We have a handful of humans living temporarily in Earth orbit. We have precisely zero humans living permanently off planet. That's not much progress toward a self-sustaining space colony millions of miles away in an extremely hostile environment.
We don't even know whether the human body can survive long term in the much lower gravity of Mars. Life on Earth didn't evolve for that. The whole idea could be doomed from the start.
Launching rockets is the "easy" part. That's not progress. The hard part is living in space.
Not to mention, even if we could live in space, we're going to bring our own nasty instincts along with us to any other planet. The instincts that are causing us to destroy our ecosystem here and fight amongst each other. If we can't live on Earth with peace, harmony, and sustainability, in an environment that was practically made for us, then what makes you think we can live in another environment that's totally hostile to all life? We'd be sending a clown car to Mars.
In general, we have too many people filled with visions they've got from science fiction, and not enough of a dose of science fact. Perhaps the most realistic bit from science fiction is the part of "Contact" where they're debating whether to send a Christian or an Atheist on the mission. Then extremists blew it up anyway. That's our human reality.
After a lot of consideration, I went with Corral over NAS4Free because the former offered the (FreeBSD native) Bhyve hypervisor for VM's whereas NAS4Free has an integrated Virtualbox instance.
After yet another issue with basic functionality in the Corral release - and reading about even worse experiences on the forums, I decided I couldn't trust this product with the most crucial role in my environment and installed NAS4Free instead.
This tool would be great were it not for me (rightfully) getting fired and possibly sued by any of my clients if I uploaded even a single file. In fact, what kind of business with millions-of-rows kind of files would entrust said datasets to a service that to me seems strangely vague [1] on how the data is secured, or where it is actually going to be physically stored.
The article mentions WhatsApp multiple times as a service that successfully made the transition to end-to-end encryption, but it always seemed to me that this claim is rather meaningless when we don't have the possibility of auditing their source code.
It seems that most people are completely in the dark when it comes to security, including myself, but there are some principles that should be unwavering that regularly get ignored again with every new iteration of "secure" software:
* If there is a weak layer in the stack, from the physical layer to to UI, then the system is not secure. Even if your messaging app is secure, your messages are not secure if your OS is not secure
* If the source code is not available for review, the software is not secure
* If you or someone you trust has not done a full and thorough review of all components of the stack you are using, the software is not secure
* Even if the source code is available, the runtime activity must be audited, as it could download binaries or take unsavory actions or connections.
* On the same note, if you do not have a mechanism for verifying the authenticity of the entire stack, the software is not secure.
* If any part of the stack has ever been compromised, including leaving your device unlocked for five minutes in a public place, the software is not secure.
I could go on, and I'm FAR from a security expert. People compromise way too much on security, and make all kinds of wrong assumptions when some new organization comes out and claims that their software is the "secure" option. We see this with apps like Telegram and Signal, where everyone thinks they are secure, but if you really dig down, most people believe they are secure for the wrong reasons:
* The dev team seems like honest and capable people
* Someone I trust or some famous person said this software is secure
* They have a home page full of buzzwords and crypto jargon
* They threw some code up on github
* I heard they are secure in half a dozen tweets and media channels
I think you are being too strict in your definition of 'secure'. 99.99% of devices run Android, iOS or Windows which are closed source and therefore not 'secure'.
To me, security is not a binary property but rather a sliding scale. WhatsApp say they use end-to-end encryption and they have a strong financial incentive to be telling the truth. No hacker has demonstrated that WhatsApp are lying and the Wikileaks dump suggests the CIA has been unable to intercept messages in transit. Given this information I would rate WhatsApp at least 'reasonably secure'.
> WhatsApp say they use end-to-end encryption and they have a strong financial incentive to be telling the truth.
I'm not giving much to the various "whatsapp backdoor" allegations but I'm curious to why they'd have financial incentive to provide privacy.
Most of their userbase likely still doesn't care about security and they do belong to Facebook - so if anything, they'd have a financial incentive not to use effective crypto.
