Posted on

Maine: Androscoggin County commissioner offers new resolution that forbids county officials from enforcing mask mandate

Maine: Androscoggin County commissioner offers new resolution that forbids county officials from enforcing mask mandate

February 11, 2021 | BY STEVE SHERLOCK | Sun Journal | Source |

“AUBURN — Instead of backing down, Androscoggin County Commissioner Isaiah Lary of Wales has doubled down.

Facing a potential recall vote over his initial resolution arguing against the mask mandate and other executive orders issued by Gov. Janet Mills to prevent the spread of COVID-19, he released a new resolution Wednesday, a week after the first was tabled.

The latest statement resolves that no county official can enforce a “pandemic order,” including the wearing of masks by any resident, visitor or in a business in Androscoggin County. It also resolves to prevent the use of county funds, employees and equipment to enforce the mandate.

Lastly, the resolution resolves that the county administrator take steps to bring the question before the Maine Supreme Judicial Court for a declaration that “the delegation of lawmaking power to the governor under the Emergency Act is unconstitutional” to the Maine Constitution, and in “violation of the separation of powers doctrine and the nondelegation doctrine, thereby invalidating the Pandemic Order.””


Link To Read Full Article @





Link To Article_Anti-mask mandate commissioner told to work his day job from home





Link To Article_Maine purchased over 2 million counterfeit masks now subject to recall








Posted on

Short Course on Communist Takeover of U.S.

Short Course on Communist Takeover of U.S.

January 29, 2018 | Reality Zone | KGB defector interviewed by G. Edward Griffin |

“This is a recently discovered excerpt from G. Edward Griffin’s 1984 interview with KGB defector, Yuri Bezmenov, who explains the four stages of communist strategy for taking over the U.S. from within. It is sobering to realize that stage three is almost complete. Stage Four is martial law from which there is no escape. Americans are running out of time to take the Red Pill.”

Link To Video






PA Gov. Tom Wolf aligns with George Soros’ agenda; Which US Governors Are Collaborating with George Soros?; How a Chinese think tank rates all 50 U.S. governors














Department of Homeland Security Wages Biometric War on Freedom In America: DHS Files Rule Proposing Increasing Scope of Biometric Information Collection







Department of Homeland Security Election Auditing + The History of DHS “Corruption: The Department of Homeland Security Is a Mess of Misconduct and Ineptitude”; Make America Safer: Shut Down the Department of Homeland Security








Posted on

China’s Chief Epidemiologist Admits Wuhan COVID-19 Virus Was Never Isolated and Is Not Proven to Exist

China’s Chief Epidemiologist Admits Wuhan COVID-19 Virus Was Never Isolated and Is Not Proven to Exist

February 12, 2021 | NBC News and Dr. Andrew Kaufman | Need To Know News | Source |

“Dr. Andrew Kaufman says that, because the Covid-19 virus has never been isolated, it cannot be said with certainty that it is not something else – and if it is something else, then COVID-19 does not exist. To isolate a virus, lung fluid, or some other body fluid, is collected, and the virus is separated from everything else. To do that, it must be filtered, usually in a centrifuge, and examined under a microscope to confirm it’s unique characteristics. Everyone who has tried to do this with COVID-19 has failed. Dr. Kaufman believes the reason for this failure is that COVID-19 is merely a new variant of a pathogen category called Coronavirus, which includes many other variants, including the common flu. (Explanation of isolating a virus begins at 8:29) -GEG

Dr. Wu Zunyou, the Chief Epidemiologist of the Chinese Center for Disease Control and Prevention was interviewed by a reporter last month who asked why the data from the Wuhan market has not been released for public examination, and he replied: “They didn’t isolate the virus, that is the issue.” When she asked about live animal samples, he said it doesn’t tell you anything, and added: “I suspect it’s not coming from what we originally thought.”

