BitMessage Secure Station open-hardware project.

May 22 15:25

I am Stman, working on a Secure End-point open-hardware low cost project for BitMessage, solving many important privacy issues : Keyloggers, Keyescrow, screen dumpers, and rising the level of anonymity when using TOR or other IP maskerading technologies like VPN's. I have discussed with Peter Surda about the project. If some developpers on the BitMessage software are interested, feel free to contact me. The details on the project have been published on the Crypto-Anarchist Federation channel on BitMessage. Chan Name: Crypto-Anarchist Federation Chan address : BM-2cWdaAUTrGZ21RzCpsReCk8n86ghu2oY3v ------ Indeed, this project we are developping is aiming at solving the best as we can (Military grade) the issues Snowden perfectly described and reminded us about End-Points (Computers) weaknesses when connected to the internet, and we do it radicaly using the best state of the art known technics, consisting in using a double-computer architecture : The draft "BitMessage Secure Station" hardware is detailed here : As you will understand, this add-on project is not about, at least for the moment, doing any major change to the BitMessage software, but to create a dedicated hardware that solves security issues that cannot be solved with a "Mono-processor" architecture : In the architecture we are designing, we are using a 2 microprocessors + 1 microcontroller model : • A first computer (Low cost Raspberry Pi, accessible to everybody for 30$) connected to the internet, that must considered compromized. • A second computer fully air gapped from the internet, you will use this one to read/enter your messages securely. • Interconnectiong both with a serial port, but for added security, this serial port goes through a "firewall" (Made out of a PIC microcontroller) that checks no side channels exist by ensuring the protocol defined for transfering data between the 2 computers is strictly respect, fitering at the same time time-based side channels on the serial port. • The PIC Microcontroller handling two serial ports and relayings data between each port bidirectionnaly, with its software higly secured (coded in assembly language, with NO OS and NO Libraries). For future versions, more secure ones, this microcontroller will be replaced by a low cost FPGA (Xilinx Spartan 6 LX 9), and all what was implemented in assembly language on the PIC microcontroller will be implemented as wired states machines into the FPGA : No more processor, no more software, meaning the software atack surface of this little "firewall" on the SPI port will be garanteed to be zero. We are simply taking in account the best state of the art knowledge in defensive cyber security in order to build an "hardend end-point", that can resist "NSA & friends" or "competitors" grade military attacks, therefore truly and proovenly protecting you from : ► Keyloggers malware protection : It is achieved architecturaly by having a double processor system, with one computer being compromized and connected to the internet, and another one air-gapped and not connected to the internet : The messages in clear text are being entered on the computer not connected to the internet : Assuming that there is no side channel or hidden channel on the serial port connecting the two processors (Will be discussed below), even if there is a keylogger installer on the air gapped computer, it will not be able to transfer its data if we can ensure there is no side channel or hidden channels between the two computers. ► Keyescrow malware protection (Protection of KEYS.DAT and MESSAGES.DAT): Same as above. (Prevent the private keys used by BitMessage from being stolen by agencies/hackers) ► Hardware integrated circuits serial numbers fingerprinting identification technic protection when using TOR or VPNs : This problem is solved by dedicating a new hardware for the first computer, connected to the internet and that will be compromized, whose serial numbers where never associated to the user identity before : A brand new Raspberry Pi bought in cash in an electronic store is the perfect way to achieve this. It also mean dedicating this hardware exclusively for this usage, and never connect to it any device : Exemple : Never connect USB Flashdisc key to it, whose serial number, already associated to the user's identity, to it, because it would allow to extrapolate the identity to associate to the Raspbery serial number to the identity already associated with the USB Flashdisc key. Same thing for LCD screen : They transmit serial number (VGA, DVI, or HDMI) to the graphic card, and can have the same terrible effect as a USB flashdisc key. We will have to give the user a list I have already been working on for years, of all the parts or subsystems known in a computer to have serial numbers. Let's say this issue is a matter of respecting a strict security procedure. ► Hardware characteristics (Speed of each processor analysis) fingerprinting identification technic protection when using TOR or VPNs : Same as above. ► Keystroke timing fingerprinting identification technic protection when using TOR or VPNs : This problem is solved architecturaly exactly like the Keylogger protection above. ► Phrasing and wording fingerprinting identification technic protection when using TOR or VPNs : We can use a trick many hackers know, and implement a kind of wording and rephrasing system : Using a translator for exemple, from english to french, and back french to english.... But there are other programs that do exist and to the job, There are many ways to do it indeed. This issue is also solved architecturaly as the Keylogger protection mecanism described above. ► Side channel & hidden channels protection between the first and the second computers, interconnected through a serial port : This problem is solved by inserting a microcontroller having two serial ports, on the serial link between the two computers : If the technic of using two microprocessor conected with a serial port that offers the lowest attack surface possible, it can be improved greatly inserting a microcontroller that will do the following : • Check that the little protocol we will have to invent and implement (And design as much hidden channel proof as possible) is correctly implemented, and that no other unwanted data are transmitted on the serial link. • Fight the timing side channel attack surface on the serial port : Serial ports offer the lowest attack surface regarding side & hidden channels, but it is still vulnerable to timing-between-each-byte-sent-on-the-serial-port side channel. The microcontroller code can "filter" these timings by buffering and normalizing them. Time based side channels are well known, and must be & can be fighted.

