On December 20, 2015 5:22:01 PM Michael Best <themikebest@xxxxxxxxx> wrote:
I'm curious what everyone thinks. I personally agree with TheCthulhu, but
I'm not a tech or crypto expert.
So today (20th December) I posted a mirror of the Cryptome archive I
received from a close associate of mine (of whom I trust greatly) and was
met by a rather blunt response from the Cryptome administrators regarding
the integrity of the data I host. As many know, I take the subject of
tampering very seriously, and whenever I have leaked or shared data I
strive to provide it with a SHA1 and SHA256 hash at a minimum and also
provide torrents, HTTPS and onion download options. Furthermore, if ever
asked, I would also sign files using my personal PGP key.
The response I received from Cryptome was also either hinting that the
entire research and crypto community is wrong in their conclusions, or that
the Cryptome administrators don’t understand it themselves. The assumption
that cryptography is unbreakable assuming an adversary with unlimited
resources is wrong, even an adversary with limited resources given enough
time can break all cryptography, but that doesn’t make it anything other
than a theoretical matter when put into the actual context. This statement
in particular “Mirroring is tampering. We ask that mirrors be labeled as
tampering.” really also irritates me.
If Cryptome is so concerned that data is being tampered with, I suggest the
1. An MD5, SHA1, SHA256, SHA512 and Whirlpool digest be produced for the
full archive of files in a format such as .zip or .tar.
2. The Cryptome administrators sign all the digests in a single PGP message
to verify the hashes match the archive they produced.
3. The PGP signed message is published with the digests for 14 days on the
Cryptome website, Twitter, my Twitter, my blog and any other source who
wishes to make a copy of it. The 14 day period allows time for any party to
raise concerns if say for example, a third party had stolen the PGP keys to
forge the signature then the Cryptome administrators should have had time
to realise this and either revoke the key or in some way suggest the
archive is not legitimate.
4. After the 14 day period, the archive is made available publicly to which
I shall ensure the hashes can be reproduced on my end, and then I will also
sign the digests message to say it is the one I received and will be
5. A torrent file can be produced which downloads the archive file
specified above; this can also be signed by myself and Cryptome so people
can be sure it is the one we intended to distribute and another layer of
checks by checking the hash once downloaded exists.
6. External parties such as Twitter followings, security researchers etc
cross sign the digests and our keys if they know us sufficiently and trust
the archive is true as it was intended to be distributed.
If the above procedure is not sufficiently secure, then one must operate on
the assumption all technology is unsafe to use. There is the legitimate
concern of hardware tampering and backdoors, which is why open source
software should be used at all stages. However, I would like to draw
attention to the fact that Cryptome offers the full archive for $100 which
is shipped via USB. Therefore, concerns regarding hash or cryptographic
security yet readily shipping USBs seems to me a fairly extreme state of
cognitive dissonance given what is known about attacks like BadUSB and
state physical interception operations.
I call on Cryptome to start allowing proper mirroring of content. Nobody
has called upon Cryptome to host the content themselves or in any way incur
additional costs. What is being asked is that you provide the content with
reasonable security as I propose above, rather than completely ignoring the
matter which will drastically reduce the security and safety of downloads.
If you claim to be all about anti-censorship and transparency, then the
measures I propose above are a good fit. This isn’t about offering 100%
perfect security, this is about offering people the ability to verify the
files in a manner which is reasonable and proportionate to the technology
even state level adversaries currently possess. Even if you disagree on the
security of the cryptographic protocols and measures I describe above, know
that the vast majority of researchers and information security
professionals disagree with you, and that providing it is still far better
than not providing the hashes at all.