Click below for the link to the NBC News interview featuring Dr. Wu Zunyou, the Chief Epidemiologist of China’s CDC, admitting the Wuhan virus has never been isolated and that is the problem:


Video featuring Dr. Andrew Kaufman explaining how a virus and/or exosome can be isolated” (explanation begins at 8:29):



Link To Read Article @ Source_NeedToKnowNews






Nobel Laureate Kary Mullis PCR inventor talks about Anthony Fauci; PLANDEMIC-Dr. Judy Mikovitz; Dr. Thomas Cowan, Dr. Andrew Kaufman, Dr. Reiner Fuellmich –COVID-19 RT-PCR TEST FRAUD








Dr. Christiane Northrup Discusses The C*vid 19 Vaccine; Dr.Carrie Madej, Dr.Andrew Kaufman; & Dr.Robert Endres







Posted on

Solar geoengineering using solid aerosol in the stratosphere

Solar geoengineering using solid aerosol in the stratosphere

October 26, 2015 | Authors: D. K. Weisenstein1, D. W. Keith1,2, and J. A. Dykema1 |

“Solid aerosol particles have long been proposed as an alternative to sulfate aerosols for solar geoengineering.”


Link To_Solar geoengineering using solid aerosol in the stratosphere




David Keith | Colbert Report 2013

Link To Video




February 10, 2021 | By  | ClimateScienceNews | Source

Bill Gates’ “block the sun” SCoPEx balloon launch experiment in Sweden hits a snag as environmental groups express criticism


“A controversial solar geoengineering project has been criticized by environmental groups in Sweden. Scientists from the Stratospheric Controlled Perturbation Experiment (SCoPEx) have planned to launch a high altitude balloon in June 2021 from the northernmost Swedish town of Kiruna, located in Lapland province. The project aimed to cool the earth and fight global warming by replicating the effect of a large volcanic eruption.

Swedish environmental groups have written to the government and the Swedish Space Corporation (SSC) to voice their opposition toward the SCoPEx project. These organizations included the Swedish Society for Nature Conservation, Greenpeace Sweden and Friends of the Earth Sweden. The groups noted in their letter that the inaugural SCOPEX balloon flight could be the first step toward the adoption of a potentially “dangerous, unpredictable and unmanageable” technology.

The groups said: “We appeal to the Swedish government to oppose the SSC’s involvement with SCoPEx’s proposed tests, as they are fundamentally incompatible with the precautionary principle, in breach of international norms and inconsistent with Sweden’s own climate policy framework.” They stressed that the technology SCoPEx is using has “the potential for extreme consequences” and that “there is no justification for testing and experimenting with technology that seems to be too dangerous to ever be used.”


Link To Read Full Article at Source_ClimateScienceNews






Bill Gates Backing Harvard Geoengineering Tests In Sweden




Posted on

Masks Don’t Work: A Review of Science Relevant to COVID-19 Social Policy

Masks Don’t Work: A Review of Science Relevant to COVID-19 Social Policy

June 2020 | 

“There have been extensive randomized controlled trial (RCT) studies, and meta-analysis reviews of RCT studies, which all show that masks and respirators do not work to prevent respiratory influenza-like illnesses, or respiratory illnesses believed to be transmitted by droplets and aerosol particles.

The present paper about masks illustrates the degree to which governments, the mainstream media, and institutional propagandists can decide to operate in a science vacuum, or select only incomplete science that serves their interests. Such recklessness is also certainly the case with the current global lockdown of over 1 billion people, an unprecedented experiment in medical and political history.

Here are key anchor points to the extensive scientific literature that establishes that wearing surgical masks and respirators (e.g., “N95″) does not reduce the risk of contracting a verified illness:”

• Jacobs, J. L. et al. (2009) “Use of surgical face masks to reduce the incidence of the common cold among health care workers in Japan: A randomized controlled trial,” American Journal of Infection Control, Volume 37, Issue 5, 417 – 419.
N95-masked health-care workers (HCW) were significantly more likely to experience headaches. Face mask use in HCW was not demonstrated to provide benefit in terms of cold symptoms or getting colds.

• Cowling, B. et al. (2010) “Face masks to prevent transmission of influenza virus: A systematic review,” Epidemiology and Infection, 138(4), 449-456. DOI:10.1017/S0950268809991658
None of the studies reviewed showed the benefit of wearing a mask in either HCW or community members in households (H). See summary Tables 1 and 2 therein.

• bin-Reza et al. (2012), “The use of masks and respirators to prevent transmission of influenza: a systematic review of the scientific evidence,” Influenza and Other Respiratory Viruses 6(4), 257-267.”There were 17 eligible studies. […] None of the studies established a conclusive relationship between mask/respirator use and protection against influenza infection.”

