How to avoid a XKeyscore (NSA) catch

[PNGMK]

http://www.theguardian.com/world/2013/j ... nline-data

Well many years ago I developed an internet capable data logger. I thought knew a bit about TCP/IP and UDP and internet protocols / routing in general. This presentation has me puzzled though. How is the NSA getting this data? Are the routers (owned by the telcos) required to send mirrors of the packets to NSA or does the NSA have direct access to the servers or am I missing something altogether?

I thought if my PC requested data packets from an IP in Australia that the routers along the way would direct my packets and vice versa just between the source and destination?

So this leads me to my real question. I - like any right minded non US citizen - don't want the NSA to be privy to what I post, read, browse, chat about - in my case because of the very real possibility of a conversation or activity being mis-construed and raising a flag. The other issue is that I think what is acceptable and not acceptable behaviour will be gradually tightened. How can I browse, chat, email without the NSA having access to my activities? I don't think a VPN is the answer? TOR is too slow (and probably a snoop trap)... any ideas?

[Strong Eagle]

Direct access.

[x9200]

IMHO the keypoint is in this: covers 'nearly everything a typical user does on the internet'. This unlikely include any stronger encryption (unless specifically focused on a user).

As of How is the NSA getting this data?, it is enough they have access to a specific network node(s) and they can listen to all what flies around. You can do it too for your small part, read about promiscuous mode for example. Nothing to do with the routing etc.

[BedokAmerican]

If you're on Facebook or similar sites, get off. If you're sharing information about yourself and/or providing it to FB, Google, etc. for others to see (or even not see), that could be a problem. Often these social networking sites sell information to entities willing to buy it. One of those entities would be the government.

[zzm9980]

NSA will have direct taps at many major network exchange points. Read about this, it's not the only one:
http://en.wikipedia.org/wiki/Room_641A

You get around it with encryption, but understand how the encryption you're using works.

SSL/TLS between your computer and the end-point protects data in transit. It does nothing once the data is at rest. E.g., the guy at Starbucks watching Wifi can't see what you're doing on GMail. But if someone had access directly to GMail (say via Court-order), you're screwed.

Direct user to user encryption is much better. PGP/GPG for email, OTR for Instant message networks. Even iMessage from Apple is considered secure, because individual messages are encrypted for the destination devices only. Don't trust things like Skype, WhatsApp, or whatever where they just claim to have security without even remotely explaining how it works or no one has been able to reverse engineer it.

VPNs are the same as SSL/TLS - It's only secure to the point your traffic comes out. Which is probably a data center that the NSA monitors. Tor is less than useless, it's probably actively dangerous to use. Anyone can operate a Tor exit node. Many people with malicious intentions operate exit nodes specifically so they can spy on the traffic going through, or compromise systems with client side injections.

I'll tell you more or elaborate on anything I said if you'd like. This is what I do for a living.

[zzm9980]

If you're on Facebook or similar sites, get off. If you're sharing information about yourself and/or providing it to FB, Google, etc. for others to see (or even not see), that could be a problem. Often these social networking sites sell information to entities willing to buy it. One of those entities would be the government.

Facebook is collecting data on you even if you don't participate in Facebook.

http://www.zdnet.com/anger-mounts-after ... 000017167/

[zzm9980]

Btw, there are commercial products that will do what this NSA tool does, so it is hardly surprising.

One is 'Stalker' from Immunity Inc. You have to upload your own packet capture to this service*, but then it will rip the data apart and build up profiles of all of the individual users and sessions contained in the profile.

* - The reason they sell this is because another one of their products, Immunity Silica, is designed to locate, break into, monitor, and compromise Wifi networks. So Stalker is just a value-add/up-sell when you buy Silica.
Silicia costs $2000/yr for a license, and includes the hardware. It's a rather low barrier to entry to become your own mini-big brother. And really, what you're paying for is a $200 Wifi adapter and a pretty python GUI that sits on top of a bunch of free tools. Someone who knows what they're doing can do everything for the cost of the Wifi card.

[PNGMK]

Thanks for the good answers. I pretty much surmised that it was a direct tap onto either the termination device (Snowden's own words) or a network node (router).

I have to agree with BedokAmerican - we can't really escape many of these things though.

