Sunday, April 30, 2023

Porn Spam Killed Google Drive

I have a Google Drive account.  I like it, and I used to use it a lot.  I'm a retired professor and I visit K-12 schools to talk to kids about STEM.  I could put my stuff on Google Drive and when I got to a school, there it all was, ready for me to use.

No more.  Now I open the web interface to Google Drive and I find a dozen of more files shared with me, and they're all spam for pornography sites.  Many of them have pictures, and all of them have suggestive titles, albeit with creative spelling.  I wouldn't dare open Google Drive in a classroom.

It's back to flash drives, I guess, or maybe Microsoft OneDrive.

The sad thing is that Google could fix this approximately instantly.

What is needed is a check-box setting that says, "Only allow those in your contacts to share files." I check the box and the problem is solved!

Google probably can't turn that on by default, but you get an acknowledgement page every time you use the "report abuse" function.  A big notice, right there, with a button to turn the "contacts only" setting on, and the first time one reports abuse could be the last time one sees spam in Google Drive. They also send an email acknowledgement and could put another notice in there.

Too bad they haven't done it.

Tuesday, March 9, 2021

Crypto to Go

How to Implement Encrypted Email at Work  or on the Road

American eagle wearing headphones and clutching Ethernet switch.
Image courtesy of the
Electronic Frontier Foundation

Send them money.

Note: I was very excited about Mailvelope.  It seemed to be a way for people less geeky than I to use encryption.  Sadly, the developers of Mailvelope have chosen to cripple the free version.  As I write this, it  will not handle encrypted messages in the PGP/MIME format, which may be most messages encrypted with software other than Mailvelope.  In other words, it isn't compatible with other software, and so I can't recommend Mailvelope's free version.  The paid version may be better.

Eight years ago Edward Snowden exposed the lengths to which intelligence agencies had gone to collect every bit of information about everyone.  I wrote a series of posts exhorting people to encrypt their email on the grounds that "it's none of their damn' business!" The first one, It's Time to Encrypt Your Email, has links to the others.

Almost no one did it because it's too much trouble. I'm a retired professor, and at the time I was able to use my personal laptop both at home and in my university office.  Most people don't have that luxury, and most people didn't want to go through the fiddly steps to set up encryption.  Further, many, perhaps most, people use web based mail systems like Gmail.  Encryption that happens on the provider's server is not secure because the mail provider necessarily has the crypto key; it can be subpoenaed, bought, stolen, or coerced. (If the concept of key seems strange, read A Little About Encryption.) 

This article tells you how to implement encryption for your web mail and use it at home or at work, without installing any software on your Windows computer at work. I can write it because a friend told me about the Mailvelope software.

What We're Going to Do

  1. Acquire a key-ring size USB drive
  2. Generate a couple of very strong pass-phrases
  3. Set up encryption on the USB drive (optional)
  4. Install a portable version of Firefox on the USB drive 
  5. Install Mailvelope in Firefox on that USB drive
  6. a. Generate new crypto keys using Mailvelope or,
    b. Export your existing crypto keys and import them into Mailvelope.

When you're done, you'll be able to send and receive securely-encrypted messages anywhere there's a Windows 10 computer you can use, and without installing anything on that computer.  (Most of this stuff will work on a Mac, but you'd have to install the Mailvelope browser add-on on the computer.  Your boss might frown on that, and you will be handing a crypto key that should be secret over to whomever has access to that computer.) 

Note: If you don't need "to go" and only want to be able to encrypt web-based mail at home, just generate a pass phrase, install Mailvelope on your favorite browser, and use it to generate keys. Done!   If you want to go portable later, you can export your key pair from Mailvelope and import the same keys into the portable version.

Who Do You Trust?

Before any of this, we need to talk about issues of trust.  I think it's very unlikely that the U.S. National Security Agency can crack the encryption described below.  If they can, they don't dare admit it because it would start a rush to develop better, uncrackable encryption. The weak link in what I'm going to describe is who has access to your cryptographic private (secret) key.  Specifically, you are trusting the developers of Mailvelope not to snarf up your secret key and the passphrase that protects it and ship them off someplace nefarious.  I think it's highly unlikely because it's the kind of thing security researchers look for, and covert communication between a browser running Mailvelope and a server in Faroffistan would be pretty easy to detect.  If you use Thunderbird or GPG you're trusting those developers, too, and that's almost certainly OK for the same reasons.

Here's the biggie: Every time you plug that USB drive into a computer, you're trusting whomever has administrative control over that computer not to have installed software that secretly copies the contents of the drive.  That's a question of risk tolerance. I use encryption so confidential things like my  nieces' social security numbers can be emailed to me, and because "it's none of their damn' business!"  I'd trust a computer at my university, and maybe even one in the business center of a hotel.  If my life depended on the secrecy of my communications, I'd be much more careful.  YMMV.

