HTTPS Everywhere – what is it good for?

There’s a growing chorus of voices in infosec these days, calling for the effective deprecation of unencrypted traffic over the web. The only useful purpose port 80 serves these days, they argue, is to redirect to port 443.

Their arguments tend to run along these lines:

  1. HTTPS is the right way to handle encryption on your website (and other services, too). That’s true. It’s a well-established, well-understood standard that has gone through some awkward moments, but has emerged from the process as a robust and easy-to-use security layer on your web server.
  2. HTTPS protects you from unethical ISPs/states/actors who like to inject your traffic with unwanted ads and other nasties. That’s somewhat true, but requires a little unpacking, because there are some notable edge cases:
    1. Many corporations install their own certificate authority on approved devices, and use their own certificates to intervene in communications between you and other secure sites. This allows them to sit in the middle of your communication with your bank, for example.
    2. Anyone who can get access to either of the end points can simply watch the unencrypted traffic on either end, rendering any security measures in the communications protocol moot.
    3. Setting up and breaking down a secure session is an extremely difficult process that is well-understood by a very few people. The theory is clear enough, but applying it in practice can get hairy. The 2016 WPAD exploit is a prime example. It was demonstrated that you could use a near-obsolete, insecure method of discovering your network’s proxy settings to eavesdrop on secure communications. (Of course, if you could manipulate that setting, you could pretty much do what you want to the browser anyway. The point here is that there are ways for people to eavesdrop on your secure communications and leave you none the wiser, with or without HTTPS.)
    4. Establishing the identity of remote sites is still a bit fraught. It’s better today than it was in the past, but an SSL cert on its own is insufficient in the absence of a broader, systematic web of trust. These things require international cooperation, protocols and standards. Not all parties want the same thing, and few indeed are focused only on what’s best for the end user’s privacy. HTTPS Everywhere doesn’t move the markers in this part of the debate.
    5. Cross-site tracking cookies are a much more pernicious and troubling way for unscrupulous commercial actors to inject themselves into your day to day web traffic.

None of these are arguments against the use of HTTPS. You should use it when you can. Just because the other guy’s going to win doesn’t mean you shouldn’t at least make him work for it. But these are considerations that have to be borne in mind when people start suggesting that a web with HTTPS everywhere is a safer, more private place for everyone.

  1. HTTPS is growing in use. Get on board! That’s an argumentum ad populum. It’s a useful observation—and a Good Thing—but not reason to move in and of itself.
  2. Plain old HTTP is insecure, and untrustworthy. The first part is true, and people should know it. Google Chrome’s recent decision to mark all plain text websites as insecure is a good move. But the question of trust is more a practical than a technical issue. In other words, you can communicate securely with an untrustworthy information source, and you can communicate insecurely with a trustworthy source. Trust between end points needs to be distinguished from trust in the communications medium. Technical experts who advocate for HTTPS everywhere sometimes confuse the two. Non-technical people often do. Which means we have to be extremely circumspect about what we promise when we talk about making things more secure for them.
  3. HTTPS is secure and will protect you from eavesdropping. Yes it is, and no it will not. Yes, the protocol is solid. It’s really easy to do right (which is incredibly important for security), and it works for the purpose intended. But it’s only one part of a much, much bigger picture. As Bruce Schneier is fond of saying, the bad guys only need to find one way to win. Most systems have more than one way in. Many systems allow state-sanctioned eavesdroppers in through the front door.
  4. Encrypting even normal traffic means that you’re protected from state surveillance across the board. If they can’t differentiate your traffic, it makes it harder for them to single out the things they object to. Sad to say, the real world doesn’t work that way.

If a state wants to watch what you’re accessing over the web, they will find a way. At very least, they will know the end points you’re connecting to. If they’ve singled you out for observation, you’re going to face issues even if you use TOR, VPNs and other tools. Between compromised devices, networks and information providers, your options are quite limited if people decide to watch you individually.

If you’re not being singled out, they probably don’t care what you’re looking at. They might care about individual sources, but in cases like that, they’ll just block the site sources.

But wait—what about someone who’s not yet been targeted, and doesn’t want to be? Good question. There’s a marginal case there, but again, using HTTPS Everywhere is probably not going to be the decisive factor. It sure isn’t in China.

