Peregrine

On the last day of the Utah Open Source Conference 2007 (UTOSC), there was a PGP/GPG key signing party, hosted by Scott Paul Robertson. It was good to be able to get set up to properly sign so many keys, but it did give me a little problem; I needed to sign everyones’ keys with each of my 4 active keys. That would have been over 100 times running the gpg command. Sounds like something begging to be scripted, so I did.

I’m posting the script, which is still very rough, as I didn’t both taking any time when I whipped it up last night to take care of everything that it really should be doing. Still, I’ll work on it here and there, I’m sure. You can download it from http://www.openbrainstem.net/download/sign-lots-o-keys. If you feel like makeing some fixes, either post your patches (please, create them as a unified diff file, if you wouldn’t mind) and put a link in the comments here and/or on your own blog.

Enjoy!

On August 5th, 2007, President Bush signed S.1927 into law, after it passed a Senate vote (60 for, 28 against, 12 present but not voting) on the 3rd, and a House vote (227 for, 183 against, 23 present but not voting).

The new law amends the “Foreign Intelligence Surveillance Act of 1978 to provide additional procedures for authorizing certain acquisitions of foreign intelligence information and for other purposes.” It was sponsored by Sen. Mitch McConnell [R-KY] and Sen. Christopher Bond [R-MO].

I haven’t had time, yet, to fully read the resulting text of the bill (there are always amendments to bills as they pass through Congress), so I will reserve any specific commentary for a latter time. However, it appears that this new law could seriously affect privacy under certain circumstances in the United States.

Believe it or not, there’s a company (immi) that is giving away “special” cell phones with free service. The catch? The phone is also a room bug:

The IMMI phone randomly samples 10 seconds of room audio every 30 seconds. These samples are reduced to digital signatures, which are uploaded continuously to the IMMI servers.

But why would they do that? Money, of course:

IMMI also tracks all local media outlets actively broadcasting in any given designated media area (DMA). To identify media, IMMI compares the uploaded audio signatures computed by the phones with audio signatures computed on the IMMI servers monitoring TV and radio broadcasts. IMMI also maintains client-provided content files, such as commercials, promos, movies, and songs.

By matching the signatures, IMMI couples media broadcasts with the individuals who are exposed to them. The process takes just a few seconds.

Panel Members may sometimes delay watching or listening to a program by using satellite radio, DVRs, VCRs, or TiVo. IMMI captures these viewings with a “look-back” feature that recognizes when a Panel Member is exposed to a program outside of its normal broadcast hour, and then goes back in time (roughly two weeks) to identify it.

Now, let’s think about this just a little. If anyone in a given room has bought into this free cell phone scam (yeah, that’s right, I’m calling it a scam; you gotta problem wit dat?), then they have chosen to give up their privacy. But what they probably don’t realize or think about is that everyone else in any room they are in has just lost his/her privacy and they don’t know it.

Personally, I want to know what these “special” cell phones look like so I can recognize them. When I see one, I’m going to politely ask the “owner” of it to remove the battery. I’m sure they’ll look at me funny, but I’ll calmly, patiently and very briefly explain why. If they refuse, then I will ask them to leave the room or bury the phone in a purse, briefcase, coat or computer bag where it can’t hear anything.

I wonder what will happen when the first lawsuit is filed against the company for breaching other people’s privacy. I mean, since I haven’t signed their agreement, they are violating my privacy by placing the device with an irresponsible person who would allow it to be in the same room as me.

Researchers at the University of Washington have demonstrated a frighteningly easy way to track anyone who uses the Nike+IPod Sports Kit

One of them built the tracker hardware (for only $250) which they interfaced with Google Maps.

Their paper has the details.

This is a great example of how even without any personal information stored on an RFID chip, privacy is easily violated (as long it has anything unique on it, like an ID).

A man in Quincy, Massachusetts was refused service at the local IHOP restaurant when he refused to turn over his driver’s license before being seated.

Hilarious.

But there’s a great security point here, too. They wanted to reduce the incidence of “dine-n-dash” events, where people skip out without paying. Holding your driver’s license would surely help, or so they thought. But they didn’t count on the reaction to this violation of privacy or, more importantly, the inconvenience this was to their customers.

Security Rule #1: Security is only as good as the weakest link.
Security Rule #2: You’re weakest link will (almost) always be the users.
Security Rule #3: To users, security = inconvenience.

