Re: [gentoo-user] Demise of Truecrypt - surprised I haven't seen t his discussed here yet?

[Rich Freeman <rich0@gentoo.org>]

On Mon, Jun 2, 2014 at 8:06 AM, Dale <rdalek1967@gmail.com> wrote:
> Now that is wicked.  Like I said, this could get crazy.

Meh.  I don't encrypt my disks for desktops at home.  My Chromebook
comes encrypted out-of-the-box (no doubt the NSA can have it unlocked
on request). If I had any other laptops I'd probably use full-disk
encryption of some kind on it.

My threat model for disk encryption is that somebody steals my laptop
and wants to rummage for passwords/credit card numbers/etc.  If they
stole my desktop they'd probably give up when they find the data is
stored on btrfs in raid1 mode, and even the vanilla ext4 backup disk
probably would deter them, but if they're stealing my desktop they're
probably stealing my passport, birth certificates, and all that other
good stuff anyway.

As far as the NSA sending Ninjas through the windows goes, I really
see the threat there as having two levels.  One is that the NSA does
pervasive monitoring of virtually everything they can get their hands
on to look for trends/etc.  The other is that the NSA has a specific
interest in you, for whatever reason.

For general NSA monitoring simply using https/TLS/etc is about as good
as you're going to get.  Chances are they aren't interested in
attacking your PC due to the economics of it, and if they use
zero-days widely there is a risk of them being detected (and thus the
bug they exploit gets fixed and they have to find another).  They
probably read any unencrypted packets that go through a router at any
of the big choke points - probably a substantial part of the total
volume crossing the internet.  They probably do not store most of that
data - they look for whatever they look for and discard the rest.
They probably have root on major service provider networks (either
with or without cooperation), so they're reading your
Gmail/Facebook/etc, so they really don't care if you use https to
connect to those services.

If you're a target of interest then the gloves come off, depending on
just how interesting you are.  Most likely you're going to be targeted
for a remote exploit with professional management of a rootkit on your
devices.  All your network traffic might be captured and retained.  If
you're really interesting they might send the ninjas at night.  You
get all those nice value-added-services like pre-installed rootkits in
any hardware you buy, probably from any vendor as long as it passes
through a country that is US-friendly (which is just about
everywhere).

If you're looking to evade general monitoring your best bet is to not
communicate with anybody who isn't as paranoid as you are.  You
probably should refrain from posting on lists like this one, as they
are recording the people you correspond with to determine what sort of
person you are.  Honestly, you're best off not using the Internet at
all, since there isn't anybody you can talk to who won't leak
everything to the NSA unwittingly.  However, the reality is that most
of us are pretty boring, so the NSA probably doesn't care what we do.

If you're looking to evade specific monitoring then I don't know what
to tell you.  They targeted the Iranian uranium enrichment program and
that was behind a sneakernet.  I suspect that they have different
levels of effort for various targets.  For example, Snowden revealed
that the NSA looks to root boxes belonging to sysadmins who have
access to services they're interested in - so if they wanted to poke
around on the Gentoo forum logs to find IPs they might look to root
members of infra, even though the members of infra aren't of interest
otherwise.  I run a tor relay and I wouldn't be surprised if they
rooted my box as a result - rooting all the tor relays would allow
them to de-anonymize tor completely.  Sure, you can wire up the door
to drop your server in a vat of acid, but that doesn't help if they
have a zero-day for your server.

Honestly, I just don't worry about it.  If they want to root me, I
doubt worrying about it is going to change anything.  I'd rather if
they didn't, or if they are going to do it anyway I wish that I could
just ask them to send me a copy of my data so that I could stop
worrying about running my own backups.

Rich