USB Drive

If you're going to take your crypto to work, or perhaps traveling, you need portable storage. Find a USB drive that suits your style.  Look for small size, a metal case, maybe a loop for a key ring, and a brand name like Kingston, PNY, or Sandisk.  No eBay or no-name drives because you'll want this thing to be reliable.

A 16GB drive is plenty, and the smallest capacity likely to be available.  You should be able to find something for less than $15.  I like this one and you can get two for $16.  That will let you make a backup.  It's 32 GB, which is more than you need, but it'll work fine.

Make a backup copy of your drive from time to time.  Just copy everything to a folder on your home computer.

When you're done with the drive, I suggest physical destruction with a hammer. Reformatting is not always effective at destroying information on flash drives.

Pass Phrases

Note: If you already have a key pair other than with Thunderbird, it is already protected by a pass phrase. You won't need to generate a new pass phrase to use Mailvelope.

In portable mode, you won't have your trusty password manager to paste passwords in for you. You will need a pass phrase to protect your private (secret) key, and you may need another to protect your encrypted USB drive.   Everyone who does anything with security has seen the XKCD cartoon about passwords. "Correct Horse Battery Staple" is the kind of pass phrase you can generate using Diceware.  Four words are too few; use six or even more.  Memorize your pass phrases, and also write them down and put them in a safe place.  Here's a comment about the strength of such a passphrase.

To generate a pass phrase, roll the dice, read the numbers from left to right as digits 1 to 6, and look up that number in a word list.  Use real dice or the dice at random.org, which use an excellent source of randomness.  Use the Electronic Frontier Foundation's long word list.  Six throws of five dice will generate a six-word pass phrase.

This roll, 2 1 2 6 5, is the word "crane" in the EFF long word list. I tried six rolls and got "crane abridge unmixable congenial unclog dismay."  It's easy to make up a little story that makes those words memorable.  "There was a crane on a-bridge; unmixable is the opposite of congenial, and if you can't unclog, you get dismay."

You need a pass phrase to protect your private key.  If you're going to encrypt your USB drive, you'll need a second one.  The reason you shouldn't use the same pass phrase for both is obvious, right?

Encrypt Your USB Drive (Optional)

If your USB drive is lost, stolen, confiscated by the cops, or otherwise is out of your possession, an attacker must crack the pass phrase protecting your private key in order to decrypt your communications. If you've also encrypted the drive, the attacker must first crack the drive encryption.  Even better, if the drive is encrypted, there's no hint that it contains cryptographic software until the drive encryption is first cracked. Security professionals call this defense in depth.

Encrypting the drive means memorizing two pass phrases.  Whether to do that depends on how secure you need your communications to be and on the possibilities of the drive leaving your control.

Encryption will go fastest if you start with an empty drive, that is, do the encryption first. To encrypt a USB drive,  connect a formatted USB drive to a Windows 10 computer.  Select Control Panel > System and Security > BitLocker Drive Encryption, or just type "bitlocker" in the program search. At the bottom of the panel, under Removable data drives - BitLocker to Go, find the drive to encrypt and click "turn on BitLocker."  When prompted, click "Use a password" and type your passphrase twice.  You can save your recovery key to a file or print it. Click "Encrypt only used disk space" and "Next." Select "Compatible mode" and click "Next."  Click "Start encrypting."  The process will take one to two minutes on an empty drive.

Install Portable Firefox

Download Portable Firefox onto your flash drive and run the installer.  (There's a Portable Chrome, too, but it wants a Google login that you may not want to provide.) You will need to close any other instances of Firefox, such as a desktop version, to run Portable Firefox.  You can save yourself a click every time you use this if you move everything in the FirefoxPortable directory to the root directory.  You can delete the installer program. Consider making a donation to Portable Apps.

Aside: A Note About Cryptographic Keys

Public key cryptography, which is what this is all about, uses a key pair, two different keys. The one called the public key can be given to anyone, and is often uploaded to public key server computers.  People use your public key to encrypt messages for you, and also to authenticate messages digitally signed by you.

The other key of the pair, called the private key, or sometimes secret key, is used only by you to decrypt messages encrypted with your public key and to apply your digital signature to messages.  It should be kept absolutely secret, which is why you shouldn't just install Mailvelope (which needs your private key) on your work computer. There's more detail in A Little About Encryption.

