Some times it pays to read slashdot at -1. Today, I came across this nice post about defeating EU’s data retention act on telecommunications. It’s worth reading and using.
I’ve taken the text from slashdot and posted here, since I believe it’s in the authors interest to make this as public as possible. I urge you to do the same thing!
Howto defeat EU’s data retention act
or
Directive 2006/24/EC, on “the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC
— Wikipedia
Please note that this howto is made to the best of our knowledge, and we will in no way guarantee that it is fail-safe.
First off, you will have to agree about the protocol you will use for communicating. This means that you should pick a method from this howto, or other places, and stick to that. This should be agreed to in a offline, non-traceable communication method, like public phone booths by code (i.e you can refer to method one, two, three etc.) or by meeting face to face in secure locations. You’ll also have to agree on a few keywords/key sentences.
Now that’s done, adhere to that channel. You might use the channel to agree upon new channels, but it really won’t enanche security much, if you assume that the attacker already knows your current channel.
Next, I suggest to use strong crypto, like Gnu Privacy Guard[1] or PGP[2]. Both supports cymetric encryption. Simply encrypt the message with your agreed-upon passphrase. For gpg’s part this means using -ac flags, where a means ascii armored (i.e presented in a binary safe format that can be pasted to forums, emails etc.) whilst the c means symetric encryption. Key in your passphrase. Ideally this should be a long random sentence, of 40++ characters in mixed case if you prefer so. It’s more important that you remember the passphrase in your head than that it is overly difficult.
You should now have a message looking something like this:
-----BEGIN PGP MESSAGE-----
Version: GnuPG
jA0EAgMCX6Cwgr463/FgySzU7iytmimLYABLjuE3NP/IfMh0YhFautpEQjuRQn0+
1d1pPDVgU0lbdC2Daw==
=ci6W
-----END PGP MESSAGE-----
The length of your encrypted message will vary with the length of your cleartext message. Now, this cryptotext above used the password foo, a really bad one. Go ahead, decrypt it if you want. Simply paste it into a pure text document, rename the document to foo.asc, and double click it in any decent OS. The result should read “This manual is nice”.
Ok, so you have a message. How do you forward that message to a person, without anyone else getting to know? I have a few suggestions:
Put it on a very very popular place, where you have hundreds of thousands possible receipents. Since it’s normal text, it can be displayed inline in a webpage, and anyone who views that webpage will download a copy. Done correctly, this message has quite many potential readers.
Such plases is not to hard to come by at all. One suggestion is a popular forum, like Slashdot[3]. Sure, you’ll probably be moderated off-topic, but that’s not so important. Just agree to what kind of thread you’ll post it in (i.e the thread closest to 12:00GMT every day can contain a message somewhere). The nice thing about slashdot is that they don’t delete anything. It will simply be moderated down, but left there for anyone who wishes to view.
Another alternative is usenet. Google groups provide easy access to usenet, and if you find a group with huge daily volume, you more or less ensure that atleast quite a few thousand has downloaded a copy of your message, and retained it more or less infinetely in their cache… Same as for above: agree to a protocol, and stick to it.
Other ideas might be newspapers forums or other websites with a substantial traffic. If your posts contain useful information, it’s a fair chance that a little off-topic section is left alone at the bottom…
When you post the message, you should be a tad carefull if you don’t want it to be tracked back to you, or at least make it more difficult. For that purpose I suggest TOR[4]. For windows, TOR has something called Videlia pack, complete with tor daemon, torbutton[5] for firefox, and privoxy. In other words, a complete setup for masquerading traffic.
Please remember that tor only obfuscates the source of your traffic, it does not make you completely anonymous unless you’re carefull. Ideally, you should run tor in a virtual machine in i.e vmware[6], to avoid that things like Operating System version, browser version, set cookies etc. reveal your identity. At least I urge you to clear all cookies prior to using tor. Also remember that the tor exit node might sniff your traffic, and is often rumored to do exactly that. That means that anything sent as plain text – passwords and usernames for websites etc. must be assumed to be known to the attacker. Whatever you do, do not use your regular account on sites like slashdot or google to post this message! That will compromise you brutually!
Ok, so you got the basics for posting? But you might wonder – how does your parner know that _you_ sent that message? He does not – anyone knowing the passphrase can produce a message encrypted with the passphrase, containing any message he might desire. Symmetric signing is a more difficult problem, and I know of no program that does this natively. However, there’s a few tricks you can use:
Make two versions of your messages. One plain containing only the message, and one containing a rather long sentence at the bottom of some kind. Place the sentence at bottom i.e one line below the rest of the text, with no trailing line. Now, hash that file in some way, i.e sha1-sum. Include that hash in the original message, and encrypt and send. Upon receipt, the receipent can chop away the hash, insert the same text that you did, and hash once again. If hashes match, there’s a very very fair chance that it you’re really the author. If it don’t match, well… then who knows. You’ll have to enter the text at bottom in exactly the same way!
That’s all for now. And remember, the more readers you have, the more secure you are against this kind of analysis
[1]: http://www.gnupg.org/ [gnupg.org]
[2]: http://www.pgp.com/ [pgp.com]
[3]: http://www.slashdot.org/ [slashdot.org]
[4]: http://tor.eff.org/ [eff.org]
[5]: https://addons.mozilla.org/en-US/firefox/addon/2275 [mozilla.org]
[6]: http://vmware.com/ [vmware.com]
Here’s an implementation of a double-blind time-limited drop-box via DNS:
http://landonf.bikemonkey.org/code/security/DNS_Dead_Drop.20060128201048.26517.luxo.html
It’s not undetectable — the RD bit is not widely used — but it’s likely under the radar, especially if you use a DNS server located in another, non-cooperative country. Does tor support routing DNS queries out the network? That would be somewhat resilient to detection.
One nice thing about the methodology is that when posting the message, only ‘1’ bits are observable. ‘0’ bits are never sent, so try doing analysis on: 11111111111…
Retrieving the message, the 1s and 0s are (obviously) available, but your message is encrypted, right?
[…] copied from http://bitsex.net/english/2008/how-to-avoid-eu-data-retention-act/ with […]
It’s abundantly clear that you don’t know the first thing about security or encryption.
I was passed this link by a friend, and I’m worried about how many people will read it and think it will make them somehow safer than leaving a note in a personals ad.
If you don’t know what you’re talking about, please don’t make it even harder for the layman to understand by expounding such poorly put together ideas. This makes people’s chances of security worse, not better.
Anyone digging this isn’t helping, either.
DeathBoy, could you elobarate on that? I did not write the text, but it seems quite googd enough for me.
As I gather the real thing is not encryption, but twarting traffic analysis to reveal whom is communicating.
And I can’t see any really huge problems.