Friday, August 23, 2013

Bomb minuteman prepper NSA succession airport gun tea party Anonymous TOR Snowden steganography top secret

George emails:
Tried to reply to your post on the NSA today. OpenID isn't feeling it.

The only solution that I can think of is to overwhelm the system with false positives.  If enough people are sending enough encrypted data to enough places, then the data itself becomes unreliable.  We need to get the signal to noise ratio higher.

Only question…how many participants would you need to make it impractical to investigate (and prosecute for annoying the government?)  10,000?  100,000? More?
Short answer: I don't know, but maybe we're fixin' to find out.

Longer answer: in security parlance, a "false positive" result is where a system flags something as being suspicious or malicious when it really isn't.  The best example of this is when Senator Kennedy found himself on the No Fly list because the No Fly list is stupid (at least in how it works).

There is also a "False Negative" result, where the system misses actual threats.  9/11 is a great example, where clear jihadists were taking flying lessons without much concern over how to land the plane.

Pre 9/11, the Fed.Gov was tuned to minimize False Positives even at the expense of allowing False Negatives.  Post 9/11 the aversion for False Negatives has been dialed up to 11, with a corresponding skyrocketing of False Positives.

Naturally, this tends to annoy the people subjected to False Positive results.  People like, err, me.

And so, since the system is likely designed and administered by incompetents, it is presumed to be trivial to monkeywrench the system.  From a practical sense, it aims to make the NSA's strongest competence (automated computer analysis of metadata) irrelevant (or even a weakness) by flagging so many clearly innocuous items as False Positive that the cost of manual follow up becomes prohibitive, and the system gets turned off.

It gets even more expensive if the people engaging in monkeywrenching include interesting data, like this picture of Crash the Wondercat that includes a super top secret message (well, top secret in Borepatch land, anyway).  Spend some time decoding that, Mr. NSA drone!



Because at the end of the day, the Fed.Gov will only do this if it pays.  If we make it too expensive to work, they won't do it.

Bootnote to the NSA: this post is protected by the First Amendment:
Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.
Emphasis mine.  Note that it is not a crime to make your job harder, and even if it were a crime to do so that  law is clearly unconstitutional per the above.  Putting it in terms that LBJ used, it's better for you to have Internet Security guys like me inside the tent p***ing out rather than outside the tent p***ing in.

Actually a pretty good description of the problem of false positive and false negative, right there.


14 comments:

Old NFO said...

Good point... There are a few other issues, but you've captured the 'meat' of it!

Borepatch said...

Old NFO, I do think that this is my best post title ever.

;-)

Dave H said...

I've been trying to suggest this for months. They want keywords? We got lots of keywords.

Much as I wish I could claim credit for the idea, I read about it in a fantasy novel 20-some years ago. In it, "He Who Shall Not Be Named" was by royal decree not to be named because he (an evil wizard, as if it wasn't obvious) could hear anyone who spoke it. When the Forces of Good decided they'd had enough of HWSNBN's shenanigans, they formed an alliance to move against him. Their first step was to order every bard and minstrel in the allied kingdoms to compose and sing bawdy songs about him at every opportunity.

There was no mention of how many minstrels were lost in the early days of the operation, but 1) they died in service to their kings, and 2) nobody cared about minstrels anyway.

R.K. Brumbelow said...

Well, in reply to that let me just say:

