NSA and Tor

Friday, July 4. 2014

Half a year ago in October 2013 the Guardian published the NSA presentation "Tor stinks" and we know, the NSA collects all IPs of Tor clients and Tor user get special attention of NSA. Slide 23 of the presentation:

Tor stinks

Yesterday somebody featured out that XKeyscore is used to collect the Tor client IPs. Why not? Not a big news for me, it is more a technical detail.

EVERYBODY is a target for NSA, the slogan is: "Take it all". You have to use more strong privacy enhancing technologies against mass surveillance and Tor is one of the options you have.

Privacy enhancing technologies like Tor or JonDonym may help you but can not stop mass surveillance at all. YOU have to fight on a political level too and it is time to do it NOW.

The evil face of NSA is the biggest danger for democracy. (W. Binney)

New mix software

Saturday, June 7. 2014

Yesterday we started with the roll-out of a new mix protocol with improved integrity checks on the mix cascade "Dresden". The free mix cascades will follow, if it was working stable and afterwards the premium services.

Only JonDo proxy clients version 0.18.001 and above are able to connect to mix cascades running the new mix protocol. All JonDonym user with an outdated version of JonDo should update JonDo to the latest release 0.19.001.

Small bugfixes for JonDo Live-DVD

Sunday, May 11. 2014

The latest version of our live-dvd is only a small bugfix release. Two bugs were fixed:

  • The MAC addresses of all network interfaces are faked at boot time, not only "eth0" and "wlan0".

  • Bugfix for start script of Filezilla.

If you don't use a computer with more than one LAN and WLAN interface and you don't use Filezilla an update is not required.

Staus Report April/May

Wednesday, May 7. 2014

Some short remark about the software releases last week:


Changes for the JonDoFox-XPI (Firefox add-on):

  • The first step for our own privacy-friendly cookie management is an additional third party tracking protection we missed in CookieMonster.

  • Because Mozilla fixed the DNS leak for websockests in Firefox 29 (not fixed in Firefox 24.5.0esr) we enabled websockets for Firefox 29 and above.

  • We enforced some Javascript settings to improve security. This settings my reduce the performance of Javascript execution a little bit but not significantly.

The new JonDoFox profile contains only updates of add-ons. It is not required to upgrade the profile at all if you keep your add-ons up-2-date.

JonDoBrowser (beta)

JonDoBrowser 0.15 is based on Firefox 24.5.0esr. We disabled Mozilla maintenance service at compile time and not by configuration.

Because of problems with German localization we are not able to provide a JonDoBrowser for Windows at the moment. We regret the delay to release a stable version of JonDobrowser, but have only small developer capacities.

JonDo Live-DVD

The new version of our live-dvd contains security relevant updates for 50 packages. An update is strongly recommended.

We provide only a DVD version of our live system and closed the support of the lite CD version to reduce the effort of maintenance because of limited developer capacities.

Mix services

We prepared some changes for exit mix server configuration to fix problems with websockets, UDP and IPv6. During next days the changes will be applied by our operators and some short disturbance may be possible on all mix cascades.


A maintenance release for the GUI-less command-line proxy client JonDoConsole/JonDoDaemon is scheduled for tomorrow.

Update about FBI's NGI

Tuesday, April 15. 2014

In October 2011 we wrote about the start of the Next Generation Identification Database (NGI) of the FBI. New documents published by EFF.org show that the FBI is on the way toward a fully operational face recognition database by this summer. The NGI database contains biometric records like fingerprints, palm prints, iris scans, and facial recognition data. Biometric datasets are linked with personal information like their home address, age, legal status, and other potentially compromising details. As much as one third of the U.S. population is stored up to now in NGI (criminals and non-criminals).

By EEF.org the most dangerous part is the face recognition component of NGI. At the moment the database contains 13.6 million images representing between 7 and 8 million individuals. Until 2015 the database may contain 52 million images and will be one of the larges face recognition database around the world.

Read the full article FBI Plans to Have 52 Million Photos in its NGI Face Recognition Database at EFF.org.

OpenSSL Bug

Wednesday, April 9. 2014

Some small remarks about the OpenSSL bug CVE-2014-0160 related to JonDonym:

  1. JonDonym services: JonDonym services (mix cascades, JonDos payment instance, infoservices) and our software (JonDo, JonDoDaemon, JonDoBrowser) are not affected by this bug.

  2. JonDo live-cd/dvd: The software compilation of our live-cd/dvd contains affected software. An security update for our live-cd/dvd with bugfixes is ready for download. If you were using the live-cd/dvd an update is highly recommended!