[chan] general
May 22 21:37

It is good to see devs with a dream. Do you guys have a github repo? I would like to clone it and follow it if you have one.

[chan] general
Jun 17 15:03

If you go through the Snowden docs you will find that in most cases where systems are compromised it is because spooks had physical access to a machine, or an exploit of common software like shitty firefux or flash. Tor is another spyware that allows the owners of the directory servers to track you.

[chan] general

Subject Last Count
GIRL Jun 22 17:53 7
Curious Jun 22 13:11 11
want it Jun 22 13:09 3
girl, 11yo Jun 22 12:31 5
Help Jun 22 12:23 2
hi any one want to skyp sexe any gendr Jun 22 12:14 1
hi Jun 22 11:58 1
test Jun 22 04:38 6
Fucking psychopatic game Blue Whale Jun 21 15:02 3
U Can't Touch This Jun 21 14:47 1
LOL, Russia Jun 21 00:00 4
Trannies Jun 20 09:21 2
(no subject) Jun 20 01:26 1
What we need: a crypto-currency that is more *useful* than the U.S. Dollar. Jun 20 01:07 8
[chan] ⒼⒺⓃⒺⓇⒶⓁ <BM-2cVKSw3vy29Fh9w48xqYsXAWBpQpNxuh1x> Jun 20 00:36 1
How a GPL License can Steal Your Copyright Jun 20 00:16 1
Welcome Jun 19 23:05 2
having some milk Jun 19 23:04 4
happy fathers day Jun 19 10:08 3
My GOSTcoin blog Jun 19 07:06 37
To Anarchist Artists : Contribute to the Crypto-Anarchist Federation by creating new art proposal for a new Crypto-Anarchist Federation logo. Jun 19 04:09 14
keyfile Jun 19 03:52 3
the idea that the Ashkenazi Jews descended from Khazars in the Black Sea region Jun 19 02:18 16
West London tower block fire Jun 18 15:41 1
Trolls Jun 17 18:45 4
list of chans Jun 17 17:58 4
Crypto-Anarchist Federation on #BitMessage : " In a world where the war has been the few against the many, Crypto-Anarchism is a single X-Wing fighter shooting at the Death Stars. " Jun 17 15:32 1
Trump Jun 17 15:28 10
New Logo for Crypto-Anarchist Federation Jun 17 15:12 1
BitMessage Secure Station open-hardware project. Jun 17 15:03 1
This is the metro in Poland...notice anything? Jun 17 14:50 1
trump intimate pics! please share! Jun 17 14:44 3
whistleblowing by bitmessage? Jun 17 07:04 9
Gang Stalking - special services for harassing, discrediting and murdering people Jun 17 06:59 2
why do dogs fart in their sleep Jun 17 06:56 2
The.Putin.Interviews Jun 16 23:21 12
Never trust the 999 operators to stay and wait for help Jun 16 17:20 2
CCTV Grenfell Tower fire of London from Inside - Video Source Unknown Jun 16 16:22 2
B-Movie Lust and Sound in West- Berlin 1979 - 1989 Jun 16 09:48 1
Short Dress And Cute Thigh Highs Jun 15 17:52 1
Windows 10 Pro v.1511 En-us x64 July2016 Pre-Activated-=TEAM OS=- Jun 14 22:00 8