1* 1071 1080H 15kg 17 1911 1984 1997 20 22nd SAS 2600 Magazine 3 312 3848 3B2 414 50BMG 51 69 7 707 737 747,777 757 767 8182 868 888 a ABC ACC Active X ADIU advise advisors afsatcom AFSPC AHPCRC AIEWS AIMSX Aladdin Alica Alouette,executive AMEMB Amherst AMW anarchy ANC Anonymous AOL AOL TOS ARC Archives Area51 argus Armani ARPA Artichoke ASIO ASIS ASLET assasinate Asset AT AT&T Atlas Audiotel Austin AVN b B.D.M.,Sphinx b9 Badger bank basement BATF BBE BECCA Becker beef Bess bet Beyond Hope BfV BITNET black-bag Black-Ops Blackbird Blacklisted 411 Blackmednet Blacknet Bletchley Park Blowfish Blowpipe BMDO BND Bob BOP BOSS botux BRLO Broadside Bubba Bubba the Love Sponge bullion BVD BZ c Cable & Wireless CANSLO Cap-Stun Capricorn CATO CBM CBNRC CBOT CCC CCS CDA CdC cdi CESID CFC chaining chameleon man Chan Chelsea Chicago Posse Chobetsu chosen CIA CID CIDA CIM CIO CIS CISE Clandestine clone cocaine COCOT Coderpunks codes Cohiba Colonel Comirex Competitor Compsec Compsec 97 Computer Terrorism Consul CONUS Cornflower Corporate Security COS COSMOS Counter Terrorism Security counterintelligence Counterterrorism Covert Video Cowboy CQB CRA credit card cryptanalysis crypto-anarchy CSE csystems CTP CTU CUD cybercash Cypherpunks d D-11 Daisy data havens data-haven DATTA DCJFTF Dead DEADBEEF debugging Defcon DefCon V defence Information Warfare Delta Delta Force DERA DES DEVGRP DF DIA Dictionary Digicash DITSA DJC DOE Dolch domestic disruption DRA DREC DREO DSD DSS Duress DynCorp e-cash E.O.D. E.T. E911 EADA eavesdropping Echelon EDI EG&G Egret Electronic Surveillance Elvis Embassy Encryption enigma Enrichment EO EOD ESN Espionage ETA eternity server EUB Event Security Exon Shell explicit Face fangs Fax Fax encryption FBI FBIS FCIC FDM Fetish FINCEN finks Firewalls FIS fish fissionable FKS Flame Flashbangs FLETC Flintlock FLiR Flu FMS force Fort Meade Forte fraud freedom Freeh froglegs FSB Ft. Meade FX FXR Gamma garbage Gatt GCHQ GEO GEODSS GEOS Geraldton GGL GIGN Gist Global Glock Glock 26 GOE Goodwin Gorelick gorilla Gorizont government GPMG grey Data grom GRU GSA GSG-9 GSS Guppy H.N.P. H&K Hackers HAHO Halcon Halibut HALO Harvard hate HIC High Security Hillal HoHoCon Hollyhock HPCC HRT HTCIA humint Hutsul IACIS IB ICE ID IDEA IDF IDP illuminati IMF Indigo industrial espionage industrial intelligence Information Security Information Terrorism Information Warfare InfoSec Infowar Ingram Mac-10 INR INS interception Internet Underground Intiso Investigation Ionosphere IRIDF Iris IRS IS ISA ISACA ISI ISN ISS IW jack JANET Jasmine JAVA JICC jihad JITEM Juile Juiliett Class Submarine Keyhole Kh-11 Kilderkin Kilo Class Kiwi KLM l0ck LABLINK Lacrosse Lebed LEETAC Leitrim Lexis-Nexis LF LLC loch lock picking Locks Loin LRTS LUK Lynch M-14 M.P.R.I. M5 M72750 Mace Macintosh Firewalls Macintosh Internet Security Macintosh Security mailbomb Mantis market Masuda Mavricks Mayfly MCI MD2 MD4 MD5 MDA Medco mega Menwith Merlin Meta-hackers MF MI-17 MI5 MI6 Middleman Military Military Intelligence Minox MIT MITM MOD MOIS mol Mole Morwenstow Mossberg MP5k MP5K-SD MSCJ MSEE MSNBC MSW MYK NACSI NATIA National Information Infrastructure NATOA NAVWAN NAVWCWPNS NB NCCS NCSA Nerd niche NIJ Nike NIMA ninja nitrate nkvd NOCS NORAD NRC NRL NRO NSA NSCT NSG NSP NSWC NTIS NTT nuclear NVD OAU Offensive Information Offensive Information Warfare Oratory Ortega orthodox Oscor OSS OTP package Panama passwd Passwords Patel PBX PCS Peering PEM penrep Perl-RSA PFS PGP PGP 2.6.2. PGP 5.0i PGP 5.1 PGP 5.53 Phon-e PI Pine Gap pink noise Pixar PLA Planet-1 Platform Playboy plutonium POCSAG Police Porno Pornstars PPP PPS president press-release Pretoria Priavacy primacord PRIME Propaganda PSAC Pseudonyms Psyops PTT quiche

