[liberationtech] security aspects of OpenQwaq

Eugen Leitl eugen at leitl.org
Tue Jun 18 08:58:25 PDT 2013 

----- Forwarded message from Ron Teitelbaum <ron at 3dicc.com> -----

Date: Tue, 18 Jun 2013 11:45:07 -0400
From: Ron Teitelbaum <ron at 3dicc.com>
To: openqwaq at googlegroups.com
Cc: tom at ritter.vg
Subject: RE: [liberationtech] security aspects of OpenQwaq
X-Mailer: Microsoft Outlook 14.0
Reply-To: openqwaq at googlegroups.com

Hi Tom,

 

See responses inline below.

 

> ----- Forwarded message from Tom Ritter < <mailto:tom at ritter.vg>
tom at ritter.vg> -----

> 

> Date: Tue, 18 Jun 2013 09:28:05 -0400

> From: Tom Ritter < <mailto:tom at ritter.vg> tom at ritter.vg>

> To: liberationtech < <mailto:liberationtech at lists.stanford.edu>
liberationtech at lists.stanford.edu>

> Cc:  <mailto:zs-p2p at googlegroups.com> zs-p2p at googlegroups.com, "
<mailto:cypherpunks at al-qaeda.net> cypherpunks at al-qaeda.net"

> < <mailto:cypherpunks at al-qaeda.net> cypherpunks at al-qaeda.net>,
<mailto:info at postbiota.org> info at postbiota.org

> Subject: Re: [liberationtech] security aspects of OpenQwaq

> Reply-To: liberationtech < <mailto:liberationtech at lists.stanford.edu>
liberationtech at lists.stanford.edu>

> 

> The claim of end to end encryption give me pause, although I'm also not
clear

> on the differences between the products and which claim applies to which.
Do

> they claim the other end is them the provider, or the other user?

> 

> It gives me pause because

> 1) They say they use SSL with CA certs.  But if Joe the user is an end,
how do they

> give him a public CA cert?

 

TerfT uses SSL much like a web site.  Each person connects to a server that
is protected using a 3D ICC certificate.  The clients are only clients to
that connection they are not considered SSL servers.  This is the model that
most people trust for financial transactions.  The issue here is that the
client needs to ensure that the DNS is correct.  This is not as easy as one
might think.  There are a number of virus' out there whose sole purpose is
to change your DNS settings to forward all of your traffic to a compromised
server so that they can track or hack your connections.  The other issue is
that the certificate needs to be verified.  Since we control the software
installed on the client we ensure that the certificate is verified.  I had
not considered doing a DSN verification but it's a good idea, I suppose that
I could do a verification much like SSH and give a warning that something
changed to prevent DSN subversion, but there are cases where we change
servers so we would have to balance ease of use with security.  I'll spend
some time thinking about it and add DNS subversion to our attack tree so
that we don't forget about the problem.

 

> 2) Multiparty end to end encryption is... mpOTR (to some extent, it
probably

> doesn't have PFS or repudiation).  That's a hard problem.  Not saying they

> couldn't have solved it or made good progress on it, but I am saying I
think every

> cryptographer in this space would be extremely interesting looking at the

> protocol. 

 

This problem is solved by the server component.  We handle multiple
connections using replicated instructions, but each person is authenticating
using a separate connection to a secure server.  Users do not connect to
other users.  

 

> 

> (I also don't care for the smaller trend of "Free but insecure or pay us
for

> secure!")

 

Sorry but we don't do free. J 

 

I didn't say OpenQwaq was insecure.  It is not.  I consider the threat of
MITM rare and the impact for must users negligible.  What I said was that we
improved the security at 3D ICC.  I also said that security can be improved
but that was targeted at people interested in running TerfT on SIPRNet or
NIPRNet.  This is for military users not corporate or casual users.  

 

> 

> -tom

> 

> 

> On Jun 17, 2013 10:46 AM, "Eugen Leitl" < <mailto:eugen at leitl.org>
eugen at leitl.org> wrote:

> 

> >

> > OpenQwaq is potentially a useful tool for collaboration, especially

> > multimedia (webcam streaming to avatar face, audio (best with USB

> > headset) with ability to instantiate rooms) -- I've seen it scale to

> > groups or 50+ partipants. Collaborative editing is available.

 

We just had a 60 person meeting for the US Army.  It was a General briefing.
The users were located around the world.  We used webcams and video and the
meeting went extremely well.

