It’s (crypto)party time!

With our advanced free democracies resembling George Orwell’s “1984″ more and more (your TV is spying on you, NSA global mass-surveillance, pre-crime repression of free speech  etc), there surely couldn’t be a better time to throw a CryptoParty!

Where?

New Academic Building
Goldsmiths, University of London
New Cross
London SE14 6NW
(OpenStreetMap)

When?

Saturday 30th November, 11am onwards

Cost/audience

The event is free & open to the public. Anyone who worries about the privacy and ultimately freedom of expression of their loved ones should attend.

Great lineup of speakers/presenters – check out the event schedule!

I will be doing a few workshops on mobile device privacy, encrypted Internet phone calls and using a computer without leaving any traces behind.

If you’re around on the 30th, join us for a day of practical tinkering with privacy tools!

…and here are the slide decks of the workshops I ran:

Qubes OS – a secure operating system: http://apapadop.files.wordpress.com/2013/12/qubes1.pdf

TAILS – This session never happened: http://apapadop.files.wordpress.com/2013/12/tails1.pdf

VoIP- Private voice calls: http://apapadop.files.wordpress.com/2013/12/voip1.pdf

Mobile privacy – how to keep your smartphone communications private: http://apapadop.files.wordpress.com/2013/12/mobile5.pdf

OTR – a gentle introduction to chatting Off The Record: http://apapadop.files.wordpress.com/2013/12/otr1.pdf

How to send and receive encrypted emails in Windows

Why use encrypted email?

It’s simple: the government is reading your emails. Edward Snowden’s revelations make this a plain truth. If you are not an American citizen it’s a little bit worse, because at least two governments are reading your emails: yours, and the American government.

There are many plugins/addons/guides out there that claim to “encrypt” your email, so that “nobody can read it”. Most of those are nonsense. There is currently only one well-known way of encrypting emails so that only the intended recipient will read them. That is the OpenPGP protocol. So if you’re not using the commercial PGP product, the free GnuPG product, or another well-known product that follows the OpenPGP protocol, your emails can still be read by the government.

But if you’ve been following the news you will wonder “Hang on – if OpenPGP is secure, why did a bunch of prominent Internet security experts like the Silent Circle board decide to shut down their Silent Mail service (which used OpenPGP)?” The answer is that OpenPGP is based on cryptographic keys. And Silent Mail tried to manage your keys for you, which made Silent Circle vulnerable to the law – as the law in most countries states that government agencies can force companies to disclose such secrets.

Therefore, the problem was key concentration. If Silent Circle holds all the keys, the FBI slaps them with a few subpoenas and grabs all of our secret keys. Heck, Silent Circle can not even tell us about it – by law!

So, OpenPGP is still considered trustworthy as a technology – what doesn’t work is concentrating key management, because by law the government can grab all secret keys, which will allow them to read all encrypted emails we’ve sent using those keys.

But what if we just manage our own keys? The government would not legally compel all of its citizens – directly, on a one-by-one basis – to give up their secrets. That would be much less politically palatable than a program like PRISM, where they just suck out the data from our service providers (Google, Yahoo!, Microsoft, Apple etc).

Using OpenPGP and managing our own keys, then, is the best we can do right now. Let me show you how.

Note: This tutorial will focus on making using encrypted emails as easy as possible. We will propose settings that are optimised for convenience, not security. If you are a journalist, an activist, a politician or anyone who needs a setup as secure as possible, let me know in the comments and I will propose more secure but inevitably slightly less convenient settings.

Setting up encrypted email

For this example, I will use a free Gmail account and setup access from my Windows 7 computer. Note that this method is not Gmail specific. It will work for any email account out there.

Get GnuPG

Installing GnuPG will allow your email program to encrypt your emails.

  1. Download Gpg4win from http://gpg4win.org/download.html
  2. Run the gpg4win-(version).exe installer to install the software, ensuring that GPA is selected for installation as well:
    00 - ensure GPA is installed

Get Thunderbird

Thunderbird is the email application we will use to send and receive emails. We can’t just use GMail’s webpage for encrypted emails – it will become cumbersome in the long run.

  1. Download Thunderbird from https://www.mozilla.org/thunderbird
  2. Run “Thunderbird Setup (version).exe” to install Thunderbird on your computer.

Connect Thunderbird with your email account

As soon as setup is finished and Thunderbird launches, you are asked whether you’d like a new email address. Let’s skip this for now and go with your existing email address.

02 TB first run - new mail address

(For this example I will use the Gmail account jdoe18293@gmail.com)

Fill in your name, email address and Gmail password.

03 TB account details

Thunderbird checks for the settings of your email provider

04 looking up ISP DB

…and, in the case of a well-known service as Gmail, finds the right settings:

05 found ISP DB

If everything works and the dialog disapears with no errors, great. If not, verify that whichever access method you choose (POP or IMAP), is supported and enabled for your account. For our example (Gmail), follow these instructions to enable IMAP.

If you see the following window, with your email account on the top left, you have configured Thunderbird correctly. Congratulations!

06 TB first run page

Get the encryption addon (EnigMail)

Click on the “menu” icon on the top right and then “Addons“.

07 getting to addons

Search for “enigmail” and install the addon.

08 finding enigmail

Click on “Restart Now” – this will only restart Thunderbird, not your computer.

10 thunderbird restart required

After Thunderbird has restarted, close the Add Ons tab – you’re done with this.

11 after addons installation and restart need to close tab

Create your encryption keys

Go to Options -> OpenPGP -> Setup Wizard

12 openpgp menu enigmail setup wizard

Go through the wizard, adjusting only the following settings:

In the “Signing” step of the wizard choose “No, I want to create per-recipient rules for emails that need to be signed“.

14 - do not sign by default

In the “No OpenPGP Key Found” step of the wizard choose “I want to create a new key pair for signing and encrypting my email

17 create new keypair

In the “Create Key” step, choose the passphrase that will be required to read or send encrypted emails.

Note: Choose something that is easy to type and not too long. (remember, we’re optimising for usability here)

Good passphrase: “This is my favourite song!”

Bad passphrase: 9x$Z4;Fq (why?)

18 assign passphrase

When the wizard completes, you will be prompted to generate a revocation certificate. This is a good idea – it’s like an insurance policy for when you lose your key:

20 generate revocation cert prompt

Save this file on your Desktop for now – you can decide where to store it permanently (away from your computer! – e.g. on a CDROM or a USB stick you keep in a safe place) later.

21 save rev cert somewhere safe

Your passphrase is needed to generate the revocation certificate:

22 - need passphrase

… at which point you are done!

Congratulations, you have created cryptographic keys and setup your email program to use them!

