opposition leaders, their job is done. Short of that they can criminalize consorting with known "enemies of the state".

[ladajo]

I agree, tracking source and destination patterns are much easier than content.
However, I would not be so sure about the security of SSL and PKI. Just my own opinion.

[Stubby]

You can hide lots of info in pictures, gif or videos.
Steganography

EDIT

Steganography is used by some modern printers, including HP and Xerox brand color laser printers. Tiny yellow dots are added to each page. The dots are barely visible and contain encoded printer serial numbers, as well as date and time stamps.

Didn't know that.
I guess the same thing could be done with any imaging device, and the EULA would have consent buried in the fine print. Meaning that pictures could be tracked to individual devices. Hmmm.

[palladin9479]

I agree, tracking source and destination patterns are much easier than content.
However, I would not be so sure about the security of SSL and PKI. Just my own opinion.

And I said that hiding source / destination is just as easy as content. The only difference is you need to establish your own intermediary systems to ask as a screen, requires quite a bit more knowledge the just encrypting content but is definitely doable.

I'm say this from experience. I have actually built a "global" (had systems in four countries interconnected) communications system that had encrypted mail, web, voice and file services. Myself and some friends did it as a learning experience. The trick is that you need to use encapsulation and your own pre-established data links. The "internet" is just a giant cloud of interconnected routing nodes, the government can monitor those nodes so you need to create tunnels through them but not directly to each other. Instead you create your own cloud like set of nodes and through those you funnel your data. From the public point of view the data looks identical to any other form of SSL traffic. It's all incredibly cheap to do, about 500~600 USD worth of hardware at each site and the knowledge required to build it from OSS. Your key components are some form of Linux, preferably based on RHEL, have OpenVPN, Quagga, Shorewall, Snort and Squid on them. Learn how those inter-operate and you can create your own shadow mesh network on top of the internet.

Now about SSL / PKI. Biggest misconception about SSL is that people think it's an encryption protocol, it's not. SSL is a communications protocol that makes encryption very easy (you can establish a SSL connection with no key if you really want). Any form of data can be put through a SSL connection without a third party knowing what that data is. You can use any type of key and any encryption protocol you want. It's completely open to your implementation. OpenVPN is a piece of software that creates a VPN style connection but use's SSL as the connection protocol. It supports up to 2048 bit PKI keys and a whole host of ciphers, from 256 bit AES to BlowFish @448 bits. So SSL establishes the connection but it's up to the software to actually do the encrypting. SSL is as secure as you make it, there is no "secret government backdoor".

PKI is the same, PKI is not an encryption method but rather a system that describes mathematically related keys. PKI allows you to create a set of different yet compatible keys that can be used to encrypt and decrypt data to each other. The keys are "safe" in the sense that just becomes someone steals one set they can not reverse engineer the others. Simply revoke the lost key's SN and your still protected. You create the master CA key, you create both the public and private keys, you manage distributing them (THIS IS THE MOST DANGEROUS PART) and ultimately you control the security of the entire system. Again there is no "secret government backdoor" involved.

Now with those tools it becomes a simple matter of understanding heuristics and how network packet monitoring software works. Capturing and monitoring data across a global WAN link is impossible, they do it all at the local level, aka your ISP or Tier 1 provider. That is the entity that you have to trick, you must make your new encrypted data connection as innocuous as possible. That means no direct connections to entities that would draw attention, and using port 443 becomes paramount (HTTPS web traffic the most common form of SSL encrypted traffic in the world). If you want to communicate with someone else, don't establish a direct link as that can be detected via source / destination on the outside packet headers. Instead you establish a set of international intermediary systems. Do not both connect to the same system, that's dumb. Instead each connection to a different one and those two then connect to a third one, all within different countries, all using port 443 or 33000+ (ephemeral ports) to communicate. You can keep adding more intermediaries all over the place, all interconnected using the above mentioned encryption methods. It forms a giant mesh network and it actually resembles the original DARPANET.

I very good example of these methods in action is TOR. TOR is geared only for web access through and involves worldwide nodes. The idea above is to create your own miniature TOR like system that allows for all forms of network communication.

[paperburn1]

On a side note I would guesstamate about half of the servers that “anonymous” your metadata are controlled by the government

[ladajo]

Keys are rated by measure of time to crack them. Of note, is the standard is not related to availble power of current systems.

I agree that Palladin's methods to 'hide in plain sight' can be effective. The only trouble being that if someone knows to look for you, they will find you (and your traffic) eventually.

I think it is a great misunderstanding to think that you can hide on the internet. The folks that hunt others electronically as a profession are not limited to keyboards. There are other connectors that are vunerable in alternate spectrums as well as the physical world. Fuse these together, and IMO, it is not so hard to eventually narrow someone down in time and space, and then apply force. Professionally, it is known as "Find, Fix, Finish.".

While I applaud your expertise Palladin, I believe you should consider you are thinking one dimensionally, as do many that tend to live primarily in the electronic world. There is a real world that goes with it that is oft forgotten. Many a young idealistic or sociapath young 'hacker' has been rudely reminded of this point often by a busted down door, or firm knock.

Even the chinese were abruptly reminded of this recently when they had a Hacking HQ outed on the world's physical stage. Wanna make a bet how many 'hackers' are still working from that building?

Beh, no matter to me. I think the old adage applies, "The most dangerous things are those that you don't know that you don't know.".

[hanelyp]

And I said that hiding source / destination is just as easy as content. The only difference is you need to establish your own intermediary systems to ask as a screen, requires quite a bit more knowledge the just encrypting content but is definitely doable.