You'll have two choices concerning cryptographic keys when you install Mailvelope.  It's pretty critical to make the right decisions because, in general, email systems decide which key to use to decrypt mail based on the sender's email address.  If one address has more than one key pair, things can get very confusing. Do not generate a new key pair with Mailvelope if you are already using encryption with the email address you intend to use with Mailvelope.

If you've never used encryption before, or never generated a key pair for the email address you will use with Mailvelope, you can let Mailvelope generate a key pair for you.  Skip to the next section.

If you already have a key pair you want to use with Mailvelope, you will have to export a copy of both private and public key and import them into Mailvelope.  Read on!

Export your key pair:  You will need to export copies of both your public key and your private key from your existing encryption software or email software to import them into Mailvelope.  How to do that depends on the software you're running.

Thunderbird: Select the account from which to export the key pair; it's the line just above "Inbox." Choose End to End Encryption from the top line.  Select the key you want to export; it will probably already be highlighted.  Click the chevron or down-arrow in the upper right corner of the box for that key and select "More."  You will need to select Backup secret key to file.  That actually includes your public key as well.  When you export your secret key, you'll be asked to set a password.  Use the pass phrase you generated for your private (secret) key.  You will end up with a file  with a long file name ending in secret.asc. You will import this into Mailvelope.

Kleopatra: Select the key you want to export in the "My Certificates" window.  Export secret keys is within the file menu.  You will need to supply the pass phrase used when the key was generated.  You'll get a file ending in SECRET.asc.  You will import this into Mailvelope.

Install Mailvelope

Open Portable Firefox.  (Ypu;ll have to close desktop Firefox first.)  Go to https://www.mailvelope.com/en/ and click the magenta “Download Mailvelope”button.

You will be transferred to https://addons.mozilla.org/en-US/firefox/addon/mailvelope/

Click the "+ Add to Firefox" button, then click “Add” in the dropdown from the browser address bar.That dropdown tells you the permissions you're giving Mailvelope, so look at it!

Decide whether to click “Allow this extension to run in private windows” and check or not. I don't see any need to allow that.  Your mail provider knows when you connect to them.  I guess if you had a secret email account you were trying to hide from someone who had access to your computer's browsing history, you might want to check it, but not otherwise.

Note the Mailvelope icon at top left. Click the blue “OK, Got it”

Click the Mailvelope icon, then “Let’s start.”

Choose either “Generate key” or “Import key” depending on whether you have a key pair from another cryptography program.

To import keys:

Click “import” and “select files.  Drag the key file into the gray window, or click “Add file” to browse for it.  When ready, click “Import keys”

Review the keys that are being transferred and, if all is well, click “Confirm.” The private key you just imported will be marked as the default key.There's more about keyservers below.

Click the > at the right of the box containing the key. (Be careful not to click the trashcan.)  In the pink box that says “The key is not synchronized with the Mailvelope key server,” click the “Synchronize” button.  Each email address associated with your key pair will receive an email message with a link you must click to show that you have access to that email.  Click the link(s).

Go to Options and check "Sign all outgoing messages."  This will put your digital signature on your outbound mail. I've written a separate post about how digital signatures work.

To generate a key pair:

Note: Generate a new key only if you have never used encryption with the email address you're setting up.  Otherwise, use the existing keys as described above.

Click the "Generate" button and fill in your name, email address, and the pass phrase twice.  Optionally un-check "Upload public key to Mailvelope Key Server."  Leave it checked if you're generating a for-real key, but, but be sure to un-check if experimenting and plan to throw away the generated key.  If you choose to upload your key, your email address  will receive an email message with a link you must click to show that you have access to that email.  Click the link(s).

Go to Options and check "Sign all outgoing messages."  This will put your digital signature on your outbound mail. I've written a separate post about how digital signatures work.

Using Mailvelope

Once you've reached this point, you don't need me any more.  The Mailvelope folks have good directions here: https://www.mailvelope.com/en/help#first_mail

There some alternate directions here: https://freedom.press/training/encrypting-email-mailvelope-guide/

Please do read the final two sections.  They're important.

Keys and Key Servers

You either generated or imported a key pair, two keys. The public key can safely be given to anyone; it is used to encrypt messages intended for you and to verify your digital signatures.  Your private key should be accessible only to you.

Your email address is necessarily on the key server.

Key management
Select key
PGP Fingerprint at bottom right

And a Final Note About the Law

The FBI, DEA, CIA, TSA, DOJ, and every other TLA (three letter agency) hate encryption because it prevents them from taking certain shortcuts.  That said, in the United States, using strong encryption is completely legal.  It is very different in some other countries; it's up to you to know your laws.

