diff --git a/content/posts/infosec/the-cia-didnt-break-signal-or-whatsapp.md b/content/posts/infosec/the-cia-didnt-break-signal-or-whatsapp.md new file mode 100644 index 0000000..c558230 --- /dev/null +++ b/content/posts/infosec/the-cia-didnt-break-signal-or-whatsapp.md @@ -0,0 +1,32 @@ +--- +title: "The CIA didn't break Signal App" +date: 2017-03-08T10:06:00+06:00 +draft: false +tags: ["encryption","infosec","signal app","data privacy","cia","instant messenger"] +author: "Olivier Falcoz" +hidemeta: false +ShowReadingTime: true +ShowPostNavLinks: true +showtoc: false +cover: + image: "" + alt: "" + caption: "" + relative: false # To use relative path for cover image, used in hugo Page-bundles + +--- +**The CIA didn't break Signal or WhatsApp... despite what you've heard.** + +The agency might be able to break into your phone, but files released today show no ability to intercept encrypted chats before they arrive there. + +> There's been one particularly misleading claim repeated throughout coverage of CIA documents released by WikiLeaks today: that the agency’s in-house hackers “bypassed” the encryption used by popular secure-chat software like Signal and WhatsApp. +> +> It doesn’t. Instead, it has the ability, in some cases, to take control of entire phones; accessing encrypted chats is simply one of many security implications of this. +> +> It’s also true that the CIA can bypass PGP email encryption on your computer. And the CIA can bypass your VPN. And the CIA can see everything you’re doing in Tor Browser. All of these things can be inferred by the documents, but that doesn’t mean using PGP, VPNs, or Tor Browser isn’t safe. +> +> Basically, if the CIA can hack a device and gain full control of it — whether it’s a smartphone, a laptop, or a TV with a microphone — it can spy on everything that happens on that device. +> +> It of course remains possible (as it always has and always will) that the CIA has cracked the encryption of Signal, WhatsApp, or any other piece of software. But WikiLeaks hasn’t provided any evidence of that here today. +> +> -- Sam Biddle & Micah Lee in [The Intercept](https://theintercept.com/2017/03/07/the-cia-didnt-break-signal-or-whatsapp-despite-what-youve-heard/) \ No newline at end of file diff --git a/content/posts/infosec/the-great-firewall-of-china.md b/content/posts/infosec/the-great-firewall-of-china.md new file mode 100644 index 0000000..c95b116 --- /dev/null +++ b/content/posts/infosec/the-great-firewall-of-china.md @@ -0,0 +1,47 @@ +--- +title: "The Great Firewall Of China" +date: 2008-03-29T09:45:38+08:00 +draft: false +tags: ["china","surveillance","censorship"] +author: "Olivier Falcoz" +hidemeta: false +ShowReadingTime: true +ShowPostNavLinks: true +showtoc: false +cover: + image: "/images/" + alt: "" + caption: "" +--- +Surfing the web in China can be a real pain, even if you are not particularly looking for sites with *questionable content* or *forbidden keywords*, as described by China's internet regulator. This is because of the heavy monitoring and censorship. + +As [The Atlantic reports](https://web.archive.org/web/20231117135814/https://www.theatlantic.com/magazine/archive/2008/03/the-connection-has-been-reset/306650/), this is how the Great Firewall of China works. + +> The government bodies in charge of censoring the Internet have told [tech organizations in China] to get ready to unblock access from a list of specific Internet Protocol (IP) addresses—certain Internet cafés, access jacks in hotel rooms and conference centers where foreigners are expected to work or stay during the Olympic Games. +> +> China has indeed erected a firewall—a barrier to keep its Internet users from dealing easily with the outside world—but that is only one part of a larger, complex structure of monitoring and censorship. +> +> If you’re trying to reach one on that blacklist, the Chinese international-gateway servers will interrupt the transmission by sending an Internet “Reset” command both to your computer and to the one you’re trying to reach. +> +> Instead of the site you want, you usually see an onscreen message beginning “The connection has been reset”; sometimes instead you get “Site not found.” Annoyingly, blogs hosted by the popular system Blogspot are on this IP blacklist. For a typical Google-type search, many of the links shown on the results page are from Wikipedia or one of these main blog sites. You will see these links when you search from inside China, but if you click on them, you won’t get what you want. +> +> The final step involves the newest and most sophisticated part of the GFW: scanning the actual contents of each page—which stories The New York Times is featuring, what a China-related blog carries in its latest update—to judge its page-by-page acceptability. This again is done with mirrors. When you reach a favorite blog or news site and ask to see particular items, the requested pages come to you—and to the surveillance system at the same time. + +But, there **are** a few workarounds: + +> As a practical matter, anyone in China who wants to get around the firewall can choose between two well-known and dependable alternatives: the proxy server and the VPN. A proxy server is a way of connecting your computer inside China with another one somewhere else—or usually to a series of foreign computers, automatically passing signals along to conceal where they really came from. +> +> A VPN, or virtual private network, is a faster, fancier, and more elegant way to achieve the same result. Essentially a VPN creates your own private, encrypted channel that runs alongside the normal Internet. + +But is this secure ? + +> As a technical matter, China could crack down on the proxies and VPNs whenever it pleased. Today the policy is: if a message comes through that the