Sending email

You can only exchange encrypted emails with people who also use OpenPGP. Before you can send people encrypted email, you need to make your public key available to the world, otherwise your recipients will not be able to read your emails.

Publishing your public key

Open Thunderbird and click on its “options” button. Then OpenPGP -> Key Management.

01 - key management

Tick “Display All Keys by Default”:

02 display all keys

Now click on your name (John Doe) to select your keys and go to Keyserver -> Upload Public Keys

03 upload public keys

In the next prompt just click OK:

04 upload to pool

Congratulations – you have published your public keys on the keyservers. Now anyone using OpenPGP can send you encrypted and signed email, and people can read the encrypted emails you send them!

Sending your first encrypted email

Let’s email our friend Bob. He also has a Gmail account and his Gmail address is anon7889@gmail.com

To start composing a new message in Thunderbird you click the “Write” button:

05 hit write button

This brings up a new email window, where you can address and type your message.

07 - composed new message to recipient

Notice the pen and the key icons in the lower right corner? They are greyed-out, i.e. inactive, i.e. you are currently not signing (pen) or encrypting (key) your message.

Let’s click on the key icon to enable message encryption – the icon becomes colourful (gold), which means encryption has been activated:

08 - message marked to be encrypted

Let’s attempt to send this message – click the “Send” button. You have just asked Thunderbird to encrypt this message for Bob (anon7889@gmail.com) – but Thunderbird hasn’t got Bob’s public key! And this is how public key encryption works – you need to have people’s public keys before you can encrypt stuff for them – and only them – to read. Therefore, Thunderbird complains that your recipient has not been found (in your OpenPGP keyring):

09 recipients not found

Click “Download missing keys” to look for Bob’s key on the keyservers – dedicated computers that host people’s keys.

10 import public key from keyserver

Just hit OK to allow Thunderbird to look for Bob’s public key online.

And lo! Bob’s public key is there. Just tick it and click OK to import Bob’s key on your keyring. You only need to do this once.

11 found public keys

If all went well, Thunderbird lets you know the import was successful:

12 import success

Great, now you have Bob’s key. You have a new greyed-out line with Bob’s email address. Tick the box of that line and click on “Create per-recipient rule(s)“.

13 got key

Here you will tell Thunderbird to always use this key to sign and encrypt your emails to Bob.

Click on “Select Key(s)…“:

14 create recipoient rule

…and make sure the line with Bob’s address is selected before clicking OK:

15 select key (preselected) for rule

Now tell Thunderbird to always sign and encrypt your messages to Bob by changing these fields to “Always“:

tb_defaults

Clicking “OK” closes this window and immediately prompts you for your passphrase, as you’re just about to cryptographically sign a message to somebody – that requires access to your secret key, which can only be accessed with the passphrase you setup earlier:

17 prompted for passphrase

As soon as you hit “OK” with that passphrase – oh my! Look at all this gibberish – that’s encrypted text, otherwise called “ciphertext”. This is what the spooks will now see. This is what Google will store. This is what Bob will see as well, but because he has the right private key, he will be able to decrypt this ciphertext into your plaintext email message.

See, it doesn’t matter that Google and the spooks can still read your email, because now it looks like gibberish, and it can only be decrypted and read by your intended recipients (in this case, Bob). You can use this method to communicate in private with anyone in the world, as long as they use OpenPGP too.

ciphertext

Congratulations! You have just sent you first cryptographically signed and encrypted message, using the most robust encryption technology known to mankind: OpenPGP.

Sending your second, third… 1000′th email

Things are much simpler now that you’ve done all the hard work in advance. All you need to do is compose an email to Bob. Thunderbird will automatically sign and encrypt your message with the right key, so that only Bob can read it. Pretty slick.

18 second email - pre-selected encrypt + sign

Notice the blue “+” next to the pen and the key? That means your message to Bob will be automatically

  • signed – so that Bob knows the message came from you and it has not been altered in any way) and
  • encrypted – so that no one else but Bob can read its contents.

Enjoy your private chats with Bob!

Receiving email

Receiving OpenPGP encrypted email is not a problem – you just need to provide your passphrase and you will be able to read the message.

Advanced networking with QubesOS: VPN proxyVM

According to http://theinvisiblethings.blogspot.co.uk/2011/09/playing-with-qubes-networking-for-fun.html we can setup multiple ways for our AppVMs to reach the Internet.

AppVMs can:

  • have direct access to the Internet
  • be forced to go through a Tor proxy, tunnelling all their traffic through the Tor network
  • be forced to go through a VPN proxy, tunnelling all their traffic through the VPN.

The beauty of this setup is that once we have our proxyVMs setup, we don’t need to worry about the configuration of any network-level data leaks of the AppVMs that use the proxies.

Example: setting up a Tor proxyVM and then assigning this as the netvm of 5 different AppVMs will force all network traffic from all 5 AppVMs through the Tor network, with no configuration/awareness in the AppVMs themselves! This setup is covered quite well already in http://qubes-os.org/trac/wiki/UserDoc/TorVM

Creating the setup

How to setup a “workvpn” proxyVM that allows us to tunnel any “work” related AppVMs we have through work’s (in this case Cisco) VPN gateway as shown here:

QubesOS advanced network setup

  1. From Qubes Manager: VM -> Create AppVM
  2. Name: workvpn. Select the ProxyVM radio button and OK.
  3. In a couple of seconds your new VM is created. Go to the “K” menu and fire up a terminal in your new workvpn VM.
  4. Create the file vpn.conf with the following contents, substituting your VPN provider’s values:
    Xauth username xxxxxxxxxxxxxxxxxxx
    IPSec gateway xxxxxxxxxxxxx.xxxxxxx.xxx
    IPSec ID xxxxxxxxxxxxxxxxxx
    IPSec secret xxxxxxxxxxxxxxxxxxxx
  5. Create the file start_vpn.sh with the following contents:
    #!/bin/bash
    sudo /usr/sbin/vpnc /home/user/vpn.conf
    sleep 2
    sudo /usr/lib/qubes/qubes_setup_dnat_to_ns
  6. Create the file stop_vpn.sh with the following contents:
    #!/bin/bash
    sudo /usr/sbin/vpnc-disconnect
    sleep 2
    sudo /usr/lib/qubes/qubes_setup_dnat_to_ns
  7. Make both scripts executable:
    chmod +x *.sh
  8. Now tell your work-related AppVMs to use workvpn as their network VM. To do this, right-click on the AppVMs in Qubes VM Manager and select “VM Settings”. In the “Basic” tab ensure that “NetVM” is set to “workvpn”
  9. You’re all set.