Can "they" make you reveal your pass phrases?  As of spring, 2021, that's an unsettled question in the United States.  Where I live, within the jurisdiction of the United States Court of Appeals for the Eleventh Circuit, the answer is no; the Eleventh Circuit has ruled that passwords and pass phrases are "testimonial" and so protected by the Fifth Amendment of the Constitution.  Other Circuit Courts have ruled differently, so this is a question that's ripe for consideration by the Supreme Court.  Even within the jurisdiction of the Eleventh Circuit, expect to spend money on lawyers if you need to protect your right not to reveal that pass phrase.

It is not safe to depend on strong encryption to protect you from the consequences of illegal acts.  Those TLAs solved crimes long before electronic communication and strong encryption existed.

And the final word: The TLAs and other authoritarian types would love to make strong encryption illegal.  When deciding who to vote for, make their stance on legality of encryption an important consideration. It not only protects your email, it's crucial to online commerce, credit, and banking.

Sunday, January 26, 2020

Verify that Email Address!

I Get Confidential Email,
and My Own Email Address Can't be Used

 Last week I received the complete travel itinerary of a couple who're taking a trip on Southwest Airlines.  I have their full names because the TSA says so, that's why.  I know when they won't be home and where they're going.  I know when they're coming back.  They live in a medium-sized town in Texas and one of the couple has a somewhat unusual first name, so it was pretty easy to find their home address.  It's a good thing I'm not a burglar!

Today I created a new AppleID because I got an Apple device for the first time.  I couldn't associate my Gmail address with that account because it was already in use.  Apple accepted my alternate email address without verification.

Someone set up a teacher account at DeltaMath.com using my email address.  This unknown person with unknown motives is now able to enroll students, possibly your kids... as me!  (I used the "forgot password" function to take over that account and protect your kids.)

I know people who routinely receive email for people in other countries and court filings that should be confidential at least until they enter the public record.  Same story.

How could such things happen?  Southwest, Apple, and DeltaMath were very careless; they blindly accepted the email address that someone typed into their form.  They simply don't care about either the quality of their databases or the security of their customers.

Email can go astray in a number of ways.  A simple error in entering an email address could inadvertently change it to the valid address of a third party.  A person who is concerned about unwanted email might deliberately provide a “false” address that is actually the correct address of an unknown third party.  Although unlikely, it is not impossible that  someone could be the target of criminals who gain unauthorized access to the person’s email.

Legitimate Companies Verify Email Addresses

OK, spammers are never going to do this, but every legitimate company should verify every email address before accepting it as legitimate, and certainly before sending anything confidential to that address.  It's not hard, and the cost after implementation is extremely low.  I guesstimate that, in a professional setting, this would take a person-week, including specifications, managerial approval, and quality control.  Actual coding should take much less than a day.

Legitimate emailers should add to their customer databases an email status indicator with values unconfirmed, confirmed, and invalid.  When an email address is first added to the database, the status should be set to unconfirmed and an email to that address should be generated automatically.  The email should thank the person for providing an email address and should have a prominent link by which the recipient can confirm the email address and consent to receiving email from the sender.  Clicking the link should change the status to confirmed.

The same email should have a “this isn’t me” link; clicking the link would set the status to invalid.

No legitimate company should never send email to an address with a status of invalid.  Whether to send anything other than the confirmation message to an unconfirmed address is a business decision, but I’d recommend against it in order to protect your customers’ privacy.  It might be better to send another confirming email if there is further interaction with that particular customer.

The status of existing customers should be set to unconfirmed, or perhaps pending, and a confirming email sent when there is new activity on the account.

Well, then Why Not?

Companies  that don't bother to do this are either spammers or they simply don't care about either the quality of their databases or the security of their customers.  That's especially true in the case of companies that send information that's even mildly confidential.

Sunday, August 11, 2019

Using a MikroTik cAP as a Home Wireless Access Point

My people have no tradition of proofreading.  —Ken White

Beware: if you follow these instructions and then expose your device to the Internet, it will be hacked immediately. The instructions that follow are for installing the cAP inside an already firewalled network.  You have been warned!

The MikroTik cAP

The MikroTik cAP is a very cool device.  It's about the size and shape of a smoke detector and can be easily ceiling-mounted in any location that you can reach with an Ethernet cable.  It's a PoE device, so the wall wart that powers it can be in a network closet, or, in my case, in the garage, where there's a UPS.  The trouble is, it's a router, running the full RouterOS product.  It's designed to be plugged directly into the ISP's interface device and be the only source of Internet where it's installed.  I wanted to use it as a wireless access point in a mostly-wired network, and there was the rub!

