From: Tom Rollins <trollins@hns.com>
To: cypherpunks@toad.com
Message Hash: d76c6104680309dec40591a716b71c906e51c49c45ab18e2c1e1b480b01ed760
Message ID: <199510051425.KAA00813@dcn92.hns.com>
Reply To: N/A
UTC Datetime: 1995-10-05 14:25:21 UTC
Raw Date: Thu, 5 Oct 95 07:25:21 PDT
From: Tom Rollins <trollins@hns.com>
Date: Thu, 5 Oct 95 07:25:21 PDT
To: cypherpunks@toad.com
Subject: Re: Oct 14 meeting Agenda ? (DC Cypherpunks)
Message-ID: <199510051425.KAA00813@dcn92.hns.com>
MIME-Version: 1.0
Content-Type: text
> >>I figure that as long as we are going to receive...
> >> ? a commercial message from Digex ?
> >>
> >>We might be able to tap their knowledge base in assesing
> >>the various risks and rewards available by using a Commercial
> >>ISP.
> >>
> >>After all, with the FBI and Scientologists waging war on
> >>the Internet ( capturing keystroaks, siezing computers,
> >>and rummaging through everyones E-mail ), There may be a
> >>way to make life a little more interesting for them.
>
> >I will be glad to send in my two cents worth - I am not sure that
> >I understand the question though.
>
> While, I believe in strong crypto for everyone (what cypherpunks doesn't),
> I also believe that much can be done to prevent the wholesale snooping
> of Commercial ISP customers data. I believe that this data is snooped
> because the ISP's and large number of customers (ignorant of security)
> make this data too easy a target (cost effective).
>
> While the NSA may follow it's motto (In GOD we trust, the rest we monitor).
> Others may take hostile actions agenst someone whose password or
> personal information has been obtained. (ex. drain bank account, or just
> send spam)
>
> Some questions that I would like to ask...
>
> 1 - Assuming that someone from an agengy or someone pretending to
> be from an agency wanted to capture one or all the ISP customers
> key presses. What method would they use ?
>
> Would they capture the data at the phone company?
> Would they tap the raw data stream at the initial ISP router ?
> Would they route IP packets from the initial ISP router through their
> own equipment before arriving at the ISP maching running the shell
> account ?
> Would they use a Trojin Shell (or telnetd) on a shell account ?
> Would they inform the ISP and get his help or root access ?
>
> 2 - What methods could be put into place by the ISP or it's customers
> to help prevent this snooping activity ?
>
> Perhaps an alternative login method (like deslogin or idealogin)
> trying to protect data through the phone company and IP route
> to the target machine.
> Perhaps having a crypto checksum on the shell (telnetd) to detect
> trojin software.
> Perhaps sendmail could public key encrypt mail on it's way to the
> customers directory.
> Perhaps just raising the customer awareness of security issues
> and methods at the ISP. This could affect the mainstream
> user (joe sixpack) as well as the PGP user.
> Perhaps ISPs could offer a data archive service/site (foreign site)
> where data in the form of PGP encrypted E-mail can be saved and
> retrieved via a robot (something like majordomo). That way,
> if your home computer breaks, burns, is stolen, or siezed. You
> can still retrieve your data at a later time.
>
> Granted these methods do not prevent a determined attacker from squashing
> an ISP cutomer. However, it does raise the cost of the effort to single
> out a user and attack him rather that grab cleartext from everyone.
>
> -tom
>
Return to October 1995
Return to “Tom Rollins <trollins@hns.com>”
1995-10-05 (Thu, 5 Oct 95 07:25:21 PDT) - Re: Oct 14 meeting Agenda ? (DC Cypherpunks) - Tom Rollins <trollins@hns.com>