I guess I would point to the Yahoo security breach as an example of how poor security can have an adverse financial effect on a company valuation and its CEO's remuneration. The Sony hack also comes to mind as something which damaged it's reputation and had an indirect affect on their financial position.
If hackers could get access to WhatsApp and dump all messages to Wikileaks it would make the company look very bad and a significant number of users would switch to something else. If security is not that important to users, why pretend to add end-to-end encryption at all?
And even if Facebook / WhatApp's customers don't care about security, their hired geeks do; and being seen as caring about having topnotch security might help with attracting and retaining talent.
> Most of their userbase likely still doesn't care about security
Teen Vogue just suggested people should use WhatsApp instead of Snapchat because it does end-to-end crypto. I don't think it's true any more that the general public doesn't care about security, if it was ever true.
Based on the behavior after these leaks, there's moderate evidence to suggest that users care somewhat about privacy if it can be accomplished without any sacrifices in existing ease-of-use.
Facebook cares mostly about penetration for Whatsapp, to ensure that no other messaging app takes over.
That's the point. Android and iOS are not secure. Now the question is always, secure for what ? Against an average attacker, they are secure enough. Against the CIA, they are not. They can just threaten several people inside Google or Apple, get a back-door, and you can't check if they did.
You're ignoring that most drivers for android phones are proprietary, the baseband is entirely proprietary (required by law), the Google services are proprietary (which many apps use) and most apps are proprietary (including Google's replacements for the AOSP apps).
If you want a completely free software smartphone experience, it is simply not possible at the moment. Even Replicant[1] still hasn't cracked the baseband puzzle (and is still struggling with the firmware for a couple of phones).
So no, Android is definitely proprietary -- even if some parts are not.
Basebands fall under exactly which entities juristiction such that they can regulate a baseband to be 'entirely proprietary' ? I mean, BB + superhet. mixer => IF => carrier wave envelope containing your data. How do you even regulate a concept of physics? If you're paying the proper fees as a subscriber to $provider_foo you could even design your own receiver off the public standards documents.. (used to be a popular project for 4th year undergrads to do on FPGAs for the CE's who wanted to get closer to the silicon but MOSIS project space was reserved for only the EEs).
If you want a completely 'free' (as in GPL) cell phone experience, you can setup a OpenBTS transmitter and transmit at the 900mhz range which is commons property. To stay legal in the US, your antenna has to put out less than a watt, but the setup allows you to even use off-the-shelf phones and trunk into normal phone lines via standard POTS software. Your device would have to be something a-la http://alumni.media.mit.edu/~mellis/cellphone/ (just a janky setup, but just a proof-of-concept -- you can patch together components from DigiKey pretty easily these days; if you want free-silicon, I think the closest you're going to get is https://en.wikipedia.org/wiki/OsmocomBB or maybe some soft cores, but if you're actually going to take that soft core to tape-out, you're probably going to be running 6 figures just for masks...)
On the hardware side, there is a project "Free Calypso" to produce a completely libre (software, firmware, baseband, & hardware) "dumbphone" using the Calypso chipset.
Initially looking to reuse old phones with the Calypso chipsets, the project is now working on producing their own. Design files are completed; funding for the dev boards is about 66% complete.
The FCC has requirements for manufacturers to make sure that their radios output to-spec EMR. In addition to this, they've been working toward trying to stop people from being able to arbitrarily modify their radios.[1]
While (AFAIK) there isn't a regulation stopping someone from selling radios that have completely free software basebands, you can bet that the manufacturer will be prosecuted if users suddenly start outputting radio waves that don't follow regulations (suing users is harder than suing a manufacturer). As a result, there's a disincentive for manufacturers to ever sell free software radios (because by definition they would have to allow modification).