Using this setup

When you fire up any of your AppVMs that need to use the VPN, workvpn will automatically start. You will then need to fire up a terminal in workvpn and type

./start_vpn.sh

(of course after the first time you can just hit the “up” arrow and the command will be there for you)
This will connect you to your work’s VPN and allow all AppVMs that use this as their netvm to seamlessly talk to internal work systems, while leaving the rest of your QubesOS AppVMs unaffected, reaching the Internet either directly or through Tor.

Using GnuPG with QubesOS

So Alice and Bob want to exchange private emails and files.

They realise that secure endpoint operating systems are an absolute requirement for any real privacy. What’s the point of protecting data in transit with PGP, when the spooks can remotely take over your machine and grab your stuff from the source? So they’ve taken the time to learn how to use Qubes OS – a security-by-separation operating system based on Xen and Fedora GNU/Linux.

Alice and Bob will use the non-networked “vault” AppVM to create and store their master cryptographic keys. They will then create a “daily use” keypair which will be available to their “personal” AppVM to send emails to each other.

Note: OpenPGP key management is complicated. To protect you from mistakes, this tutorial sets the expiry date of keys to one week after their creation. Once you are comfortable with this process you can always extend the life of your keys.

Create a new keypair

[user@vault ~]$ gpg --gen-key
gpg (GnuPG) 1.4.14; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: directory `/home/alice/.gnupg' created
gpg: new configuration file `/home/alice/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/alice/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/home/alice/.gnupg/secring.gpg' created
gpg: keyring `/home/alice/.gnupg/pubring.gpg' created
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
0 = key does not expire
<n>  = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 1w
Key expires at Thu Aug 22 18:38:49 2013 BST
Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Alice
Email address: alice@domain.com
Comment:
You selected this USER-ID:
"Alice <alice@domain.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

Enter passphrase: <Alice's long passphrase>
Repeat passphrase: <Alice's long passphrase>
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 246 more bytes)
..............+++++
gpg: /home/alice/.gnupg/trustdb.gpg: trustdb created
gpg: key 32D49659 marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2013-08-22
pub   4096R/32D49659 2013-08-15 [expires: 2013-08-22]
Key fingerprint = 0346 5C7A 6412 A70B ED13  0196 9652 5380 32D4 9659
uid                  Alice <alice@domain.com>
sub   4096R/E19F81C0 2013-08-15 [expires: 2013-08-22]

[user@vault ~]$

Set strong cipher preferences

[user@vault ~]$ gpg --edit-key alice
gpg (GnuPG) 1.4.14; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  4096R/32D49659  created: 2013-08-15  expires: 2013-08-22  usage: SC
trust: ultimate      validity: ultimate
sub  4096R/E19F81C0  created: 2013-08-15  expires: 2013-08-22  usage: E
[ultimate] (1). Alice <alice@domain.com>

gpg> setpref SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP
Set preference list to:
Cipher: AES256, AES192, AES, CAST5, 3DES
Digest: SHA512, SHA384, SHA256, SHA224, SHA1
Compression: ZLIB, BZIP2, ZIP, Uncompressed
Features: MDC, Keyserver no-modify
Really update the preferences? (y/N) y

You need a passphrase to unlock the secret key for
user: "Alice <alice@domain.com>"
4096-bit RSA key, ID 32D49659, created 2013-08-15

Enter passphrase: <Alice's long passphrase>
pub  4096R/32D49659  created: 2013-08-15  expires: 2013-08-22  usage: SC
trust: ultimate      validity: ultimate
sub  4096R/E19F81C0  created: 2013-08-15  expires: 2013-08-22  usage: E
[ultimate] (1). Alice <alice@domain.com>

gpg> save
[user@vault ~]$

Add a signing subkey

[user@vault ~]$ gpg --edit-key alice
gpg (GnuPG) 1.4.14; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  4096R/32D49659  created: 2013-08-15  expires: 2013-08-22  usage: SC
trust: ultimate      validity: ultimate
sub  4096R/E19F81C0  created: 2013-08-15  expires: 2013-08-22  usage: E
[ultimate] (1). Alice <alice@domain.com>

gpg> addkey
Key is protected.

You need a passphrase to unlock the secret key for
user: "Alice <alice@domain.com>"
4096-bit RSA key, ID 32D49659, created 2013-08-15

Enter passphrase: <Alice's long passphrase>
Please select what kind of key you want:
(3) DSA (sign only)
(4) RSA (sign only)
(5) Elgamal (encrypt only)
(6) RSA (encrypt only)
Your selection? 4
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
0 = key does not expire
<n>  = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 1w
Key expires at Thu Aug 22 18:53:32 2013 BST
Is this correct? (y/N) y
Really create? (y/N) y
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 269 more bytes)
.+++++
...........................+++++

pub  4096R/32D49659  created: 2013-08-15  expires: 2013-08-22  usage: SC
trust: ultimate      validity: ultimate
sub  4096R/E19F81C0  created: 2013-08-15  expires: 2013-08-22  usage: E
sub  4096R/29E78F35  created: 2013-08-15  expires: 2013-08-22  usage: S
[ultimate] (1). Alice <alice@domain.com>

gpg> save
[user@vault ~]$

Generate a revocation certificate

A general-purpose revocation certificate that specifies no reason why you are revoking your keys:

[user@vault ~]$ gpg --output revocation.cert --gen-revoke alice

sec  4096R/32D49659 2013-08-15 Alice <alice@domain.com>

Create a revocation certificate for this key? (y/N) y
Please select the reason for the revocation:
0 = No reason specified
1 = Key has been compromised
2 = Key is superseded
3 = Key is no longer used
Q = Cancel
(Probably you want to select 1 here)
Your decision? 0
Enter an optional description; end it with an empty line:
>
Reason for revocation: No reason specified
(No description given)
Is this okay? (y/N) y

You need a passphrase to unlock the secret key for
user: "Alice <alice@domain.com>"
4096-bit RSA key, ID 32D49659, created 2013-08-15

Enter passphrase: <Alice's long passphrase>
ASCII armored output forced.
Revocation certificate created.

Please move it to a medium which you can hide away; if Mallory gets
access to this certificate he can use it to make your key unusable.
It is smart to print this certificate and store it away, just in case
your media become unreadable.  But have some caution:  The print system of
your machine might store the data and make it available to others!
[user@vault ~]$

Backup your precious master keys and revocation certificate

Create a backup of Alice’s private key:

[user@vault ~]$ gpg --export-secret-keys --armor alice > alice_gpg_private.key

Create a backup of Alice’s public key:

[user@vault ~]$ gpg --export --armor alice > alice_gpg_public.key

Keep these files safe!