• Smith, J.D. et al. (2016) “Effectiveness of N95 respirators versus surgical masks in protecting health care workers from acute respiratory infection: a systematic review and meta-analysis”, CMAJ Mar 2016, cmaj.150835; DOI: 10.1503/cmaj.150835
“We identified 6 clinical studies … In the meta-analysis of the clinical studies, we found no significant difference between N95 respirators and surgical masks in the associated risk of (a) laboratory-confirmed respiratory infection, (b) influenza-like illness, or (c) reported work-place absenteeism.”

• Offeddu, V. et al. (2017) “Effectiveness of Masks and Respirators Against Respiratory Infections in Healthcare Workers: A Systematic Review and Meta-Analysis,” Clinical Infectious Diseases, Volume 65, Issue 11, 1 December 2017, Pages 1934-1942,

• Radonovich, L.J. et al. (2019) “N95 Respirators vs. Medical Masks for Preventing Influenza Among Health Care Personnel: A Randomized Clinical Trial”, JAMA. 2019; 322(9): 824-833. DOI:10.1001/jama.2019.11645
“Among 2862 randomized participants, 2371, completed the study and accounted for 5180 HCW-seasons. … Among outpatient health care personnel, N95 respirators vs. medical masks as worn by participants in this trial resulted in no significant difference in the incidence of laboratory-confirmed influenza.”

• Long, Y. et al. (2020) “Effectiveness of N95 respirators versus surgical masks against influenza: A systematic review and meta-analysis”, J Evid Based Med. 2020; 1- 9.
No RCT study with verified outcome shows a benefit for HCW or community members in households to wearing a mask or respirator. There is no such study. There are no exceptions. Likewise, no study exists that shows a benefit from a broad policy to wear masks in public.
Furthermore, if there were any benefit to wearing a mask, because of the blocking power against droplets and aerosol particles, then there should be more benefit from wearing a respirator (N95) compared to a surgical mask, yet several large meta-analyses, and all the RCT, prove that there is no such relative benefit. Masks and respirators do not work.

“Many potential harms may arise from broad public policies to wear masks, and the following unanswered questions arise:

• Do used and loaded masks become sources of enhanced transmission, for the wearer and others?

• Do masks become collectors and retainers of pathogens that the mask wearer would otherwise avoid when breathing without a mask?

• Are large droplets captured by a mask atomized or aerosolized into breathable components? Can virions escape an evaporating droplet stuck to a mask fiber?

• What are the dangers of bacterial growth on a used and loaded mask?

• How do pathogen-laden droplets interact with environmental dust and aerosols captured on the mask?

• What are long-term health effects on HCW, such as headaches, arising from impeded breathing?

• Are there negative social consequences to a masked society?

• Are there negative psychological consequences of wearing a mask, as a fear-based behavioral modification?

• What are the environmental consequences of mask manufacturing and disposal?

• Do the masks shed fibers or substances that are harmful when inhaled?”

Link To Article




“Respiratory pathogens on the outer surface of the used medical masks may result in self-contamination.”  Link

June 3, 2019 | Chughtai, A.A., Stelzer-Braid, S., Rawlinson, W. et al. Contamination by respiratory viruses on outer surface of medical masks used by hospital healthcare workers. BMC Infect Dis 19, 491 (2019).| BMC Infectious Diseases

“Respiratory pathogens on the outer surface of the used medical masks may result in self-contamination. The risk is higher with longer duration of mask use (> 6 h) and with higher rates of clinical contact. Protocols on duration of mask use should specify a maximum time of continuous use, and should consider guidance in high contact settings. Viruses were isolated from the upper sections of around 10% samples, but other sections of masks may also be contaminated. HCWs should be aware of these risks in order to protect themselves and people around them.”

Link To_Full_Document_s12879-019-4109-x




August 14, 2020 |   LINK TO VIDEO

“OSHA PPE Expert, Tammy Clark, and Occupational Environmental Safety Expert, Kristen Meghan, Talk Masks in a C-o-v-i-d world. What masks can and can’t do, their occupational hazards, and some of the myths behind the topic.”

Link To Video


Tammy Clark & Kristen Meghan Talk Masks w/ Host, Reinette Senum, On Western Women Save The World







Conclusion Regarding Masks: They Do Not Work






Cloth Masks – dangerous to your health?  

