Bob sent me a post from Slashdot which should serve as a wake-up call as to how difficult it is to protect yourself on the Internet if you are a mere mortal. They quote an Electronic Frontier Foundation report on how encryption is being subverted:
Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reported ISPs in the US and Thailand intercepting their customers’ data to strip a security flag—called STARTTLS—from email traffic. The STARTTLS flag is an essential security and privacy protection used by an email server to request encryption when talking to another server or client.1
By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls, including Cisco’s PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception.
This type of STARTTLS stripping attack has mostly gone unnoticed because it tends to be applied to residential networks, where it is uncommon to run an email server2. STARTTLS was also relatively uncommon until late 2013, when EFF started rating companies on whether they used it. Since then, many of the biggest email providers implemented STARTTLS to protect their customers. We continue to strongly encourage all providers to implement STARTTLS for both outbound and inbound email. Google’s Safer email transparency report and starttls.info are good resources for checking whether a particular provider does.
This is obviously way above my pay grade. Some of the comments at Slashdot argued that this problem was the result of user stupidity, as in using port 25, as opposed to port 465 or 587. However, bob makes some much broader points, and I would be curious to get reader reactions. This is a bit stream of consciousness, but Richard Smith, one of our resident IT experts, concurred, so this is presumably accessible to the tech savvy:
Google REALLY doesn’t like other people in their business line.
Read through and appreciate how convoluted their “claim” is. Email has always been a post card.
The encryption you can use to protect that is COMPLETELY separate from Google using “encryption” for gmail, or any other web based email.
In theory, if you use a resident program on your machine to encrypt a file and then email it, it can be “protected”, if the receiver takes the same precautions, un-encrypting it on a local, clean, machine.
Google just wants shit to work. They can paint on some encryption to brand it, but if that doesn’t work, for any number of technical reasons, it defaults back to no encryption between you and Google/webmail of any sort.
All the “encryption” can guarantee, at best, is that no one between you and google can read it (false/disputed claim). But, Google has to decrypt it to read it and then send it.
All it is is encryption between you and Google. Not between you and the recipient, as most people assume.
This is also about the https’ing “search requests”. Google wants to be the only people who know what you’re searching. The https isn’t to protect you, it’s to commoditize you. It stops your ISP from gathering your search info, maybe…
The NSA can just buy the info from Google then. It’s easier, all in one place. One stop black budget shopping.
That’s another whole ball of wax most people don’t get. Part of “secure” communication is being able (from google point of view) to be sure of the source. requiring a time stamped cert from some third party is a very good way to do that, if you wanted, to say, be able to introduce evidence for a trail.
Most of the “sytem” is also based on, “trusted” 3rd party certificatoins. But, control over the issuance of these security certs in laughable. They’ll give a cert to any dead guy. $2.95.
After finding that you can’t break in with a loophole, you then move onto cert manipulation where the MITM [man in the middle] accepts the cert meant for the user, and then issues a cert that that MITM generated, to the user machine.
It’s all Certified™ encrypted™, but all the cert and encryption are being done by a machine that is between you and your server, etc…The MITM is letting you use his machine, in effect.
The next step up is DNS poisoning, where you don’t even have to pay for a fake cert, you just set up a fake cert shop, and route all the traffic from the targeted machine through your poisoned DNS pool, which sends all cert requests to a place you can control.
It’s really is that bad, and trying to explain the logic of these fuckers is insane. Yes, in theory, some day, when the moon is right and there is enough pr0n flowing through your tor exit node, you could be anon.
The Tor mess sounds like a direct use of this ‘feature’.