[user@vault ~]$ tar -cf gpg_master_keys.tar alice_gpg*.key revocation.cert

The file gpg_master_keys.tar contains everything one needs to fully impersonate Alice or invalidate her keys, except for her passphrase.

Shred the files we backed up – now everything is in the tar file:

[user@vault ~]$ shred -u alice_gpg*.key revocation.cert

Create a daily-use keyring

This keyring will *not* include your master signing key. It will be a restricted, lesser keyring, which you can expose to untrusted environments (like your smartphone, or your networked AppVMs).

Export all subkeys to a temporary file:

[user@vault ~]$ gpg --export-secret-subkeys alice@domain.com > subkeys

Delete your master signing key from your keyring:

[user@vault ~]$ gpg --delete-secret-key alice@domain.com
 gpg (GnuPG) 1.4.14; Copyright (C) 2013 Free Software Foundation, Inc.
 This is free software: you are free to change and redistribute it.
 There is NO WARRANTY, to the extent permitted by law.
sec 4096R/32D49659 2013-08-15 Alice <alice@domain.com>
Delete this key from the keyring? (y/N) y
 This is a secret key! - really delete? (y/N) y
 [user@vault ~]$

Re-import the subkeys we exported earlier.

[user@vault ~]$ gpg --import subkeys
 gpg: key 32D49659: secret key imported
 gpg: key 32D49659: "Alice <alice@domain.com>" 1 new signature
 gpg: Total number processed: 1
 gpg: new signatures: 1
 gpg: secret keys read: 1
 gpg: secret keys imported: 1
 [user@vault ~]$

Get rid of the temporary file:

[user@vault ~]$ shred -u subkeys

Verify that the master signing key is missing:

[user@vault ~]$ gpg -K
 /home/alice/.gnupg/secring.gpg
 -----------------------------
 sec# 4096R/32D49659 2013-08-15 [expires: 2013-08-22]
 uid Alice <alice@domain.com>
 ssb 4096R/E19F81C0 2013-08-15
 ssb 4096R/29E78F35 2013-08-15
[user@vault ~]$

See that “#”? That means that the master signing key is not there. Congratulations – this is your daily-use, lower-risk keyring! It only contains Alice’s encryption and signing subkeys, but no master (certification) signing key.

Move the daily-use keyring to Alice’s “personal” AppVM

Alice runs her email client and exchanges email with Bob using her “personal” AppVM. She therefore needs to have her daily-use keyring there.

Export Alice’s “lesser” private key:

[user@vault ~]$ gpg --export-secret-keys --armor alice > alice_gpg_private_lesser.key

Export Alice’s “lesser” public key:

[user@vault ~]$ gpg --export --armor alice > alice_gpg_public_lesser.key

Copy these out of the vault and into Alice’s networked “personal” AppVM:

[user@vault ~]$ qvm-copy-to-vm personal alice_gpg_p*_lesser.key
sent 14/15 KB
[user@vault ~]$

You will be prompted by Qubes if you want to allow this transfer. Click “Yes” to allow your “vault” AppVM to write to your “personal” AppVM.

Install Alice’s daily-use keyring in the “personal” AppVM

First, Alice needs to import the keys into her keyring:

[user@personal ~]$ cd QubesIncoming/vault/
[user@personal vault]$ gpg --import alice_gpg_p*_lesser.key
gpg: directory `/home/user/.gnupg' created
gpg: new configuration file `/home/user/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/user/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/home/user/.gnupg/secring.gpg' created
gpg: keyring `/home/user/.gnupg/pubring.gpg' created
gpg: key 46205B22: secret key imported
gpg: /home/user/.gnupg/trustdb.gpg: trustdb created
gpg: key 46205B22: public key "Alice <alice@domain.com>" imported
gpg: key 46205B22: "Alice <alice@domain.com>" 1 new signature
gpg: Total number processed: 2
gpg:               imported: 1  (RSA: 1)
gpg:         new signatures: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
[user@personal vault]$

Verify that the keys are there, but not the master certification key:

[user@personal vault]$ gpg -K
/home/user/.gnupg/secring.gpg
-----------------------------
sec#  4096R/46205B22 2013-10-04 [expires: 2013-10-11]
uid                  Alice <alice@domain.com>
ssb   4096R/DB739DBC 2013-10-04
ssb   4096R/E58DA355 2013-10-04
[user@personal vault]$

Good. That “#” means the certification key is not there.

Alice can now get rid of the exported key files:

[user@personal vault]$ shred -u alice_gpg_p*_lesser.key

At this point, Alice’s setup is done.

Here is what Alice has achieved:

  1. Alice has generated new OpenPGP keys in a secure environment (the vault)
  2. Alice created a “lesser” version of her keyring that excludes the all-important certification key. This “lesser” version will be used for daily use to communicate with Bob and anyone else using OpenPGP. If this “lesser” version of her keys is stolen (e.g. because the attacker compromises Alice’s “personal” AppVM), the attacker will not be able to create more keys in Alice’s name, or assign Alice’s trust to other keys. Alice only has to revoke her key and the attacker is left with nothing.
  3. Alice created a backup of her full certification keyring in a secure environment, the vault.

Publishing your public key on a keyserver for others to find

She should publish her key on the keyservers so that her friend Bob can easily find it: (note that the key to be sent must be selected with its key ID:

[user@personal ~]$ gpg --list-keys
/home/user/.gnupg/pubring.gpg
-----------------------------
pub   4096R/32D49659 2013-08-15 [expires: 2013-08-22]
uid                  Alice <alice@domain.com>
sub   4096R/E19F81C0 2013-08-15 [expires: 2013-08-22]
sub   4096R/29E78F35 2013-08-15 [expires: 2013-08-22]

[user@personal ~]$

So, let’s send key ID 32D49659 to the keyservers:

[user@personal ~]$ gpg --keyserver sks.keyservers.net --send-keys 32D49659
 gpg: sending key 32D49659 to hkp server sks.keyservers.net
 [user@personal ~]$

By knowing her public key’s fingerprint…

[user@personal ~]$ gpg --fingerprint alice@domain.com
 pub 4096R/32D49659 2013-08-15 [expires: 2013-08-22]
 Key fingerprint = 0346 5C7A 6412 A70B ED13 0196 9652 5380 32D4 9659
 uid Alice <alice@domain.com>
 sub 4096R/E19F81C0 2013-08-15 [expires: 2013-08-22]
 sub 4096R/29E78F35 2013-08-15 [expires: 2013-08-22]
[user@personal ~]$

…Alice can verify her key has been successfully published. All she needs to do is visit http://sks.keyservers.net/ and search for her email or name, then verify that the fingerprint shown matches the one of her local key.