  3. JonDonym webserver: Our webservers got the software updates yesterday and we will change the SSL certificates soon as possible. Because the certification authorities are under pressure now it may may take a few day to get a certification.

  4. Certificate Patrol in JonDoFox: Many other webservers changed the SSL certificates or will change it within the next days. If you were using the Certificate Patrol implementation of JonDoFox for detecting faked SSL certificates (see: "about:jondofox" or "about:jondobrowser") you will get many false warnings about suspicious certificate changes within the next days like the example of DuckDuckGo below.

    Certificate Patrol warning

    If security is really important, you may check the blog of the service provider for notices about new SSL certificates or you may check the certificate in other ways too. The Perspectives project offers a test website, were you can compare the md5 hash of the SSL certificate you got with the certificate seen by notary servers. For DuckDuckGo I got the result:

    Certificate Patrol warning

    Yesterday five notary servers of Perspectives have seen a new SSL certificate with md5 hash c5:c9:d4:ab:1e:1b:fa:a8:d6:34:99:84:97:2d:cd:2d. The warning presented by Certificate Patrol seem to be a false positive.

    If you were using the SSL Observatory of EFF.org for detecting faked SSL certificates you don't get false positive warnings, it is only related to Certificate Patrol.

JonDo Live-DVD with POND

Saturday, March 29. 2014

For the regular security release cycle of our live-cd/dvd last week we did not finished the integration of POND in our live-dvd. Yesterday we published version 0.9.54. The main change of this extraordinary release is the integration of POND cli (command line interface) in the DVD version. Regrettably, we are unable to install POND GUI in Debian wheezy.

POND offers forward secure, asynchronous messaging and seeks to prevent leaking traffic information against everyone except a global passive attacker. Users connect only to Tor hidden services.

In our online help you may find a small howto for using POND cli with our live-dvd.

If you were not interested in using POND an update of the live-dvd is not required.

Status Report March

Tuesday, March 25. 2014

During the last week we released new versions of JonDoFox, JonDoBrowser and our live-cd/dvd.

Changes JonDoFox extension for Firefox
  • Because plug-in enumeration is used by many browser fingerprinters for tracking all plug-ins but Flash are disabled in no-proxy mode too. The following rules were implemented:

    • JonDo mode: You may enable Flash in in the JonDoFox settings but it is not(!) recommended. Please read our hints about Flash player security and remaining risks before you think about activating Flash.

    • Tor mode: Flash is disabled like all other plug-ins to match the behavior of TorBrowser.

    • No-proxy mode: Flash is activated but applets are blocked by NoScript. You have to enable each applet by mouse click. If a website really needs an other plug-ins, you may activate it temporary with the add-on manager of Firefox.

  • Downloads are not added to recent documents of Windows desktop to avoid traces on disk and the formfill assistance was disabled for privacy reasons.

  • Added option to config dialog for always set the proxy to JonDo on start.

  • Added a function to reset all values to JonDoFox default values by reset "extensions.jondofox.firstStart" and restart the browser.

  • Set user agent fakes to the latest Firefox versions

  • Several small bug-fixes were implemented.

Changes for JonDoFox profile

The add-ons and the bookmarks for temporary email accounts were updated in the JonDoFox profile. If you kept your add-ons are up-2-date there is no reason to update the profile at all.

Changes for JonDoBrowser

JonDoBrowser 0.14 was build with Firefox 24.4.0 esr and contains the new JonDoFox profile.

For Linux and Debian packages a complete rewrite of the build scripts was done to simplify futher development and maintenance. Search engien plug-ins were moved from user profile to browser to keep it up-2-date without profil updates for the future. The Linux version contains an install script for system-wide installation. If the install script was used and for Debian packages Hunspell dictionaries are used for spellcheck.

JonDoBrowser for MacOS is not ready for Download because of unsolved problems with new build scripts. For the future we will provide JonDoBrowser only for MacOS 10.9+. Because a 64 bit CPU is required for MacOS 10.9. we will not provide a 32 bit version any more. Affected user may use Firefox with JonDoFox profile.

Update: JonDoBrowser 0.14 for MacOS (64 Bit) is ready for Download now.

Changes for JonDo live-cd/dvd

The new version of our live-cd/dvd contains security relevant software updates and some small improvements for usage. An update is highly recommended.

Improvements in Face Recognition

Thursday, March 20. 2014

If a human will see two photos with unknown persons he will recognize the same person right 97.53 percent of the time. Facebook's AI research group developed the software DeepFace which was right 97.25 percent on the same challenge, regardless of variations in lighting or whether the person in the picture is directly facing the camera. The software DeepFace will be presented on IEEE Conference on Computer Vision and Pattern Recognition in June 2014.

