Month: August 2011

New Zealand SIS Only Uses SSL To Protect Public Informants’ Privacy

UPDATE 2011-08-26: I stand corrected. Here’s what Peter Gutmann said when asked whether SSL provides sufficient protection for NZSIS’ tip-off form (note: “phone them” refers to NZSIS’ existing public tip-off telephone number): “It depends what the threat model is. Given that the alternative is to phone them, that I can’t imagine anyone caring about intercepting random comments by random members of the public, and that 99.9% of said members of the public won’t be able to deal with anything more complex than that, it’s probably good enough.” That makes sense. More sense than me highlighting an attack that is theoretically possible but of which the cost outweighs the benefit in real life — in nearly all, if not all, real-life scenario’s.

UPDATE 2011-08-25: it appears that NZSIS removed the PGP key [2] from the source of

UPDATE 2011-08-21: As areopagita stated in comment below (thx!), the Soghoian/Stamm attack is indeed independent of the issuer; I only focus on a specific scenario here. Perhaps the following provides some clarification. Internet Explorer and Firefox are distributed with a root certificate of the Dutch govt, “Staat der Nederlanden”, installed by default (check your browser!). The Dutch govt might ask, coerce or compromise a New Zealand ISP to redirect to an IP address under Dutch govt control, and then, via a self-issued SSL-certificate for, see whatever is sent via the tip-off form; and perhaps even decide not to relay it to NZSIS. The fact that the Dutch govt (or Verisign, or etc.) can issue an SSL-cert that is automatically trusted by the browsers used to provide security tip-offs to New Zealand’s intelligence service to me seems a practical risk for both NZSIS and informants. If you have an opinion about this, please comment! I informed NZSIS about this post.

====== START OF ORIGINAL BLOGPOST FROM 2011-08-19 ======

Via I learned that the New Zealand Security Intelligence Service (NZSIS) opened up a public tip-off form at The form is protected by SSL (Verisign-issued certificate), but due to the attack explained in [1], I believe SSL offers an unacceptably low level of privacy protection to New Zealand’s public informants. The actual form is loaded in an IFRAME, and its source contains a (public) PGP key [2] — but it can’t be trusted to be authentic, because it’s sent over what should be assumed to be an insecure channel. I decided to submit an obviously nonsensical test-tip while Firebugging my connection, and low and behold: the information I entered is HTTP POST’d via XMLHttpRequest in unencrypted-by-PGP form in the Aviarc.datasets variable. So basically, if you submit a tip, the only protection you have is the Verisign-signed SSL cert. It’s not for me to decide, but I’d personally rather not take that risk when tipping off NZSIS about, e.g., presence of, hypothetically, US spies in New Zealand. Does New Zealand really have such urgency for public tip-offs that this insufficient level of protection of informants is considered acceptable for now?

[1] Christopher Soghoian and Sid Stamm, Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL (.pdf), presented at HotPETS 2010, Berlin

[2] The PGP key (4096 bit RSA, created 2011-07-19, never expires):

Version: GnuPG v2.0.17 (MingW32)

WikiLeaks, Andy Müller-Maguhn and Google-cache

UPDATE 2011-08-21: Cryptome published “Wikileaks Public Relations Certified Ventriloquy” (.pdf, (mirror)

UPDATE 2011-08-20: It appears that the Google-cache for was updated on August 17th, and that that copy (already) not longer contains the name Andy Müller-Maguhn. I believe this means that Media.html was changed between August 13th and August 17th, and that Media.html may have been renamed to Press.html after that. This new information still ‘fits’ both the scenario of deliberate removal by WikiLeaks (with noble or less noble motivation) and the neutral scenario of coincidence. You can still see AMM’s  affiliation (which has been mentioned on right until the recent events around DDB) by searching Google for “ maguhn”. Screenshot

I solicited confirmations of this via Twitter: zero, one, two, three, four.  If WL acted in bad faith themselves while aggressively attacking DDB’s integrity, that needs to be brought to light.  For now I assume that WL removed AMM from the list because he has perhaps not been working with WL for a long time and that removing him from the list would prevent the kind of speculation that I’m doing here. Dear WikiLeak, clarify why the change happened at the time of DDB’s excommunication from CCC Berlin.

====== START OF ORIGINAL BLOGPOST FROM 2011-08-19 ======

Here’s an outsider observation:

I could not find any mention by WikiLeaks of this change (neither on Twitter, nor WLcentral, nor via Google search), although it seems highly relevant to ex-Wikileaks person Daniël Domscheit-Berg being kicked out of CCC(‘s Berlin chapter) (as told) by Andy Müller-Maguhn — which is said to have happened on the evening of Saturday August 13th (which also happens to be the time of the last Google cache copy mentioned above). The name may have been removed to prevent misunderstanding (=good), to cover a conflict of interest (=bad), or be coincidental. I’m not looking for trouble, but I’m too uninformed to know how to decide here and it is wasn’t me who started the Infinite Improbability Drive. I will update this blogpost to reflect advancing insight, including redress and apologies if it turns out I’m contributing FUD in stead of raising a reasonable doubt.