In the meantime, Bob has been busy doing these exact same steps on his computer, for his name and email address. His key, tied to his email address bob@domain.com has also been published to the keyservers. He has also taken a proactive security precaution and only exposed a “lesser” version of his keyring to his networked AppVMs, with his certification key safely stored in the vault.

Communicating

Alice and Bob want to send private emails to each others. Emails about apple pie and silly gossip and deep meaningful conversations. It doesn’t matter. They just want to keep their conversations private. If they’ve both followed the steps above, this is what they need to do to email each other in private.

Importing Bob’s key

Alice needs to import Bob’s (public) key from the keyservers. She asks the keyserver to find Bob’s key:

[user@personal ~]$ gpg --keyserver sks.keyservers.net --search-keys bob@domain.com
gpg: searching for "bob@domain.com" from hkp server sks.keyservers.net
(1)	Robert <bob@domain.com>
	  4096 bit RSA key F19F159D, created: 2013-08-15, expires: 2013-08-22
(2)	Waldemar Retzlaff (Schlüssel zur domain.) <bob@eu-wedding.com>
	  1024 bit DSA key 96268EF6, created: 2003-12-16
Keys 1-2 of 2 for "bob@domain.com".  Enter number(s), N)ext, or Q)uit > 1
gpg: requesting key F19F159D from hkp server sks.keyservers.net
gpg: key F19F159D: public key "Robert <bob@domain.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
[user@personal ~]$

Whoops – found multiple keys – but once she selected Bob’s key, it was automatically imported into Alice’s keyring.

Verifying Bob’s key

Alice can already use this key to send Bob private email messages or files, but she wants to be really really certain that is Bob’s key, and not some impostor’s! Alice either meets or calls Bob on the phone and asks him to read out to her his key’s fingerprint. She verifies it matches the fingerprint of the key she imported from the keyservers:

[user@personal ~]$ gpg --fingerprint bob@domain.com
pub   4096R/F19F159D 2013-08-15 [expires: 2013-08-22]
      Key fingerprint = FF24 73AF 8658 5280 85A4  C2BD 4440 516C F19F 159D
uid                  Robert <bob@domain.com>
sub   4096R/E12896F5 2013-08-15 [expires: 2013-08-22]
sub   4096R/734A2C3B 2013-08-15 [expires: 2013-08-22]

[user@personal ~]$

While they’re on the phone, Bob quickly imports Alice’s key from the keyserver and asks her to confirm her key’s fingerprint as well. Alice reads out her key’s fingerprint:

[user@personal ~]$ gpg --fingerprint alice@domain.com
pub   4096R/32D49659 2013-08-15 [expires: 2013-08-22]
      Key fingerprint = 0346 5C7A 6412 A70B ED13  0196 9652 5380 32D4 9659
uid                  Alice <alice@domain.com>
sub   4096R/E19F81C0 2013-08-15 [expires: 2013-08-22]
sub   4096R/29E78F35 2013-08-15 [expires: 2013-08-22]

[user@personal ~]$

Fingerprints of public keys are public information. So Alice and Bob don’t need to worry about other people listening in. Their fingerprints are not secret.

Great! So far Alice and Bob have generated and successfully exchanged keys. Now all they need to do is use an application like Thunderbird with the Enigmail plugin (on Windows/Mac/Linux) or K9 with the APG app (on Android) to exchange encrypted and signed emails and files, being pretty certain that nobody can read or alter the contents of their messages.

When disaster strikes

Oh no! Alice’s smartphone has been stolen! Or one of her AppVMs might have opened an infected PDF, or ran some suspicious Java applet that might have installed a trojan on her personal AppVM. Nothing in that AppVM can be trusted any longer. This includes the GnuPG keys she was using on a daily basis.

Luckily Alice is prepared.

Revoking compromised keys

Alice needs to use her safe environment (the vault) to revoke the compromised subkeys (she only exposed subkeys to her networked AppVMs and devices, remember?) and optionally issue new ones.

The beauty of this is that she does not have to throw away the whole key. Alice can carry on using the same master key, which may, over the years, have accumulated a lot of trust from other Web Of Trust members. She just needs to revoke the compromised subkeys and issue new ones.

Working with our master key

Alice fires up her vault and imports the master keyring she had backed up when she created her keys:

[user@vault ~]$ tar xvf gpg_master_keys.tar
alice_gpg_private.key
alice_gpg_public.key
revocation.cert
[user@vault ~]$ 

Here are the files Alice backed up. Let’s import them to start using them – but first temporarily move .gnupg out of the way to ensure we’re not upsetting any preexisting configuration in the vault:

[user@vault ~]$ mv .gnupg .gnupg-ORIG
[user@vault ~]$ gpg --import alice_gpg_p*.key
gpg: directory `/home/user/.gnupg' created
gpg: new configuration file `/home/user/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/user/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/home/user/.gnupg/secring.gpg' created
gpg: keyring `/home/user/.gnupg/pubring.gpg' created
gpg: key 32D49659: secret key imported
gpg: /home/user/.gnupg/trustdb.gpg: trustdb created
gpg: key 32D49659: public key "Alice <alice@domain.com>" imported
gpg: key 32D49659: "Alice <alice@domain.com>" 1 new signature
gpg: Total number processed: 2
gpg:               imported: 1  (RSA: 1)
gpg:         new signatures: 1
gpg:       secret keys read: 1
gpg:   secret keys imported: 1
[user@vault ~]$

Verify what we imported:

[user@vault ~]$ gpg --edit-key alice
gpg (GnuPG) 1.4.14; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  4096R/32D49659  created: 2013-08-15  expires: 2013-08-22  usage: SC  
                     trust: unknown       validity: unknown
sub  4096R/E19F81C0  created: 2013-08-15  expires: 2013-08-22  usage: E   
sub  4096R/29E78F35  created: 2013-08-15  expires: 2013-08-22  usage: S   
[ unknown] (1). Alice <alice@domain.com>

gpg>

Yup, there they are.

