SlideShare a Scribd company logo
1 of 28
Download to read offline
Backdoor Dreaming
#m0leCon2021 - Carola Frediani
In the Sixties the UK Foreign
Office’s cold war propaganda
arm had been assigned to stir
Indonesian anticommunists into
action to overthrow the Sukarno
regime.
They did it through black
propaganda.
And through backdoored cypher
machines.
Before the online troll farms
Psyops and SIGINT
GCHQ could break and read
Indonesian encrypted
messages without difficulty. A
revealing GCHQ memorandum
highlighted the contribution
which SIGINT could make.
The GCHQ material can “help
the generals to persecute the
PKI (the communist party, nda)
more effectively”.
How come?
The dirty secret of the machines made for secrets
The government was among many
countries using equipment supplied
by Swiss-based company Crypto AG.
For over 50 years, Crypto AG
supplied secretly sabotaged cypher
machines, so that CIA/NSA, BND and
the GCHQ could easily break the
codes.
Crypto AG: the intelligence coup of the century
Boris Hagelin, Crypto’s founder, fled to the US during the war and sold cypher
machines to the army. Then he went back to Switzerland. US intelligence sent
cryptographer William Friedman to persuade Hagelin to sell his most advanced
machines only to US approved countries. In intelligence terms it is a denial
operation.
The breakthrough
Crypto AG shift to electronic devices was the
breakthrough moment for NSA/CIA. To adapt to
the new technology Crytpo AG accepted their
help.
In 1967, Crypto rolled out a new, all-electronic
model, the H-460, whose inner workings were
completely designed by the NSA.
“Foreign governments were paying good money
to the U.S. and West Germany for the privilege
of having their most secret communications
read by at least two (and possibly as many as
five or six) foreign countries.” (from CIA report)
The expansion
NSA didn’t install crude “backdoors” or secretly program the devices to cough up their encryption keys. The
manipulation of Crypto’s algorithms streamlined and shortened the code-breaking process.
The company made at least two versions of its products — secure models sold to friendly governments, and
rigged systems for the rest of the world (WashPost)
The exit
BND left. CIA acquired other crypto
firms, liquidating some of them. The
documents do not disclose any
details about these entities.
The encryption market moved from
hardware to software.
CIA sold Crypto AG.
The steps
Denial operation
Active measures
Take over (or eliminate) competition
Exit
t
The steps
Denial operation
Active measures
Take over or eliminate competition
Exit
Technological shift
Technological shift
The mastermind
Paul Calder Le Roux is a former criminal
cartel boss. A drug lord. A kingpin. A
weapons trafficker. He has been arrested
in September 2012 and sentenced to 25
years. He was involved in money
laundering, drug and arms trafficking,
organized crime, fraud. He later admitted
seven murders.
But he was also a talented programmer.
Someone even speculated that Le Roux
could be Satoshi Nakamoto.
TrueCrypt prequel
There is a connection between Le
Roux and TrueCrypt.
What we know is that Le Roux is
responsible for creating an
open-source disk encryption
platform called E4M, Encryption for
the Masses. He even wrote a
manifesto: “The battle for privacy has
long since been lost in the real
world”.
I
TrueCrypt release
Le Roux went on to work for a security
company, SecurStar, that later accused him
of having incorporated some of his work
into E4M.
In 2004, a group of anonymous
developers released a new free
file-encryption program, TrueCrypt, built
on the code for E4M.
There was a controversy with SecurStar.
But the anonymous programmers
maintained TrueCrypt. Not clear how they
funded it.
I
TrueCrypt rumors
Around 2013, after the NSAgate,
some speculation arose about the
presence of a backdoor in TrueCrypt.
A crowdfunding campaign was
launched in order to audit it.
“Okay, the sources of TrueCrypt are
available and will probably be
audited seriously, but the binaries (for
Windows) present on the site, do they
contain a backdoor?”, asked an
article.
A researcher compiled it and
answered no (reached a very close
match with the official binaries)
TrueCrypt farewell
The TrueCrypt project was abruptly shut down on May 28, 2014. And this also fuelled speculations.
“They set the whole thing on fire” - Matthew Green
TrueCrypt audit
“The TL;DR is that based on this audit, Truecrypt appears to be a relatively well-designed piece
of crypto software. The NCC audit found no evidence of deliberate backdoors, or any severe
design flaw” - 2015
TL;DR
“Just to be clear, Paul Calder LeRoux wrote
E4M, the precursor to Truecrypt. He then went
on to become, essentially, a James Bond villain.
Truecrypt 1.0 was a fork of E4M made by two
anonymous authors. There was a legal tussle,
and 1.0 was pulled. 2.0 was later released.
The Truecrypt authors were anonymous but
clearly had some funding. They hired lawyers
and filed trademarks. There is no evidence that
LeRoux maintained a connection to Truecrypt
development while he built his criminal empire.
He used it though.
Γνώθι σαυτόν (and your VPN provider)
Crossrider Kape Technologies
They acquired:
● CyberGhost VPN
● Zenmate VPN
● Private Internet Access VPN
● Express VPN (one of major providers)
● a collection of VPN review websites
Incidentally, Express VPN CIO has been
involved in Project Raven, the mercenary
cyberspy unit of the UAE.
Dangerous liaisons
“The combination of malicious ad-network+VPN-provider means that not only can they profile
specific users, but they can also manipulate their traffic. And that’s where the real magic enters
the picture as ‘TNI’!” (‘Tactical network injection, nda).
“Think about it, it’s not only cheaper, people are paying you to run this, you also make ad
revenue, you can sell their data, AND you can occasionally serve some other shady interest by
profiling user traffic and infecting some special unsuspecting customers”
Conclusions?
When does the backdoor dreaming come true?
Enabling factors:
● Technological shit
Conclusions?
When does the backdoor dreaming come true?
Enabling factors:
● Technological shit
● Ideological drive
Conclusions?
When does the backdoor dreaming come true?
Enabling factors:
● Technological shit
● Ideological drive
● Market concentration/dominance
Conclusions?
When does the backdoor dreaming come true?
Enabling factors:
● Technological shit
● Ideological drive
● Market concentration/dominance
● Strong market demand
Conclusions?
When does the backdoor dreaming come true?
Enabling factors:
● Technological shit
● Ideological drive
● Market concentration/dominance
● Strong market demand
● Failure of other containment strategies
Conclusions?
When does the backdoor dreaming come true?
Enabling factors:
● Technological shit
● Ideological drive
● Market concentration/dominance
● Strong market demand
● Failure of other containment strategies
Conclusions?
When does the backdoor dreaming come true?
Enabling factors:
● Technological shit
● Ideological drive
● Market concentration/dominance
● Strong market demand
● Failure of other containment strategies
● Other?
Conclusions?
What do you need to trust a security product?
● Open source code?
● Audits?
● A transparent history?
● Known developers?
● Wide community?
● Funds source?
● A diversified market?
● Competitors existence?
● Ideology affinity?
● Other?
Thank you!
Carola Frediani
Twitter: @carolafrediani
Website and Newsletter:
https://guerredirete.it/

