Your Own Personal Enclave: The Smart Card Reader on the Librem 5


#21

What happens when the old floppy is no longer readable?

Better repeat the entire process a few times so that at least one set of files survives in order to reconstitute the one original useful file.

Not disagreeing with your technical perspective but … if it is already an issue that the government is trying to crack “your phone” then you are already in serious trouble (whether guilty or not) and, as already commented by someone else, you can sit in jail - not found guilty of any underlying crime - forever, if that’s how long it takes them to fail to decrypt your unbreakable system. The details do of course depend on what country you are in.


#22

I have to agree with you, but this too brings up an obvious conclusion. Just as there is always a way to hide stuff so too is there no possibility of any person ever satisfying any authorities! That is a truly horrible reality.


#23

So you need a custom algorithm that encrypts the same locked data bits in to two different possible interpretations (one real and one a decoy depending on how they’re unlocked) that can be decrypted in either of two ways. The first one is extremely difficult to crack. But the other one is easily cracked and unlocks only a persona that contains data of your choosing and that is not your real data. It’s only a fancy artifact that is a product of your real data and the encryption algorithm and therefore occupies no space of its own. The encrypting algorithm could match data sizes between the two personas (real and fake) so that if the data you want to protect is larger than the decoy persona, the decoy persona could be made by the encryption algorithm to match in size by adding a bitmap image of a cat (for example) to fill the extra space. Let them hack on that bitmap image of the cat all they want. There is nothing there because it is only one encrypted piece of the real data and they won’t even see that it contains some encrypted data because it’s an image of a cat with no unusual pixils since the cat image was artificially created around the pieces of encrypted data, to hide the deeply-hidden data more-so than to present a beautiful image of a cat. Perhaps the cat image could also appear to have been hand drawn to hide the apparent errors of what appears to have come from a human artist. This decoy persona tells the cracker they’ve succeeded at getting in to your data. But if they had the real keys, they could have gotten in to your real locked data. But they’ll never look that hard because they’ll believe that they’ve seen all there is to see and move on. Every bit of data on the encrypted drive will be accounted for and will appear to mean something to those who hacked in.


#24

Is this like a Veracrypt hidden volume?

https://www.veracrypt.fr/en/Hidden%20Volume.html


#25

It’s only a fancy artifact that is a product of your real data and the encryption algorithm and therefore occupies no space of its own.

I think that that would be difficult to achieve. I don’t see how something of any meaning could come out of thin air. If you have hidden another interpretation within no extra space. I would think that the formula for interpreting it would pretty much become the data in that it would be huge. Somewhere, there needs to be a complexity of detail that translates to the same amount of data as what you wish to have in both interpretations. By asking to have X real data and X fake data you are demanding 2X from a 1X device. You might lie about the device size of something that you physically hacked, but a mass-produced item is a known thing. Therefore your nemesis will probably be able to read the Gb on the label and demand to see that amount of data. For that reason, it is far easier for the real persona to be very small, and the fake one to be what is stated on the label.
There is a possibility to cheat a little bit and demand something like 1.1X from a 1X device. You have two options that I can see (and I am no expert): make 1.1X out of 1X using data compression or put 0.1 worthless data in the visible area and use that for yourself while pretending that all the data pertains to the fake identity.


#26

I don’t know all of the specific details except that it did require a hardware modification. My understanding is it’s also possible to apply the modification on previous batches like Chestnut but again, I don’t have the details of what’s involved at the moment or what kind of expertise you’d need. Perhaps something we should look into adding to the Birch and Chestnut sections of our wiki.


#27

Since the conversation has moved to steganography and other spycraft (hidden partitions, duress codes, etc) as a means to cross borders with sensitive data I feel obligated to underscore why I advise against such practices and any others that have you to smuggle sensitive data across a border where it could be confiscated by the authorities. I would still advise people to travel only with information they are willing to share so they can fully comply with searches safely and not put their faith in any of those spycraft measures for two reasons:

  1. You are a bad liar and an inexperienced smuggler.
  2. Border agents are professional lie detectors.

Border agents are trained to detect lying and suspicious behavior and indeed a major part of their job is to detect contraband that someone is attempting to smuggle across the border. This is a level above just detecting someone bluffing at a poker table, although it’s a related skill. Smuggling digital contraband isn’t any different from smuggling drugs, cash, or other contraband from the perspective of a customs agent. They don’t know ahead of time what you are smuggling, but during the standard questioning they will detect you are hiding something because you are a bad liar and inexperienced smuggler.

By crossing the border only with data and luggage you are willing for them to rifle through, your conscience won’t trigger the natural tells that will tip off a customs agent. You can cross the border with a clear conscience and your sensitive data will be safe at home.