“The study found was much higher among healthcare workers wearing cloth masks.”  Source


Link To Full Article





Over 30 Scientific Peer Reviewed Articles related to hazards and ineffectiveness of wearing masks:






MASK OFF. CDC does not have Constitutional authority to create or enforce laws








1981: Surgeon’s medical mask study concludes, “minimum contamination can best be achieved by not wearing a mask at all”








Posted on

Florida is a beacon of liberty in a nation hijacked by COVID tyranny

Florida is a beacon of liberty in a nation hijacked by COVID tyranny

February 9, 2021 | Jordan Schachtel | The Dossier |Source

Gov DeSantis has remained steadfast in the face of relentless smears and challenges.

“President Reagan famously touted America as a “shining city upon a hill whose beacon light guides freedom-loving people everywhere.” However, today in 2021, that beacon light has dimmed significantly, and most of America has become entirely consumed by COVID Mania, while the masses have surrendered their liberties due to a virus with a recovery rate of 99.8+%.

Although most Americans and their elected leaders have failed to uphold our sacred principles, there are still pockets of brave, freedom-loving Americans who seek to continue abiding by our founding ideals and their emphasis on the protection of individual rights.

Florida is the largest of the handful of currently-functioning “free states” that has lived up to the American principle as a beacon of liberty, in a nation that has surrendered to tyranny, corruption, & idiocracy. Floridians, along with Americans in only a few other states, live so much more freely than people in New York, California, and the dozens of other lockdown states, that we may as well be living in two different nations. Never in my life would I have imagined that so many Americans would surrender their precious freedoms in the name of a flu-like respiratory virus, but here we are.

Martin Luther King Jr famously reminded us that “the ultimate measure of a man is not where he stands in moments of comfort and convenience, but where he stands at times of challenge and controversy.” Over the past several years, Americans had lived incredibly comfortable lives. With COVID-19 came a sudden crisis, and the ultimate test of fortitude. Tragically, most of our political leaders and “public health experts” not only failed that test, but then weaponized the situation to unleash terror and chaos upon the people who put their trust in them.

Governor Ron DeSantis is one of those leaders who has shined through challenge and controversy. Through the course of corona hysteria, he has acted admirably and bravely, using his platform and power as an anchor for the battle against the forces that seek to intrude upon our rights.”


Link To Read Full Article @ Source

Posted on

MASK OFF. CDC does not have Constitutional authority to create or enforce laws.

 MASK OFF. CDC does not have Constitutional authority to create or enforce laws. 

February 9, 2021 | 

Did you know that the CDC is a quasi-governmental agency and does not have legitimate Constitutional authority to create or enforce laws? If we have been getting our “news” from Mr. Biden or the mainstream media, we might believe the false information about mask orders and other manufactured covid-19 brand perceptions that are simply not true. *You are the only one able to determine if you are able to wear a mask safely. A face mask is a medical device according to the FDA, therefore a face mask is a medical intervention for which you must give your informed consent. Period.




“Guard with jealous attention the public liberty. Suspect anyone who comes near that precious jewel. “


CDC estimates mortality rate is 0.4%, significantly lower than previously reported…

And if masks are so effective, why wasn’t the public instructed to wear them back in 2018, when tuberculosis killed over 1.5 million people including over 200,000 children?…..

There is zero scientific evidence that the virus is spread by asymptomatic people.  No study even exists asserting this claim. Yet a reputable, peer-reviewed scientific study concludes that asymptomatic people CANNOT spread a virus.

Use your imagination to figure out why the media hasn’t reported on this fact.

The World Health Organization stated on April 2, 2020 that there was “no documented asymptomatic transmission.…

Link To Video



The Constitution Isn’t Suspended Because of Coronavirus.

In fact, the USA Constitution is clear, that laws must  be passed by going through the proper legislative procedure, in the USA state and federal legislatures. Our public servants may be confused as to their actual role as public servants and their obligation to fulfill their Oath of office, which requires each public servant to uphold, protect and defend the Constitution from all enemies both foreign and domestic.

Are Mr. Biden and his administration deliberately ignoring the Constitution and the rule of law by attempting to make unlawful demands on The People, such as mask wearing, for which they are neither authorized nor qualified?  A “just shut up and wear the mask” policy is to be expected in an authoritarian dictatorship, but not in the land of the FREE. *Let us always remember, that brave Americans fought and died for Liberty.