There are very good reasons to support the spread of HTTPS. Anybody who tells you otherwise is just… wrong. You should use it when you’re doing anything that involves your personal information. That includes everything from chatting with friends about what movies are good to transferring millions into your superyacht fund.

But to conclude from this that ‘the only purpose for port 80 these days is to redirect to HTTPS’ is a bit naïve, sad to say. It assumes that there are technical solutions to social/political problems. That’s not necessarily true:

  1. We’d be vastly better off with regulatory/legislative intervention to stop ISPs and others from messing with your web traffic. The reason for this is that removing the mandate to inject gunk into your web traffic is a far more effective way of circumscribing what ISPs are allowed to do. Let’s call it (part of) Net Neutrality. With or without HTTPS, we still need this regulation. Politically, cynical ISPs can point to HTTPS Everywhere and use it as an argument against net neutrality regulation. It’s not entirely rational, but that’s not to say the argument would be ineffective.
  2. When changing collective behaviour, it’s often better to proscribe the behaviour rather than prescribe the technical cure. People will always seek ways to fulfil the letter of the law and still achieve their own selfish ends. So an emphasis on better law is generally more effective than emphasising better tech.
  3. State actors and other surveillance groups generally don’t care that you’re looking at public access websites. When they do care, they just block the site at the ISP level. Yes, there are edge cases where you can get in before they know it matters, but that’s true with and without HTTPS. Encryption does add a slight advantage when it comes to internet whack-a-mole, but it’s only slight. And it’s likely to be ephemeral.
  4. If someone really wants to track you, they will compromise your end points, not the network layer. This is what China does. They just sit people inside the offices of the main online services. Law enforcement and signals intelligence agencies do much the same thing. They’ll either compromise your devices, or they’ll compromise the other end-point, often with the assistance of the service provider. The FBI attempted this with TOR, with partial success.
  5. HTTPS is easy, yes, but easy is not the same as simple. Just because you’ve got your cert properly set up doesn’t mean you’re safe. Focusing on HTTPS to the exclusion of other considerations or overselling its benefits could create a false sense of security. It’s far easier to designate something ‘untrusted’ than it is to determine that the same thing is ‘trusted’. We need to be careful about what we’re selling when we say that HTTPS Everywhere makes us more secure.

Widespread use of HTTPS is a Good Thing, and should be encouraged. But mandating its use everywhere is of limited additional utility where your practical security is concerned.

In a nutshell, universal HTTPS alone is insufficient to change or curb malicious human behaviour; and the additional measures that are necessary don’t require HTTPS everywhere to succeed.

HTTPS everywhere would achieve only a marginal and possibly ephemeral gain. In practical terms, people who are most vulnerable to unwanted collective or individual surveillance by state actors gain very little from this.

But let’s keep perspective: Opposing HTTPS Everywhere is a foolish waste of time and effort. We should encourage its spread. What we should NOT do, though, is pretend that the end of port 80 is the end of our privacy concerns, or even a particularly notable win. It’s a marginal improvement at best.

My beef is with people who think this is a big win for privacy. It’s emphatically not.

Coates is not wrong

Posting this here because Twitter doesn’t always lend itself to nuance. (I know! I was gobsmacked too!)

Ta Nehisi Coates gets a lot of pushback from all sides for his polemical stance. It is abundantly true that his view, while popular among intellectuals, is not widely shared. Few people see through his lens on American history with quite the same acuity as he does.

That’s not entirely his fault. Just because you agree with someone’s premises doesn’t that you necessarily have to accept all of their conclusions. His Case for Reparations is a classic example. The line of logic is nearly inescapable. It is possible to quibble around the edges, to thicken the mix by introducing other variables, but the essay stands on its own.

Like the statue in the park, it endures despite the pigeon shit and graffiti.

But I still consider actual reparations a political pipe dream.

I have read Coates more deeply than widely, so if I miss something obvious here, please forgive me. But people who object to The First White President seem to do so because of his insistence of seeing the entire Trump presidency in terms of race. They accuse him, in fact, of buying into the very world-view he abjures. In today’s New York Times, Thomas Chatterton Williams overlays the German idea of Sonderweg, or ‘special path’ on Coates’ narrative of blackness.