Initial Access

 You will need a wireless device with a reasonable screen and keyboard, like a laptop.  Out of the box, the cAP's configurator is accessible only through the wireless interface.  That makes sense if the Ethernet interface is exposed to the wilds of the Internet, but it makes initial access hard.  The setup guide says you can associate with the cAP and it'll give you an compatible address via DHCP.  That didn't work for me.  Neither did MikroTik's Winbox software.

So, set your wireless device with a fixed address of 192.168.88.88, a gateway of 192.168.88.1, and no DNS.  Fire up the cAP and cause the laptop to associate with it.  Now you can open 192.168.88.1 with a web browser and you will get the web interface.  If you make a configuration mistake, you can get back to this state by holding the reset switch of the cAP while powering on and for five seconds afterward, until the LED starts to flash.

Gather Information

I suggest assigning a fixed internal address to the cAP, so you'll need an IPv4 address that's not in your DHCP pool. You will also need your IPv4 netmask, the address of your default gateway, and the addresses of your DNS server(s).

If, at this point, these instructions "seem complicated" you have overextended yourself.  The cAP is not really a consumer device.  Return it and get a consumer AP.

Configuration

Everything I read warned me not to mix changes to the Webfig interface with changes to the Quick Set interface.  I wasn't able to accomplish everything that way.  Here are the steps.

Set DNS: Click Webfig (top right) then, in the menu at the left, IP and then DNS.  Add the addresses of your DNS servers.  Click the down-triangle to add more addresses.  Click the "Apply" button.

Delete the firewall rules:  Still in Webfig and IP, click Firewall.  Delete all the rules except "drop invalid" and "special dummy rule to show fasttrack counters" by clicking the tiny minus-sign button before each rule.  This will allow future configuration through the Ethernet interface.  If you expose the Ethernet interface to the Internet, it will also enable hacking of your AP. 

Click the images to enlarge.


Return to Quick Set by clicking the button at the top right.  Leave the pull-down at the top right set to "WISP AP," the default.  Set each of the following:

Network name:  This is the service set identifier (SSID) that the cAP will broadcast.

Set network security:  Check "wpa2" and "aes ccm" unless you have very old devices that need WPA or TKIP, in which case check those, too, and plan to replace the old devices!  In "WiFi password" put the preshared key.  It should be long but easy to type.  Four Dicewords will give almost 52 bits of entropy.  (Note that hacking this key requires physical proximity to the cAP.)

You can later set up a MAC access control list from the "Wireless" selection of Webfig if you like.

Set network parameters and admin password: Under "Configuration" select "bridge."

Under "Bridge" choose "Static" and fill in the IP address the router is to have, the netmask, and the default gateway.  DNS servers were set earlier.

Fill in the router administrative password twice.  (Make this a good one; an adversary who gets past the preshared key can then try to brute-force the administrative password.)  The two password fields will be replaced by a "Password" button after the password has been set and the configuration applied.

Apply the configuration: Click the "Apply configuration" button.  You will lose your connection to the router because its IPv4 address has been changed.  You can now remove the fixed address from your laptop and browse to the IP address you just set from a wired or wireless connection to your network.

Update the RouterOS Software

Return to the router, log in, and on the Quick Set screen, press the "Check for Updates" button.   If an update is offered, apply it by clicking the "Download&Upgrade" button.

Optimize WiFi Performance

Author 'gryzli' has written a guide for optimizing RouterOS WiFi performance.  He's absolutely right about the WiFi Analyzer app for your Android phone.

It is unfortunate that RouterOS uses frequencies rather than channel assignments.  Wikipedia has a list of channels and frequencies.


Copyright © 2019 by
Creative Commons License
Using a MikroTik cAP as a Home Wireless Access Point by Bob Brown is licensed under a
Creative Commons Attribution-ShareAlike 3.0 Unported License.

Sunday, July 28, 2019

Thoughts About Cloud Storage

There is no cloud, only a bunch of computers you don't own, run by people you don't know.  Anonymous
My people have no tradition of proofreading.  —Ken White

 
TL;DR:  Cloud storage might be suitable for storing backups provided one can afford the storage space and bandwidth needed.  It is not suitable for storing the only copy of anything.  Data stored with a cloud service must be encrypted using strong encryption to protect it from disclosure.  Cloud resources must never be set up as an "always on" mapped drive.