More specifically you need an intermediary outside the influence of those who would snoop on you. If you have a major business interest in a certain country, that country can pressure you in regards to any servers you control even if a server is hosted elsewhere. Taken as a given that any nation with meaningful hosting capacity may have a government you can't trust, you need a protocol between independent operators in different jurisdictions such that no single 3rd party can identify both ends of a communication. You also need enough traffic over such a privacy aware channel that simply using the channel isn't enough to flag you as up to no good.

[palladin9479]

And I said that hiding source / destination is just as easy as content. The only difference is you need to establish your own intermediary systems to ask as a screen, requires quite a bit more knowledge the just encrypting content but is definitely doable.

More specifically you need an intermediary outside the influence of those who would snoop on you. If you have a major business interest in a certain country, that country can pressure you in regards to any servers you control even if a server is hosted elsewhere. Taken as a given that any nation with meaningful hosting capacity may have a government you can't trust, you need a protocol between independent operators in different jurisdictions such that no single 3rd party can identify both ends of a communication. You also need enough traffic over such a privacy aware channel that simply using the channel isn't enough to flag you as up to no good.

All of that already exists. Your not after "hosting capacity", jesus christ. You need to actually OPERATE the systems in domestic area's, meaning you need people there already. You can put them in any country anywhere, the more connected the better. You connect them all to each other and they create their own network.

Your operating off the principle that it's physically impossible to distinguish these connections from people checking facebook, google, email, amazon or online backing. The only solution would be to record every single packet and then run detailed pattern analysis on them all looking for anomaly's that do not correlate with the average connection pattern. There hasn't been a super computer made that could do that, and with our interconnected world growing at a faster pace then our technology is, it's a fair bet that it will never catch up. If you don't know what Tor is then you really should research it a bit to understand the concept of anonymous networking. Once you make your data stream look identical to everyone else's it becomes impossible to separate it in any meaningful way.

On the note of keys, keys are just really long numbers that are used as seeds in crypto algorithms to transform one value into another. Keys and algorithms tend to be rated in their length, the longer the better as there are more possible values that an attack must attempt. There are two kinds of encryption, symmetric and asymmetric, and that deals with the nature of the keys. Symmetric encryption is the easiest and each side has a copy of the exact same key. The sender takes their message and applies the chosen algorithm with the key that produces a scrambled message, the receive then reverses the process by using the same key. The down side is that all parties need the same key and if one party compromises the key then everything is vulnerable and in the open, this is BAD. Asymmetric encryption is when each party has a different key yet all keys are mathematically related (RSA basically). The keys must be MUCH longer (1024 / 2048 bit) then symmetric to ensure uniqueness and protect against breaking. You end up with each party having two keys, a private and public one. They all exchange public keys with each other so that each party has a copy of the others public keys. Because all keys are mathematically related, the sender can take it's private key, pair it with the receivers public key, run some math to produce a MEK (media encryption key) which will be 128~448 bits in length, this is the key that actually secures the connection. Then encryption is done just like symmetric and passed on to the receiver. The receiver reverses the process and use's it's private key and the senders public key to reproduce the same MEK. If one parties key's are compromised it doesn't effect the other parties involved and no among of attacks on the public key will yield it's private counterpart.

Now that's a very "down and dirty" description because there are other things you can do to further secure the connection, one being to use the MEK only as a transition key that serves to encrypt the real encryption key (which is randomly generated by the sender at the start of the session). The session initiator then will randomly generate a new TEK (transmission encryption key) periodically, this ensures no amount of data harvesting will produce a pattern match for attack the algorithm used (breaking keys becomes easier with larger sample sizes). When looking at the sheer number of possibilities for a key it becomes impractical to attempt brute force. This is why those who do key breaking attack the cipher by data harvesting or by using dictionary hoping that the participants used a weak key. The only other way to break any of the above encryption is to physically get a hold of the private keys or the master CA key (the one used to generate all the other keys). For this very reason the master CA key is kept on a system that HAS NO NETWORK CONNECTION.

Anyhow the take away here is that your data and privacy is 100% in your hands. It requires education and knowledge, like everything else in the world. Computers and everything related to IT is insanely complicated yet it's not magic, there are very real rules and principles that apply. Learning those rules and principles allows people to mold and manipulate the systems to serve their needs.

[ladajo]

The only other way to break any of the above encryption is to physically get a hold of the private keys or the master CA key (the one used to generate all the other keys). For this very reason the master CA key is kept on a system that HAS NO NETWORK CONNECTION.

And this is done all the time. The physical world interrupts the non-physical. Certifying Authorities are at risk all the time for breach. And many are breached regularly, both physically and electronically. This is a relatively unknown to the masses very unpleasant fact. Breaching a CA is a very damaging event for many.

In your scenario, you wish to prevent a scan capture of your data. If no-one is interested in what you are up too, then this is not so hard, and I agree you can hide to a good extent. If someone is interested in what you are up too, then it gets harder. If they are very serious, they will figure out a way to breach, and more than likely it will involve a physical event or series of them that if done properly, you will never know.

Your system pre-supposses that no one is really looking for you. If that is true, then okay. If not, then not so okay. The real trick is hiding when someone is very serious about finding out what you are up to.

[hanelyp]

Paladin, an efficient communications channel does not currently exist secure against metadata snooping in the event a single 3rd party carrier is compromised. The closest I've seen amounts to boards where being able to decrypt a message is how you identify what is for you, hardly efficient.