That’s neither kind nor accurate. Coates is not advocating a view of history defined by race; he is admonishing people to accept that America’s history is defined by a particular view of race. Or, if you prefer the more modest argument: Black American’s history is defined not by how they saw themselves, but how others saw them.

If this is sonderweg, it’s through a glass, darkly.

The difference between those two statements seems to escape many. The discourse around Coates’ writing is happening almost exclusively among the intelligentsia—which is only natural, of course; that’s who he is speaking to. These are the people to whom his arguments apply the least.

That last paragraph is a mea culpa. I’m as guilty as any in that regard. But I can offer two observations that support his thesis:

Everything I have seen of local politics—the way that people impose their world view on their immediate surroundings—in the American South supports what Coates says. From road works to mental health services to store hours to zoning by-laws, prejudice and race are baked inextricably into its formulations.

Back during the Dot-Com Boom, I explored the idea of moving to the States to work. I had a lot of American clients, they paid well, and offered some really ambitious opportunities. But I was constantly confronted with the realisation that buying the American Dream meant buying into this nightmare too, at least implicitly.

Even in San Francisco, that bastion of liberalism, the divisions run deep. Lost in the city while searching for a store, I was stopped by a cop. He told me he would escort me back to my car. “You’re gonna turn it around, and never come back here,” he told me, explaining, “The natives are restless.”

I did turn around. And I’ve never been back to San Francisco.

Is just one racist cop enough to convince me that Coates’ depiction of race as a guiding vision is valid? Of course not. That was just the most vivid example.

My second point—and historians might have a field day with this one:

Isn’t America the only nation in history to have fought a bloody civil war over slavery—in which the enslaved were the object, but not the subject, of the effort?

An entire nation ripped itself apart on behalf of the victims of monumental injustice, and neglected actually to enfranchise, or meaningfully involve, those it fought to free.

The United States of America is unique. Its history is defined, if not driven, by a peculiar and distinct view of race. And yes, Donald Trump is the First White President. It would be foolish to deny it.

That’s not all he is, of course, but it is what he is. And Coates is right: it’s useful and productive to look at him in that light.

This won’t get better soon

It’s already become clear that the White House explicitly overrode a DHS determination that contended the ban didn’t apply to Green Card holders and other valid, vetted residents. The ACLU is reporting that some officials are not abiding by a number of stay order issued at courts in at least three locations.

As a legal instrument, at least one scholar sees this particular Executive Order as so incredibly flawed that it won’t stand up to a sustained legal attack by the ACLU, CAIR and others.

Most worrying though are the reports circulating that the drafting process bypassed the normal interdepartmental and legal review stages, and that DHS was only briefed on the content of the Executive Orders as they were being signed. This doesn’t sound like an administration that’s particularly worried about adhering to the letter of the law, or bringing a lot of people into the conversation. Not sure how that will stand up over time. Politics is often petty and vengeful, and the White House is already leaking like a sieve. It might be that their incompetence is what does them in. It may be that their unwillingness to share power will do it.

My personal feeling is that neither one will stop them. I think people severely underestimate the lengths that this administration will go to to see this through. When Donald Trump promised the people of America that he would never back down, that he would do everything to advance the cause… I think he was speaking literally. When Steve Bannon says that we’re at war with Islam, I think he believes it fervently. When Flynn and others portray their work as an existential fight, I think they’re sincere in that.

Left-leaning people and other opponents have mobilised quickly, but they’re expecting the administration to react the way they would react. They think that public shaming, legal action and political activism will drive Donald Trump’s administration back. I fear they’re wrong. They will be seen as traitors and subversives, and they’ll be treated accordingly, through formal and informal means. They don’t realise that their resistance will ultimately have to be physical. They should be reading up on their Thoreau right about now….

Did Russia ‘hack the election?’ Yes and No

Here’s a quick summation of where we stand, based on public domain analysis and reporting, vis-à-vis the purported Russian ‘hack’ of the US Presidential election.

Anyone who claims that the Podesta emails were not real is delusional. There’s no real dispute over that.

Anyone who believes that Julian Assange isn’t biased against Hilary Clinton is also delusional. Mr Assange also shows a disturbingly willful blindness to find any problems with the state of civil liberties and human rights in Russia—this, again, is not really subject to controversy.

