Return-path: xxxx...@berkeley.edu
Envelope-to: xxx...@xxxxxx.xxx
Delivery-date: Sat, 20 Feb 2010 21:19:26 -0800
Received: from xxxxxxxx.berkeley.edu ([128.32.xxx.xxx])
        by xxxxx.xxxxxxxxxxxx.xxx with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
        (Exim 4.69)
        (envelope-from <xxxx...@berkeley.edu>)
        id 1Nj4E2-0003HR-Mg
        for xxx...@xxxxxx.xxx; Sat, 20 Feb 2010 21:19:26 -0800
Received: from xxxxxxx by xxxxxxxx.Berkeley.EDU with local (Exim 4.69)
        (envelope-from <xxxx...@berkeley.edu>)
        id 1Nj4E2-0004s1-Bl
        for xxx...@xxxxxx.xxx; Sat, 20 Feb 2010 21:19:26 -0800
Received: from cm03fe.ist.berkeley.edu ([169.229.218.144])
        by xxxxxxxxx.Berkeley.EDU with esmtp (Exim 4.69)
        (envelope-from <webm...@berkeley.edu>)
        id 1Nj4E2-0004rv-9i
        for xxx...@xxxxxxxxxxxx.xxx; Sat, 20 Feb 2010 21:19:26 -0800
Received: from cm09be.ist.berkeley.edu ([169.229.218.182])
        by cm03fe.ist.berkeley.edu with esmtps (TLSv1:AES256-SHA:256)
        (Exim 4.69)
        (envelope-from <webm...@berkeley.edu>)
        id 1Nj4E1-0005NQ-Cn
        for xxx...@xxxxxxxxxxxx.xxx; Sat, 20 Feb 2010 21:19:25 -0800
Received: from cyrus by cm09be.ist.berkeley.edu with local (Exim 4.69)
        (envelope-from <webm...@berkeley.edu>)
        id 1Nj4E1-0002WX-Ra
        for xxx...@xxxxxxxxxxxx.xxx; Sat, 20 Feb 2010 21:19:25 -0800
Received: from cm01fe.ist.berkeley.edu (cm01fe.IST.Berkeley.EDU [169.229.218.142])
        by cm09ms.ist.berkeley.edu (Cyrus v2.3.13-CalMail-v2.3) with LMTPA;
        Sat, 20 Feb 2010 21:19:25 -0800
X-Sieve: CMU Sieve 2.3
Received: from persius.rz.uni-potsdam.de ([141.89.68.1])
        by cm01fe.ist.berkeley.edu with esmtp (Exim 4.69)
        (envelope-from <webm...@berkeley.edu>)
        id 1Nj4Dy-0007hK-52; Sat, 20 Feb 2010 21:19:24 -0800
Received: from arnim.rz.uni-potsdam.de (arnim.rz.uni-potsdam.de [141.89.68.11])
        by persius.rz.uni-potsdam.de (8.12.11/8.12.11) with ESMTP id o1L50smS001879;
        Sun, 21 Feb 2010 06:00:54 +0100 (CET)
Received: from uni-potsdam.de (localhost.localdomain [127.0.0.1])
        by arnim.rz.uni-potsdam.de (8.13.8/8.13.8) with ESMTP id o1L50qp1025812;
        Sun, 21 Feb 2010 06:00:52 +0100
Received: from 41.138.182.176 ([41.138.182.176]) by webmail.uni-potsdam.de
        (Horde MIME library) with HTTP; Sun, 21 Feb 2010 06:00:52 +0100
Message-ID: <2010...@webmail.uni-potsdam.de>
Date: Sun, 21 Feb 2010 06:00:52 +0100
From: "Berkeley.edu Web-Administration" <webm...@berkeley.edu>
Reply-to: supp...@live.com
To: undisclosed-recipients: ;
Subject: Alert: Update your CalMail  account
MIME-Version: 1.0
Content-Type: text/plain;
        charset=ISO-8859-1;
        DelSp="Yes";
        format="flowed"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
User-Agent: Internet Messaging Program (IMP) H3 (4.1.6)
X-Virus-Scanned: clamav-milter 0.95.3 at arnim.rz.uni-potsdam.de
X-Virus-Status: Clean
X-j-chkmail-Score: MSGID : 4B80BE06.000 on persius : j-chkmail score : X : 5/50 0
X-Miltered: at persius with ID 4B80BE06.000 by Joe's j-chkmail (http://j-chkmail.ensmp.fr)!
X-Ucb-Scan-Signature: 606d01dea56a423fb13a5c3f55ff5ffa3eae29a5
X-Ucb-Spam: Gauge=IIIIIII, Probability=7%, Report=''
X-Ucb-Notice: This message has been processed by a spam tagging system.
        See http://mailinfo.berkeley.edu/ for more information.