Google has moved a lot of the platform code to their closed source parts. So for the purposes of security your typical Android phone is just as closed source as Windows. These days, unless you're running a classic Linux distro or BSD the OS code isn't auditable. And even if you were running Ubuntu on the phone the baseband is completely closed and almost always has memory access with no MMU so you should never trust a phone with anything important.
This is only the base code. The manufacturer modifies this code when building a ROM and can add anything. It should provide the modified sources but many chinese vendors do not do it.
Even if manufacturer provides the code, it can preinstall additional closed source programs. For example, Facebook app or some "telemetry" app that are closed source. My chinese noname phone contained an app that was trying to send my phone number and other identifiers to China as a part of a "sales report" (exact URL was http://bigdata.adfuture.cn
/reboot/salesCountInterface.do ). And one can only guess how many data does Facebook collect.
What the end user gets is a phone with a binary blob inside.
I think there should be a strict requirement banning collecting any data without consent from user. No "anonymous" "analytics" and telemetry, no crash reporting, no advertising ids, no checkboxes checked by default. There can be only legal solution to the problem of mass surveillance by software companies. Every byte your device sends to network can end up in the hands of the hackers from developing countries or NSA.
The modifications installed by your phone company, etc. are not open source. The baseband chip's firmware is not open sourced. I've even heard of DMA being allowed over baseband as part of the Lawful Intercept Protocol.
Large parts of iOS is available at opensource.apple.com, including the kernel, Objective-C runtime, and CoreFoundation. LLVM, Clang, and Swift are also open source.
Based on my (admittedly limited) understanding of the human condition, it seems like it would be more accurate to say "WhatsApp say they use end-to-end encryption and they have a strong financial incentive to be _lying_."
They still haven't open sourced the server afaik. The thing that is a problem with Telegram is that they market on their security, but it's not secure by default, or on group chats. Moreover, it stores chat histories, and if you add someone to a group chat they get access to the historical data. A lot of folks use it without thinking about this, or understanding the implications.
The protocol is secure, but we have no idea if the implementations are secure (except Signal itself), because we can't audit them.
In fact, Facebook Messenger's implementation of Signal has very questionable security right out of the box, because if one party "reports" an encrypted conversation, the whole thing is decrypted and sent to facebook support staff.
So someone reporting a message to Facebook would be the equivalent of that person (either Alice or Bob) reporting and sending the content of the other person's encrypted conversation to a third party.
The Signal Protocol provides end-to-end encryption so you don't have to trust the intermediate parties/servers involved in relaying the message (e.g. you don't have to trust Facebook's servers), and to protect against the other person reporting and revealing your conversation to someone else, the Signal Protocol provides message repudiation [1], which effectively gives the sender plausible deniability because the receiving party cannot prove to a third party that a message came from you.
It's not just about the protocol though, it's the whole stack, and the OSes that it runs on are frequently not secure. Also, the Signal app on Google Play requires your phone number and a Twilio API call to function. No thanks.
The phone number is not required as per the Signal protocol -- it's an implementation detail -- another token could be used. At this time, phone number verification is used in the initial authentication flow to protect against someone else spoofing your phone number and pretending to be you.
It also doesn't have to be a central authority, since "anyone" (meaning: anyone who can afford to operate a mailserver, which is actually a surprisingly-high number) can be such an authority for one's own mail.
one single actor < a few large actors you can choose from < lots of actors to choose from < medium size organizations can and do often run their own < individuals can ran their own (Email Is Here) < individuals commonly run their own
Source code isn't required to study what software may do.
If you were really worried about what a particular binary would do, trusting that the binary matched the source and studying runtime behavior would both be a waste of time compared to fully analyzing the binary in question.
If you treat the software as a black box and only study run time behavior, you have no idea if you have tripped a countermeasure that silences the malicious behavior; if you study the control flow directly, you can look for such countermeasures.
>If you treat the software as a black box and only study run time behavior, you have no idea if you have tripped a countermeasure that silences the malicious behavior; if you study the control flow directly, you can look for such countermeasures.