Also, the meaning of this all is perhaps modest; whether DDB is affiliated with CCC Berlin and whether there was any conflict of interest in those deciding on his CCC Berlin affiliation changes neither WikiLeaks nor OpenLeaks. But if the change was made to cover up conflict of interest, it does, IMHO, (slightly) level the playing ground between both as far as integrity is concerned.

“Andy Müller-Maguhn 
Concentrates on technological and social developments in the area of electronic networks. He has been a member of the Chaos Computer Club since the early eighties and serves on its board. The main part of this work lies within the future-compatible structures and lifeforms and in the attempt to support those developments through transparency”

irbaboon:~ monkey$ telnet 80
Connected to
Escape character is ‘^]’.
GET /Media.html HTTP/1.0

HTTP/1.1 404 Not Found
Server: Varnish
Retry-After: 0
Content-Type: text/html; charset=utf-8
Content-Length: 416
Date: Fri, 19 Aug 2011 11:07:27 GMT
X-Varnish: 2012796697
Age: 0
Via: 1.1 varnish
Connection: close

irbaboon:~ monkey$ telnet 80
Connected to
Escape character is ‘^]’.
GET /Press.html HTTP/1.0

HTTP/1.1 200 OK
Server: Apache/2.2.16 (Debian)
Last-Modified: Thu, 18 Aug 2011 11:47:51 GMT
ETag: “1e00a5c-6a64-4aac62eb987c0”
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Content-Length: 27236
Date: Fri, 19 Aug 2011 11:06:57 GMT
X-Varnish: 2012796559
Age: 0
Via: 1.1 varnish
Connection: close

Enriching The ‘RSA Employee #15666’ Dump + Stats

UPDATE 2014-03-29: fixed broken links to the gzip’d CSV and MySQL files.
In EXCLUSIVE: Leaked “RSA dump” appears authentic at I read that on August 15th 2011 the “RSA Employee #15666” dump was posted here. I have no opinion on its authenticity. Please read the post at for analysis; I merely provide additional data and stats here.

The original dump contains 870 entries consisting of:

1. hostname
2. IP address

I enriched the data by adding:

3. my own lookup of the A-record for (1)
4. my own lookup of the PTR-record for (2)
5. GeoIP data for (1) = country, state, city, zip, GPS, organization
6. IP2ASN mapping for (1) = ASN, network description via

All lookups were run from an IP address in AS1103 (SURFNET-NL) on August 18th 2011 at 20:00-21:30 UTC+2. I mention the latter because the DNS/AS situation may have been deliberately changed since the dump was publicly posted (August 15th) or announced (August 18th).

Here is the enriched dump (SSL cert sig should be 01:00:00:00:00:01:1C:9E:A3:54:3F):

20110818_RSA15666_enriched.csv.gz (CSV)
20110818_RSA15666_enriched.sql.gz (MySQL dump)

Some quick stats: HERE (mirror).

DO NOT TRUST MY DATA. VERIFY IT. If the data or stats are wrong, please inform me (Twitter: @mrkoot or e-mail: koot=> I will change this blogpost to reflect advancing insight.

DEF CON 19 and NSA recruiting hackers

On August 4th 2011, D.J. Pangburn‘s An Open Letter to Defcon Hackers: Don’t Sell Out to the NSA turned up. Later that day, Bill Brenner wrote Hackers selling out by working for NSA? I’m not convinced. Here’s what John Young thinks of Brenner’s piece (cited from e-mail w/permission):

Completely idiotic article, quite deceptive. It omits the lifetime 
secrecy agreements required for NSA employees and that any
whistleblowers are prosecuted if they reveal anything really
secret. There are hundreds of court cases showing what NSA
does to anyone who tries to leave or tells what goes on inside
the Agency.

One does not leave NSA as if the military, one does not leave
without agreeing to never tell what goes on inside. That is a
solemn contract agreed to before entry and an even more
serious sterilization undergone if one insists on resigning.
Severe criminal penalities are described in great detail and
you sign that you understand them without reservation.

And you are forever watched to assure you don't do what
the silly author says you can do to bring about change. He is
a lying son of a bitch, either through unwitting ignorance or
through witting deliberate misrepresentation.

These conditions apply to all secrecy organizations. The
periodic disclosures by ex-members are not to be believed,
they make the not terribly revealing disclosures as a
continuing part of their job through whistleblowing, novels,
movies, confessions, and the like.

You cannot escape, this is what was taught in the ancient
days of one-way-in, no-way-out secret societies and remains
true today. Recruiters are devious as they must be or nobody
would join the secretkeepers if they knew the truth of what was
in store for them to give up control of their lives and minds
forever, and remain compelled to lie, lie and lie some more,
and, to be sure, recruit noobs by writing noobish nonsense.


Now, how is one to decide where to draw the line between realistic concern and paranoia?