Cloud Storage and How it is Used

Cloud computing, or cloud storage, isn't really just a bunch of computers you don't own.  It isn't just "on the Internet," either.  It's a lot of computers and some very clever software that, together, have six important characteristics:
  1. Self service:  When you establish a "cloud" account, there's no human intervention at the other end.  That's convenient because there's no waiting to set up an account, add storage, etc.  It's also crucial to keeping the cost down.
  2. Excellent network access:  A cloud provider might serve millions of subscribers and must provide sufficient speed and responsiveness to make the customer's connection, not the cloud provider's connection, be the bottleneck.
  3. Elastic scalability:  People can make new accounts, or decide to add hundreds of gigabytes to their storage allocation, and the infrastructure must deal with that.  (But, note that paying for 100 GB of storage doesn't mean 100 GB is immediately allocated to you; that doesn't happen until you use it.)
  4. Resource pooling: The necessary scalability is achieved by sharing massive resources among many subscribers.  For the big cloud providers, "many" means millions or tens of millions.  The principle of multi-tenancy means your data will share disk space and CPU cycles with that of many others.  It's up to that clever software to keep things separate.
  5. Redundancy:  The cloud provider will keep multiple copies of customers' data on different servers; failure of a single server, or even of several, will not compromise the data.  The really big cloud storage providers keep redundant copies across multiple data centers.
  6. Measured service:  This implements the principle of paying for what one uses.  Google will provide 15 GB free; beyond that, there's a charge.  For cloud storage, generally what's measured is storage used.  Other cloud services might also measure CPU seconds, transfer bandwidth used, or other resources.
 With all of that, cloud storage might seem to be the perfect answer to limited storage and disk failures for consumers.  Not so fast.  We need to consider the way we use cloud storage, the properties of a secure system, and the causes, probabilities, and consequences of failure.

There are two ways one could use cloud storage: as primary storage and as backup storage.  When cloud storage is used for primary storage, the only copies of data are those "in the cloud." Failure of the cloud storage means irretrievably lost data.  If cloud storage is used for backup, the operational copy of data is stored elsewhere, usually on local drives.  Both the local storage and the cloud storage would have to fail to cause loss of data.

Cloud storage can also be used for file sharing.  Shared files are still either primary or backup, depending on whether another copy exists.

Security and Threats

The security of a system can be measured by three properties:
  1. Confidentiality is the condition that data have not been revealed to unauthorized people.
  2. Integrity means data has not been altered or destroyed.
  3. Availability means data can be used by authorized people when needed and with suitable response time.
To analyze the security of any system, we need to analyze the threats to the confidentiality, integrity, and availability of its data.  Broadly, those threats are disclosure, alteration, and denial.



I rate the risk of disclosure as high.  All major cloud storage providers scan uploaded files for contraband, specifically for child pornography.  Dropbox, and possibly others, scan shared files for material protected by copyright.  Even if you are absolutely certain you have no electronic contraband, a false positive could lead to law enforcement action.  Resource pooling and multi-tenancy mean one subscriber's data could be accessible to others in the event of a software error.  Poorly protected accounts, e.g. by weak passwords, could make data accessible to malicious outsiders.  Finally, a configuration error by the subscriber could share data not intended to be shared; this is probably the most likely risk.

The risk of alteration is low; the nature of cloud storage protects the integrity of data.  An exception might be a configuration or software error that erroneously makes data shared and writable by others, or a malicious attack on a poorly protected account.

The risk of denial is medium.  Although redundancy and good network access mean that data will likely be available from the cloud provider, access also requires that the customer network be functioning.  Failure of the cloud provider's business could make data unavailable.  That need not be a financial failure; provider Megaupload was shuttered by United States law enforcement authorities and the stored data became permanently inaccessible.  Some cloud providers assert the right to remove files that violate their terms of service.  Finally, if a cloud drive is "mapped," that is set up to be viewed by the customer's operating system as a local resource, malicious software known as ransom-ware could render the contents inaccessible by encrypting the data.

Using cloud storage effectively

The consequences of disclosure, alteration, or denial could result in irrecoverable loss of data if cloud storage is used as primary storage.  Cloud storage must never be used for primary storage.

If cloud storage is used for backup, the consequences of alteration or denial are less severe; one is without backup until the situation is corrected.  However, denial caused by ransom-ware could make both primary storage and backup inaccessible.

For backup data, the consequences of disclosure are severe.  Even if disclosure does not lead to investigation by law enforcement, information in primary storage will be disclosed.  That could include financial user IDs, account numbers, and passwords, medical information, and other confidential data.  That leads to two conclusions:
  1. Cloud storage used for backup must never be "mapped" as a disk drive accessible to the operating system in order to protect it from malicious software.
  2.  Backup data on cloud storage must be be protected by strong encryption to protect against inadvertent disclosure and scanning by the cloud provider.