 



 

 

All the best,

 

Ron Teitelbaum

Head Of Engineering

3d Immersive Collaboration Consulting

ron at 3dicc.com

Follow Me On Twitter: @RonTeitelbaum <https://twitter.com/RonTeitelbaum> 

www.3dicc.com <http://www.3dicc.com/>  

3d ICC on G+
<https://plus.google.com/u/0/b/108936249366287171125/108936249366287171125/p
osts> 

 

 

 

> >

> > Disclosure: no commercial relation to 3D ICC, just a happy user of

> > their hosted services.

> >

> > ----- Forwarded message from Ron Teitelbaum < <mailto:ron at 3dicc.com>
ron at 3dicc.com> -----

> >

> > Date: Mon, 17 Jun 2013 10:34:41 -0400

> > From: Ron Teitelbaum < <mailto:ron at 3dicc.com> ron at 3dicc.com>

> > To:  <mailto:openqwaq at googlegroups.com> openqwaq at googlegroups.com

> > Subject: RE: security aspects of OpenQwaq

> > X-Mailer: Microsoft Outlook 14.0

> > Reply-To:  <mailto:openqwaq at googlegroups.com> openqwaq at googlegroups.com

> >

> > Hi Eugen,

> >

> >

> >

> > OpenQwaq uses ARC4 for encryption.  All data end to end is encrypted

> > over a single port connection.

> >

> >

> >

> > 3D ICC's Immersive Terf T uses SSL for encryption.  It's basically the

> > same model but we've improved it for, security, performance and
reliability.

> >

> >

> >

> > All encrypted traffic is susceptible to MITM.  SSL helps this

> > considerably by using public certificate authorities to verify the

> > certificates.  The trick is to ensure that your DNS is accurate and

> > that all certificates are verified.

> >

> >

> >

> > The open source version of OpenQwaq on the other hand is encrypted

> > without certificates.

> >

> >

> >

> > In either case MITM would leave some significant performance foot

> > prints (this could be improved using hardware) and it would take some

> > engineering to understand our overlay network protocols to make the

> > data useful for an attacker.

> >

> >

> >

> > Are you safe from hackers?  Yes I would say that MITM is very unlikey

> > for both OpenQwaq and TerfT.

> >

> >

> >

> > Are you safe from Governments?  No.  Unlimited access to resources and

> > direct internet filtering could in theory attack the connection using

> > MITM by subverting DNS, using hardware proxies, and forwarding to the

> server.

> >

> >

> >

> > How safe is it?  We have been reviewed by the Federal Reserve Bank in

> > New York and were allowed to have our software installed internally.

> > We have been used by every branch of the military (except the Marines,

> > why I have no idea, except maybe because the Navy used it).  We have

> > had significant pentration testing done by some of the largest

> > financial institutions and

> > corporations in the world and have passed.   I would say that this puts
us

> > in the upper categories of safeness but still below top secret grade*.

> >

> >

> >

> > Hope that helps.

> >

> >

> >

> > All the best,

> >

> >

> >

> > Ron Teitelbaum

> >

> > Head Of Engineering

> >

> > 3d Immersive Collaboration Consulting

> >

> >  < <mailto:ron at 3dicc.com> mailto:ron at 3dicc.com>  <mailto:ron at 3dicc.com>
ron at 3dicc.com

> >

> > Follow Me On Twitter:  < <https://twitter.com/RonTeitelbaum>
https://twitter.com/RonTeitelbaum>

> > @RonTeitelbaum

> >

> >  < <http://www.3dicc.com/> http://www.3dicc.com/>
<http://www.3dicc.com> www.3dicc.com

> >

> >

> > <

> >

>  <https://plus.google.com/u/0/b/108936249366287171125/108936249366287171>
https://plus.google.com/u/0/b/108936249366287171125/10893624936628717

 <https://plus.google.com/u/0/b/108936249366287171125/108936249366287171> >
1

> > 125/p

> > osts> 3d ICC on G+

> >

> >

> >

> > * if your organization is interested sponsoring an improvement to our

> > level of our security, 3D ICC is ready, willing and able to improve

> > our security using Common Criteria and Military Information Assurance

> > standards.  We can use data centers with certifications in SSAE16

> > SOC-1 Type II, Federal Information Security Management Act (FISMA),

> > DoD Information Assurance Certification and Accreditation Process

> > (DIACAP).  We would be very happy to work with you and your

> > organization to meet your security needs.  For more information

> > contact us at  <mailto:info at 3dicc.com> info at 3dicc.com.