R.K. Brumbelow said...

r00t racal RAID rail gun Rand Corporation Rapid Reaction RCMP rebels Recce Red Cell redheads Reflection remailers ReMOB Reno replay Retinal Fetish Reverse Osmosis RFI rhost rhosts RIT RL rogue Rolm Ronco Roswell RSA RSP RUOP RX-7 S.A.I.C. S.E.T. Team S/Key SABC SACLANT SADF SADMS Salsa SAP SAR sardine SAS SASP SASR Satellite imagery Satellite phones SBI SBIRS SBS SCIF screws Scully SDI SEAL Sears Tower Secert Service Secure Secure Internet Connections secure shell Security Consulting Security Evaluation SEL SEMTEX SERT SETA Sex SGC SGDN SGI SHA SHAPE Shayet-13 SHF SIG SIGDASYS SIGDEV sigvoice siliconpimp SIN SIRC SISDE SISMI Skytel SL-1 SLI SLIP smuggle sneakers sniper snuffle SONANGOL SORO Soros SORT Speakeasy speedbump Spetznaz spies Spoke spook keywords spook words Spyderco squib SRI ssa SSCI SSL stakeout Standford STARLAN Stego STEP Stephanie Steve Case subversives Sugar Grove SUN Sundevil supercomputer SURVIAC SUSLO SVR SWAT sweep sweeping SWS Talent TDM. SUKLO TDR TDYC Telex TELINT Templeton TEMPSET Terrorism Defensive Information Texas TEXTA. ELF THAAD the Ti TIE Tie-fighter Time toad Tools top secret TRD Trump TRW TSCI TSCM TUSA TWA UDT UHF UKUSA unclassified UNCPCJ Undercover unix Unix Security UOP Uranium Hexaflouride Gaseous Diffusion USACIL USAFA USCG USCODE USCOI USDOJ USP USSS UT/RUS utopia UTU UXO Uzi veggie Verisign VHF Vinnell VIP VIP Protection Virii virtual virus VLSI VNET W3 Wackendude Wackenhutt Waihopai WANK Weekly World News White House white noise Whitewater William Gates WINGS wire transfer World Domination WORM XS4ALL Yakima Yellow Cake Yobie York Yukon Zen zip zone

Borepatch said...

Props for "r00t".

;-)

George said...

Durka durka...Mohammed Jihad!

George said...

I was asking my backpack bomb about the availability of anthrax on the internet for shipping to Fort Meade.

Also, my cat's breath smells like cat food. On Tuesday.


Durka durka.

Borepatch said...

George, the Internets that you just won will be in the mail tomorrow.

George said...

Ohhhhh, durka durka!

I'm seriously thinking about spending some time this weekend working on some plug-ins that will auto-spam with keywords. Say, automate Google with "suspicious" keywords. And randomly connect to known Jihadi sites with HTTPS.

Dave H said...

George: Please do be careful.

ASM826 said...

The heck with Stegokitty. Let's go with Stegopr0n. You want to send an encrypted message? Send it wrapped inside a .jpg you pick up of a German pr0n site.

Anonymous said...

Well I for one welcome our alien overlords at the NSA.

Mark Philip Alger said...

Suppose the proprietors of web sites were to include Brumbelow's list in the meta keywords template for their sites?

M