Git-Mirrors
/
into-the-crypt
mirror of https://0xacab.org/optout/into-the-crypt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Formatting tweaks

This commit is contained in:
arcanedev 2021-08-11 14:32:11 +00:00
parent 7273dfa87e
commit a89f4736f8
No known key found for this signature in database
GPG Key ID: 13BA4BD4C14170C0
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -126,7 +126,7 @@ For mobile devices, options are extraordinarily limited. Phones are designed to
For Android, the best operating system to date is GrapheneOS.[^9] This operating system can only be flashed to Google Pixel variants. This is a security-centric OS that accounts for many hardening mechanisms from software to hardware. GrapheneOS encrypts the entire device using block-level encryption, unlike most Android versions which use file-level encryption. If physical forensics of the handset is an issue, GrapheneOS is the best solution.
GNU/Linux based phones, such as Pine64's Pine Phone[^10] or Purism's Librem 5[^11], are now hitting the market. These devices are inherently insecure in early conception. One could consider these devices private but not secure. If an injection could reach the device, then all privacy is lost.
GNU/Linux based phones, such as Pine64's Pine Phone[^10] or Purism's Librem 5,[^11] are now hitting the market. These devices are inherently insecure in early conception. One could consider these devices private but not secure. If an injection could reach the device, then all privacy is lost.
## Disable Logging
Disable logging at the source is the best solution to ensure excess logs are not being stored. Daemons or processes can automate the process of log collection. This has its useful functions for both debugging and security (auditing), however it is detrimental to the idea of information retention.
@ -348,7 +348,7 @@ Security professionals will often preach that security through obscurity is an i
A threat model with the application of anti-forensics should not adhere strictly to one distinction of security vs design. Cryptographic software can perform means of obscurity. For instance, Veracrypt produces cryptographically secured volumes that contain differential hidden volumes for plausible deniability. These hidden volumes can hinder the effectiveness of an amateur (and perhaps well-versed) investigator. We are not claiming the process to be systematically flawless, however security has never been fault-less. If you have applied some of the cryptographic advice heeded in the book like full-disk encryption (FDE), and the adversary has managed to gain unbridled, decrypted access to your computer regardless, it becomes self-evident that obscurity is friend when the design has been bypassed or simply failed.
Perhaps mechanisms for clandestine messaging are set in place, standing up your own instances or using decentralized services can reduce your attack surface. It is difficult to attack infrastructure that did not provide any indication of its existence. You added more architecture into the mix for this chatter, however the attack surface from using centralized servers is removed. Even Snowden recommended using decentralized servers over TOR with strong cryptography.
Perhaps mechanisms for clandestine messaging are set in place, standing up your own instances or using decentralized services can reduce your attack surface. It is difficult to attack infrastructure that did not provide any indication of its existence. You added more architecture into the mix for this chatter, however the attack surface from using centralized servers is removed. Snowden also recommended using decentralized servers over TOR with strong cryptography.
### Code Implementation
Code is a great complement to cryptographic ciphers. It has an incredibly easy implementation, and its application can be as simple or complex as desired. Using the principle of randomness, you and your affiliates could generate a word list to send out messages in a similar way that cryptocurrency wallets generate word phrase seeds. Anyone in the conversation would be given the word list and their correlated meanings (i.e. snow = money, owl = printer). Think of this method as speaking cryptically without a real cryptographic implementation. For conversations over-the-air, phrases and words can be reused; however, reuse of codes will give away more and more of the true message (under the assumption that your messages are decrypted by unauthorized parties). Once a certain amount of messages have been sent using the code for messages, it is advised to have each of your affiliates burn the page correlating the words and code. Frequency analysis is a cryptographic code-breaking technique for deciphering messages that could make short work of finding the hidden meanings. The technique is exactly how it sounds - praying upon reused messages to determine the meaning of words and phrases.
@ -379,7 +379,7 @@ There are easy preventative software-based solutions such as USBCTL[^34] that ca
Remote switches are interesting devils, and their utility should be in high consideration if the size of the operation warrants it. Panic buttons such as Centry.py can be used to broadcast or propagate a panic signal to all nodes on the network.
## Play on Resources
Earlier, it was said that these groups have unlimited resources; this is not entirely true. The one resource which they lack is time. While they have infinite funds to allocate towards password and key cracking methods, so long as quantum physics strays behind computing, time is their main constraint. Taking methods from obscurity, the use of non-default encryption algorithms and hashing mechanisms for keys substantially increases the amount of time the analyst must expend on cracking. If the analyst cannot identify the hash function or cipher, they must try all possible options. Even if the correct password is obtained, this becomes useless without the proper cipher. For instance, Veracrypt uses over fifteen combinations of individual encryption algorithms and cascaded/stacked ciphers. Complement this with the five supported hash functions, and we are looking at 75 possible combinations of symmetric ciphers and one-way hash functions. As stated by ElcomSoft, "Trying all possible combinations is about 175 times slower compared to attacking a single combination of AES+SHA-512."[^35]
Earlier, it was said that these groups have unlimited resources; this is not entirely true. The one resource which they lack is time. While they have infinite funds to allocate towards password and key cracking methods, so long as quantum physics strays behind computing, time is their main constraint. Taking methods from obscurity, the use of non-default encryption algorithms and hashing mechanisms for keys substantially increases the amount of time the analyst must expend on cracking. If the analyst cannot identify the hash function or cipher, they must try all possible options. Even if the correct password is obtained, this becomes useless without the proper cipher. For instance, Veracrypt uses over fifteen combinations of individual encryption algorithms and cascaded/stacked ciphers. Complement this with the five supported hash functions, and we are looking at 75 possible combinations of symmetric ciphers and one-way hash functions. As stated by ElcomSoft,[^35] "Trying all possible combinations is about 175 times slower compared to attacking a single combination of AES+SHA-512."
Hypothetically, if the algorithm/hash combination is known by the attacker, here is where the cascading algorithms display their value:
"Whether they choose to encrypt with AES, Serpent, Twofish or any other single algorithm, the speed of the attack will remain the same. Attacks on cascaded encryption with two algorithms (e.g. AES(Twofish)) work at half the speed, while cascading three algorithms slows them down to around 1/3 the speed."
@ -666,7 +666,7 @@ IOxa+y6OYfAfltw=
```
## Donations
Donations to support under https://git.envs.net/WhichDoc are welcome with Monero (XMR) and Pirate Chain (ARRR) in the spirit of anti-forensics.
Donations to support projects under https://git.envs.net/WhichDoc are welcome with Monero (XMR) and Pirate Chain (ARRR) in the spirit of anti-forensics.
- Pirate Chain (ARRR): `zs1wjw05nmfc0x8l0wd75ug0xj8q9fjta4ch0kak0ulnvnt2y8j3hevq0q8f62ma62kk5pd6z4h8zr`
- Monero (XMR): `47w2kanKMnzFkRGnSvbYjjPYac9TAsAm2GzmPBprdqM41zVXHSgkkSmVJMrY6o1qoYLdVJabcBupnJbABMxu4ejrMArAEue`