Other considerations

Encryption:  The only safe encryption is that for which you generated and hold the encryption key.  If the cloud provider holds the encryption key, you are trusting them not to unlock your data.  A strong encryption algorithm is needed; I recommend AES with a 128-bit key.  Suggestion: keep copies of the crypto key on two separate USB drives stored in different buildings; do not keep a copy on the system being backed up.

Storage size and cost: A 500 GB laptop drive will need at least 2 TB of backup space to do progressive backups.  That would be $50-75 if paid annually.

Bandwidth:  A 500 GB drive that's 60% full will take nearly a week to upload at DSL speeds and over 24 hours at 10 Mb.  A 15 GB progressive backup will take nearly 25 hours to upload at DSL speeds and almost four hours even with a 10 Mb connection.  To use cloud storage effectively for backups, you'll likely need a 50 Mb or faster Internet connection.

Account security: Use a strong password to protect your cloud account.  Choose a provider that offers two-factor authentication.  If possible, use a physical token like a YubiKey or an app that generates one-time passcodes; pass codes sent by text message are not secure because of SIM-swapping attacks.



Copyright © 2019 by Bob Brown
Last update: 2021-02-22

Creative Commons License
Thoughts About Cloud Storage by Bob Brown is licensed under a Creative Commons Attribution-ShareAlike 4.0 Unported License

Saturday, February 27, 2016

Avoid the Wretched Spammers at MailChimp

I've had the same email address for a long time, so it's gotten passed around.  It's also short, so people who think they're inventing an email address often hit on mine.  I get a lot of spam.

About half of it comes from MailChimp.  The people at MailChimp will tell you, "we help our customers comply with spam laws and best practices."  It's not true.  They're spammers.

To understand that, we first need to define spam.  I like the definition from Spamhaus.org.  Spam is unsolicited bulk email.  Bulk email is OK; I subscribe to several mailing lists.  They send bulk email, and I get it because I want it.  Unsolicited email is OK... in fact, it's even normal.  An old friend recently sent me email inviting me to lunch.  Great!  It was unsolicited, but I was happy to get it.

It's Spam, Jim!

Email is spam when it is both bulk and unsolicited.  In the case of bulk mail, "unsolicited" means "the recipient has not verifiably granted deliberate, explicit, and still-revocable permission for it to be sent."  Those words are from Spamhaus, and I couldn't say it any better.  It's about consent.  "Verifiably granted" means what is sometimes called the double-opt-in.  The emailer sends you a message that says, in effect, "Thank you for signing up for our stuff.  Click here to validate your email address."  That is verifiable.  That is what MailChimp doesn't do.

Don't Get Tarred with MailChimp's Reputation

If you are thinking of email marketing and you're thinking of hiring help, be careful not to get tarred with the reputation of a spammer.  If people get spam from you, they'll naturally and correctly think you're sleazy.  That's what will happen if you hire MailChimp.  They send from several domain names, and every time I find one, I block it on my home email server.  That mail "bounces;" it gets rejected without being delivered at all.

I also have an email address with one of the big, public email providers.  I haven't figured out how to block entire domains there, but I do block the individual spammers, one by one.  Their future messages get received and go into my spam folder.  The sender paid MailChimp to send that message, but I never saw it.  Don't let that happen to you!

"Just Unsubscribe"

No.

I feel no obligation to "unsubscribe" from anything to which I didn't subscribe in the first place.  In fact, I see a great advantage in not unsubscribing.  It makes the sender's email campaign that much more expensive because the sender pays for those messages that go into my spam folder.  Don't let that happen to you.  I feel no obligation to make spamming cheaper or more cost effective.  Besides, unsubscribing just confirms that the email address works.

Be Like Me

When you get spam, block the sending domain entirely.  If you can't block the domain, block the specific sender.  Only unsubscribe if you cannot block domain or sender.  Spam works because it's cheap.  Help make it more expensive.  And never, ever, buy anything from a spammer.  Read what Spamhaus says about unsubscribing.  Remember, it's spam if it's both bulk and unsolicited.