More Related Content

What's hot

AVTokyo 2013.5 - China is a victim, too :-) (English version)
AVTokyo 2013.5 - China is a victim, too :-) (English version)AVTokyo 2013.5 - China is a victim, too :-) (English version)
AVTokyo 2013.5 - China is a victim, too :-) (English version)Anthony Lai
 
NSA's Secret Google-Like Search Engine for Metadata Analysis
NSA's Secret Google-Like Search Engine for Metadata AnalysisNSA's Secret Google-Like Search Engine for Metadata Analysis
NSA's Secret Google-Like Search Engine for Metadata AnalysisMichael Holt
 
Ramon Vicens & Antonio Molina - Seguimiento de actores cibercriminales en Dar...
Ramon Vicens & Antonio Molina - Seguimiento de actores cibercriminales en Dar...Ramon Vicens & Antonio Molina - Seguimiento de actores cibercriminales en Dar...
Ramon Vicens & Antonio Molina - Seguimiento de actores cibercriminales en Dar...RootedCON
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Cain Ransbottyn
 
Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverCloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverEC-Council
 
Mac129 med102 hackers lecture
Mac129 med102 hackers lectureMac129 med102 hackers lecture
Mac129 med102 hackers lectureRob Jewitt
 
Cyber security crypto blockchain Version 3.2
Cyber security crypto blockchain Version 3.2Cyber security crypto blockchain Version 3.2
Cyber security crypto blockchain Version 3.2Jorge Sebastiao
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdStrike
 
CrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the IndicatorCrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the IndicatorCrowdStrike
 
Empowering red and blue teams with osint c0c0n 2017
Empowering red and blue teams with osint   c0c0n 2017Empowering red and blue teams with osint   c0c0n 2017
Empowering red and blue teams with osint c0c0n 2017reconvillage
 
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNorth Texas Chapter of the ISSA
 

What's hot (14)

AVTokyo 2013.5 - China is a victim, too :-) (English version)
AVTokyo 2013.5 - China is a victim, too :-) (English version)AVTokyo 2013.5 - China is a victim, too :-) (English version)
AVTokyo 2013.5 - China is a victim, too :-) (English version)
 
