One Article Review
| Source |  Errata Security |
|---|---|
| Identifiant | 170396 |
| Date de publication | 2016-10-06 02:47:52 (vue: 2016-10-06 02:47:52) |
| Titre | What the Yahoo NSA might\'ve looked for |
| Texte | The vague story about Yahoo searching emails for the NSA was cleared up today with various stories from other outlets [1]. It seems clear a FISA court order was used to compel Yahoo to search all their customer's email for a pattern (or patterns). But there's an important detail still missing: what specifically were they searching for? In this post, I give an example.The NYTimes article explains the search thusly:Investigators had learned that agents of the foreign terrorist organization were communicating using Yahoo's email service and with a method that involved a “highly unique†identifier or signature, but the investigators did not know which specific email accounts those agents were using, the officials said.What they are likely referring it is software like "Mujahideen Secrets", which terrorists have been using for about a decade to encrypt messages. It includes a unique fingerprint/signature that can easily be searched for, as shown below.In the screenshot below, I use this software to type in a secret message: I then hit the "encrypt" button, and get the following, a chunk of random looking text: This software encrypts, but does not send/receive messages. You have to do that manually yourself. It's intended that terrorists will copy/paste this text into emails. They may also paste the messages into forum posts. Encryption is so good that nobody, not even the NSA, can crack properly encrypted messages, so it's okay to post them to public forums, and still maintain secrecy.In my case, I copy/pasted this encrypted message into an email message from one of my accounts and sent to to one of my Yahoo! email accounts. I received the message shown below: The obvious "highly unique signature" the FBI should be looking for, to catch this software, is the string:### Begin ASRAR El Mojahedeen v2.0 Encrypted Message ###Indeed, if this is the program the NSA/FBI was looking for, they've now caught this message in their dragnet of incoming Yahoo! mail. This is a bit creepy, which is why I added a plea to the message, in unencrypted form, asking them not to rendition or drone strike me. Since the NSA can use such signatures to search traffic from websites, as well as email traffic, there's a good change you've been added to their "list" simply for reading this blog post. For fun, send this blogpost to family or friends you don't particularly like, in order to get them on the watch list as well. |
| Envoyé | Oui |
| Condensat | ###indeed 2015 able about above accounts act actively activists add added after agents all all their also american any anything are aren article asking asrar available because been before begin behest behind being below below:the better between bit blame blog blogpost both but button can case catch caught challenge change chunk citizens clear cleared communicating compel complete concerned concretely consider constitutional content content and copy/paste copy/pasted court crack credit creepy customer decade decides describe describing descriptions detail details did differently does doing don dragnet drone easily else email emails encrypt encrypted encryption encrypts even every example explains family far fbi fingerprint/signature fisa following foreign form forum forums friends from fun gchq get gets give going good government had hard have highly hit how identifier imagine important includes incoming initial intended investigators involved issue jam job just know learned like likely list listening looked looking mail maintain manually mass matches may message message:i messages metadata method might missing: mojahedeen more much mujahideen national need new newer nobody not note now nsa nsa/fbi nytimes obvious officials okay one order organization other outlets part particularly passively paste pattern patterns plea possible possibly post posts program properly providers public random reading reason received referring regardless rendition replaced revelations said scanned scenario screenshot search searched searches searching secrecy secret secrets security seems send send/receive messages sent servers service should show shown signature signatures simply since snowden software specific specifically standing started starttls stories story stream strike string string:### such suggests sure surveillance suspect system tapped terrorist terrorists text text:this them then there they thing those though thus thusly:investigators today traffic troublemaker type unencrypted unique unique†use used using vague various want watch websites well what which why will willing within yahoo you your yourself “highly |
| Tags | |
| Stories | Yahoo |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.