Anyone who believes that Assange can be certain about the origin of the Podesta emails doesn’t understand chain of custody. His de facto imprisonment in the Ecuadorian Embassy makes it physically impossible for him to objectively, empirically verify any claims of provenance. If this were evidence for the courts, he wouldn’t be allowed to testify as to the provenance of the emails.

Anyone who has examined the pattern of overt and covert activities as already detailed by public domain sources that has been judged with a high or a moderate level to confidence to originate from the Russian state would be foolish to deny that there isn’t a strong preponderance of evidence that yes, Russia conducted an anti-Clinton (dis)information campaign.

On-the-record print and TV interviews with avowed state-paid Russian trolls who profess a strong preference for Donald Trump constitute probitive evidence of a classic old-school dezinformatsiya effort. It’s something that both sides used frequently in the Cold War. RT’s overt anti-Clinton editorial slant is obvious, and strongly contributory. Assange’s frequent appearances on the channel are evidence of nothing more than a bit of narcissism on his part.

The fact that the APT28 modus operandi is consistent with well-documented spying activities against the Bundestag as well as the TV5 cyber-attack is a substantive plank in the circumstantial case. The fact that APT28 code was almost exclusively developed in a Russian language build environment, in the Moscow time zone is damning. The fact that that they used of bit.ly as an URL-obfuscator—and then committed a rooky OPSEC slip-up that allowed investigators to see what other individuals were targeted by the same account—is compelling. The fact that APT28 source has been found in the wild doesn’t diminish the likelihood that this particular use of it originated from the Russian state. The use of encryption keys and certs (e.g. the way the software ‘phones home’ securely) pretty much makes it impossible for third parties to use the code without significant—and obvious—re-engineering. There is no evidence of such changes. In fact, at least one cert used in the Bundestag hacks was re-used in this effort.

The evidence suggesting that Guccifer 2.0 is almost certainly not Romanian (as ‘he’ claimed), and is probably a Russian speaker, is not probitive, but it’s strongly contributory to a conclusion that the account is a sock puppet, probably linked to a Russian source.

The USA intelligence community lacks credibility. It has relied far too much on its own much-sullied authority to make its arguments. But its credibility is laughable, and its patent insincerity and systematic dishonesty is demonstrated by a mountain of evidence. The fact that their assertions are consistent with open-source evidence indicates, however, that they’re not lying about everything—this time. That does nothing to diminish the fact that they’re driving a clear agenda, possibly because they don’t trust Donald Trump and they feel he’s compromised, or at least willing to put personal interest before national interest.

Conclusion: It’s not necessary to believe the CIA/NSA/FBI to conclude that there is a concerted Russian effort to subvert the integrity of key aspects of American democratic institutions, including the US Presidential election. The Russian state has motive, means, opportunity and there is sufficient evidence to suggest that, in absence of any more compelling explanation, they have probably been at it for quite some time. Did they ‘hack the election’? No. Did they sway it? They certainly put a lot of time and resources into the effort. Did they change the outcome? Probably not. The single event that correlates most closely with an actual swing in the electorate is James Comey’s letter to Congress concerning the Weiner laptop. Did they help swing it? Almost certainly, yes. There’s a compelling argument to be made that if countless sources—with Russian actors prominent among them—hadn’t worked so hard to poison the Clinton well, the Comey announcement wouldn’t have been so decisive.

Continue reading

Don’t argue as if the world were sane

Glenn Greenwald, in every respect a reputable, diligent and ferociously smart gadfly, continually forgets to remember that few people are as sane and as willing to be led by evidence as he is. It’s his great failing.

Nowhere is it more visible than in his incredulity toward the CIA and the rest of the US state security apparatus concerning their claims of Russian tampering in the election process. He is dead right to mistrust the CIA’s every utterance. Lying, after all, is a large part of what they do for a living. Likewise, a politicised and partisan FBI is not a useful source for agenda-free commentary on Russia’s disinformation campaign.

But none of the above provides a sufficient basis to say that Russia has not played a direct and active role in the subversion of the American democratic process. Using the espionage establishment’s lack of credibility to refute the claim of Russian meddling is completely illogical.