NSA's Secret Google-Like Search Engine for Metadata Analysis
NSA's Secret Google-Like Search Engine for Metadata AnalysisNSA's Secret Google-Like Search Engine for Metadata Analysis
NSA's Secret Google-Like Search Engine for Metadata Analysis
 
Ramon Vicens & Antonio Molina - Seguimiento de actores cibercriminales en Dar...
Ramon Vicens & Antonio Molina - Seguimiento de actores cibercriminales en Dar...Ramon Vicens & Antonio Molina - Seguimiento de actores cibercriminales en Dar...
Ramon Vicens & Antonio Molina - Seguimiento de actores cibercriminales en Dar...
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
 
Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff SilverCloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
Cloud Proxy Technology – Hacker Halted 2019 – Jeff Silver
 
Mac129 med102 hackers lecture
Mac129 med102 hackers lectureMac129 med102 hackers lecture
Mac129 med102 hackers lecture
 
10 notorious female hackers.pptx
10 notorious female hackers.pptx10 notorious female hackers.pptx
10 notorious female hackers.pptx
 
Agent handling
Agent handlingAgent handling
Agent handling
 
Cyber security crypto blockchain Version 3.2
Cyber security crypto blockchain Version 3.2Cyber security crypto blockchain Version 3.2
Cyber security crypto blockchain Version 3.2
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
 
Espionage
EspionageEspionage
Espionage
 
CrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the IndicatorCrowdCasts Monthly: Going Beyond the Indicator
CrowdCasts Monthly: Going Beyond the Indicator
 
Empowering red and blue teams with osint c0c0n 2017
Empowering red and blue teams with osint   c0c0n 2017Empowering red and blue teams with osint   c0c0n 2017
Empowering red and blue teams with osint c0c0n 2017
 
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
 

Similar to Backdoor Dreaming

wp-understanding-ransomware-strategies-defeat
wp-understanding-ransomware-strategies-defeatwp-understanding-ransomware-strategies-defeat
wp-understanding-ransomware-strategies-defeatRobert Leong
 
On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...Matthew Kurnava
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyCRS4 Research Center in Sardinia
 
The ClearScore Darkpaper: The danger of the dark web 2020
The ClearScore Darkpaper: The danger of the dark web 2020The ClearScore Darkpaper: The danger of the dark web 2020
The ClearScore Darkpaper: The danger of the dark web 2020Jayna Mistry
 
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...Lior Rotkovitch
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh
 
Your money or your files
Your money or your filesYour money or your files
Your money or your filesRoel Palmaers
 
KASPERSKY SECURITY BULLETIN 2013
KASPERSKY SECURITY BULLETIN 2013KASPERSKY SECURITY BULLETIN 2013
KASPERSKY SECURITY BULLETIN 2013Kappa Data
 
Stalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon TalkStalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon TalkE Hacking
 
Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Kenneth Carnesi, JD
 
DarkNet_article_wn17
DarkNet_article_wn17DarkNet_article_wn17
DarkNet_article_wn17Ed Alcantara
 
DarkNet_article_wn17
DarkNet_article_wn17DarkNet_article_wn17
DarkNet_article_wn17Ed Alcantara
 
IETE mid-term symposium on digital forensics and information security : 23 M...
 IETE mid-term symposium on digital forensics and information security : 23 M... IETE mid-term symposium on digital forensics and information security : 23 M...
IETE mid-term symposium on digital forensics and information security : 23 M...anupriti
 
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"CloudCamp Chicago
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionBharat Thakkar
 

Similar to Backdoor Dreaming (20)

wp-understanding-ransomware-strategies-defeat
wp-understanding-ransomware-strategies-defeatwp-understanding-ransomware-strategies-defeat
wp-understanding-ransomware-strategies-defeat
 
On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...On How the Darknet and its Access to SCADA is a Threat to National Critical I...
On How the Darknet and its Access to SCADA is a Threat to National Critical I...
 
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economyRaoul chiesa - Auditing the hacker mind - da wargames a underground economy
Raoul chiesa - Auditing the hacker mind - da wargames a underground economy
 
The ClearScore Darkpaper: The danger of the dark web 2020
The ClearScore Darkpaper: The danger of the dark web 2020The ClearScore Darkpaper: The danger of the dark web 2020
The ClearScore Darkpaper: The danger of the dark web 2020
 
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...
The 1B Data Leak, TrickBot Gang Shift and Cyber Espionage - F5 SIRT This Week...
 
