Big Brother

We had a guy in the shop today looking for encryption software to send emails with, he was almost paranoid about eavesdroppers. I told him to do a web search for PGP and sent him on his way, encryption not really being my forté and I didn't want to get into a long conversation about it anyway. It did however get me to thinking about it. Most people take it as "probably true " that governments and security agencies monitor emails. But when you think about it, it is an enormous undertaking to do so. I myself run several SMTP servers for our own vISP we supply with some PC systems, and no government or security agency has ever approached me wanting to monitor them, which they would have to do since the servers are located at our own site. So assuming an email is sent from one of our users to another of our users, there's no way anyone can monitor it unless they are directly packet sniffing at the backbone routers. Plus a lot of our users are connected directly to our VPN AP via wireless for internet access (local users obviously), two users like this sending emails to each other would remain completely within our system and thus couldn't be seen by the men in black unless they somehow were able to sniff the wireless packets which means they would need a local wi-fi sniffer and be able to decrypt the VPN encryption which is highly improbable. Mainly however, to monitor emails, a government would need to either place some kind of monitoring system at the ISP mail servers or directly sniff packets at the backbone. This again creates problems, ISPs and Backbone providers are normal companies that employ normal people. a goverment agent can't just sneak in there and install monitoring devices or software without anyone noticing. So in order to do it they would have to directly co-operate with the people running the ISPs and Backbones, this means that average people would have to be aware of it, and average people can't keep their mouths shut, especially after several vodkas.

I personally think that the paranoia surrounding electronic monitoring is blown way way way out of proportion. Governments and the like have no real way to monitor emails like most people think they have. The biggest danger comes from spotty packet kiddies who manage to get Jobs at ISPs and Backbone suppliers and wreak havoc sniffing.

 

I knew that the oob encryptions for wireless were not particularly brilliant which is why we use a non-secured router that (via TCP filters) allows only VPN traffic in and out and then require clients to use VPN to connect. The encryption being a hell of a lot more secure than WEP or WPA. After reading what you said, I did a web search and was astounded at just how "available" the software tools for WEP cracking were.

My point about communication monitoring is that it would be logistically impossible to monitor everything all the time, and even the very small percentage they do monitor will not contain much worth monitoring. I would imagine that most people who absolutely do not want their communications read will be using custom encryptions that are next to impossible for anyone to decode, even the military. So it would seem there is little point in doing it at all.

I think the biggest security issue these days is the Microsoft paranoia about software piracy. I personally have fully legal copies of Windows, both XP Home and Vista Business (Although I am not a fan of Vista at all). The Genuine notifications and update policies (although I am aware that automatic updates still work on non-legit windows) tend to make people who run illegal copies of windows not update them, this leads to an unstable situation on the internet with potentially millions of vulnerable unupdated windows PCs that could be used to cause major mahem. I've posted this concern on other boards before, but no one seems to quite understand what I mean. Often I get the respose "If they want to use illegal software then that's their problem, they shouldn't get updates or support and they deserve to get hacked ". In principle I agree with that, but not only is it not the point I am trying to make, in practise it's quite a different story. Large botnets, run by less than tasty organisations are going to start becoming a real security issue very soon in my opinion, and you can bet that most of the systems in the botnets will be pirate unupdated Windows PCs. It's naive to think that everyone will suddenly start to use fully legal software, they won't. There will always be a vast amount of people running dodgy stuff, and these are the problem, there's no way to find them all, never will be, so it has to be accepted and the danger has to be realised before it gets a very very big problem, for us all not just the software pirates.

Microsoft must allow (or be made to allow) updates to illegal users without nags or threats, anything that makes the people using non-legit windows stop updating it, is bad for us all.