Observation of End Users in the Wild: Users will fight inconvenience.

Good security is invisible to users, or at least, it isn’t overtly present and doesn’t require them to do anything. That’s why supermarkets and convenience stores place monitors where customers can see that the front doors (and other high-value areas) are being watched. People make the assumption that the camera feeds are also being recorded (which is not always true, but often).

At least this IHOP incident wasn’t condoned by corporate management.

If you care about security issues and/or your privacy at all, you should be concerned about the deployments (and pending deployments) of passports with passports with RFID chips embedded in them.

Bruce Schneier, CTO of BT Counterpane, author and world-renowned security expert & privacy advocate gave an interview regarding RFID passports. It is available as a podcast.

There isn’t any new information in there, at least, nothing that I haven’t talked about before. However, it is an excellent, easy to understand explanation of the key issues surrounding RFID chips being embedded in government issued IDs. It’s not very long, but is good information for everyone from the technically challenged to government officials and even security experts.

The “Budapest Declaration on Machine Readable Travel Documents” is an interesting and informative read:

Abstract:

By failing to implement an appropriate security architecture, European governments have effectively forced citizens to adopt new international Machine Readable Travel Documents which dramatically decrease their security and privacy and increases risk of identity theft. Simply put, the current implementation of the European passport utilises technologies and standards that are poorly conceived for its purpose. In this declaration, researchers on Identity and Identity Management (supported by a unanimous move in the September 2006 Budapest meeting of the FIDIS “Future of Identity in the Information Society” Network of Excellence[1]) summarise findings from an analysis of MRTDs and recommend corrective measures which need to be adopted by stakeholders in governments and industry to ameliorate outstanding issues.

Thanks to Bruce Schneier for posting this on his blog.

A few days ago, Peter Abilla published a post about TrackMeNot.

I had read about TrackMeNot a little more than a week before on Bruce Schneier’s blog, and so I already knew TrackMeNot was a flawed idea. Peter also makes some very good points in his post, but, unfortunately, it falls short of pointing out some of the more serious problems with TrackMeNot.

I’ll just summarize the problems here. For further explanation, read Bruce’s post:

1. It does not hide your searches (they are still identifiable with you).
2. It’s far too easy to spot (and therefore, far too easy for AOL and others to defeat) and it’s schedule is regular & fixed.
3. Some of the generated searches are worse than what you would try to hide.
4. It wastes lots of bandwidth, while returning absolutely no privacy or security benefit.

I like this quote from Bruce’s post:

Yes, data mining is a signal-to-noise problem. But artificial noise like this isn’t going to help much.

I just read this story by Bruce Schneier on Wired.

You really should read the whole article,even though I summarize it here.

The folks at FairUse4WM cracked Microsoft’s PlaysForSure DRM software in Microsoft Windows Media Player.

If you really want to see Microsoft scramble to patch a hole in its software, don’t look to vulnerabilities that impact countless Internet Explorer users or give intruders control of thousands of Windows machines. Just crack Redmond’s DRM.

It only took a couple of days for the FairUse4WM people to compensate. I’m sure it won’t be long before Microsoft tries to patch this again.

But the real moral of the story is that companies like Microsoft don’t actually care about security except when it embarrass them or directly threatens their strategic agreements (like with record labels).

You might have heard of the new Browzar web browser. Their website claims: “With Browzar you can search and surf the web without leaving any visible trace on the computer you are using.”

Well, it’s just not true.

It’s only a thin wrapper around Microsoft’s Internet Explorer version 5.5 (or later). Since IE stores all sorts of stuff in places on your system without telling you, Browzar can’t deal with all of it. Scott Hanselman has actually shown that Browzar misses the mark on this point.

There are other problems with this, too. For example, this program will not affect any servers that you visit, or any caching proxy servers in between (like at work or a university).

Anonymity on the web is not just about the stuff that’s on your computer, though it’s an important part; it’s also about the things those servers you connect to keep track of and tell each other.

Web browsers such as KDE’s Konqueror, Mozilla’s Firefox, Apple’s Safari (built on/from Konqueror, BTW) and others already support local privacy features. These include Konqueror’s excellent cookie management capabilities and Firefox’s support for auto deletion of cached data. All of these browsers sport these privacy enhancing features, though they have differing approaches and levels of control.