Sunday, December 7, 2014

About PGP Signatures

My people have no tradition of proofreading.  —Ken White

I started attaching PGP digital signatures to my work email a few months ago.  That's kind-of an appropriate thing for me to do since I'm a teacher of computer security.  For many people, that signature is just a mysterious hunk of garbled letters either appended to the email message or sent as an attachment.  Such a signature looks like this:

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJUhI42AAoJEDF1nN
o3X4aWzXYIAIYZwzleZljYhf6ZKseaxfBY
ORMAUWikdmkuzaLg25ngwtBYyjfTUMPfJpVSK4p1IgV6zWFDAbT0m0HZjmxuuWOl
JqEoWc/Qa4f1tWF7Oc0Mrb0qfIUEEckAkf43MCN8BQxzUz2tkbegsx+TWcsgiz4X
vUmdL2F5vfBoArvmi1SW8aqvEbJaMhIvfYAiD9LeX1RtKr8Z0a2RFO4/tkbS7Kh4
d5FTBkm2ddhzfp+Z2hgrU72T07dteO1u0JrCOLCDZT+jKEE7CJ7OowziVpL4oDwU
uie39l4VdkSPOqxrEaKIw2ehvrO/pP/mP0MnyHClnFSISxw8LhFT0G5+5+a0JEA=
=y4bG
-----END PGP SIGNATURE-----

Ewww... that's ugly! But why?

A PGP Digital Signature Authenticates the Message

When people get email, they naturally assume that the name on the From: line is the sender of the message, especially if it's someone they know and with whom they communicate frequently.  Unhappily, that doesn't have to be true; it is trivially easy to forge a sender's identity in email.  The PGP digital signature provides strong evidence that the message is actually from the purported sender and that it hasn't been tampered with in transit.

How Does it Work?

The PGP digital signature depends on two cryptographic technologies, cryptographic hash functions and public key cryptography.   A cryptographic hash function produces a "fingerprint" for a message.  The text of the message is input to a computer program that computes the hash code, called a "digest."  Every possible message probably has a unique digest, and even a tiny change in the message would change the computed digest dramatically.  Why is it called "hash?"  Look at the example above!

Public key cryptography uses two keys called public and private.  The public key is widely available, often published a key server like the OpenPGP key server.  If you know someone's email address and they have a PGP key pair, you can probably find their public key easily.  A very useful feature of PGP  keys is that they are cryptographic inverses of one another.  If you encrypt a message using my public key, it can only be decrypted with my private key.  If I've carefully kept my private key, um, private, only I will be able to decrypt the message.  It works the other way, too.  If I encrypt a message using my private key, which only I have, anyone can get my public key and decrypt the message, but I'm the only one who could have encrypted it because only I have the private key.  So, a message encrypted with my private key is digitally signed.

My email program generates a PGP signature by first computing a cryptographic hash digest from the message, then by encrypting the digest using my private key.  The recipient can use my public key to decrypt the digest.  If the rest of the process works, the message could only have come from me because only I have the corresponding private key.  The recipient then computes a new digest from the message using the same cryptographic hash algorithm.  The newly-computed digest is compared to the decrypted digest.  If they're the same, the decryption worked and the message hasn't been tampered with because tampering would have caused the newly-computed digest to be different.

I wrote that a valid PGP signature "provides strong evidence that the message is actually from the purported sender and that is hasn't been tampered with in transit."  How strong?  The main consideration is whether the sender has kept his private key truly private.  Anyone with a copy of my private key can sign a message that will appear to come from me.  You also have to trust that neither the cryptographic hash algorithm nor the public key algorithm has a flaw that can be exploited.  Modern cryptographic algorithms are strong enough to make the cryptographic safety of PGP signatures a good bet.

What is PGP, Anyway?

PGP stands for "Pretty Good Privacy," invented by Phil Zimmerman to allow exchange of secure (confidential) and authenticated messages.  Zimmerman's original PGP ran into patent problems and Zimmerman himself was the subject of a long criminal investigation for "exporting munitions," namely cryptographic algorithms.  (The FBI, CIA, NSA, TSA, DHS, DoJ and every other three-letter agency known to man hate encryption because it makes dragnet surveillance and casual snooping very difficult.  With that said, I cannot emphasize too strongly that, in the United States, there is nothing illegal about using encryption. )

I'm actually using the implementation of the OpenPGP standard built into the Thunderbird email client.

What About Snooping?

A digital signature doesn't do anything to protect the confidentiality of a message.  To do that, one must encrypt the message itself.  It's easy to do, and if you start sending me encrypted email, I'll be sure my replies are encrypted.  That way, even the NSA won't know what kind of pizza we're planning to have.  See the articles below for instructions.

Want to Know More?

I've written a series of three articles on using and understanding encryption:
There's also plenty of information in the links above. Knock your socks off!


Too Long; Didn't Read

The XKCD comic, which everyone who does anything with technology ought to read, explains PGP digital signatures this way.

You have to actually validate the digital signature, not just check that it's present to be certain.  But really, if the signature is there, odds are good that it will validate, and if you have any doubts, you can validate and be sure.  How?  Probably your email client will do it for you.  For details, see Using Encrypted Email.



Copyright © 2014 by Bob Brown

Creative Commons License
About PGP Signatures by Bob Brown is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.