Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Is it possible to set up a totally secure communications method

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » Archives » General Discussion (Through 2005) Donate to DU
 
Peak_Oil Donating Member (666 posts) Send PM | Profile | Ignore Sat Feb-05-05 03:06 PM
Original message
Is it possible to set up a totally secure communications method
that can't be snooped on by anyone? Something like a message board hosted on an OpenBSD machine that's just not hackable and doesn't have back doors that are federally mandated? Is there anything like that?

Some kind of PGP encryption that can't be sniffed out? For some reason, I don't think there is anything like that. Anybody have any ideas?
Printer Friendly | Permalink |  | Top
scottxyz Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 03:09 PM
Response to Original message
1. Your prayer has already been answered: WASTE!
http://waste.sourceforge.net/

"WASTE is an anonymous, secure, and encryped collaboration tool which allows users to both share ideas through the chat interface and share data through the download system. WASTE is RSA secured, and has been hearalded as the most secure P2P connection protocol currently in development."

WASTE is a software product and protocol that enables secure distributed communication for small (on the order of 10-50 nodes) trusted groups of users.
WASTE is designed to enable small companies and small teams within larger companies to easily communicate and collaborate in a secure and efficient fashion, independent of physical network topology.

Some bits of information about WASTE:

WASTE is currently available for 32-bit Windows operating systems as a client and server, Mac OS X as a limited client and server, and as a limited functionality server for Linux, FreeBSD, Mac OS X, and Windows. Porting to other operating systems should be a breeze, as the source is provided (and the network code itself is pretty portable).

- WASTE is licensed under the GPL.
- WASTE currently provides the following services:
- Instant Messaging (with presence)
- Group Chat
- File browsing/searching
- File transfer (upload and download)

Network architecture: WASTE uses a distributed architecture that allows for nodes to connect in a partial mesh type network. Nodes on the network can broadcast and route traffic. Nodes that are not publicly accessible or on slow links can choose not to route traffic. This network is built such that all services utilize the network, so firewall issues become moot.

Security: WASTE uses link-level encryption to secure links, and public keys for authentication. RSA is used for session key exchange and authentication, and the links are encrypted using Blowfish in PCBC mode. The automatic key distribution security model is very primitive at the moment, and may not lend itself well to some social situations. more information.
Printer Friendly | Permalink |  | Top
 
yella_dawg Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 03:12 PM
Response to Original message
2. Define totally secure.
Back when, we played the radio really loud in our offices to keep lasers bounced off the windows from picking up conversations. All wiring was exposed so tracers would be hard to install.

Depends on what you mean by secure.


Printer Friendly | Permalink |  | Top
 
EVDebs Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 03:14 PM
Response to Original message
3. Steganography is the topic you're asking about. Try looking
Edited on Sat Feb-05-05 03:18 PM by EVDebs
into secret societies, like the Knights Templar who eventually morphed into the Freemasons...the first three degrees had 'colors' which became the basis of our flag. Red, white and blue are the 3rd, 1st, and 2nd degrees colors.

Never a written record, and still much only verbal despite the internet age, Freemasons can communicate some things with a phrase and the general public wouldn't know. Howzabout dis: Right now our country is facing a disaster due to the Bush economic program; "Is there no help for the poor son of the widow of Naphtali ?" would be one way to get a distress call out.

Maybe more people could just say that with me...

The 'Open Secret' is what you're looking for. Take a look at the street layout of Washington DC too. From the Capital steps in a V with the G of the Washington Monument ... and looking from the Lincoln Memorial at the West, with Jefferson Memorial on the south, and White House on the north...Why, you've got yerself the Masonic compass and square with the G in the center now, don't you ?

BTW, stay away from computers and stick to analog. Require compartmentalization and ritual for the degrees of advancement. This makes infiltration more difficult. Spoken or visual codes too. The KT had 'tylers' to be lookouts during early lodge meetings. Freemasons kept this system.

Early CIA tried to mimic this but they were mainly Knights of Malta and Catholics...and didn't do a very good job of it.



Printer Friendly | Permalink |  | Top
 
salvorhardin Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 03:15 PM
Response to Original message
4. There isn't anything like that
for the simple reason that it isn't possible. There's no such thing as 100% secure. The best you can do is define as precisely as possible what it is you want to do, what aspects of it need to be secured and why, and define reasonable security procedures that solve more problems than they create (all security solutions create problems). This is why Phil Zimmerman named his software Pretty Good Privacy (PGP).