As for security thanks for the suggestions. I can't help thinking there must be a better way.

PS If Janet N has decided not to use email (and probably not much of the internet at all) and she's the head of Homeland Security I find it hard to believe it just because email is 'time suck'.

[x9200]

Unlikely only e-mails, likely all unencrypted, non-binary traffic (plus the same but compressed).
I don't think there is anything better than client based encryption. Also, I would have limited trust to the software OS giants like Micro$oft or Apple. If the software is not an open source I could imagine it gives some freedom to sent out various data from your machine along with bug reports or other seemingly harmless information.

[zzm9980]

Unlikely only e-mails, likely all unencrypted, non-binary traffic (plus the same but compressed).
I don't think there is anything better than client based encryption. Also, I would have limited trust to the software OS giants like Micro$oft or Apple. If the software is not an open source I could imagine it gives some freedom to sent out various data from your machine along with bug reports or other seemingly harmless information.

Not to defend Apple too terribly much since they freak a lot of things up, at least iMessage and Facetime appears secure. They're both built on top of relatively open protocols and have been reversed engineered enough to confirm that private keys are stored for each on the local device (If you use a Mac with either service, you can confirm this by looking in your local Keychain). Apple acts as a KDC for your public certs. When I first iMessage you, Apple will send me the public cert for each device you've logged into iMessage with. The only way these messages could then be intercepted would be for apple to surreptitiously include an additional public cert for another destination which isn't intended. If you cared enough, you could test to confirm Apple is only presenting appropriate public certs for you from devices you control.

As opposed to Microsoft and Skype's encryption, which is entirely blackbox. Allegedly it used to be extremely secure and good (rumors abound the NSA had a large bounty out for any blackhat that found a flaw). After MS bought it, they centralized the architecture eliminating the peer to peer aspect and allegedly (this part I believe) built in full wiretap capability.

[x9200]

I meant something a bit more sinister. I guess it is doable to have a low level software logger (kernel or daemon level) that can gather information on what the user does. It can for example log the keyboard strokes (so no way any client-client encryption can help) or even read directly from the "screen" (fb, video memory etc) and write it somewhere to the harddrive. Now, from time to time this software may purposely crash something (it happens in any mature, more complex OS) and propose to send a bug report. It should be possible to include this logged info (or better some meta tags only) into the debugging report and send over some user data. This might also happend during software update process and perhaps some other.

[x9200]

On the other hand I am pretty sure there is a whole bunch of all sort of freaky geeks disassembling the kernel and any binary software just looking for the things I mentioned above.

[nakatago]

http://youtu.be/m_TFheZvG6k

[PNGMK]

I meant something a bit more sinister. I guess it is doable to have a low level software logger (kernel or daemon level) that can gather information on what the user does. It can for example log the keyboard strokes (so no way any client-client encryption can help) or even read directly from the "screen" (fb, video memory etc) and write it somewhere to the harddrive. Now, from time to time this software may purposely crash something (it happens in any mature, more complex OS) and propose to send a bug report. It should be possible to include this logged info (or better some meta tags only) into the debugging report and send over some user data. This might also happend during software update process and perhaps some other.

My understanding is that Intel and AMD may be forced to insert microcode into the uP that allows snooping (and hence the reason Intel allowed uP microcode updates). This would be much lower level than a kernel issue.

[zzm9980]

I meant something a bit more sinister. I guess it is doable to have a low level software logger (kernel or daemon level) that can gather information on what the user does. It can for example log the keyboard strokes (so no way any client-client encryption can help) or even read directly from the "screen" (fb, video memory etc) and write it somewhere to the harddrive. Now, from time to time this software may purposely crash something (it happens in any mature, more complex OS) and propose to send a bug report. It should be possible to include this logged info (or better some meta tags only) into the debugging report and send over some user data. This might also happend during software update process and perhaps some other.

This is why those truly paranoid don't let the data out, or run software update mechanisms which need to send such data upstream. And if they did, they'd catch it happening immediately. Nothings perfectly safe, but the truly paranoid have thought of this.

Even better than kernel modules etc doing this, you have separate hardware modules doing it. entire system on chips which can monitor your keyboard or display, and send it completely out of band from the system it is monitoring. Rumors have been that intelligence services have done such things for years.