Notice that since Mr. Biden can not legitimately make a law to enforce a medical ( face mask ) intervention on the public,  he is attempting to convince The People that the CDC is somehow a legitimate law maker, mask authority, or mask enforcer. This is a FALSE notion.






( It’s notable that the CDC has been collaborating with China on medical policy for the last 30 years. There is substantial evidence that we are under house arrest as a result of a crime committed by the CDC in 2014. )

A face mask is characterized  as a medical device by the FDA.  Furthermore, “masks don’t work. It says so right on the box.”



Why do we need oxygen to survive?




For important medical reasons, masks are not safe for everyone to wear, especially because humans need to breathe plenty of oxygen for the body to be healthy and for the organs function properly. It is not possible to get enough oxygen when we wear a face mask, according to independent tests.  Video:

Did you know that the law definition of the term “suffocating,” means: “intentionally, knowingly, or recklessly impeding the normal breathing of a person by covering the mouth of the person, the nose of the person, or both, regardless of whether that conduct results in any visible injury or whether there is any intent to kill or protractedly injure the victim.” LINK

We are finding out about the lack of confirmed data regarding the Covid-19 virus provided by unelected bureaucrats and alphabet agencies like the CDC.  History will reveal the Covid-19 brand as

the greatest hoax ever perpetrated against an unsuspecting Public.”





The PCR test is a fraud upon which numerous unlawful policies are based.




Let’s keep in mind that it was politician-imposed lockdowns and mandates that have ruined lives and destroyed economies, not the virus. When pressed for accurate data to substantiate the lockdown measures, the CDC and public servants do not have any verifiable numbers.


There is zero science or legal basis for force masking the public. In addition to being a national security fail, by allowing concealed identity of criminals in public places and businesses, the scientific literature has established that face masks are ineffective in preventing the spread of virus, and are known to be harmful to healthy people who wear face masks, especially for long periods of time.




Politicians are NOT  licensed physicians which makes them 100% unqualified to provide a medical diagnosis or to recommend a medical  intervention of any kind. Practicing medicine without a license is the definition of medical malpractice.  Furthermore, even IF politicians did have a license to practice medicine, the informed consent of the individual patient is REQUIRED. If someone chooses to wear a mask because it makes them feel better, fine. Bullying, coercion, and the use of force to impose arbitrary orders on everyone reflects an authoritarian policy, not that of a FREE SOCIETY that America is meant to be.   -JD


Link To Article _The Gateway Pundit_“CDC Exposed: Inflated Covid Deaths by 1600% Throughout the election, “Violated Multiple Federal Laws” Peer Review study Finds…State, Local Governments Must Act”


COVID-19 Data Collection, Comorbidity & Federal Law: A Historical Retrospective







Tammy K. Herrema Clarke | PPE Environmental Health Safety Expert

Link To Video


PPE Environmental Health Safety Professional Expert Analysis: Masks cause oxygen deprivation, do not protect you from disease transmission









Posted on

Nanoparticles for nasal vaccination

Nanoparticles for nasal vaccination


February 27, 2009 | Authors: NoemiCsabaab1MarcosGarcia-Fuentesab1Maria JoseAlonsob |ScienceDirect | PubMed |

“Among other mucosal sites, nasal delivery is especially attractive for immunization, as the nasal epithelium is characterized by relatively high permeability, low enzymatic activity and by the presence of an important number of immunocompetent cells. In addition to these advantageous characteristics, the nasal route could offer simplified and more cost-effective protocols for vaccination with improved patient compliance.”   LINK







Hydrogel nanoparticles and nanocomposites for nasal drug/vaccine delivery

June 28, 2016 | Authors: Sara Salatin1,2 • Jaleh Barar1,3 • Mohammad Barzegar-Jalali3 • Khosro Adibkia3,4 • Mitra Alami Milani2,4 • Mitra Jelvehgari3,4 |Arch. Pharm. Res. (2016) 39:1181–1192 |

“Many experiments in animal models have shown that nanoscale carriers have the ability to enhance the nasal delivery of peptide/protein drugs and vaccines compared to the conventional drug solution formulations.”