  • The all-important master key with usage: SC (for “sign & certify”, which means to sign other keys)
  • One subkey with usage: E – for “encrypt”
  • One subkey with usage: S – for “sign”

Revoking compromised subkeys

gpg> list

pub  4096R/32D49659  created: 2013-08-15  expires: 2013-08-22  usage: SC  
                     trust: unknown       validity: unknown
sub  4096R/E19F81C0  created: 2013-08-15  expires: 2013-08-22  usage: E   
sub  4096R/29E78F35  created: 2013-08-15  expires: 2013-08-22  usage: S   
[ unknown] (1). Alice <alice@domain.com>

gpg> key 1

pub  4096R/32D49659  created: 2013-08-15  expires: 2013-08-22  usage: SC  
                     trust: unknown       validity: unknown
sub* 4096R/E19F81C0  created: 2013-08-15  expires: 2013-08-22  usage: E   
sub  4096R/29E78F35  created: 2013-08-15  expires: 2013-08-22  usage: S   
[ unknown] (1). Alice <alice@domain.com>

gpg> key 2

pub  4096R/32D49659  created: 2013-08-15  expires: 2013-08-22  usage: SC  
                     trust: unknown       validity: unknown
sub* 4096R/E19F81C0  created: 2013-08-15  expires: 2013-08-22  usage: E   
sub* 4096R/29E78F35  created: 2013-08-15  expires: 2013-08-22  usage: S   
[ unknown] (1). Alice <alice@domain.com>

gpg> revkey
Do you really want to revoke the selected subkeys? (y/N) y
Please select the reason for the revocation:
  0 = No reason specified
  1 = Key has been compromised
  2 = Key is superseded
  3 = Key is no longer used
  Q = Cancel
Your decision? 1
Enter an optional description; end it with an empty line:
> 
Reason for revocation: Key has been compromised
(No description given)
Is this okay? (y/N) y

You need a passphrase to unlock the secret key for
user: "Alice <alice@domain.com>"
4096-bit RSA key, ID 32D49659, created 2013-08-15

You need a passphrase to unlock the secret key for
user: "Alice <alice@domain.com>"
4096-bit RSA key, ID 32D49659, created 2013-08-15

pub  4096R/32D49659  created: 2013-08-15  expires: 2013-08-22  usage: SC  
                     trust: unknown       validity: unknown
This key was revoked on 2013-08-16 by RSA key 32D49659 Alice <alice@domain.com>
sub  4096R/E19F81C0  created: 2013-08-15  revoked: 2013-08-16  usage: E   
This key was revoked on 2013-08-16 by RSA key 32D49659 Alice <alice@domain.com>
sub  4096R/29E78F35  created: 2013-08-15  revoked: 2013-08-16  usage: S   
[ unknown] (1). Alice <alice@domain.com>

gpg> save
[user@vault ~]$

As you can see the all-important certification key has the power to revoke subkeys. Good thing Alice kept it safe in her offline vault all this time!

Export the revoked keys in a ASCII file

[user@vault ~]$ gpg --export -a > revoked_keys.asc

Move the revoked keys in your networked AppVM

[user@vault ~]$ qvm-copy-to-vm personal revoked_keys.asc 
sent 7/8 KB
[user@vault ~]$

From your networked AppVM now, tell the world you have revoked the subkeys

[user@personal ~]$ gpg --import QubesIncoming/vault/revoked_keys.asc 
gpg: key 32D49659: "Alice <alice@domain.com>" 2 new signatures
gpg: Total number processed: 1
gpg:         new signatures: 2

[user@personal ~]$ gpg --edit-key alice
gpg (GnuPG) 1.4.14; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

pub  4096R/32D49659  created: 2013-08-15  expires: 2013-08-22  usage: SC  
                     trust: ultimate      validity: ultimate
This key was revoked on 2013-08-16 by RSA key 32D49659 Alice <alice@domain.com>
sub  4096R/E19F81C0  created: 2013-08-15  revoked: 2013-08-16  usage: E   
This key was revoked on 2013-08-16 by RSA key 32D49659 Alice <alice@domain.com>
sub  4096R/29E78F35  created: 2013-08-15  revoked: 2013-08-16  usage: S   
[ultimate] (1). Alice <alice@domain.com>

gpg> quit

[user@personal ~]$ gpg --keyserver sks.keyservers.net --send-keys E19F81C0
gpg: sending key 32D49659 to hkp server sks.keyservers.net
[user@personal ~]$ gpg --keyserver sks.keyservers.net --send-keys 29E78F35
gpg: sending key 32D49659 to hkp server sks.keyservers.net
[user@personal ~]$ rm QubesIncoming/vault/revoked_keys.asc
[user@personal ~]

That’s it!

You have now revoked the two compromised subkeys and may create new subkeys with your untainted master key that was kept safe in your vault all along. Whoever managed to compromise your keys may be able to read everything encrypted with those keys (if they kept copies of the ciphertext).

Notes

Restricted keys (missing the master signing key, as we created above) can not currently be used by APG on Android. Use Mike Cardwell’s version of APG that works with such keys: download the apk from here.

A few good men

Here’s a few people who had both the guts and the skill to improve our world.

Stallman, Assange, Snowden

The guy on the left is Richard Stallman, founder of the Free Software Foundation, intellectual leader of the Free Software movement, who has tirelessly, often in the face of mockery, preached his gospel: Software is knowledge, and knowledge should be free for all.

Here he’s grinning alongside Julian Assange, Wikileaker extraordinaire, persecuted by the world’s most powerful governments, for months now unable to leave the Ecuadorian embassy in London. Assange had the balls to give us knowledge and to not stand down when the powers that be threatened him and came after him.

They are holding a picture of Edward Snowden, the latest NSA whistleblower who had the balls to throw away his comfortable, high-earning, high-status life to give us all some of the raw truth about how our governments operate. About how we have allowed our societies to resemble George Orwell’s 1984 to a worrying degree. He’s also prosecuted by the most powerful governments of this world.

Here’s a well-written biography of Edward Snowden, which captures the issues the world is facing after his brave disclosures succinctly. Highly recommended reading.

Edward Snowden (person) on Everything2

Private online communications part 2 – text chatting

When you use Google Talk to chat with your friends, Google records everything you say. Facebook does the same. Others probably do the same. The only way to ensure you are only communicating with your friends, without your every word being recorded and kept by corporations or governments, is to use OTR. OTR stands for Off The Record. It’s a genius protocol that gives you many desirable properties, like

  • Encryption
  • Authentication
  • Deniability
  • Perfect forward secrecy

To understand the value of each of the above properties, please check out the OTR website at http://www.cypherpunks.ca/otr/

Here’s a quick video tutorial on how to use OTR with Jitsi, using your Google account. You can do exactly the same with your Facebook, Yahoo!, MSN, ICQ, AIM, XMPP or Jabber account!

Private online communication – a matter of decency

I feel there is something inherently indecent about having a private conversation, while someone else is listening in. With modern Internet communication, that “someone else” is usually a corporation or a government.

It’s not the-STASI-is-listening-so-we-better-behave feeling that bugs me. It’s more the “I am a decent human being and I have the right to share my thoughts with my loved ones, and just with them!” feeling.

In that spirit, I encourage as many people as possible to use tools like Jitsi. Not allowing others to snoop on your private life is a matter of human decency, and you deserve it.