We closely approach human performance. (Y. Taigman, a member of Facebook's AI team)

The results are based on the power of a new approach to artificial intelligence known as "Deep Learning". It uses artificial neuronal networks to learn to recognize patterns in large amounts of data.

The right recognition of unknown faces is a great step in comparison to today commonly used approaches based on face recognition databases. This kind of technology will change video surveillance and automated photo analysis.

Photos may contain the same meta data like email communication or SMS. If person A and person B were more than once recognized in the same photo a connection between both persons can assumed in same way like an email contact between A and B.

SSL certificate for IP-Check.info

Wednesday, March 5. 2014

We installed a new SSL certificate for our anonymity test ip-check.info. The new certificate is signed by "Go Daddy Root Certificate Authority - G2". We changed the certification authority to get a SHA2 signed certificate.

SHA1 fingerprint of the new SSL certificate is: A0:F0:8A:FB:1C:09:DF:56:C2:70:EC:3C:E3:84:31:9C:E4:A1:3D:41

New Live-CD/DVD release

Monday, March 3. 2014

A new release of of our live-cd/dvd is ready for download. Chnages in version 0.9.52:

  • JonDoBrowser:

    1. Updates for add-ons: no proxy exceptions are possible for security reasons.

    2. JonDoBrowser uses hunspell dictionaries for spellcheck.

  • Icedove:

    1. A patch of TorBirdy enforces the recommendations for "on_startup_login = false" and "download_on_biff = false" for new accounts. Because of a bug in Thunderbird/Icedove the default settings don't apply for new accounts.

    2. Fixed keyserver usage in Tor mode. SSL encryption for keyserver are enforced in general by GnuPG configuration of the live-cd. It is not possible to use Tor hidden HKP servers with this configuration. Now HKPS keyservers are used in Tor mode too.

    3. Removed all proxy exception in JonDo mode and Tor mode for security reasons.

  • Pre-configured Pidgin accounts:

    1. Added XMPP service of Calyx Institut.org (normal web and Tor hidden XMPP server).

    2. Removed dukgo XMPP service because of bad SSL encryption.

    3. Removed Wikileaks IRC because it was closed an anonop.us because it is down for a long time.

    4. To use pre-configured Tor hidden services you have to start Tor with Vidalia, it is independent of default proxy configuration you can choose on Pidgin startup.

  • You can select Tor hidden servers for Electrum Bitcoin client on startup.

  • Some small improvements for Italian localization.

  • Software updates for Jitsi, MAT, libgnutls-openssl27 libgnutls26 libgnutlsxx27 libmagic1, file

An update is recommended.

Two mix server moved to a new datacenter

Saturday, March 1. 2014

The mix servers "Fondue" and "Grolsch" moved from LeaseWeb to SnelServer. The mix cascade "Fondue-Montesquieu-UranusGB" got a new entry IP address because of this.

Android Remote Code Execution

Tuesday, February 25. 2014

For secure operating systems "remote code execution" is a serious bug, for Android it is a feature.

In the paper Execute This! (PDF) researchers of UC Sante Barabara (US) and University Bonn (Germany) analyzed the security implications of the ability to load additional code for execution from an external source by Android apps.

  • 32.5% out of 1,632 randomly selected apps in the Google Play store were loading code from extern servers after installation.

  • The code loaded from an extern server at runtime is not checked by the Bouncer of Google Play store and is not checked by any tested anti-virus app. An attacker may place a funny game in the Play store and load the malicious code at runtime from an own server.

  • More than 30.000 apps installed by more the ten millions of user load remote code in an insecure way. An attacker may use simple injection attacks to modify the download. It is not required to use an exploit to hack the smartphone.

No comment.

Kein No-Spy-Abkommen

Thursday, December 19. 2013

Es wird kein No-Spy-Abkommen geben, erklärte die US-Sicherheitsberaterin S. Rice bei Gesprächen in Berlin (Heise.de berichtete). Natürlich bekommt man kein No-Spy-Abkommen, wenn man die Chefetage der deutschen Geheimdienste als Verhandlungsführer losschickt. Seit wann können Bökke gärtnern?

Die Verhandlungen über ein Abkommen zur Verbesserung der geheimdienstlichen Kooperation zwischen BND/BfV und NSA werden aber fortgesetzt.