--

Dear CalMail User,

Your email account needs to be upgraded with our new F-Secure® HTK4S
anti-virus/anti-spam 2010 version.
Fill the columns below and click reply to send back or your account will be
suspended temporary from our services.

CalNet ID:
Passphrase:
Phone Number:

Berkeley.edu Web-Administration
Greg Silva

https://calmail.berkeley.edu/

----©2010, University Of California.

Note the fairly convincing From: address. A lot of the suspicious routing information will be hidden by most email clients, however, the Reply-to: header (which would route the email to supp...@live.com and which the phishing relies on) should be set to visible by most email clients, which means, yet again, people who pay attention to details shouldn’t be taken in by this rather amateurish phishing attempt.

Not to mention one should never send passphrases over email—even if you know the recipient; email is transmitted in clear text between servers and is inherently insecure.

Members of all branches of the United States Military will soon be facing a most critical decision. The European Union Times is reporting here that Obama is using the deployment of additional troops to Afghanistan to cover for the movement of some 200,000 troops, presently on duty in countries other than Iraq and Afghanistan, to USNORTHCOM to prepare for the “expected outbreak of Civil War within the United States before the end of winter.”

The claim is just so out there, I don’t know how to take it. Is this one of those truther or birther type conspiracy theories (or, say, DHS report on right-wing domestic terrorism) that have no legs to stand on? Or does this have some basis on facts?

In the end, even if the worst fears (about the ruling elite’s intentions) of Mr. Gaddy come true, I wouldn’t worry about it. Men and women of American military have been one of the most fiercest defenders of individual freedom—including the individual right to own and carry firearm—I have ever known. If orders were to come down for these patriotic men and women to trample on the constitutionally protected individual rights of Americans, I have every confidence that they will mutiny before following those orders—after all, Nuremberg tribunals proved that “just following orders” wasn’t an excuse for ignoring one’s conscience, and if I had to put my trust in anyone else’s conscience, I would put it in the conscience of American volunteer army.

If I am betrayed by this trust, well, the world as I know has come to an end and my most deeply held beliefs might as well break.

“Google has announced the launch of their free DNS resolution service, called Google Public DNS. According to their blog post, Google Public DNS uses continuous record prefetching to avoid cache misses — hopefully making the service faster — and implements a variety of techniques to block spoofing attempts. They also say that (unlike an increasing number of ISPs), Google Public DNS behaves exactly according to the DNS standard, and will not redirect you to advertising in the event of a failed lookup. Very cool, but of course there are questions about Google’s true motivations behind knowing every site you visit.”

Oh, this is tempting. I have some routers configured to use OpenDNS (mainly for their supposed fast response, not for the redirect to search), and I am rather tempted to re-configure them to use Google’s DNS servers.

But, frankly, I think Google already has enough of my private information. I don’t need them to know every site I visit (and no, I don’t put much stock in ToS; as much as I trust Google more than other companies, once they have the information, it’s safer to assume that they’ll have it for-ever).

Well, I guess for now, Google’s DNS servers do not offer anything beyond what OpenDNS or my local DNS servers do … so at least the decision is a no-brainer for the time being.