Get Jitsi:

Use Jitsi for private voice calls that do not allow eavesdropping:

Anyone with a Google account can make encrypted, private voice calls by using Jitsi as shown above. If you don’t have a Google account, you use any of the (many) other services Jitsi supports (MSN, Yahoo!, AIM, ICQ, SIP, XMPP, but not Facebook – they don’t support secure calls).

Spread the word!

A Skype alternative worth its salt: Jitsi

I’ve been using Skype, Google Talk and Facebook chat for years to communicate with friends and family. They’re all convenient, reliable and easy to use. But there is a big problem: They are all very easy to record and monitor by 3rd parties. We now know that:

  • Microsoft (owner of Skype) keeps records of who talked to whom and for how long. We also have very good reason to believe that there are tools out there (built by private companies and sold to governments) that can eavesdrop on Skype voice calls. Skype executives have been unable to deny that they comply with local law enforcement requests to eavesdrop on Skype calls.
  • Google definitely record all of your text chats. They don’t deny they do that, even when you use the “Go off the record” option in Google Talk. We’re not sure what recording they do with voice calls but can be certain that they comply with the law – therefore building “legal intercept” capabilities into their products.
  • Facebook record and analyze all of your text chats and will report you to the police if they see anything “suspicious” (source: Reuters). We don’t know what they do with voice/video calls, but again can be certain that they comply with the law – therefore building “legal intercept” capabilities into their products.

So if you happen to live in a surveillance state (think countries of the Arab Spring, think UK with their repeated attempts to introduce surveillance of their citizens, think USA with their record-breaking demands for your personal data from all of the above service providers (Microsoft, Google and Facebook)) then you can expect that all your online communications with your loved ones (voice calls, video calls, text chats) are recorded and stored, or at least eavesdropped upon. They’re all great free services that allow you to keep in touch with people, with one caveat: the government is listening in.

If you have no problem with that, perhaps because you subscribe to the flawed “I have nothing to hide” school of thought, read no further.

If you feel that being spied upon constantly, and having no reasonable expectation of privacy for your online life is not cool, read on.

The work of thousands of visionaries (starting with people like Richard Stallman in the 70′s) has today given us the free tools to protect our online communications to a reasonable degree. These are not tools to stop a police investigation against you from succeeding – these are tools that empower you to opt-out from the surveillance-by-default communications channels most of us use, and instead keep your private thoughts and words only between yourself and your loved ones.

Jitsi main window
The easiest one to get us started is Jitsi.

Jitsi gives you voice calls, video calls, instant text messages and group chats. It therefore covers 100% of the communication capabilities of Microsoft’s Skype, Google Talk, Facebook Chat, IRC channels and the like. Use Jitsi, and you don’t need to use any of these again.

Why switch to Jitsi?

Because it protects your privacy as much as possible. If you and your loved ones use Jitsi, you can:

  • Have end-to-end encryption of your voice and video calls – guaranteeing that nobody is listening in or recording.
  • Have end-to-end encryption of your text (instant messaging) chats with Off The Record (OTR) technology – the world’s finest in preserving your privacy with unique features like Perfect Forward Secrecy and Deniability.

As an additional benefit, it’s great to have all of your instant messaging contacts in one window, and Jitsi gives you that. It also runs on Windows, MacOSX and GNU/Linux.

encrypted video call

Start using Jitsi instead of Skype, Google Talk and Facebook Chat and stop corporations and governments collecting, storing and analyzing the thoughts you share with your loved ones.

PS: You can only have private communications if both ends of the chat/voice/video call support this. If both you and your loved ones use Jitsi, voice & video calls are private by default. For text chats, you will have to click the lock icon in your chat window (as shown below) until it displays a closed “lock” state.

this conversation is NOT private
PPS: No “lock” icon? That probably means that the person you are chatting with is not using Jitsi or a similar program that can protect your chats with OTR. You can only have a private conversation if both ends support OTR.

PPPS: Looking for something like Jitsi for your smartphone? For private text messaging (using the Off The Record protocol) look at ChatSecure for iPhones or GibberBot for Android phones. For private voice calls on the Android, look into csipsimple and Moxie Marlinspike’s RedPhone. Remember, both ends of the conversation need the same technology to create a private channel.

Free tools to protect your privacy online

Most schools, companies, service providers and governments record and analyse as much as they can of your online behaviour: All your emails, chats with your friends, web pages you visit, things you search for, photos you look at and more – all are stored and linked with your identity.

By using these free tools you make it harder for others to observe your online life:

  • Tor – browse the Internet without revealing your location
  • Jitsi – make free voice calls without anyone listening in on your calls. Also, chat with your friends via Google Chat or Facebook chat without your conversations being recorded.
  • TrueCrypt – encrypt your files before storing them online (e.g. on DropBox or Google Drive), so that only you can read them
  • CryptoCat – have private text chats online, wherever you are (video)
  • GnuPG – encrypt your emails so that only your recipient can read them [ADVANCED]
  • TAILS – use computers of other people without compromising your security or privacy [ADVANCED]
  • Want guidance on how to use any of these tools? Have more to add to the list? Leave a comment.

    Book review: “Free Culture” by Lawrence Lessig

    I enjoyed reading Lawrence Lessig’s book “Free Culture” – which is freely available online.

    Professor Lessig takes the reader through a fascinating trip that drives a single point home: The current blanket copyright protectionism is hurting our culture.

    Passages from the book I enjoyed:

    A Cold-war era propaganda film, courtesy of the Internet Archive:

    Want to see a copy of the “Duck and Cover” film that instructed children how to save themselves in the middle of nuclear attack? Go to archive.org, and you can download the film in a few minutes—for free.

    The asymmetry of our reaction to content sharing:

    The obvious point of Conrad’s cartoon is the weirdness of a world where guns are legal, despite the harm they can do, while VCRs (and circumvention technologies) are illegal. Flash: No one ever died from copyright circumvention. Yet the law bans circumvention technologies absolutely, despite the potential that they might do some good, but permits guns, despite the obvious and tragic harm they do.

    Never in our history have fewer had a legal right to control more of the development of our culture than now.

    Some fascinating statistics that show how the law penalises the vast majority of culture, just to allow a tiny subset of it to keep on cashing in for their rights holders:

    In 1930, 10,047 books were published. In 2000, 174 of those books were still in print. Let’s say you were Brewster Kahle, and you wanted to make available to the world in your iArchive project the remaining 9,873. What would you have to do?

    Forget all the works from the 1920s and 1930s that have continuing commercial value. The real harm of term extension comes not from these famous works. The real harm is to the works that are not famous, not commercially exploited, and no longer available as a result. If you look at the work created in the first twenty years (1923 to 1942) affected by the Sonny Bono Copyright Term Extension Act, 2 percent of that work has any continuing commercial value. It was the copyright holders for that 2 percent who pushed the CTEA through. But the law and its effect were not limited to that 2 percent. The law extended the terms of copyright generally.