NCSO
NCSONCSO
NCSO
 
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South AfricaPukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
Pukhraj Singh - Keynote - ITWeb Security Summit-2019, Johannesburg, South Africa
 
Your money or your files
Your money or your filesYour money or your files
Your money or your files
 
KASPERSKY SECURITY BULLETIN 2013
KASPERSKY SECURITY BULLETIN 2013KASPERSKY SECURITY BULLETIN 2013
KASPERSKY SECURITY BULLETIN 2013
 
Stalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon TalkStalking a City for Fun and Frivolity" Defcon Talk
Stalking a City for Fun and Frivolity" Defcon Talk
 
Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01
 
Drm and crypto
Drm and cryptoDrm and crypto
Drm and crypto
 
DarkNet_article_wn17
DarkNet_article_wn17DarkNet_article_wn17
DarkNet_article_wn17
 
DarkNet_article_wn17
DarkNet_article_wn17DarkNet_article_wn17
DarkNet_article_wn17
 
nullcon 2010 - Underground Economy
nullcon 2010 - Underground Economynullcon 2010 - Underground Economy
nullcon 2010 - Underground Economy
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
IETE mid-term symposium on digital forensics and information security : 23 M...
 IETE mid-term symposium on digital forensics and information security : 23 M... IETE mid-term symposium on digital forensics and information security : 23 M...
IETE mid-term symposium on digital forensics and information security : 23 M...
 
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
Cloudcamp Chicago Nov 2104 Fintech - Dwight Koop "East / West Chalkboard Talk"
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - Introduction
 
Drm and crypto
Drm and cryptoDrm and crypto
Drm and crypto
 

Recently uploaded

AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101vincent683379
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKUXDXConf
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2DianaGray10
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Julian Hyde
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessUXDXConf
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...FIDO Alliance
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoTAnalytics
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfFIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1DianaGray10
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsStefano
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyUXDXConf
 
Buy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptxBuy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptxEasyPrinterHelp
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIES VE
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceSamy Fodil
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...CzechDreamin
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlPeter Udo Diehl
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastUXDXConf
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon
 

Recently uploaded (20)

AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
Buy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptxBuy Epson EcoTank L3210 Colour Printer Online.pptx
Buy Epson EcoTank L3210 Colour Printer Online.pptx
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 