We discount or discard the CIA’s claims precisely because we know that they’ve done far, far worse countless times in the past. We know they’ve planted or spun innumerable stories. To people living in vulnerable parts of the world, it’s simply axiomatic that Voice of America and USAID are tools of American influence. We also know they regularly use economic leverage to bring about certain policies, and they regularly plant stories to tarnish the image of any government that doesn’t toe their line.

Yes, they’re hypocrites and liars. Nobody disputes that. Yes, they’re guilty of exactly the sins of which Russia stand accused. But if anything, that realisation should reinforce the suspicion that Russia might be giving back as good as it gets. (Or better, depending on where you stand and how you feel about the success of the campaign to tarnish Hillary Clinton’s reputation.)

The sins of which the Russians stand accused are exactly the things that powerful countries do. They do it continually, shamelessly and cynically. It’s what they do. Continue reading

PIF-fle

The Pacific Islands Forum has come and gone, and people here in Vanuatu could not care less. There are few Pacific conclaves that generate less interest than this meeting.

In principle, nobody particularly disapproves of getting all Pacific leaders together once a year for a bit of a chat and maybe some minor course correction.

In practice, it seems clear that not all leaders are equal in the eyes of the Forum.

This year more than ever, the final communiqué simply side-stepped any views that didn’t suit the developed nation members.

The event might more accurately be described as the McCully/Bishop Forum.

The region-wide movement to disown PACER Plus was simply ignored in the final language. If Vanuatu needed any other excuse to walk away from this one-sided deal, their treatment in Pohnpei provided one. Scuttlebutt from the venue has it that France’s inclusion in the Forum was anything but a unanimous decision. Prime Minister Charlot Salwai exercised characteristic tact and diplomacy when asked about it, but it doesn’t take a crystal ball to imagine how Vanuatu, one of the staunchest supporters of decolonisation in the Pacific, felt about bringing France into the Forum fold.

France was excluded from the Forum specifically because of its refusal to discuss issues of decolonialisation when the organisation was formed in the 1970s.

West Papua is perhaps the only topic that could dampen Vanuatu’s joy following its under-20 football team winning their way to a World Cup berth. And once again, the Forum has gone to excruciating lengths to make the least possible effort to stop the ‘slow motion genocide’ under way in PNG’s eastern neighbour. Continue reading

Consultation means negotiation

Despite friendly advice from numerous people close to the process, it appears that the government is proceeding with its draft revenue review plan much as it has with past policies. Doing things the ordinary way wouldn’t be a problem if it weren’t for the fact that this particular policy will have an extraordinary impact on the economic landscape.

Extraordinary policies require extraordinary efforts.

We accept in good faith the government’s promise to deliver a number of important briefing documents, explainers on key topics, and basic information about taxes and how they work. Good information is essential to any discussion.

And we have no reason to doubt the government’s promise to conduct public awareness events, either. They have committed themselves to holding public meetings at least in the municipal centres, and possibly elsewhere.

Some people have voiced alarm at the fact that draft legislation had been prepared even in advance of the CoM decision to proceed with the revenue review plan. This is common practice.

The mere existence of draft legislation doesn’t imply that a fix is in. The Family Protection Act existed in draft format for nearly a decade before it was finally enacted. The draft Cybercrime Bill is still—rightly—getting kicked back and forth. The Right to Information Bill has yet to see the Parliamentary floor, too, in spite of being in an advanced state of completion for some time.

No, the issue that is raising peoples’ hackles, in the private sector and at the grassroots, is the sense that a plan is being prepared, and that the only chance they will have to weigh in on it will be in an up/down vote.

Taxation is one of the most fundamental aspects of any democracy. Along with the ballot box, it’s one of the few ways that a citizen interacts directly in the administration of the country. And that’s why the people need to be presented with alternatives, rather than a simple yes-or-no decision. Continue reading

Letter from a ‘foreign news outlet’

Dear Quartz;

I’d like to thank your Asia correspondent Steve Mollman for lumping the Vanuatu Daily Post in with the Tehran Times in his list of news outlets who ‘totally back‘ China’s South China Sea policy. Last time, it took a category 5 cyclone that wiped out half the country for Vanuatu to get any mention in the US media.