    [...] most books go out of print within one year. The same is true of music and film.

    As one researcher calculated for American culture, 94 percent of the films, books, and music produced between 1923 and 1946 is not commercially available.

    A smart fix to blanket copyright law by professor Lessig: Make long-term copyright opt-in:

    [...] I proposed a simple fix: Fifty years after a work has been published, the copyright owner would be required to register the work and pay a small fee. If he paid the fee, he got the benefit of the full term of copyright. If he did not, the work passed into the public domain.

    How “the industry” has opposed the above proposal and what that shows about the war on culture we’re currently going through:

    The opposition to the Eldred Act reveals how extreme the other side is. The most powerful and sexy and well loved of lobbies really has as its aim not the protection of “property” but the rejection of a tradition. Their aim is not simply to protect what is theirs. Their aim is to assure that all there is is what is theirs.

    So when the common sense of your child confronts you, what will you say? When the common sense of a generation finally revolts against what we have done, how will we justify what we have done? What is the argument?

    On the cool BBC Creative Archive pilot that ran till 2006:

    the BBC has just announced that it will build a “Creative Archive,” from which British citizens can download BBC content, and rip, mix, and burn it.

    On the Public Library of Science:

    The Public Library of Science (PLoS), for example, is a nonprofit corporation dedicated to making scientific research available to anyone with a Web connection. Authors of scientific work submit that work to the Public Library of Science. That work is then subject to peer review. If accepted, the work is then deposited in a public, electronic archive and made permanently available for free.

    On Peter Wayner’s freely available book “Free for All”:

    Peter Wayner, who wrote a book about the free software movement titled Free for All, made an electronic version of his book free on-line under a Creative Commons license after the book went out of print. He then monitored used book store prices for the book. As predicted, as the number of downloads increased, the used book price for his book increased, as well.

    This passage made me think again about stuff I’ve published online (blog posts, photos etc) – I am ditching the default “all rights reserved” and going for less restrictive Creative Commons licenses:

    Finally, there are many who mark their content with a Creative Commons license just because they want to express to others the importance of balance in this debate. If you just go along with the system as it is, you are effectively saying you believe in the “All Rights Reserved” model. Good for you, but many do not.

    On how the term of copyright just keeps being extended:

    The term of copyright has gone from fourteen years to ninety-five years for corporate authors, and life of the author plus seventy years for natural authors.

    On avoiding knee-jerk reactions and focusing on what matters:

    This point about the future is meant to suggest a perspective on the present: It is emphatically temporary. The “problem” with file sharing—to the extent there is a real problem—is a problem that will increasingly disappear as it becomes easier to connect to the Internet. And thus it is an extraordinary mistake for policy makers today to be “solving” this problem in light of a technology that will be gone tomorrow. The question should not be how to regulate the Internet to eliminate file sharing (the Net will evolve that problem away). The question instead should be how to assure that artists get paid, during this transition between twentieth-century models for doing business and twenty-first-century technologies.

    You know how the RIAA and MPAA are crying “piracy kills music”? This, of course, has happened before:

    See Cap Gemini Ernst & Young, Technology Evolution and the Music Industry’s Business Model Crisis (2003). This report describes the music industry’s effort to stigmatize the budding practice of cassette taping in the 1970s, including an advertising campaign featuring a cassette-shape skull and the caption “Home taping is killing music.”

    On how copyright is being misused for reckless profiteering, killing creativity:

    Jon Else is a filmmaker. He is best known for his documentaries and has been very successful in spreading his art. He is also a teacher, and as a teacher myself, I envy the loyalty and admiration that his students feel for him. (I met, by accident, two of his students at a dinner party. He was their god.)

    Else worked on a documentary that I was involved in. At a break, he told me a story about the freedom to create with film in America today.

    In 1990, Else was working on a documentary about Wagner’s Ring Cycle. The focus was stagehands at the San Francisco Opera. Stagehands are a particularly funny and colorful element of an opera. During a show, they hang out below the stage in the grips’ lounge and in the lighting loft. They make a perfect contrast to the art on the stage.

    During one of the performances, Else was shooting some stagehands playing checkers. In one corner of the room was a television set. Playing on the television set, while the stagehands played checkers and
    the opera company played Wagner, was The Simpsons. As Else judged it, this touch of cartoon helped capture the flavor of what was special about the scene.

    Years later, when he finally got funding to complete the film, Else attempted to clear the rights for those few seconds of The Simpsons. For of course, those few seconds are copyrighted; and of course, to use copyrighted material you need the permission of the copyright owner, unless “fair use” or some other privilege applies.

    Else called Simpsons creator Matt Groening’s office to get permission. Groening approved the shot. The shot was a four-and-a-half-second image on a tiny television set in the corner of the room. How could it hurt? Groening was happy to have it in the film, but he told Else to contact Gracie Films, the company that produces the program.

    Gracie Films was okay with it, too, but they, like Groening, wanted to be careful. So they told Else to contact Fox, Gracie’s parent company. Else called Fox and told them about the clip in the corner of the one
    room shot of the film. Matt Groening had already given permission, Else said. He was just confirming the permission with Fox.

    Then, as Else told me, “two things happened. First we discovered . . . that Matt Groening doesn’t own his own creation—or at least that someone [at Fox] believes he doesn’t own his own creation.” And second, Fox “wanted ten thousand dollars as a licensing fee for us to use this four-point-five seconds of . . . entirely unsolicited Simpsons which was in the corner of the shot.”

    Else was certain there was a mistake. He worked his way up to someone he thought was a vice president for licensing, Rebecca Herrera. He explained to her, “There must be some mistake here. . . . We’re asking for your educational rate on this.” That was the educational rate, Herrera told Else. A day or so later, Else called again to confirm what he had been told.

    “I wanted to make sure I had my facts straight,” he told me. “Yes, you have your facts straight,” she said. It would cost $10,000 to use the clip of The Simpsons in the corner of a shot in a documentary film about
    Wagner’s Ring Cycle. And then, astonishingly, Herrera told Else, “And if you quote me, I’ll turn you over to our attorneys.” As an assistant to Herrera told Else later on, “They don’t give a shit. They just want the
    money.”

    Else didn’t have the money to buy the right to replay what was playing on the television backstage at the San Francisco Opera. To reproduce this reality was beyond the documentary filmmaker’s budget. At the very
    last minute before the film was to be released, Else digitally replaced the shot with a clip from another film that he had worked on, The Day After Trinity, from ten years before.