Link To Full Document_ Salatin2016_Article_HydrogelNanoparticlesAndNanoco





Johns Hopkins researchers take inspiration from parasitic work for medicine delivery

“Inspired by a parasitic worm that digs its sharp teeth into its host’s intestines, Johns Hopkins researchers have designed tiny, star-shaped microdevices that can latch onto intestinal mucosa and release drugs into the body.”  LINK





Re: Vaccinated and implanted with nanoparticles Video







Devices and methods for transferring data through a human body

June 6, 2013

US20130142363A1 | Application filed by AT&T Intellectual Property I LP


“In addition or in the alternative to the use of bone conduction in these and other embodiments disclosed herein, the data or a portion thereof can be transferred along the skin of the body through skin conduction.”   Link

Link To Patent_US20130142363A1







Link To Patent_WO2020060606A1-2





Method and apparatus for receiving data in human body communication system


Link To Patent_US7463918B2







Device and a method for collecting and transferring samples of biological material

US9,170,177,B2  October 27, 2015


Link To Patent_US9170177








Posted on

Stop The Great Reset – Sign The Petition

Stop The Great Reset

by Ron Paul | Campaign for LibertyLink To Sign The Petition

“I am urging you to take action at once and sign the “Stop the Great Reset” petition to your U.S. Senators and Representative to say “NO!” to the so-called “Great Reset.”

For nearly a year now, authoritarian bureaucrats at all levels of government have used COVID-19 as an excuse to run roughshod over our most basic liberties.

>>Forced quarantines

>>Mask mandates

>>Businesses, schools, gyms, churches — SHUT DOWN!

Urge your Representative and Senators to say “NO!”to the so-called “Great Reset” at every opportunity.

Link To Sign The Petition

Campaign for Liberty




Posted on

3G/4G/5G National Security Failure

3G/4G/5G National Security Failure

February 26, 2020 | Scientists4WiredTech | Source

“. . . Proves That Big Wireless Is Selling A Defective Product/Service

IMP4GT Attacks (IMPersonation attacks in 4G neTworks) allows an attacker to impersonate a user towards the network and vice versa:

  • For the first time. our demonstrated exploit completely breaks the mutual authentication aim of 4G/LTE and 5G on the user plane in realworld settings
  • The results of our work demonstrate that Wireless carriers can no longer rely on mutual authentication for billing, access control, and legal prosecution.
  • The work emphasizes the need for user-plane integrity protection in mobile communication standards, which means the US Government — as a matter of National Security — should not allow the installation of the current 5G equipment, until this problem is fixed at the hardware layer.

Long-standing, Established 3G/4G/5G Equipment Security Flaw

Security researchers have discovered a novel 4G LTE / 5G attack vector.

Link To Video


Steve Gibson from Security Now | The paper, Impersonation Attacks in 4G/5G Networks, is here: web | pdf

Link to Forget TikTok. Feebly Secured Infrastructure Is Our Real Problem



A team of researchers who have been poking at modern cell phone security and integrity are presenting the worrisome results of their latest research today, the 25th of February, 2020 during NDSS, the Network Distributed System Security Symposium (which, I guess really should be NDSSS, but perhaps they thought that was one ‘S’ too many) in San Diego, California.

There’s a website for the work: ​​

And we have the pre-release of their presentation paper: ​

A full understanding for what they have, and have done, requires a thorough understanding of the inner workings of cell-system networking. And in this instance even the Abstract from their paper, which is normally useful, assumes too much background. But, their paper’s introduction does give us a good sense for the importance of this work

Long Term Evolution (LTE) is the latest widely deployed mobile communication standard and is used by hundreds of millions of people worldwide. The protocol offers high-speed Internet access and packet-based telephony services and has become an integral component of our daily communication.We fundamentally rely on the security of LTE for a variety of applications. The security goals of LTE include, amongst others, mutual authentication, traffic confidentiality, and location privacy; any attack vector undermining these security aims has far-reaching implications to the use of LTE as a communication medium.

In the context of mobile communication, mutual authentication is an important security aim since it ensures that both communication parties (i. e., the user equipment and the network) mutually verify their identities. As the wireless medium is accessible for everyone in the vicinity and identifiers can be easily forged, mutual authentication is essential for building trust between communication parties. Telecommunication providers rely on user authentication for accounting, authorization, and the association of data sessions to a legal person.

