Herald: Okay, so you are the lucky ones
who made it into Linus' talk.
The talk is called: "Bullshit made in Germany-
How to host your DE-Mail, E-Mail and Cloud directly at the German Intelligence Service.
It will take an hour, from 8:30 pm to 9:30 pm.
...
Furthermore there are subtitles. You can find them on Twitter @c3subtitles.
Many of you probably listen to the Podcast "Logbuch Netzpolitik" (Logbook Netpolitics)
by Linus and Tim Pritlov.
Those of you who do that have listened to Linus ranting
about DE-Mail and the other mentioned topics.
Linus happens to be an expert in this field and even made it his profession.
He also attend the Bundestag (German Parliament), several hearings
in committee, the committee of the Interior and the committee on legal affairs.
And he is going to tell you more about that
and I am really looking forward to that. Applaud for Linus.
(Applauding)
(Laughing and Applauding) The excrement pictogram resembles the logo of the controversial "You are Germany" marketing campaign
Linus Neumann: Thank you very much for coming.
Can you hear me? Yes. - Okay, great.
Actually everything about the talk has already been said.
We could just as well cancel it.
But I guess I will still do it.
I want to talk a little about Federal German Security-tech
before and after Snowden.
My hypothesis is that the "before and after" actually does not matter.
Which I will illustrate through four examples.
The first one is of course the DE-Mail.
The second is the E-Mail made in Germany.
Not to forget the "Schlandnet". (Cacography on Deut-schland-net)
And at the end I allow myself to comment on the Deutschlandcloud.
The De-Mail started actually a long time before Snowden.
I already wrote an article about it back in 2011.
Back then Harald Welte (FOS activist) was a member of a Bundestag committee
and delivered a report for the CCC.
One had the impression that the whole issue was taken care off.
But suddenly it boiled up again.
I want to explain right now how it came to this.
Let's remember, De-Mail has the goal to enable secure, confidential,
and verifiable correspondence for everyone.
We created a law for this,
in which the De-Mail services were somehow established.
If one thinks about it, it becomes apparent:
It is obvious that one can not have legally binding and verifiable correspondence vie E-Mail.
There are many who criticized the concept of the E-Mail for the longest time.
Who had the wish that someone would develop something better.
There are those who took matters into their own hands and made PGP.
And the Federal Government of Germany did something too.
We believed that maybe they are going to improve SMTP and IMAP,
that it would become a great new thing, which somehow works.
And everything started in 2009, when they said: "Yes we are creating an accredited provider,
which has to offer the user a secure Mailbox
for secure electronic messaging."
Great, so we solved the problem.
2011 came the law in which it was stated:
"It is resolved, the De-Mail is the secure one!"
And then...I thought another slide would come up, sorry.
And what did they do?
They took care of some of the problems with E-Mail.
With their De-Mail.
We have to admit that.
They thought to themselves: anyone can register as "hasi69@yahoo.com"
This does not mean that we are actually dealing with Hasi here
if we get this E-Mail.
And we have to make sure of that.
Naturally we can now implement signatures.
Also we have the problem of the verifiable correspondence.,
written correspondence. 'laughing' (lame sex joke)
This is stupid one should not laugh about it. (referring to the same lame sex joke)
If I get a letter, and I don't like it,
I can simply put it aside and claim
that I never received the letter.
Only if I receive a registered mail I am bound to it.
Great advice which one can apply from time to time.
And both problems, they thought, we can solve like this:
Anyone who wants to register a De-Mail, has to show an ID.
Great! Also we oblige the user to collect the De-Mails.
And offer a fee-based service for the sender
to receive a receipt.
Pay a little more and you get a registred mail.
And the person who got or didn't the De-Mail
is the documented receiver.
This was the first reason for me to say:
"Okay I don't want a De-Mail"
E-Mail has another little problem, you can't make profit out of it.
But for that we also found an "intelligent" solution.
39 Euro Cents is the cost of a De-Mail.
(laughing)
There are accounts for professionals with a discount down to 32 Cent,
and 10 free De-Mails.
From a security standpoint you can criticize that
it is a allocated system with competing providers.
For that too there is a solution:
Let's just introduce expensive certificates.
Then we will have only a few providers which will only compete for a certain amount of time.
Until they all shrink and at the end we have a centralized system.
Another issue with E-Mail 2009 is,
many providers offer unencrypted connections.
We will come back to that later on.
Then they said, we are going to make SSL universally.
So the De-Mail will never be transmitted in plaintext.