It would be great to find such a countermeasure, and be able to trigger it reliably, or assert the behavior on a permanent basis. Considering that particular weakness of such countermeasures though, wouldn't the safest [for the attacker] default countermeasure likely be to simply crash the device?
A user that knows about malicious code (which you would have to in order to trigger it to go silent) in a binary just shouldn't use the binary at all though.
The broader point is more important: compiled software isn't a black box, treating it like a black box is not the only or best way to analyze it.
Security is not a binary. "Secure" is not something that can be evaluated without context, ie, a threat model. Security is something that comes with tradeoffs. If you require a 100% certainty that no adversary, no matter how well resourced, can obtain electronic communications from you when conducting active surveillance, your only defense is to stop using computers. Most of us don't live with that sort of a constraint, and thus can evaluate things that increase our relative security given a threat model of mostly passive surveillance by state actors and active malicious attacks from private parties that mostly just want our credit card numbers.
This post is grey, and I'm not quite sure why. It's a bit on the "pessimistic" side, but... that philosophy is actually spot on IMO when it comes to security. So why downvote this? I'm honestly a bit new to this community but to me this sceptic perspective as it pertains to software security is ... well, actually it isn't even enough. Is this a weakness w/HN where even justified pessimism is eschewed?
But this sort of pessimism isn't really useful. The attitude that "anything is insecure if there is any closed source software anywhere in the stack" means that it's impossible to advance security, because it's almost impossible to avoid binaries (i. e. firmware).
Apple, for example, has done a few things that are laudable in this field – i. e. risking a public court fight with the FBI to keep the iPhone secure. If we say that such actions are meaningless because they ship binaries, they have no incentive to do such things. Just rolling over and giving the US gov big-pipe-access to everything like yahoo did becomes the better business proposition.
Similarly, what do you answer when a friend who works at the EPA asks you how to securely contact a journalist? If it starts with ordering a custom open-firmware mainboard from somewhere in China, your advice will be ignored.
Practical security is all about risk management. And the first step is understanding what your risks are - not assuming or pretending they don't exist. Depending on the nature of the secrets your friend wants to share and who they are trying to hide from, advising them to avoid phones altogether might not be a bad idea. And falsely assuring them something is secure when that can't be confirmed could cause somebody a world of hurt.
It's not hard to demonstrate that apps are performing end-to-end encryption even if you don't have access to the source code. Reverse engineering this stuff is really pretty straightforward.
It's not just that they're performing encryption, but also assurance that (1) they're using the keys they declare and (2) they aren't sending other data over unannounced side-channels.
You can't just insert yourself in the message stream since the client and server use pinned, mutual certificate authentication. So you have to start from first-principles and step through decompiled code.
I'm not sure what you mean here. It's easy to identify where the key comes from and whether the ciphertext is what you'd expect it to be in that case.
> they aren't sending other data over unannounced side-channels.
It's not straightforward to determine that even if you do have the source - you could imagine an implementation that deliberately leaks information through timing details without that being obvious from the code. At some point you have to trust that authors aren't doing something awful.
> So you have to start from first-principles and step through decompiled code.
Well no, because the first thing you can do there is just disable certificate pinning. But really, the difficulty of stepping through decompiled code is vastly overrated.
Unannounced side channels seems like by far the easiest thing to deal with there; send a 2mb file, observe network patterns, raise an eyebrow if 2mb gets sent over a channel that you didn't expect.
As for using the correct key, dismantle the signal message envelope until you get your blob of encrypted message. Then see if the same blob appears on the target device. Multiple keys? I imagine either correlating message size and network traffic (encrypting stuff twice could well show up), or going at it with a debugger.
Which is really the answer to all of these questions instead of any network shenanigans. You root your phone and attach a debugger, then step through what signal is doing.
Not a security researcher, never reverse engineered anything for security reasons in my life.
What if it only does it at a much later point in time, or slowly via adding data to other comms channels? What if it only does it for small payloads by padding packet sizes to 1k? There are so many ways to get around this, unless we have open source and reproducible builds.