The latter case is of particular importance in prosecution, in which a possible offender is accused of committing a crime via a mobile Internet connection. Additionally, users rely on network authentication for the confidentiality of their communication. One important example for missing network authentication is the second mobile network generation GSM (Global Systemfor Mobile Communications): by faking the identity of a legitimate network, an attacker can impersonate the network in GSM and eavesdrop on the communication of the victim

In contrast to earlier network generations, LTE establishes mutual authentication on layer three of the network stack using a provably secure Authentication and Key Agreement (AKA) protocol. Based on this protocol, subsequent encryption ensures the confidentiality of user and control data. Permanent integrity protection, however, is only applied to the ​control​ data. A recent study has revealed that missing integrity protection of the ​user​ plane on layer two allows to manipulate user data in a deterministic way. More specifically, a layer-two attacker in a Man-in-the-Middle (MitM) position between the phone and the network can introduce undetectable bit flips due to malleable encryption and redirect traffic to another destination. While this attack demonstrates the potential consequences of traffic manipulation, it is solely limited to redirecting traffic to another destination.

In ​this​ work, we introduce a novel cross-layer attack concept that complements the known layer-two vulnerability (i. e., missing integrity protection on the user plane) with exploiting the default IP stack behavior of operating systems on layer three. More precisely, we make use of the reflection mechanism of certain IP packets, which allows us to not only redirect user-plane traffic, but also to create an encryption and decryption oracle that enables an adversary to perform a full impersonation of the phone or network on the user plane. We call this concept IMP4GT (IMPersonation in 4G neTworks, pronounced “impact”). IMP4GT completely breaks the mutual authentication property for the user plane on layer three, as an attacker can send and receive arbitrary IP packets despite any encryption.

This attack has far-reaching consequences for providers and users. Providers can no longer assume that an IP connection originates from the user. Billing mechanisms can be triggered by an adversary, causing the exhaustion of data limits, and any access control or the providers’ firewall can be bypassed. A possible impersonation also has consequences for legal prosecution, as an attacker can establish arbitrary IP connections associated with the victim’s identity.

That encryption/decryption oracle is the key to this. They establish a man-in-the-middle interception using a software defined radio (SDR). They are then able to probe the encryption by flipping bits, which results in a failure and retransmission. They actually inject ICMP Unreachable and ICMP Ping packets into the stream in order to get either endpoint to reply.

To give our listeners a better and more convincing sense of this, ihey explain the operation of their Encryption and Decryption Oracles as follows:

Encryption Oracle. The goal of an encryption oracle is to learn the keystream of a connection, which later allows [us] to encrypt and inject arbitrary packets. For encrypting a target plaintext, the oracle injects a known plaintext into the system. The system encrypts the packet by xor-ing the known-plaintext with a valid keystream for transmission, which is returned to the oracle. Now, the oracle can extract the valid keystream by xor-ing the known-plaintext on the encrypted packet. Any arbitrary payload can now be encrypted by xor-ing the target plaintext and the keystream.

Decryption Oracle. The goal of a decryption oracle isto decrypt and access the payload of an encrypted packet. T
achieve the decryption of a packet, the oracle manipulates the to-be-decrypted ciphertext and sends it to the system. The system decrypts the packet and subsequently sends it back to the oracle. In this way, we can receive the plaintext of encrypted packets

They go into far greater detail in their paper. But they have conclusively demonstrated a fundamental weakness in both 4G LTE and the forthcoming 5G, since neither of these systems provides the needed message integrity protection at the user layer. It must have been assumed — by non-cryptographers — that the encryption running at the user layer would sufficiently protect the user’s communications. But we know that XOR-based stream ciphers, while highly attractive due to their economy and ease of implementation, are also highly susceptible to interception attacks that can trivially reveal the keystream if the plaintext can be known.

They clearly state that the only way for this to be fixed is for all of our existing cell-system infrastructure hardware to be upgraded at the smartphone and cell tower level.They are hoping that there might still be time to head-off 5G, which repeats these mistakes, but they acknowledge that’s unlikely.

Services such as iMessage and Signal, which provide their own application-level encryption are secure against this. HTTPS is less certain, since we rely upon some aspects of the integrity of the underlying network, such as DNS and that we are actually connecting to the machine we think we are, that this work has demonstrated the power to subvert.

And, in any event, due to the need for physical man- in-the-middle proximity, this would only be applicable to targeted attacks. But it does, and it should, further shake the complacency we have with the security of our smartphones.”


Link To Read Full Article @ Source_S4WT