I’m just sorry that we had to get mentioned in such a flatly jingoistic article as this.

Our newspaper doesn’t ‘totally support’ any of China’s policies. We’re also not crazy about a lot of American policies in the Pacific, and Australia—described by George W. Bush as the ‘sheriff’ in our neck of the ocean—well, they don’t get many hurrahs from us either.

Frankly, nobody seems to notice us until we’re underfoot.

But when our Prime Minister endorses China’s South China Sea policy, we report on that. Because it’s noteworthy and in the public interest. That’s what we call journalism.

You might have a different definition. But that’s just you.

China makes no bones about what they expect from Vanuatu’s government. ‘We don’t have any hidden agenda,’ one diplomat told me. ‘We give you aid, and you support our policies. That’s how it works.’

That, I’m afraid to say, is the reality in this country, which still ranks among the Least Developed Nations according to the UN. Virtually all aid comes with geopolitical strings attached, no matter what the source. And Vanuatu, poised on the edge of the Coral Sea, only a short flight from the populated coast of Australia, is of strategic interest to China and the USA alike.

It may be galling for us to live with the realisation that we’re only getting new roads, wharves and airports because of their strategic value to our superpower neighbours. But what choice do we have, realistically?

The plight of small countries throughout the Pacific is to be viewed as little more than squares on a pan-Pacific chessboard.

The last time this game got played out in anger, our nation served as the staging ground for the Solomon Islands campaign. Over the course of World War II, over a million US servicemen passed through the Espiritu Santo military base.

Michener’s classic Tales of South Pacific is largely set there.

In 2017, the Shanghai Construction Group will complete construction of a brand-new 360 metre wharf on that island. It seems China’s memory is a little longer than others’. Probably because they suffered more—and longer—than most other nations at that time.

Not to put too fine a point on it, even if Vanuatu is dancing to the tune of a new master, not much has changed in the great game. In the mean time, excuse us if we feel the need to report the news.

Hugs,


Dan McGarry
Media Director

Getting off the grey list

In 1989 the G-7 group of countries decided it was time to act together to address the increasingly serious problem of money laundering. They created what became known as the Financial Action Task Force on Money Laundering, or FATF. Prompted as they were by the extraordinary boom in illicit cash brought about by America’s love affair with cocaine, the measures weren’t taken particularly seriously by tiny tax-haven nations such as Vanuatu.

Then came September 11th, 2001. What had been seen as a first-world problem suddenly became a global concern. No longer just a pastime for drug lords and tax cheats, money laundering was identified by the USA as a prime source of financing for terrorism. In the months immediately after the terror attacks on New York, a series of measures were brought into play that made it clear that the world was going to play along to the anti-money laundering tune.

In 2002, Vanuatu was faced with a choice. It could either clean up its act, or it could lose the ability to trade in US dollars. The consequences of failure were dire, to say the least. Within months, a number of offices with dozens of nameplates on their door disappeared.

In fairly short order, Vanuatu drafted a legislative and law enforcement framework that quelled the international community’s worst fears, and got the country moved from the infamous grey list of ‘non-compliant and uncooperative jurisdictions’. In fact, Vanuatu went above and beyond the call of duty, and drafted a regime that would prove onerous actually to implement.

This decision would come back to haunt the country. Continue reading

Learning to Govern Again

What does a culture of corruption actually look like? Vanuatu.

It’s often difficult to see exactly where the rot sets in. The pressure of corruption is often quiet and always insidious. It impacts on public institutions, on their ability to manage themselves, to plan and to perform useful work.

Corruption creates a culture of impunity. Bad deeds go unpunished; good deeds and hard work go unrewarded. Each is as dangerous as the other.

2015 will almost certainly go down in the history books as Vanuatu’s annus horribilis, a year so bad we hope it will never be repeated. Between the cyclone, the drought, the collapse of government and the failure of critical infrastructure, it’s hard to see even a glimmer of light.

But we need to understand that it was a long time coming. Arguably, it all began in the days immediately after Walter Lini’s ouster, when the deposed leader and his confreres stripped the government offices bare before their departure.

Over the years, Vanuatu’s leaders have developed and defined a style of government that may have worked on the village and family level, but has condemned the country to failure. Continue reading