Backdoor Dreaming

  • 2. In the Sixties the UK Foreign Office’s cold war propaganda arm had been assigned to stir Indonesian anticommunists into action to overthrow the Sukarno regime. They did it through black propaganda. And through backdoored cypher machines. Before the online troll farms
  • 3. Psyops and SIGINT GCHQ could break and read Indonesian encrypted messages without difficulty. A revealing GCHQ memorandum highlighted the contribution which SIGINT could make. The GCHQ material can “help the generals to persecute the PKI (the communist party, nda) more effectively”. How come?
  • 4. The dirty secret of the machines made for secrets The government was among many countries using equipment supplied by Swiss-based company Crypto AG. For over 50 years, Crypto AG supplied secretly sabotaged cypher machines, so that CIA/NSA, BND and the GCHQ could easily break the codes.
  • 5. Crypto AG: the intelligence coup of the century Boris Hagelin, Crypto’s founder, fled to the US during the war and sold cypher machines to the army. Then he went back to Switzerland. US intelligence sent cryptographer William Friedman to persuade Hagelin to sell his most advanced machines only to US approved countries. In intelligence terms it is a denial operation.
  • 6. The breakthrough Crypto AG shift to electronic devices was the breakthrough moment for NSA/CIA. To adapt to the new technology Crytpo AG accepted their help. In 1967, Crypto rolled out a new, all-electronic model, the H-460, whose inner workings were completely designed by the NSA. “Foreign governments were paying good money to the U.S. and West Germany for the privilege of having their most secret communications read by at least two (and possibly as many as five or six) foreign countries.” (from CIA report)
  • 7. The expansion NSA didn’t install crude “backdoors” or secretly program the devices to cough up their encryption keys. The manipulation of Crypto’s algorithms streamlined and shortened the code-breaking process. The company made at least two versions of its products — secure models sold to friendly governments, and rigged systems for the rest of the world (WashPost)
  • 8. The exit BND left. CIA acquired other crypto firms, liquidating some of them. The documents do not disclose any details about these entities. The encryption market moved from hardware to software. CIA sold Crypto AG.
  • 9. The steps Denial operation Active measures Take over (or eliminate) competition Exit t
  • 10. The steps Denial operation Active measures Take over or eliminate competition Exit Technological shift Technological shift
  • 11. The mastermind Paul Calder Le Roux is a former criminal cartel boss. A drug lord. A kingpin. A weapons trafficker. He has been arrested in September 2012 and sentenced to 25 years. He was involved in money laundering, drug and arms trafficking, organized crime, fraud. He later admitted seven murders. But he was also a talented programmer. Someone even speculated that Le Roux could be Satoshi Nakamoto.
  • 12. TrueCrypt prequel There is a connection between Le Roux and TrueCrypt. What we know is that Le Roux is responsible for creating an open-source disk encryption platform called E4M, Encryption for the Masses. He even wrote a manifesto: “The battle for privacy has long since been lost in the real world”. I
  • 13. TrueCrypt release Le Roux went on to work for a security company, SecurStar, that later accused him of having incorporated some of his work into E4M. In 2004, a group of anonymous developers released a new free file-encryption program, TrueCrypt, built on the code for E4M. There was a controversy with SecurStar. But the anonymous programmers maintained TrueCrypt. Not clear how they funded it. I
  • 14. TrueCrypt rumors Around 2013, after the NSAgate, some speculation arose about the presence of a backdoor in TrueCrypt. A crowdfunding campaign was launched in order to audit it. “Okay, the sources of TrueCrypt are available and will probably be audited seriously, but the binaries (for Windows) present on the site, do they contain a backdoor?”, asked an article. A researcher compiled it and answered no (reached a very close match with the official binaries)
  • 15. TrueCrypt farewell The TrueCrypt project was abruptly shut down on May 28, 2014. And this also fuelled speculations. “They set the whole thing on fire” - Matthew Green
  • 16. TrueCrypt audit “The TL;DR is that based on this audit, Truecrypt appears to be a relatively well-designed piece of crypto software. The NCC audit found no evidence of deliberate backdoors, or any severe design flaw” - 2015
  • 17. TL;DR “Just to be clear, Paul Calder LeRoux wrote E4M, the precursor to Truecrypt. He then went on to become, essentially, a James Bond villain. Truecrypt 1.0 was a fork of E4M made by two anonymous authors. There was a legal tussle, and 1.0 was pulled. 2.0 was later released. The Truecrypt authors were anonymous but clearly had some funding. They hired lawyers and filed trademarks. There is no evidence that LeRoux maintained a connection to Truecrypt development while he built his criminal empire. He used it though.
  • 18. Γνώθι σαυτόν (and your VPN provider) Crossrider Kape Technologies They acquired: ● CyberGhost VPN ● Zenmate VPN ● Private Internet Access VPN ● Express VPN (one of major providers) ● a collection of VPN review websites Incidentally, Express VPN CIO has been involved in Project Raven, the mercenary cyberspy unit of the UAE.
  • 19. Dangerous liaisons “The combination of malicious ad-network+VPN-provider means that not only can they profile specific users, but they can also manipulate their traffic. And that’s where the real magic enters the picture as ‘TNI’!” (‘Tactical network injection, nda). “Think about it, it’s not only cheaper, people are paying you to run this, you also make ad revenue, you can sell their data, AND you can occasionally serve some other shady interest by profiling user traffic and infecting some special unsuspecting customers”
  • 20. Conclusions? When does the backdoor dreaming come true? Enabling factors: ● Technological shit
  • 21. Conclusions? When does the backdoor dreaming come true? Enabling factors: ● Technological shit ● Ideological drive
  • 22. Conclusions? When does the backdoor dreaming come true? Enabling factors: ● Technological shit ● Ideological drive ● Market concentration/dominance
  • 23. Conclusions? When does the backdoor dreaming come true? Enabling factors: ● Technological shit ● Ideological drive ● Market concentration/dominance ● Strong market demand
  • 24. Conclusions? When does the backdoor dreaming come true? Enabling factors: ● Technological shit ● Ideological drive ● Market concentration/dominance ● Strong market demand ● Failure of other containment strategies
  • 25. Conclusions? When does the backdoor dreaming come true? Enabling factors: ● Technological shit ● Ideological drive ● Market concentration/dominance ● Strong market demand ● Failure of other containment strategies
  • 26. Conclusions? When does the backdoor dreaming come true? Enabling factors: ● Technological shit ● Ideological drive ● Market concentration/dominance ● Strong market demand ● Failure of other containment strategies ● Other?
  • 27. Conclusions? What do you need to trust a security product? ● Open source code? ● Audits? ● A transparent history? ● Known developers? ● Wide community? ● Funds source? ● A diversified market? ● Competitors existence? ● Ideology affinity? ● Other?
  • 28. Thank you! Carola Frediani Twitter: @carolafrediani Website and Newsletter: https://guerredirete.it/