Then there is the problem that, with E-Mail, not every user supports
end-to-end encryption, like PGP or SMIME, which would lead to secure encryption
Which would make it impossible for the providers
to read the De-Mails.
For that there is also a good solution, we still don't apply it.
In the 90s there was a problem,
I admit that,
with E-Mail-Worms.
Someone had this ide, outlook was primarily effected...or outlook express
It would be great if you could write a Mail
just implement JavaScript,
the receiver gets it,
and the computer executes said JavaScript
and then we can...
I don't know...let something blink.
The result was that masses of E-Mails came with computer viruses,
which infected Outlook via Script
and sent other stuff.
E-Mail-Worms were a problem.
So they said, for that we have a solution too.
We scan for viruses.
A virus scan at the provider.
Who thinks this is a good idea?
(laughing)
Audience member: McAffee!
(applauding)
Linus Neumann: This thing is registered on my name.
If I plan to infect someone with a virus,
I would never do this with an address,
which is registred on my name,
an for which I pay additional 39 Cent.
(Laughing)
(Incomprehensible Interjection by an audience member)
Neumann: It could occur that the 39 Cent are actually worth it.
It is way to expensive for a massive attack,
if my goal is to build a huge botnet,
in this case naturally I wouldn't do it over De-Mail,
I would have to pay an arm and a leg for that.
But if I want to concentrate my attack,
on someone sensitive who is worth the effort,
that I would even pay the 39 Cents for transmitting my virus,
and invest the better part of an afternoon
to craft the virus, which I only craft solely for this particular person,
which a virus scanner most likely won't even recognize,
and then even get the possibility to test that,
because I can send it 5 and more times to myself.
Then see if the De-Mail virus scanner find the virus or not.
Then I send it to someone, who says,
great, scanned for viruses, I can execute this.
Therefore not a very bright idea.
Besides there are other ways,
I can send an URL instead of a De-Mail,
I can send an E-Mail.
I can hope for them to download the software,
I can put it on Flash or Java,
generations of attackers do that for years now.
With great success.
This means that it leads to
an effect which rumored to be correlating with wearing helmets.
Risk-Compensation, I am protected,
I can do whatever I want!
But the truth is that you are wearing the helmet on your knee,
and if you fall on your face...
I know this comparison does not make much sense.
(laughing)
This means, at the end of the day we have a system,
which is not encrypted, because it is only a transport encryption.
Thus the De-Mail is stored unencrypted on the De-Mail-Server.
Respectively they say it is encrypted but the key lies just next to it.
I know it is a very nice point to show it like this.
But the fact is that something is not encrypted if you have the key.
There are only very few provider and only sensible communication is exchanged.
It is a dream come true for the Federal Criminal Police Office
and the Federal Office for the Protection of the Constitution.
Because for them it resolves the issue of the spam.
We remember that we had to suffer for quite a while,
that E-Mails consisted of too much spam and it overload the filters of the agencies.
This should be resolved with the D-Mail.
The truth is that the provider based virus scanners are just an excuse,
or an argument in favor of not offering an end-to-end encryption.
Because if the provider can't read the messages,
it can't check for viruses.
Now we could evaluate, do I want an imperfect virus protection
or do I want confidential communication.
That was back in 2011 and after that happened...
(laughing)
....nothing.
This made the De-Mail providers unhappy.
They had paid all their money,
for establishing the De-Mail infrastructure.
There was a very nice article on Heise(.de)
written by Detlef Borchers.(famous IT-Journalist and author)
After the CCC wrote several reports on this topic,
journalists were invited to the De-Mail-Center.
Where they showed them defenses against bulldozer attacks.
(laughing)
So money was spent,
to make it more secure.
But somehow no one wanted it.
So this great verifiable correspondence for everyone,
no one jumped on it.
I didn't know anyone who had De-Mail.
Something had to be done.
A new law had to be imposed.
And this time a law which declares the De-Mail to a standard.
By making it the most simple and cheap method,
in comparison to a number of expensive and perhaps superior methods.
But what we certainly know is
that the lowest entrance level is the one
on which the people will level themselves.
This was then done 2013 with the E-Government and E-Justice laws.
Those were laws to which I got invited into the committee
as advocates of the CCC.
The first one was about the E-Government law.
I got this law-thingy.
This was also the first time I had to look over something like this with the burden,
to have to give an informed opinion about a legal text
and that in a committee where Peter Uhl sits in front of you.
(laughing) I thought: "Oh that is going to be hard."
Then I got the legal text.