DEMONSAW Believe in the Right to Share Jun 14 15:44 3
girl, 11, topless Jun 13 07:32 1
Message for true cryptoanarchists Jun 12 23:06 2
cicada3301 Jun 12 12:55 3
Do you need to change your university grade Jun 12 08:58 1
The realtor found a handkerchief Jun 11 16:42 1
msg Jun 11 05:19 10
I2psnark-standalone Jun 9 14:29 3
beamstat has too many chans Jun 9 10:35 12
Take care of your privacy - free VPN Jun 9 09:20 4
announcement: mailing list: TZAG Jun 8 03:18 1
Vote NONE Jun 8 01:44 3
Free VPN gates! Jun 7 19:02 1
FPGA geeks Jun 7 11:02 1
PROTONMAIL - it's weird, I'm confused Jun 6 11:19 1
Dolphine – Summer 2 Jun 5 10:56 1
Dolphine – Small Pantheon Jun 5 10:52 1
Cowardice masquerading as enlightened passivity in the face of our enemies doesn’t work. Jun 5 08:05 3
Wartime propaganda Jun 5 07:01 1
What do you think about trannies in the government? Jun 4 20:47 5
THINKING AHEAD FOR THE 80's Jun 4 20:34 3
Russia = Theocracy Jun 4 20:00 1
Crypto-Anarchist Federation. Jun 4 12:51 9
Blue whale game Jun 4 10:51 7
SOON Jun 4 09:27 1
SHA224 (-) = fb6590f440db49ff97195c1ae5d87d2355fceabd5b60afb06c97e6f9 Jun 4 09:22 1
Crypto-Anarchist Federation on #BitMessage Jun 4 09:20 1
Bitcoin is a money laundering operation Jun 4 09:11 1
DEAR NSA, CIA, FBI Jun 4 09:08 19
Troll blog Jun 4 07:43 2
MeinCoin Anonymity? Jun 4 07:10 1
Free software makes millions for Richard Stallman's cult Jun 4 00:48 1
pretty teen girl Jun 3 22:58 9
The early Mormon leader said, "Bring 'em Young!" Jun 3 05:16 1
hjhj Jun 3 04:45 3
Destroy Illuminati Jun 2 21:15 4
(no subject) Jun 2 17:31 7
Historical text files Jun 2 12:32 1
touch me there Jun 2 12:14 1
anyone postes cool content here, and wants a beer? Jun 2 08:40 1
DEAR NSA, CIA, FBI and all the others, friends or competitors, from all other countries of the world Jun 1 11:48 4
[chan] memory-hard proof of work BM-2cVnsDNQJeDYoqvrSuQKEn3B6yLuMC24n3 Jun 1 10:40 1
New article on Penny Rant! Jun 1 10:40 1
Memory-hard hash function ideas Jun 1 10:39 1
bitchmessage May 31 10:49 3
A message from ANONYMOUS to Crypto-Anarchist Federation May 31 10:43 2
We are watching. May 31 09:20 8
Gibberish May 31 05:56 14
ANONYMOUS broadcast: BM-2cV6KVdthFQ1PFQ1DUhfKacc47Zp7woKfb May 31 04:57 1
Fortalza ce May 31 02:06 1
Can't import RSA key to GPG May 30 22:33 2
test 4634alpha May 30 03:52 1
call for field cipher ideas May 30 01:49 9
girl in the pet shop May 29 12:47 2
I was wondering... May 29 12:04 5
Teaser: Explosive fun for the Anarchist May 28 22:01 5
please some help me May 28 19:08 9
bitmessage botnet on raspberry pi or cheap card board May 28 19:08 9