Datensammlungen sind kein Selbstzweck

Im Gegensatz zur Briefmarkensammlung, die in sich selbst einen ästhetischen Wert für den Besitzer hat, sind die die geheimdienstlichen Datensammlungen der n-spying-eyes kein Selbstzweck. Wirtschafts­spionage wird immer wieder als Ziel genannt, Beeinflussung politischer Entscheidungsprozesse ist offensichtlich oder die informations-logistische Unterstützung von Kriegen (z.B. in Afghanistan).

Diese konkreten Aufgaben rechtfertigen aber noch nicht die Sammlung aller menschlichen Kommunikationsdaten (General Keith Alexander: "Collect it all!") und den heimlichen Aufbau des "größten Überwachungssystem der menschlichen Geschichte" (Glenn Greewald).

In der klassischen Reglungstechnik ist das Datensammeln die Aufgabe der "Sensoren". Über eine Analyse­komponente ("Regler") wird mittels Einwirkung / Gegenwirken / Manipulation (realisiert durch "Aktoren") ein Sollwert stabilisiert.

Manipuliertes Dingsbums

Unterschwellig ahnen wir, dass es auch gesellschaftlich die Einwirk-Komponenten ("Aktoren") bereits gibt, kaum sichtbar wie die "Sensoren" in der Ära vor Snowden. Teile der Medien gehören zweifellos dazu, die Identifikation und Beeinflussung von Key-Accounts auf vielen gesellschaftspolitischen Ebenen...

Während uns in in einer Demokratiesimulation alle vier Jahre vorgegaukelt wird, wir hätten eine Wahl (in Wirklichkeit werden nur ein paar Regierungspöstchen neu besetzt), rollt der Zug in eine andere Richtung, in eine "postdemokratische Überwachungs- und Kontrollgesellschaft". (The Logic of Surveillance)

Kryptografie allein wird uns nicht retten. Nur die Verschlüsselung von E-Mails und die Anwendung weiterer Methoden des Digitalen Aikido, die auf Crypto-Partys vermittelt werden. reichen nicht aus, um eine neue Fahrkarte zu lösen. Noam Chomsky formulierte eine wichtigere Aufgabe:

... die Bürger demokratischer Gesellschaften sollten Kurse für geistige Selbstverteidigung besuchen, um sich gegen Manipulation und Kontrolle wehren zu können...

SSL certificate checks

Sunday, December 15. 2013

The danger of man-in-the-middle-attacks with fraudulent SSL certificates not only theoretical but real. Two weeks ago criminals attacked the user of BitcoinTalk to get login credentials with a man-in-the-middle-attack on SSL connections.

Gouvernment agencies are able to use valid SSL certificates for man-in-the-middle-attacks (see: Certified Lies - Detecting and Defeating Government Interception Attacks against SSL PDF, EFF.org, 2009). Suppliers of plug-and-play ready black boxes for "Lawful SSL Interception" you may find by browsing the SpyFiles of Wikileaks (e.g. ClearTrail, Indian company). The ISS world 2014 in Dubai will present the latest technologies in Track 4: Encrypted Traffic Monitoring and IT Intrusion.

Additional SSL certificate checks in JonDoFox

With JonDoFox 2.9.0 / JonDoBrowser 0.12 we modified the additional checks of SSL certificates. In order to provide better protection you may use the SSL observatory of EFF.org or you may use Certificate Patrol with a local database.

Settings Header


JonDoFox settings
  1. SSL observatory of EFF.org

    You may use the SSL observatory of Electronic Frontier Foundation (EFF.org). In this case the certificate fingerprint and domain name of SSL encrypted websites will be send to the observatory an compared with the certificates sent by other users. The large database of worldwide collected certificates is the advantage of this solution. You will get a warning, if something goes wrong with your certificate.

    warning about wrong SSL certificates

    By default the SSL observatory is only used together with JonDo. You may change the settings by self to match your individual requirements.

  2. Certificate Patrol

    Alternatively you may use the Certificate Patrol feature of JonDoFox. In this case a local database is used to store all websites visited via HTTPS together with some information about the SSL certificate. You will get an warning, if the certificate changes unexpected for later visits.

    2. warning about wrong SSL certificates

    You may have a look at the certificate change and may accept it or not. (It's up to you to decide.)

    changes of SSL certificate

    The example shows a strong warning. The certification authority switched to Verisign (VeriSign NetDiscovery is working since 2002 in assistance for law enforcement) and the old certificate was valid for a long time but it was replaced unexpected. Both features are strong indications for a man-in-the-middle-attack but not a prove. You may have a look on the website, if a new SSL certificate was announced or you may ask the webmaster.

    By using Certificate Patrol a third party has no means to get that saved data.