And now it is like this: They had in this case a problem.
because the way they had phrased their pretty De-Mail law,
the De-Mail did not meet the requirements on security, which they had determined in other laws about transferring
certain data. There it was stated: If X and Y are transmited
then it has to be encrypted properly.
Now they had to somehow fix it because their pretty De-Mail didn't work at all
-at all! It would have violated the law
to transmit De-Mail or to use it, because it was evident that it was not secure enough.
But of course for every technical difficulty there is a legal solution:
And then we find such great sentences as:"The sending of social data through a De-Mail-message to a respective accredited provider - for short dated decryption for the purpose of checking for malware and the purpose of forwarding it to the recipient of the De-Mail-message - is not transmitting!"
(laughing) Problem solved!
"A decryption does not violate
the prohibition on decryption." Is what this longe sentence,
which I want to spare, you is saying.
This is roughly the face I made, because I was not sure if I really understood that sentence.
But it was actually the case.
Then I came into the committee of interior affairs and said: "Hello, I looked over
what you have written. And I believe that it is dangerous what you are doing here."
You should - that was my main argument - you have to know
you have to argument in a way in which they find it interessting
and listen to you, I just wanted to help them.
So I say: "Okay, if you do this then
we will have all this unencrypted sensitive E-Mails
on the 4 or even just 3 De-Mail Servers, around which you have built you bulldozer protection
- which I did not know at that point -
guess how attractive those will be as a target for attackers?
Where I know: The content is so confidential
that people are even willing to pay 39 Cent to be lulled into a false sense of security.
From a security standpoint I rate this as problematic.
And then...you have to...I maybe have to explain this:
If you are invited to a hearing like this and you are an expert witness -
I thought that this word actually means what it says. (laughing)
I felt honored, I thought: "WOW, great they have acknowledged
my expert knowledge and thus invited me. As a rule it is an act
with people who of course get invited
to say what they say. And they invite any judgedes
from obscure groups. At the end they are
lobbyists, which urge:" We like this
We have to do this!" One of the expert witnesses literally said:
"It might be true that there is a consensus in the hacker scene which states that there is no server on this planet which is unhackable and that they are the prefered targets of intelligence services, NASA etc.
- As I mentioned before a few weeks before Snowden - But you can't use this as a basis for a reasonable standard for everyday communication"
This jolly fellow completely missed the point. Everyday communication is
a Facebookmessage, I don't need to implement De-Mail
for that. So I said:
"Attention my friends, I have a suggestion. Every E-Mail client supports even S/MIME
and you just tried to sell new ID cards to the people,
which they also did not want. And on this ID cards there is
a Smartcard and you could put a certificate on it
and people could use them to encrypt their De-Mails and
even sign them. You would kill two birds with one stone.
And additionally you would get a secure De-Mail-System."
By the way: A little side hint, what I didn't tell them:
At this moment they could have quit the whole thing.
Because if someone is able to
sign a document properly, it does not matter with what he transmits it to me.
The cryptographic signature on a document is there for exactly this.
Then it was said, that they had to somehow
discredit my my suggestion for an end to end encryption and get rid of it.
And then they asked:"Yes but is that possible with smartphones?!"
I said: "Yes." (laughing)
(applauding) And it is true, it is a tipp to
load S/MIME and S/MIME certificates onto your iPhone. Well and then
- I am always friendly and honest - I said:
"But I don't think that this would be a good idea." (laughing)
And then it was asked: "with the end to end encryption,
you have to explain, how one would do that,
if they are on a vacation in Turkey, in an internet shop,
and wants to collect his end to end encrypted De-Mails." (laughing)
The right answer is of course:
"You do NOT do it!" (laughing)
(applauding) So I was talking and I knew
if a law has come this far...
To be in such a hearing is, as mentioned, just an act
and it was clear to me that
I can't bring this law to fall. I took my role serious
and tried to apply my knowhow but it was a lost cause.
By the way, the young man who asked me that question -
when I came out of the committee room and was heading to the elevator-
he came to me and said: "I know you are right but...that is how it goes."
Exactly!
And I thought: "Well, okay hm..there is nothing one can do"
Let's recall: This is a committee for internal affairs
I believed that those people are interested in internal security
I am just going to tell them about the Cyberwar and Cybercrime and they will surely listen to me.
What I did not notice is,
that I put my focus on security
and not on verifiability. But they noticed it and therefore
they wrote a second bill. The eJustice law,
where they say that we have to rewrite the whole justice procedure,
so we can somehow apply De-Mail in justice court communication.
And now it was about verifiability.
It was about making the De-Mail verifiable.
It is about making the De-Mail
worth the paper it was printed on.
(laughing)