Re: [Discuss-gnuradio] "A scanner with a digital output" address@hidden pwright.com: @stake wows the wireless rubes...]

['address@hidden']

On Thu, Mar 21, 2002 at 05:40:45PM -0800, Ettus, Matt wrote:

> 
> The obvious reason there is no encryption in the cheap version is that it's
> cheap.  Thus, the expensive model's price is justified to those who want
> privacy.  If every feature were in the cheap one, why would you buy the
> expensive one?
> 
> If the TLAs had wanted people not to have encryption, none of the models
> would have it.  
> 

        Perhaps, and what I was suggesting was indeed (knowingly)
somewhat paraniod speculation.   But it is true that the TLAs DO want
the good guys to have encryption (and have done quite a bit over the
years to help provide it to those whose communications vulnerabilities
they regard as a problem), its just that they would strongly rather not
see bad guys get any protection from them.   What inspired me to make my
comment was that the two class model of the Blackberry marketing plan
seemed to awfully nicely dovetail with the LEA view of the world -
proles should not have even the slightest figleaf of privacy from LEAs
(and don't need much real privacy from anyone else of course, either), but
trusted privilaged folk should be using strong encryption in order to
protect the infrastructure.

        I do admit that making security an extra cost add on to a low
ball basic product is a very natural marketing strategy these days. And
whether omitting it in a product designed from the ground up to support
it actually significantly lowers costs of that product without it, the
profit margins on the high price version are no doubt much fatter (or
may even for that matter actually exist as real positive revenue rather
than a loss or break even) so pushing the customer base toward the
higher price version is a natural thing to do.

        And I cannot resist observing that it is almost certain that
most or all corporate clients of the high price version get orders of
magnitude more screening and general vetting by RIM than someone who
comes in off the street at a wireless shop and buys a consumer
Blackberry - so a criminal or terrorist enterprise buying the corporate
version has to be a lot better about cover and legend lest their
true nature come through and cause RIM to quietly tip off the FBI.

        And while I cannot even start to speculate about whether there
was in fact any LEA pressure on Blackberry in this situation, the fact
that most all paging networks in the USA and many digital cell phones
remain completely in the clear unprotected by even weak link encryption
does make me wonder sometimes.  It is obviously easier for a semi-rogue
LEA to intercept a rf link in a situation where they would rather not
leave a paper trail than get a judge (even a rubber stamp judge) to sign
a warrent.  And there is certainly ample historical evidence of rogue
LEA (and TLA) interception of communications over the years.  And if the
rf link is encrypted it is a lot harder for a LEA to get at it without a
court order, and maybe even significantly more expensive even for the
NSA...

        And this says nothing about 3rd party friendly governments
running intelligence operations in the US - THEY clearly can't request
FISL or other CALEA court orders (at least yet - maybe I missed
something in the USA Patriot act) and thus it is greatly in the THEIR
interest to have the NSA and others quietly push to leave stuff in the
clear or weakly encrypted. And if we scratch their back, well maybe they
will do the same for us in their countries... or at least not be quite
so mad at us for intercepting their citizens traffic...

        All admitedly paraniod tin foil hat speculation, but sometimes
where there is at least semi imaginary smoke, there is also ...

> All of the "easy" encryption models you describe are only effective against
> casual eavesdroppers, as you state.  Certainly the TLAs you fear would be
> considerably better equipped.

        I rued my rather too hastily written comments on method
(I had to collect my son at after-school and was in a real hurry when I
wrote them).   Suppose that each Blackberry contained a simple boring
168 bit secret individual random 3DES key in EEROM.  NO interception
based on collecting the rf link traffic alone would work - there is no
practical way to attack 168 bit key 3DES. Any intercept would have to
start with obtaining the targets key by some other method than
interception.

        It would seem that this would raise the bar a bit on even TLAs
as they would either have to get pretty intimate with the targets
Blackberry or pry the key out of RIM.  Both are possible, but in many
cases a lot harder than just SIGINT interception of the traffic. (And
obviously in truly court authorized interception cases, CALEA would
require RIM turn over the traffic anyway).

        And with the simple expediant of 168 bit random key encryption
of all traffic on the system it would be impossible for ANYONE
monitoring the rf link alone to randomly surf through traffic looking
for interesting stuff - only targeted intercepts aimed at specific
Blackberries whose keys had been "obtained" could be made.  (Yes I know
that the bad guys or grey hat guys would just attempt to steal the whole
key database...).  This is obviously a very different situation than
prevails now.


> 
> Making blanket paranoid accusations does nothing to help further the cause.
> It only pisses people off and takes credibility away from all those
> legitimately fighting for the cause of privacy.  It makes it easier for the
> TLAs to make us all look like tinfoil hat wearers.
> 

        I think this language is a bit strong.  I was merely speculating
on a possibility (and we do know as a matter of historical fact that the
NSA did attempt to intervene behind closed doors in more than one
situation involving deployment of crypto to the public).  I meant none
of what I said as a formal accusation, but rather knowingly paraniod
speculation intended to make my readers (if any) think a little about
out of the box, off the wall possiblities that are admitedly unlikely
but not completely out of the question considering what is known about
what actually has happened in the past.

        And if RIM did cooperate a little with quiet LEA or TLA requests
that matched their marketing plan, I am not sure that having done so  is
the absolute epitome of evil.   One can certainly admire what they appear
to have done with their corporate high end version, in which they seem
to have made traffic quite secure - even from them.  And whether such
serious security belongs in the hands of the unwashed general public
is something that serious people have strenously disagreed on, even
if most of us here come down on the privacy over easy intelligence
and law enforcement side of the fence.

        And I do own a well earned official tin foil hat and wear it
proudly...


> Matt

-- 
        Dave Emery N1PRE,  address@hidden  DIE Consulting, Weston, Mass. 
PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2  5D 27 BD B0 24 88 C3 18