See Bruce Schneier's article 'Security in the Real World: How to Evaluate Security' for a start. http://www.schneier.com/essay-031.html

Abstract
Security in the Real World: How to Evaluate Security

B. Schneier

Computer Security Journal, v 15, n 4, 1999, pp. 1-14

The article contains excerpts from a general session presentation delivered at CSI's NetSec Conference in St. Louis, MO, on June 15th, 1999.

SUMMARY: Cryptography has the potential of transforming the Internet, or any network, from an academic toy into a real business tool. It does so by allowing us to do real business -- for example, signing and enforcing contracts or doing e-commerce. Unfortunately, most of the products out there aren't very good. They have problems, they're broken. Most cryptography in these products doesn't perform as advertised. The article discusses why this happens, what you should watch out for, and what can be done to change the situation.


I'd also point you to Schneier's Crypto-Gram newsletter. http://www.schneier.com/crypto-gram.html
Printer Friendly | Permalink |  | Top
 
Jack_DeLeon Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 03:16 PM
Response to Original message
5. an idea...
you could go inside a lead room with another person and communicate in sign language. I'm sure that would be quite secure.
Printer Friendly | Permalink |  | Top
 
lectrobyte Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 03:44 PM
Response to Original message
6. as far as unbreakable codes, there is a simple technology
that is perhaps not as convenient as desired, but google up "one time pad". Perhaps a message encoded using a one-time pad, hidden in a video file would be very secure? I suspect that if they are looking at you hard enough, nothing is really secure.
Printer Friendly | Permalink |  | Top
 
ashmanonar Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 04:18 PM
Response to Original message
7. one time pads or book codes.
create random transpositions of letters that only you and your communicatee know.

or buy two copies of books (dictionaries are awesome) and communicate by either page number or leading word on each page.

nothing totally secure, but it requires resources to crack.
Printer Friendly | Permalink |  | Top
 
Peak_Oil Donating Member (666 posts) Send PM | Profile | Ignore Sat Feb-05-05 04:35 PM
Response to Reply #7
8. That's it!
By George, you've done it! That's the only way! I remember how to break a cipher, it's doable. The book code is the way to go! It's the one that works!

I think all I need is a couple of dictionaries in .pdf format for quick searching, and use that method. It doesn't even have to be a dictionary! Any book, or set of books, is good enough.

There's got to be a thousand books in .pdf that have a rich enough vocabulary to do this with. No need to get all high-tech... this will do fine.

Throw in a math book or chemistry book for numbers and it's all good.

Thanks!
Printer Friendly | Permalink |  | Top
 
ashmanonar Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 04:48 PM
Response to Reply #8
9. yep, no problem.
i'm all crafty and gotz cryptoskillz...:D
Printer Friendly | Permalink |  | Top
 
Ian David Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 06:09 PM
Response to Reply #9
10. Speaking of Steganography
How about encoding copies of The US Constitution into various photos using steganographic encryption?

Just for fun.

The government has programs that detect and crack steganographic images, to make sure that terrorists aren't encoding secret plans in cute pictures of kittens.

It might eat-up some government resources to randomly encrypt photos with things like The Constitution, Declaration of Independence, The Story of O, Canterbury Tales, etc.
Printer Friendly | Permalink |  | Top
 
ashmanonar Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 06:29 PM
Response to Reply #10
11. HA.
nah, i value my life...if they waste time decrypting photos that turn out to be the Constitution, they'd come after me and just kill me...

and how would you go about doing such stenographic encoding (i think that's what you're trying to say?)

Printer Friendly | Permalink |  | Top
 
EVDebs Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Feb-06-05 03:05 PM
Response to Reply #10
23. E Clampus Vitus is the supersecret organization that can singlehandedly
revamp US intelligence. The alcohol fuelled fog and bbq smoke signals, as the VC used morse-coded clotheslines during the war, show that with a little humor, they can infiltrate the CIA even, just as Knights of Malta and Opus Dei have already--Hannsen was/is Opus Dei member remember.
Printer Friendly | Permalink |  | Top
 
WetBarNone Donating Member (55 posts) Send PM | Profile | Ignore Sat Feb-05-05 06:52 PM
Response to Reply #9
15. It may as well be rot13
With the teraflops at the hands of the powers that be it's only a matter of femtosecs before them there crypto dood skillz are cracked, hacked and smacked.