Return-path: xxxx...@visitor3.berkeley.edu
Envelope-to: bkp...@xxxxxx.xxx
Delivery-date: Sun, 29 Nov 2009 01:32:12 -0800
Received: from visitor3.berkeley.edu ([128.32.124.159])
        by helen.byungkyupark.com with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
        (Exim 4.69)
        (envelope-from <xxxx...@visitor3.berkeley.edu>)
        id 1NEg8a-0000jX-J7
        for bkp...@xxxxxx.xxx; Sun, 29 Nov 2009 01:32:12 -0800
Received: from xxxxxxx by visitor3.Berkeley.EDU with local (Exim 4.69)
        (envelope-from <xxxx...@visitor3.berkeley.edu>)
        id 1NEg8a-0001rk-4v
        for bkp...@xxxxxx.xxx; Sun, 29 Nov 2009 01:32:12 -0800
Received: from smtp-out1.berkeley.edu ([128.32.61.106])
        by visitor3.Berkeley.EDU with esmtp (Exim 4.69)
        (envelope-from <xxxx...@berkeley.edu>)
        id 1NEg8a-0001rW-2q
        for bkp...@byungkyupark.com; Sun, 29 Nov 2009 01:32:12 -0800
Received: from arsenic.calmail ([192.168.1.2] helo=calmail.berkeley.edu)
        by fe2.calmail with esmtpsa (TLSv1:AES256-SHA:256)
        (Exim 4.69)
        (auth plain:xxxx...@berkeley.edu)
        (envelope-from <xxxx...@berkeley.edu>)
        id 1NEg8T-0000qs-8R
        for bkp...@byungkyupark.com; Sun, 29 Nov 2009 01:32:06 -0800
MIME-Version: 1.0
Received: from visitor3.Berkeley.EDU [128.32.124.159]
        with HTTP/1.1 (POST); Sun, 29 Nov 2009 01:32:05 -0800
Date: Sun, 29 Nov 2009 01:32:05 -0800
From: "Byung Kyu Park, BA" <xxxx...@berkeley.edu>
To: bkp...@byungkyupark.com
Subject: This will demonstrate how Calmail leaks IP addresses
Message-ID: <7272...@berkeley.edu>
X-Sender: xxxx...@berkeley.edu
User-Agent: RoundCube Webmail/0.3-RC1.UCB3
Content-Type: multipart/alternative;
        boundary="=_ad4b95d1d25a334cada12ae4c3335783"

Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="UTF-8"

And this email was composed on the RoundCube webmail client.

Andrew

You will see that the detailed email header (which most email clients hide, but there is always an option to show full headers) reveals the IP from which I was accessing Calmail’s webmail interface (no, I’m not in the lab right now; but I am proxying through one of my servers, because I consider my current IP address a confidential, personal, private information). Similar headers show if you use SMTP protocol or if you use the other webmail.

I am not entirely sure if this is a feature or bug—embedding IP information in headers will help with legitimate activities of law enforcement authorities, as well as illegitimate (is there any other kind?) squelching of dissenting voices—so I haven’t reported it to abu...@berkeley.edu or, I don’t know, h...@berkeley.edu? secu...@berkeley.edu?

In any case, now that you know, now you can avoid using Calmail—if you value your privacy.

Ironically, GMail may be one of the most secure email system to use, as far as privacy goes, because headers from GMail is fairly clean from any private information. Or, I guess if you are like me, you run a computer server at work, on which you run a bunch of things like websites and email servers so whose IP address isn’t exactly a state secret. You can proxy everything through that server (like I did here) or run your mail clients and what-not on that server.

No matter what you do, just remember: when you send an email through Calmail, you announce to your recipient what your IP address is at that moment. Don’t send that email if you are not comfortable with that.

“A Turkish grad student has devised a serious, real-world attack on Twitter that targeted a recently discovered vulnerability in the SSL protocol. The exploit by Anil Kurmus is significant because it successfully targeted the so-called SSL renegotiation bug to steal Twitter login credentials that passed through encrypted data streams. All in all, a man in the middle is able to steal the credentials of a user authenticating himself through HTTPS to a trusted website.”

What’s next? PGP? Can we trust anything other than OTPs any more?

That is a good lesson to remember. The attacker in this case gave little consideration to his personal security, by all accounts, and was not going to stop until someone stopped him. Munley understood this and went against every human survival instinct to pursue a confrontation with a murderous lunatic — and nearly got killed for her efforts. Her heroism saved lives at Fort Hood.

I refuse to be a victim. Because we do not live in an ideal world, there will always be those who want to victimize us, be it a madman or the government (but I repeat myself), and I need to make sure that I can win—if it ever comes down to the contest of brute force.