#28

Yes, it would be awesome if the changes were outlined. I am pretty skilled with a soldering iron (I have desoldered and replaced 0402 resistors successfully) so if I knew what needed to be changed I might give it a shot.


#29

That brings up another point, which is never to manufacture a device that tries to hide a persona, as it will be flagged down. Of course having said that, I still stand by the obvious conclusion that no authority can ever be satisfied and rather leave all devices at home.


#30

or you use a > https://en.wikipedia.org/wiki/Rubik's_Cube to make yourself feel like Snowden :wink:


#31

As a speed cuber myself, I can vouch that some speed cubes work great for microSD storage but not all have enough room so buyer beware.


#32

as a third point to your first two you already gave a few posts up

  1. you’ve just had your first “anti-virus” vaccine in q3 2020 and you suspect that your blood stream might now contain a huge number of near-invisible nano-bots that can be used to extract secrets and more accurately determine if a person is lying or not

#33

Not necessarily easy to achieve.

https://en.wikipedia.org/wiki/Deniable_encryption#Forms_of_deniable_encryption (first paragraph)

If you do really mean a “custom algorithm” then there is also some risk that if you are not a qualified and skilled cryptographer, your custom algorithm will be easily breakable. Even many “official” widely used algorithms have over time been found to contain chinks in their armor. So are you confident that yours will be as good or better?

I’ve said it before in this forum but my own personal stance (not binding on anyone else!) is … don’t take your phone across borders.

If your phone contains sensitive data, leave it at home.

Buy a second Librem 5 for travel use. :wink:


#34

That may be of interest to some but I’d like to point out that that scenario is not the only one and should not be the reference point for good and encompassing safety and security measures. Duress measures for example could be reasonable for someone in a bad personal or social relationship. There are probably many possible variations on all levels of interaction between that low level and anything that involves countries and their various organizations.

Although a possible example, it should not become the onlyone guiding actions. There are many other scenarios in other countries, in other systems that are more daily. It is be better to give more options to choose from (of which the smart card is one good one, but just one). This will allow to have more depth in defence, more versatility to cover different use cases (non-threats) and keeps possible baddies guessing (stegano plays into this but it’s not for all). It’s not just governmental authorities (or commercial - or other organized/international crime) but often just locally criminal.

Just because there is one good sounding solution, it does not cover all. Sec&safety measures should not only have depth per se, but they should also be at the same or similar level (at least more or less - and there is absolute and relative levels). Balanced, in a sense. To exaggerate, it doesn’t work if one component or aspect is state of the art, if the others are weak(est link) - those can be exploited. And it’s not just technical: https://xkcd.com/538/

I’d also like to add that L5 has the potential to have a very unique combination of features and sec&safety enhancing aspects. The killswitces are good. Known HW and bloblessness a trustable foundation. Linux is nice. The card is one. But to me, the xkcd example for instance has not been addressed (related: using video to catch login). And user still needs to add appropriate messaging, backups, services, VPNs etc.


#35

a crypto nerds’ imagination stops when hurting other people is involved. only the “pigs” imagination “transcends” that boundary … :unlock:


#36

I am not saying that Purism should make devices with the intent to circumvent the laws of any country. And as an average law abiding person I really don’t have anything that needs to be hidden anyway. But if any government were to routinely and randomly search people’s homes to assure that no one is breaking the law, that society would have problems. We should be able to lock our doors and privacy should always be the default.


#37

… or worse, if it is to assure other things - and we assume in the former case that the law in question is even just.

However this ties in with the point I was making above.

There is “mass surveillance” and we absolutely should do everything in our power to push back against that - including supporting products and services that work towards that goal.

And then there is “one guy” who gets pulled out of the line while crossing a border. If someone thinks that his or her smarts and technology is going to win against a government in that situation then that is very likely to be optimistic, given how the system is weighted in favor of the government.


#38

perhaps that has something to do with the fact that we are so MANY :slight_smile:


#39

Taiwan is currently saying that it is illegal for people under quarantine to prevent the authorities from tracking them via the cellular modem in their phones. If you put your phone in airplane mode or turn it off, the police will show up at your door and tell you to turn it back on. I wonder if we will ever see countries banning the sale of phones like the Librem 5 because they might be used to subvert the government’s ability to conduct surveillance.


#40

but if you want to make a standard unecrypted voice call or send a plain text sms message not even the L5 will help much there. at this point for them is just showing off since they control the global telecom infrastructure … like building 5G radio masts while everybody else is under lockdown and calling it “essential-labor”

what is 4G suddenly not good enough anymore ?

and to the point of surveillance - i believe even Snowden said that should be allowed to happen if they do it ONLY localised and contained to key targets … but doing that everywhere and with no warrant is absolutely Orwellian and beyond 1984 …