[liberationtech] messing with XKeyScore
Jonathan Wilkes
jancsika at yahoo.com
Fri Jul 4 15:33:13 PDT 2014
On 07/04/2014 10:56 AM, Eugen Leitl wrote:
> http://blog.erratasec.com/2014/07/jamming-xkeyscore_4.html?m=1
>
> Errata Security
>
> Advanced persistent cybersecurity
>
> Friday, July 04, 2014
>
> Jamming XKeyScore
>
> Back in the day there was talk about "jamming echelon" by adding keywords to email that the echelon system was supposedly looking for. We can do the same thing for XKeyScore: jam the system with more information than it can handle. (I enumerate the bugs I find in the code as "xks-00xx").
>
>
> For example, when sending emails, just send from the address "bridges at torproject.org" and in the email body include:
>
> https://bridges.torproject.org/
> bridge = 0.0.0.1:443
> bridge = 0.0.0.2:443
> bridge = 0.0.0.3:443
> ...
>
> Continue this for megabytes worth of bridges (xks-0001), and it'll totally mess up XKeyScore. It has no defense against getting flooded with information like this, as far as I can see.
Dear Eugen,
We're very excited about your approach of defending against a
class of bad things in the future by studying and defending against a
specific bad thing that happened in the past. Feel free to ask us any
question you might have.
And don't forget to ignore the insignificant cost to the adversary of
changing tactics!
Best,
The TSA
More information about the liberationtech
mailing list