> >

> >

> >

> >

> >

> > > -----Original Message-----

> >

> > > From:  <mailto:openqwaq at googlegroups.com> openqwaq at googlegroups.com

> [ <mailto:openqwaq at googlegroups.com> mailto:openqwaq at googlegroups.com]

> >

> > > On Behalf Of Eugen Leitl

> >

> > > Sent: Monday, June 17, 2013 9:11 AM

> >

> > > To:  <mailto:openqwaq at googlegroups.com> openqwaq at googlegroups.com

> >

> > > Subject: security aspects of OpenQwaq

> >

> > >

> >

> > >

> >

> > > What's the security model of OpenQwaq?

> >

> > >

> >

> > > How secure is the communication model against passive sniffing?

> >

> > >

> >

> > > Active traffic manipulation (MITM)?

> >

> > >

> >

> > > --

> >

> > > You received this message because you are subscribed to the Google

> > > Groups

> >

> > > "OpenQwaq Forum" group.

> >

> > > To unsubscribe from this group and stop receiving emails from it,

> > > send an

> > email

> >

> > > to  < <mailto:openqwaq+unsubscribe at googlegroups.com>
mailto:openqwaq+unsubscribe at googlegroups.com>

> >  <mailto:openqwaq+unsubscribe at googlegroups.com>
openqwaq+unsubscribe at googlegroups.com.

> >

> > > For more options, visit  < <https://groups.google.com/groups/opt_out>
https://groups.google.com/groups/opt_out>

> >  <https://groups.google.com/groups/opt_out>
https://groups.google.com/groups/opt_out.

> >

> > >

> >

> > >

> >

> >

> >

> > --

> > You received this message because you are subscribed to the Google

> > Groups "OpenQwaq Forum" group.

> > To unsubscribe from this group and stop receiving emails from it, send

> > an email to  <mailto:openqwaq+unsubscribe at googlegroups.com>
openqwaq+unsubscribe at googlegroups.com.

> > For more options, visit  <https://groups.google.com/groups/opt_out>
https://groups.google.com/groups/opt_out.

> >

> >

> >

> > ----- End forwarded message -----

> > --

> > Eugen* Leitl <a href=" <http://leitl.org> http://leitl.org">leitl</a>
<http://leitl.org> http://leitl.org

> > ______________________________________________________________

> > ICBM: 48.07100, 11.36820  <http://ativel.com> http://ativel.com
<http://postbiota.org> http://postbiota.org

> > AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

> > --

> > Too many emails? Unsubscribe, change to digest, or change password by

> > emailing moderator at  <mailto:companys at stanford.edu>
companys at stanford.edu or changing your settings

> > at  <https://mailman.stanford.edu/mailman/listinfo/liberationtech>
https://mailman.stanford.edu/mailman/listinfo/liberationtech

> >

> 

> --

> Too many emails? Unsubscribe, change to digest, or change password by

> emailing moderator at  <mailto:companys at stanford.edu>
companys at stanford.edu or changing your settings at

>  <https://mailman.stanford.edu/mailman/listinfo/liberationtech>
https://mailman.stanford.edu/mailman/listinfo/liberationtech

> 

> 

> ----- End forwarded message -----

> --

> Eugen* Leitl <a href=" <http://leitl.org> http://leitl.org">leitl</a>
<http://leitl.org> http://leitl.org

> ______________________________________________________________

> ICBM: 48.07100, 11.36820  <http://ativel.com> http://ativel.com
<http://postbiota.org> http://postbiota.org

> AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

> 

> --

> You received this message because you are subscribed to the Google Groups

> "OpenQwaq Forum" group.

> To unsubscribe from this group and stop receiving emails from it, send an
email

> to  <mailto:openqwaq+unsubscribe at googlegroups.com>
openqwaq+unsubscribe at googlegroups.com.

> For more options, visit  <https://groups.google.com/groups/opt_out>
https://groups.google.com/groups/opt_out.

> 

> 

 

-- 
You received this message because you are subscribed to the Google Groups "OpenQwaq Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openqwaq+unsubscribe at googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.





----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

More information about the liberationtech mailing list