So for those us that need to run Windows/OSX to run software, like Photoshop, for our job, we should just give up on PGP? Seems like a supporting argument for the article then.
No, you just keep your work computer separate from your whistleblowing/terrorism computer. Productivity and secure+anonymous communications have different needs, and an air-gap between them is pretty much the only way to achieve both.
Luckily, in the modern world, owning a second single-purpose device is really easy: your secure+anonymous communications can be done on a rooted Android phone or a Tails-reformatted Chromebook for ~$150.
Your argument comes down to the threat model. A journalist whom also uses Photoshop is free to use whatever system they have sufficient trust in for the nature of the communication at hand.
If they're likely to be killed because someone reads the content of their messages, they should easily be able to weigh that cost against needing to boot of USB every now and again.
So that said, if you use crypto-system X on a machine you cannot trust, crypt-system X will not be able to protect you very much.
I understand the threat model. However that notion implies that those of us who aren't at risk of death over our emails should give up PGP. Given that (I assume) most of us aren't at risk of murder by the nation-state, PGP is dead.
I would prefer a solution where everyone could reasonably get end-to-end encrypted emails. Unfortunately, given the unfitness of PGP for this goal, coupled with recent work in the space, it looks like we will either get plaintext over decentrailzed email, or e2ee inside walled gardens.
There is nothing stopping you from having more than one identity. If you don't mind too much if malware has your PGP details, then all good. If you would like a more way to securely store these details for other sorts of communication, perhaps a different machine, a live-CD or hardware token[1][2] can be justified.
I think it is also worth remembering that even the most liberal western democracies have laws that one way or another prevent people from keeping secrets from the law. If everyone has it, and uses it, and it cannot be back-doored, it will be banned rather quickly IMHO. And the people who don't care about privacy -- i.e. most everyone -- won't care about crypto being banned either after the right wing press is done with them. (Restated: we shouldn't force people to close their curtains any more than we force them to open them).
Traditionally, you should have a second cheap machine running Tails, and do your email through PGP there.
The idea isn't that PGP is compromised on a Windows box with outside software, it's that everything is compromised on that box. Changing algorithm or app doesn't matter if your hardware might be recording every key stroke and sending it through a side channel.
As another example, take the newer remote management "features" included in modern BIOSes that run on a separate microcontroller in the system and allow access to network, memory, peripherals, etc., even if the computer is shut down (but still on mains). Let's imagine someone had an exploit or the keys for that. With that hole, you could never fully lock down. Sneakernet over a wide airgap is a good policy.
Ugh, yep. I totally forgot about how many machines come with entire parallel communication systems. The Intel Management Engine, for example, is horrific. It's a machine-compromising threat built into the CPU and (as far as I know) totally unremovable. I haven't heard about any kind of compromise, but it's far from impossible. Well-meant, sure (why make two production runs at higher expense), but that's not very comforting. We already know the US government intercepts some machines in transit; silently enabling and owning the IME would be an elegant way to beat a physical inspection on delivery. It's only reasonable to assume China and similar players do the same.
(If the IME is disabled, will the CPU still complain if you physically destroy the thing? Does anyone know?)
There's also the rather nasty proof-of-concept attack where air-gapped machines output audio data at ultrasonic frequencies to beat the gap. Sure, it takes initial compromise to activate, but that's a plausible risk for someone running nation-state defense.
Sneakernet continues to be a solid policy. I don't remember who, but some notable security researcher talking about Lulzsec summarized the issue with "If I were crossing a government, my opsec would be a stolen library card in a city I don't live in."
> If the IME is disabled, will the CPU still complain if you physically destroy the thing? Does anyone know?
If I'm remembering correctly, if the CPU doesn't receive a heartbeat from IME within 30 minutes, it shuts down the hardware.[1].
There are also different levels of the thing. There's a basic level that handles some kind of low-level system monitoring. The remote access stuff is usually marketed as "vPro", and it's sold as a premium feature. That's the one with direct access to the networking hardware, transmitting packets over the same physical interface, but using its own unique MAC address.
The "low-level system monitoring" is effectively a software implementation of any "active" ACPI logic (e.g. Intel's SpeedStep.) This used to be in a separate "platform controller", but putting it in an on-CPU-die coprocessor 1. allows the ACPI logic to be regular x86_64 code, and 2. allows much simpler motherboard layout wiring (because you don't need a bunch of duplicate pinouts running from peripherals to both the CPU and platform controller; they can all just go to the CPU.)
> The remote access stuff is usually marketed as "vPro", and it's sold as a premium feature.
AFAIK, in all modern Intel processors the IME is directly attached to the network hardware and gets its own SR-IOV virtual instance of the hardware (with its own MAC) to talk to. But not all motherboards support vPro: the onboard Ethernet controller has to be designed with awareness of the IME so it can recognize its packets as additional Wake-on-LAN packet types, and not all are (yet). So—at least if you're building custom—you can just buy a non-vPro motherboard to "wall off" your computer from secret probes of its ports. (Or, you know, use a router. It's not like these packets will make it to your computer from across the Internet.)
With how ASIC & firmware companies do things, best to assume they're all the same thing until proven otherwise. As in, the circuitry and software for doing any of that is there but only made visible/usable to by a configuration that changes the more they pay. This is the most economical thing for hardware makers to do as they build just one thing instead of several things. This was also the trick some hard disk makers use where they put the same platter in all the drives but a firmware option limited how much was visible to user (less money = less visible).
So the next question would be whether it's possible to remotely reconfigure the "non-vPro" machine to activate the features, in which case it could be considered a direct equivalent.
And that's what we don't and can't know the answer to since it's a black box. Hence, that circuitry can't ever be present on a machine if one is worried about potential compromises or subversions of it.
Derefr's answer in this thread suggests that you can insulate against this regardless of how the vPro activation works; not all motherboards support the parallel packet stream, so you can get a vPro incompatible motherboard and trust that even if there is a "wake and activate" command it won't be received.
Examine the binary for a run of the mill system sometime and check out the partition headers/manifest, see if you are convinced there are no networking functions in there. The processor in my laptop supports WoL (and I've tested that it works), but is not vPro (double-checked with Ark). I'm skeptical.
This slideshow discusses a rootkit in the old Intel ME chipset (which comes with most Core2Duo/Core2Quad processors).
The Intel ME can't fully be disabled because the CPU expects a heartbeat from it. There have been successful attempts to disable large portions of the Intel ME code, but not all of it.
These guys are looking to replace the Intel ME's firmware with a fully open-source version: http://me.bios.io/Main_Page
Tails can boot from USB. You don't need to not use Windows/OSX, you just need to boot into Tails prior to using PGP.
Is it inconvenient? Yes. Almost all privacy/security is. Security is largely a series of tradeoffs between privacy and convenience. The more privacy and security you desire - the less convenient everything is going to be.
Burner phones, faraday cages, encrypted harddrives, using cash/bitcoins (which should be purchased with cash), using a VPN over Tor (and not Tor over a VPN). Making sure any phone calls from different locations with none being near work/home, that the call is kept very short and preferably with a short and precise coded language. Cycling your PGP key frequently, and scheduling all electronic communications as to not give any hint of any "active hours".
All of those are inconvenient, but necessary, if privacy and security are desired.
You don't have to run exclusively on any operating system. You can use multiple operating systems for different parts of your job, and there's a whole spectrum of convenience / security for how to go between the two that you can choose from.
> So for those us that need to run Windows/OSX to run software, like Photoshop, for our job, we should just give up on PGP? Seems like a supporting argument for the article then.
If you're paranoid, run that stuff in a VM. If you're really paranoid, run it on a separate machine.