The point isn't to nab every thought-to-be-encrypted conversation on Signal. The point is to evade detection while compromising high-value message streams. Stepping through with a debugger is never going to execute the feature-flagged "pwned" mode.
>Unannounced side channels seems like by far the easiest thing to deal with there; send a 2mb file, observe network patterns, raise an eyebrow if 2mb gets sent over a channel that you didn't expect.
Facebook distributes your 2MB pic to many people, does it technically require more than 2MB of your upload bandwidth? No. You only need to upload it once to their server.
This is actually an area where web apps have some advantage. You can inspect the network traffic using developer tools. You have cross domain rules that restrict traffic. And the encryption is performed by the browser rather than in the apps black box.
You can do whatever you want with your system, if you've complete control. So even pinned certificates are not a big deal. You can read the messages unencrypted or you can remove the certificate checking in the code for example.
It's much harder to demonstrate the app doesn't have a backdoor, or doesn't leak your data in some obscure way, or doesn't weaken the entropy when creating the keys.
While you can verify that the software is in fact encrypting the data and not sending anything it should not send, you can never know who has access to the encryption keys. They are created by WhatsApp, who knows how and where they store them and who can access them.
I agree that it's weakened but I think it's still meaningful. If someone is choosing between WhatsApp and Allo the former is more likely to be properly encrypted.
After all, even though we can't verify it WhatsApp has strong incentives to implement it properly, and OWS has strong incentives to only endorse WhatsApps use of their protocol if they are convinced that it's done properly.
I really think "completely meaningless" is dangerously misleading hyperbole.
How can you personally verify that any 3rd party service is doing what it claims?
Unless you're a security expert with plenty of time to comb through someone else's code, you're still relying on others to be truthful and competent. Even then you're relying on layers upon layers of software and hardware. Far too much for an individual to verify.
That single entity consists of many diverse individuals with differing ethics.
As much as the law might try to pretend, companies are not people. Uh, except in the sense that they are compromised of people. So, they literally are people, people combined with capital.
In that sense, no one is independent. We've all got friends and family, or at least people we know. By definition, if you've heard of someone else's software, that person had a social network by which they distributed the software to you.
Very true. Maybe I misread your previous comment as being more binary than you intended.
Keep in mind that reviewers of free software are also often employees and may have some agenda beyond pure altruism, even if the software isn't copyright of the employer. Open source is big business these days.
It all is. The person contributing to gcc needs to make money somehow.
Well, at least it could be considered tainted by self-interest if you're paranoid. My point was that commercial interest does not prevent quality/security.
We don't need to audit the source code. Just grab the binary, reverse engineer it, and study that.
There's an entire industry dedicated to reverse engineering software and studying its security properties. We call it the security industry. (Not every gig is white-box!)
This way a malicious user with physical access to your machine can easily get around your locked desktop by switching to tty1.
It would be better to fork the xinit proces to the background and exit the tty after:
I don't mean to ask a silly question, but what exactly is this meant to do? (What might it do that plain old `xinit & exit` doesn't do?)
&& is a binary op meant to execute the following command if the return code of the preceding command is success (0)
& is another shell builtin that sends the command preceding it to the background, and lets the shell continue with whatever comes next...
So, at first I read your edit and thought "Oh, this will exit the shell unless X can't be started" ... but exit should be running before X ever gets around to returning, no?
I just read the man page for my favorite shell, and it says the return code for `&` is always 0. So it's clear that `& &&` will work, but I don't see anything suggesting it will do anything that `&` alone won't do.
Just want to know if you know something I don't, and I figure there's no better place to learn a new shell thing than on a HN thread about BSD OS.
Nothing special going on here; my syntax is based on me not knowing the particulars of `&`. I'll try to remember using yours in the future as it's more elegant. Thanks for the reply.
The reason that essay would be long is because you'd have to explain away so much progress from multiple independently operating space industries.