Printer Friendly | Permalink |  | Top
 
ashmanonar Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 08:14 PM
Response to Reply #15
17. my cryptoskillz are the bomb
hear?

tha MAN not be able to crack my cryptoskillz.
Printer Friendly | Permalink |  | Top
 
WetBarNone Donating Member (55 posts) Send PM | Profile | Ignore Sat Feb-05-05 08:53 PM
Response to Reply #17
18. Boom, Like That
That's Kroc with a K like Crocodile but not spelled that way.

Listen?
Printer Friendly | Permalink |  | Top
 
ashmanonar Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 09:31 PM
Response to Reply #18
19. lol.
Edited on Sat Feb-05-05 09:31 PM by ashmanonar
i'm so white.

:D
Printer Friendly | Permalink |  | Top
 
northzax Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Feb-06-05 04:05 PM
Response to Reply #8
24. there's only one problem with your theory
you cannot communicate digitally at all. If you have the dictionary in .pdf format, so does the NSA. If the computer you are using to encode your documents is connected to the internet, AT ANY TIME, you cannot assume your communications are secure. Your best bet, quite frankly, is to simply be boring. Encoding your communications too securly is just going to attract attention to you. (two men meet at a fair to talk, un noticible among the crowd, compared to two men doing semaphore in the middle of a park, which attracts more attention?)

I have a friend who may, or may not, work for a government agency that may, or may not be located at Fort Meade, Maryland (frankly, I have my suspicions, but I really have no idea, honestly) And his advice to me (his hobby is encryption and really fucked up math), which may or may not be useful, is to basically assume that anything you say or write on anything electionic is being listened to. Look, I don't flatter myself that the government gives enough of a shit about me to bother listening to me, but you pretty much have to assume that they are. There is no safe encryption using digital technology. As smart as the encryptors are, the NSA has smarter people. No one has better computers, no one has better mathmeticians and computer scientists. no one has more money or experience. If they want to read your mail, they will. If they want to hack into your desktop and put naked pictures of carmen elctra and a mule on it, they will.
Printer Friendly | Permalink |  | Top
 
jdots Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 06:43 PM
Response to Original message
12. Yes and it's 100% undetectable

What i do is just speak normally and no one pays attention.
Printer Friendly | Permalink |  | Top
 
Ian David Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 06:53 PM
Response to Reply #12
16. It's not undetectable. Wired did an article a while back about it
The government regularly uses programs to sweep the internet looking for stego-encrypted pictures.
Printer Friendly | Permalink |  | Top
 
WilliamPitt Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 06:45 PM
Response to Original message
13. Yeah. Buck naked in a field at midnight
using hand signals only you and your naked friend know.
Printer Friendly | Permalink |  | Top
 
WetBarNone Donating Member (55 posts) Send PM | Profile | Ignore Sat Feb-05-05 06:45 PM
Response to Original message
14. No
If you share any information with anyone other than yourself on the air or wire it can be decoded by NSA. If it can be encoded it will be decoded by those that have the heat. The only secrets are those kept within yourself...for now.
Printer Friendly | Permalink |  | Top
 
Cats Against Frist Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 09:35 PM
Response to Original message
20. deeeeeee dooooooo deeeeee Papa November Papa November
http://www.spynumbers.com/enigmaG15.htm


When in doubt, do as the Mossad.
Printer Friendly | Permalink |  | Top
 
jmowreader Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 09:40 PM
Response to Original message
21. Superencryption is the real deal
To superencrypt something, you choose an encryption system and put your traffic through it. You then take the encrypted traffic and put it through another encryption system...and do this at least three total times. At the distant end, the receiver passes the traffic through the decryptors in the order reversed from what you used...if your keys were NIXON, FORD and CARTER, the DE has to use the CARTER, FORD and NIXON keys.

This is good security for a lot of things, but for the really secret stuff you must also use one-time keys.

If you can't set up a non-electronic communication method like talking face-to-face in your car while an Ozzy tape is playing in the stereo, three-pass superencryption will have to do.
Printer Friendly | Permalink |  | Top
 
bemildred Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Feb-05-05 09:50 PM
Response to Original message
22. What you want will be vulnerable to "social engineering". nt
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Sun Nov 03rd 2024, 09:02 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Archives » General Discussion (Through 2005) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC