On 5/9/2024 3:15 PM, Rich wrote:
> Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
>> On 5/8/2024 9:27 PM, Marco Moock wrote:
>>> Am 07.05.2024 18:20 Uhr schrieb Edward Teach:
>>>
>>>> Backdoors.
>>>>
>>>> When people use PRIVATE ENCRYPTION BEFORE any messaging enters a
>>>> public channel.......
>>>>
>>>> ......backdoors are the least of their worries!
>>>
>>> Isn't enough. There is a time when that message is unencrypted (e.g.
>>> when entering it to the crypto application). The operating system can
>>> then read the cleartext. If the backdoor is in the OS, X11 etc., it
>>> still works here.
>>>
>>
>> Go to a 100% "clean room", cloaked, cannot receive and/or send anything...
>>
>> Encrypt a message on a clean thumb drive.
>
> Where did you obtain the thumb drive?
>
> Did you build it, from the ground up, or did you bring it into the
> clean-room after purchase from a vendor?
>
> If you purchased from a vendor, then how do you know said vendor did
> not include a hardware backdoor on that thumb drive?
>
>> Take out the clean disk with a
>> single file on it. Destroy the computer...
>
> How did the computer get into the clean room? How are you sure that no
> hardware on the computer has a backdoor, or that no software running on
> the computer has a backdoor?

The computer would have to be clean. However, once its in the room, it
cannot communicate with the outside world, and gets utterly destroyed
after the encryption process. Turned into ashes.

Humm... Damn.

>
>> Exit the clean room. This disk contains an encrypted file.
>>
>> Is it safe?
>
> The answer depends upon whether the thumbdrive and/or the computer used
> in the clean room contained a hardware or software back door.

Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
> On 5/9/2024 3:15 PM, Rich wrote:
>> Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
>>> On 5/8/2024 9:27 PM, Marco Moock wrote:
>>>> Am 07.05.2024 18:20 Uhr schrieb Edward Teach:
>>>>
>>>>> Backdoors.
>>>>>
>>>>> When people use PRIVATE ENCRYPTION BEFORE any messaging enters a
>>>>> public channel.......
>>>>>
>>>>> ......backdoors are the least of their worries!
>>>>
>>>> Isn't enough. There is a time when that message is unencrypted (e.g.
>>>> when entering it to the crypto application). The operating system can
>>>> then read the cleartext. If the backdoor is in the OS, X11 etc., it
>>>> still works here.
>>>>
>>>
>>> Go to a 100% "clean room", cloaked, cannot receive and/or send anything...
>>>
>>> Encrypt a message on a clean thumb drive.
>>
>> Where did you obtain the thumb drive?
>>
>> Did you build it, from the ground up, or did you bring it into the
>> clean-room after purchase from a vendor?
>>
>> If you purchased from a vendor, then how do you know said vendor did
>> not include a hardware backdoor on that thumb drive?
>>
>>> Take out the clean disk with a
>>> single file on it. Destroy the computer...
>>
>> How did the computer get into the clean room? How are you sure that no
>> hardware on the computer has a backdoor, or that no software running on
>> the computer has a backdoor?
>
> The computer would have to be clean.

Did you manufacture the computer yourself? Or did you buy it from Acme
corp?

If you bought it from Acme Corp, how do you know that Acme Corp did not
install a hardware backdoor in the computer?

Did you install the OS yourself, or let Acme install it?

If you let Acme install the OS, how do you know that Acme did not
install a hidden software backdoor?

If you installed the OS yourself, where did you get the files?

Did you create them all yourself, or use a distribution collection?

If you used a distribution collection, how do you know that your
distribution did not install a software backdoor in the OS during the
install process?

> However, once its in the room, it
> cannot communicate with the outside world, and gets utterly destroyed
> after the encryption process. Turned into ashes.

That just means that it is no longer avaiable for inspection. But that
fact is of no help in determining if there was a backdoor somewhere
/during/ the encryption process.

> Humm... Damn.

On 5/10/2024 2:20 PM, Rich wrote:
> Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
>> On 5/9/2024 3:15 PM, Rich wrote:
>>> Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
>>>> On 5/8/2024 9:27 PM, Marco Moock wrote:
>>>>> Am 07.05.2024 18:20 Uhr schrieb Edward Teach:
>>>>>
>>>>>> Backdoors.
>>>>>>
>>>>>> When people use PRIVATE ENCRYPTION BEFORE any messaging enters a
>>>>>> public channel.......
>>>>>>
>>>>>> ......backdoors are the least of their worries!
>>>>>
>>>>> Isn't enough. There is a time when that message is unencrypted (e.g.
>>>>> when entering it to the crypto application). The operating system can
>>>>> then read the cleartext. If the backdoor is in the OS, X11 etc., it
>>>>> still works here.
>>>>>
>>>>
>>>> Go to a 100% "clean room", cloaked, cannot receive and/or send anything...
>>>>
>>>> Encrypt a message on a clean thumb drive.
>>>
>>> Where did you obtain the thumb drive?
>>>
>>> Did you build it, from the ground up, or did you bring it into the
>>> clean-room after purchase from a vendor?
>>>
>>> If you purchased from a vendor, then how do you know said vendor did
>>> not include a hardware backdoor on that thumb drive?
>>>
>>>> Take out the clean disk with a
>>>> single file on it. Destroy the computer...
>>>
>>> How did the computer get into the clean room? How are you sure that no
>>> hardware on the computer has a backdoor, or that no software running on
>>> the computer has a backdoor?
>>
>> The computer would have to be clean.
>
> Did you manufacture the computer yourself? Or did you buy it from Acme
> corp?

Hopefully it would be manufactured by myself. Say, it's actually clean.
No problems wrt adulteration.

> If you bought it from Acme Corp, how do you know that Acme Corp did not
> install a hardware backdoor in the computer?
>
> Did you install the OS yourself, or let Acme install it?

Hopefully a minimalist OS that "everybody" deemed to be clean. Okay to use.

> If you let Acme install the OS, how do you know that Acme did not
> install a hidden software backdoor?
>
> If you installed the OS yourself, where did you get the files?
>
> Did you create them all yourself, or use a distribution collection?
>
> If you used a distribution collection, how do you know that your
> distribution did not install a software backdoor in the OS during the
> install process?
>
>> However, once its in the room, it
>> cannot communicate with the outside world, and gets utterly destroyed
>> after the encryption process. Turned into ashes.
>
> That just means that it is no longer avaiable for inspection.

Hopefully it passed all inspection _before_ this total destruction event
can occur.

> But that
> fact is of no help in determining if there was a backdoor somewhere
> /during/ the encryption process.

So, is there a way to use a clean room, a clean computer and a clean
medium to store the encrypted file? Assuming clean means clean... ;^o

>
>> Humm... Damn.

Damn again!

Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
>
> So, is there a way to use a clean room, a clean computer and a clean
> medium to store the encrypted file? Assuming clean means clean... ;^o

If you assume that "clean means clean" as to the computer hardware then
you don't necessarily need a "clean room" [1]. You just need the
hardware and software you are using at the time to be clean (as in free
of backdoors).

If they are free of backdoors at the time you are using them then your
actions on them disappear into history unrecorded (beyond whatever
outputs you intentionally made a record of).

[1] If you are being surveiled sufficient that some agency is
monitoring the RF emissions from your computer, at the same time you
encrypt whatever it is you are encrypting, with sufficient detail to
know what you are up to, then you likely have much bigger problems well
beyond whether Acme Corp installed a backdoor into your computer.

Plus keep in mind that "clean room" usually refers to particulate
contaminants, the phrase you likely are looking for is "Faraday cage".

On 5/10/2024 9:49 PM, Rich wrote:
> Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
>>
>> So, is there a way to use a clean room, a clean computer and a clean
>> medium to store the encrypted file? Assuming clean means clean... ;^o
>
> If you assume that "clean means clean" as to the computer hardware then
> you don't necessarily need a "clean room" [1]. You just need the
> hardware and software you are using at the time to be clean (as in free
> of backdoors).
>
> If they are free of backdoors at the time you are using them then your
> actions on them disappear into history unrecorded (beyond whatever
> outputs you intentionally made a record of).
>
>
>
> [1] If you are being surveiled sufficient that some agency is
> monitoring the RF emissions from your computer, at the same time you
> encrypt whatever it is you are encrypting, with sufficient detail to
> know what you are up to, then you likely have much bigger problems well
> beyond whether Acme Corp installed a backdoor into your computer.
>
> Plus keep in mind that "clean room" usually refers to particulate
> contaminants, the phrase you likely are looking for is "Faraday cage".

Right. I would hope a skiff would be okay...?

On 5/10/2024 11:38 PM, Chris M. Thomasson wrote:
> On 5/10/2024 9:49 PM, Rich wrote:
>> Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
[...]
>> [1] If you are being surveiled sufficient that some agency is
>> monitoring the RF emissions from your computer, at the same time you
>> encrypt whatever it is you are encrypting, with sufficient detail to
>> know what you are up to, then you likely have much bigger problems well
>> beyond whether Acme Corp installed a backdoor into your computer.
>>
>> Plus keep in mind that "clean room" usually refers to particulate
>> contaminants, the phrase you likely are looking for is "Faraday cage".
>
> Right. I would hope a skiff would be okay...?

Damn it! SCIF shit... ;^o

On Fri, 10 May 2024 13:21:15 -0700
"Chris M. Thomasson" <chris.m.thomasson.1@gmail.com> wrote:

> On 5/9/2024 3:15 PM, Rich wrote:
> > Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
> >> On 5/8/2024 9:27 PM, Marco Moock wrote:
> >>> Am 07.05.2024 18:20 Uhr schrieb Edward Teach:
> >>>
> >>>> Backdoors.
> >>>>
> >>>> When people use PRIVATE ENCRYPTION BEFORE any messaging enters a
> >>>> public channel.......
> >>>>
> >>>> ......backdoors are the least of their worries!
> >>>
> >>> Isn't enough. There is a time when that message is unencrypted
> >>> (e.g. when entering it to the crypto application). The operating
> >>> system can then read the cleartext. If the backdoor is in the OS,
> >>> X11 etc., it still works here.
> >>>
> >>
> >> Go to a 100% "clean room", cloaked, cannot receive and/or send
> >> anything...
> >>
> >> Encrypt a message on a clean thumb drive.
> >
> > Where did you obtain the thumb drive?
> >
> > Did you build it, from the ground up, or did you bring it into the
> > clean-room after purchase from a vendor?
> >
> > If you purchased from a vendor, then how do you know said vendor did
> > not include a hardware backdoor on that thumb drive?
> >
> >> Take out the clean disk with a
> >> single file on it. Destroy the computer...
> >
> > How did the computer get into the clean room? How are you sure
> > that no hardware on the computer has a backdoor, or that no
> > software running on the computer has a backdoor?
>
> The computer would have to be clean. However, once its in the room,
> it cannot communicate with the outside world, and gets utterly
> destroyed after the encryption process. Turned into ashes.
>
> Humm... Damn.
>
>
> >
> >> Exit the clean room. This disk contains an encrypted file.
> >>
> >> Is it safe?
> >
> > The answer depends upon whether the thumbdrive and/or the computer
> > used in the clean room contained a hardware or software back door.
>

Sorry I started this thread......in my world "private encryption" only
needs to be private for twenty-four hours.....maybe less!!!

After that.......it doesn't matter who knows.................

On 05/06/2024 20:02, Edward Teach wrote:
> On Fri, 10 May 2024 13:21:15 -0700
> "Chris M. Thomasson" <chris.m.thomasson.1@gmail.com> wrote:
>
>> On 5/9/2024 3:15 PM, Rich wrote:
>>> Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
>>>> On 5/8/2024 9:27 PM, Marco Moock wrote:
>>>>> Am 07.05.2024 18:20 Uhr schrieb Edward Teach:
>>>>>
>>>>>> Backdoors.
>>>>>>
>>>>>> When people use PRIVATE ENCRYPTION BEFORE any messaging enters a
>>>>>> public channel.......
>>>>>>
>>>>>> ......backdoors are the least of their worries!
>>>>>
>>>>> Isn't enough. There is a time when that message is unencrypted
>>>>> (e.g. when entering it to the crypto application). The operating
>>>>> system can then read the cleartext. If the backdoor is in the OS,
>>>>> X11 etc., it still works here.
>>>>>
>>>>
>>>> Go to a 100% "clean room", cloaked, cannot receive and/or send
>>>> anything...

The magic word is "air-gapped".

Plus "Faraday caged". Though a faraday cage can transmit magnetic
fields, so "magnetically shielded". And the power supply can transmit
info, so "internally powered". And to stop remote
over-the-shoulder-surfing, "opaque". "Soundproof", of course. Und so weiter.

>>>> Encrypt a message on a clean thumb drive.

A writable CD is better, less places to put a hardware back door. A
blowtorch works well for later secure deletion of the CD. For those who
might object to the fumes, you could print out the ciphertext as a
series of QR type codes on paper, then burn them.

However even then a backdoor might reveal the key in the ciphertext in
eg padding, nonces, through limiting possible key selections etc. etc;
perhaps in encrypted form so only the unintended recipient can read it,
and to make it look random as good ciphertext should look and thus
harder to detect.

That might sound complicated but if you know which encryption algorithms
are to be used and have hardware or software access to the computer
before the encryption is done it is fairly straightforward to implement.

>
> Sorry I started this thread......in my world "private encryption" only
> needs to be private for twenty-four hours.....maybe less!!!
>
> After that.......it doesn't matter who knows.................

For the rest of us mortals (or perhaps more importantly, for our
clients), it can be a matter of life and death, for a lifetime.

100% security is very very very hard, often impossible. Yet security is
still a Boolean (tenth law).

Peter Fairbrother

On 6/5/2024 12:02 PM, Edward Teach wrote:
> On Fri, 10 May 2024 13:21:15 -0700
> "Chris M. Thomasson" <chris.m.thomasson.1@gmail.com> wrote:
>
>> On 5/9/2024 3:15 PM, Rich wrote:
>>> Chris M. Thomasson <chris.m.thomasson.1@gmail.com> wrote:
>>>> On 5/8/2024 9:27 PM, Marco Moock wrote:
>>>>> Am 07.05.2024 18:20 Uhr schrieb Edward Teach:
>>>>>
>>>>>> Backdoors.
>>>>>>
>>>>>> When people use PRIVATE ENCRYPTION BEFORE any messaging enters a
>>>>>> public channel.......
>>>>>>
>>>>>> ......backdoors are the least of their worries!
>>>>>
>>>>> Isn't enough. There is a time when that message is unencrypted
>>>>> (e.g. when entering it to the crypto application). The operating
>>>>> system can then read the cleartext. If the backdoor is in the OS,
>>>>> X11 etc., it still works here.
>>>>>
>>>>
>>>> Go to a 100% "clean room", cloaked, cannot receive and/or send
>>>> anything...
>>>>
>>>> Encrypt a message on a clean thumb drive.
>>>
>>> Where did you obtain the thumb drive?
>>>
>>> Did you build it, from the ground up, or did you bring it into the
>>> clean-room after purchase from a vendor?
>>>
>>> If you purchased from a vendor, then how do you know said vendor did
>>> not include a hardware backdoor on that thumb drive?
>>>
>>>> Take out the clean disk with a
>>>> single file on it. Destroy the computer...
>>>
>>> How did the computer get into the clean room? How are you sure
>>> that no hardware on the computer has a backdoor, or that no
>>> software running on the computer has a backdoor?
>>
>> The computer would have to be clean. However, once its in the room,
>> it cannot communicate with the outside world, and gets utterly
>> destroyed after the encryption process. Turned into ashes.
>>
>> Humm... Damn.
>>
>>
>>>
>>>> Exit the clean room. This disk contains an encrypted file.
>>>>
>>>> Is it safe?
>>>
>>> The answer depends upon whether the thumbdrive and/or the computer
>>> used in the clean room contained a hardware or software back door.
>>
>
> Sorry I started this thread......in my world "private encryption" only
> needs to be private for twenty-four hours.....maybe less!!!
>
> After that.......it doesn't matter who knows.................
>

http://fractallife247.com/test/hmac_cipher/ver_0_0_0_1?ct_hmac_cipher=7cd81c0eb4f827492e1f5cd2c2b8125a66c42bd7448bc55fb1fd02051f30ca503accfe75a9e5bb0adb8eb90ae15dcc3de421c3fdf43a88853dc04a5c20a8d373327fc04cb8e3b0a8f00dd2bf577e8751eacd4239769f4980eb7b4c17d620b1b3bae1d2d48bad80b1136b47bced287007efa7d19102