[ubuntu-studio-devel] CyberSec For Creative Humans (was: PR&Support)

[lukefromdc at hushmail.com]

Yes-a secure, untraceable posting requires that the user do absolutely NOTHING else
in the entire session. There are multiple security levels in question here, from a high 
school student blowing the whistle on a "gropy" principal to releasing video of police
brutality in a corrupt town (or country), all the way to the Snowden level of material
that could change the course of war, trade agreements, or diplomacy. 

The main reason I suggested TAILS is that use of any live disk insulates the machine
against spyware inserted during a previous session. Needless to say, if the user has
to go online to figure out how to use Tor safely, the session is blown and another
location and time must be used. Same for having to download Torbrowser, which also is 
increasingly blocked by IP's trying to indirectly block Tor via "chicken and egg." With 
TAILS some basic security settings (including disguising the theme as Windows) are
asked about at boot time.

Of course, at the Snowden level if spyware inserted into the current session reveals a real IP 
address you need to be on a connection not traceable to you and not on a security camera, 
and if it reveals a CPU ID you need to be using a one-use, expendable computer.  A new
bottom-barrel  laptop costs no more than an hour or two of a lawyer's time, and two hours 
of a top-notch  laywer's time costs as much as a burn laptop, a burn cellular wifi access point. 
and prepaid with cash airtime cards all combined. Thus, Tor is but one layer in a multilayered
defense. Single-layer defenses usually get penetrated sooner or later. 

Even at the level of posting a video of the local cops beating someone up, the combination of
Tor with use of a public access point and a new account on the host service created that same
session can mean being able to sleep at night without worrying about a police raid for something
like "wiretapping"(overturned in MD but not in never-litigated states) or a subpeona for raw clips.

Encryption's value is in the hands of someone willing to defy a subpeona regardless of the
penalties (to not snitch) and able to remember a strong passphrase and use it right. It is known that
the use of encrypted email frustrated British cops and the FBI during the Huntingdon Life Sciences
(vivisection) campaign, and that a UK key disclosure order was defied and the defiance gotten away
with by the activists in that campaign.

Dealing with any cyber-adversary (even the ad networks) is in fact a form of warfare. Both offense
and defense exist and the balance of power is ever-changing. Also the importance of training: it's a 
lot easier to keep something secure and yet get the job done when you are intimately familar with 
the tools in question.

On 10/29/2015 at 6:13 PM, "Ralf Mardorf" <ralf.mardorf at alice-dsl.net> wrote:
>
>A few notes from the ...
>
>> On 29.10.2015, at 22:35, lukefromdc at hushmail.com wrote:
>> TAILS
>
>... homepage.
>
>"Even though we do our best to offer you good tools to protect 
>your privacy while using a computer, there is no magic or perfect 
>solution to such a complex problem. Understanding well the limits 
>of such tools is a crucial step to, first, decide whether Tails is 
>the right tool for you, and second, make a good use of it."
>
>"A global passive adversary would be a person or an entity able to 
>monitor at the same time the traffic between all the computers in 
>a network. By studying, for example, the timing and volume 
>patterns of the different communications across the network, it 
>would be statistically possible to identify Tor circuits and thus 
>match Tor users and destination servers."
>
>"It is usually not advisable to use the same Tails session to 
>perform two tasks or endorse two contextual identities that you 
>really want to keep separate from one another. For example hiding 
>your location to check your email and anonymously publishing a 
>document.
>First, because Tor tends to reuse the same circuits, for example, 
>within the same browsing session. Since the exit node of a circuit 
>knows both the destination server (and possibly the content of the 
>communication if it's not encrypted) and the address of the 
>previous relay it received the communication from, it makes it 
>easier to correlate several browsing requests as part of a same 
>circuit and possibly made by the same user. If you are facing a 
>global adversary as described above, it might then also be in a 
>position to do this correlation.
>
>Second, in case of a security hole or an error in using Tails or 
>one of its applications, information about your session could be 
>leaked. That could reveal that the same person was behind the 
>various actions made during the session."
>
>Résumé
>
>The user can not simply use a distro to be secure, the user still 
>needs to learn how to use the distro.