Update (12/26, h/t: Elliott): my point exactly. Americans are not born victims—that’s why Founders enshrined the right to defend oneself in the Second Amendment. Absent statist drive for power, I don’t see why anyone would strive to make any place (airports, airplane, etc.) constitution-free zone and designate everyone in that area victim. Regulations—after all, for something as potentially dangerous as guns and cars, we do want to make sure that people using them are properly trained and do not intend to harm others—I can understand. Blanket bans, I cannot.

“The US Government has updated its policy on the search and seizure of laptops at border crossing. ‘The long-criticized practice of searching travelers’ electronic devices will continue, but a supervisor now would need to approve holding a device for more than five days. Any copies of information taken from travelers’ machines would be destroyed within days if there were no legal reason to hold the information.’”

If I take this at the face value (so many things promised by this administration didn’t come to be, so I don’t know if I can), then it means if they search and seize my laptop (after finding the encrypted data, if they do), they will have to return the laptop to me in less than one week. I don’t really care if they destroy their copy of my encrypted data (because, barring breakthroughs in attacks against encryption algorithms in use today, they won’t be able to do anything with it; and it’s at least 5 years or so that I can sleep soundly).

This is a small “improvement”, if that at all, but I will take what I can get. Ideally, I want TSA and its … ineffectual, draconian security theater gone, but some among us do like the pretension of security better than actual security, which I don’t think the government (or maybe even private enterprises) can achieve at all.

I, for one, am excited. Here are a group of people with a profit motive (it’s the illegal kind, but, oh well) who can make a real contribution to steganography. Imagine the coming advances in the next year or so!

I guess it’s re-install time for many of my servers, or at least one of them. I am currently keeping … a vigilant log to check that nothing out of ordinary is happening, but I am considering the machine compromised and in line for re-install as soon as I can find the time.

More specifically, what about the secrets that protect our data? Like an increasing number of people who care about the security and integrity of their data, I have encrypted all my hard-drives – the ones in my laptops and the backup drives, using 128-bit AES – the Advanced Encryption Standard. Without the passphrase that unlocks my key, the data on those drives is unrecoverable, barring major, seismic advances in quantum computing, or a fundamental revolution in computing.

After considering a few options that most people who think about this particular problem would, including an option I might have considered adequate, a safebox containing the passphrase (or an unencrypted private key which can be used to similar effect), and rejecting them, he concludes,

Finally, I hit on a simple solution: I’d split the passphrase in two, and give half of it to my wife, and the other half to my parents’ lawyer in Toronto. The lawyer is out of reach of a British court order, and my wife’s half of the passphrase is useless without the lawyer’s half (and she’s out of reach of a Canadian court order).

Obviously this makes the attack on the passphrase slightly easier: if it was originally 10-characters long, then now the attacker needs to consider only 5-character passphrase, once he gets the control of one. But it’s probably easy enough to make your passphrase long enough to minimize this problem, i.e. make your passphrases 40-chars long instead of the recommended 20-chars (for my full hard drive encryption, I use a 26-char password and it’s probably not too difficult for me to memorize one that’s twice as long).

And if you don’t mind a little bit of technical complexity, you can split the key mathematically rather than as a string: i.e. for each character, take its ASCII code, and split it, randomly, into two numbers (running both positively and negatively, say from -255 to 255; it wouldn’t be possible to split them into another sets of printable ASCII codes, as lowest 32 numbers aren’t printable, so may as well just turn each character into numbers) so that when they are added together, you get the correct character back, and store information about these two sets of numbers separately—and either of these two sets by itself is literally nothing but a random set of numbers, betraying no information about the actual passphrase.

Overall, I think this is a good scheme, except, well, it only works for people with connections in two countries (and if the liberals have their way, we will have the One World Government pretty soon, so splitting jurisdiction may not be an option soon).

It seems like, at least in any scenarios I can think of, if you want to share a secret with someone else and wants to keep it secret (between the two of you), then the only way to do it is under some subterfuge—either regarding the fact that you have a secret, or that the other person shares it (so that you can prevent the person from getting subpoenaed).