surveillance system cannot read because it’s encrypted, let’s wave it on through! + +There's hope though. + +> China could simply not afford to crack down that way. Every bank, every foreign manufacturing company, every retailer, every software vendor needs VPNs to exist. + +Hummm… I just wonder how many foreign companies operating in China are *actually* using proxies and VPNs. My guess is that very few do. + +## Quick tip +A quick and easy way to get around the Great Firewall of China is to switch to Mozilla Firefox 2 instead of using your old and crappy MS Internet Explorer, and then add the [Gladder extension](https://addons.mozilla.org/en-US/firefox/addon/2864). The website navigation is not encrypted, but it will let you browser your favorite websites. diff --git a/content/posts/infosec/the-secrets-of-surveillance-capitalism.md b/content/posts/infosec/the-secrets-of-surveillance-capitalism.md new file mode 100644 index 0000000..bf44216 --- /dev/null +++ b/content/posts/infosec/the-secrets-of-surveillance-capitalism.md @@ -0,0 +1,41 @@ +--- +title: "The secrets of surveillance capitalism" +date: 2017-02-09T08:43:00+06:00 +draft: false +tags: ["surveillance","google","data privacy"] +author: "Olivier Falcoz" +hidemeta: false +ShowReadingTime: true +ShowPostNavLinks: true +showtoc: false +cover: + image: "/images/the-assault-we-face-is-driven.jpg" + alt: "" + caption: "The assault we face is driven by the exceptional appetites of a wholly new genus of capitalism: surveillance capitalism." + relative: false # To use relative path for cover image, used in hugo Page-bundles + +--- + +**Google as a fortune teller** + +Governmental control is nothing compared to what Google is up to. The company is creating a wholly new genus of capitalism, a systemic coherent new logic of accumulation we should call surveillance capitalism. Is there nothing we can do? + +[Google surpassed Apple](http://www.cnbc.com/2016/02/01/google-passes-apple-as-most-valuable-company.html) as the world’s most highly valued company in January for the first time since 2010. (Back then each company was worth less than 200 billion. Now each is valued at well over 500 billion.) + +While Google’s new lead lasted only a few days, the company’s success has implications for everyone who lives within the reach of the Internet. Why? Because Google is ground zero for a wholly new subspecies of capitalism in which profits derive from the unilateral surveillance and modification of human behavior. + +This is a new surveillance capitalism that is unimaginable outside the inscrutable high velocity circuits of Google’s digital universe, whose signature feature is the Internet and its successors. While the world is riveted by the showdown between Apple and the FBI, the real truth is that the surveillance capabilities being developed by surveillance capitalists are the envy of every state security agency. What are the secrets of this new capitalism, how do they produce such staggering wealth, and how can we protect ourselves from its invasive power? + +> “Most Americans realize that there are two groups of people who are monitored regularly as they move about the country. The first group is monitored involuntarily by a court order requiring that a tracking device be attached to their ankle. The second group includes everyone else…” + +Some will think that this statement is certainly true. Others will worry that it could become true. Perhaps some think it’s ridiculous. It’s not a quote from a dystopian novel, a Silicon Valley executive, or even an NSA official. These are [the words](http://www.insurancejournal.com/news/national/2013/10/02/307073.htm) of an auto insurance industry consultant intended as a defense of “automotive telematics” and the astonishingly intrusive surveillance capabilities of the allegedly benign systems that are already in use or under development. + +It’s an industry that has been notoriously exploitative toward customers and has had obvious cause to be anxious about the implications of self-driving cars for its business model. Now, data about where we are, where we’re going, how we’re feeling, what we’re saying, the details of our driving, and the conditions of our vehicle are turning into beacons of revenue that illuminate a new commercial prospect. According to the industry literature, these data can be used for dynamic real-time driver behavior modification triggering punishments (real-time rate hikes, financial penalties, curfews, engine lock-downs) or rewards (rate discounts, coupons, gold stars to redeem for future benefits). + +Bloomberg Business Week [notes](http://www.bloomberg.com/news/articles/2015-05-28/allstate-seeks-to-follow-google-as-ceo-mulls-selling-driver-data) that these automotive systems will give insurers a chance to boost revenue by selling customer driving data in the same way that Google profits by collecting information on those who use its search engine. The CEO of Allstate Insurance wants to be like Google. He says, + +> “There are lots of people who are monetizing data today. You get on Google, and it seems like it’s free. It’s not free. You’re giving them information; they sell your information. Could we, should we, sell this information we get from people driving around to various people and capture some additional profit source…? It’s a long-term game.” +> +-- Shoshana Zuboff in [Frankfurter Allgemeine](https://www.faz.net/aktuell/feuilleton/debatten/the-digital-debate/shoshana-zuboff-secrets-of-surveillance-capitalism-14103616.html) 05 March 2016 + +[Full article](/Shoshana-Zuboff-Secrets-of-Surveillance-Capitalism.pdf) (.pdf) \ No newline at end of file diff --git a/content/posts/infosec/threema-analysis-of-a-secure-messenger.md b/content/posts/infosec/threema-analysis-of-a-secure-messenger.md new file mode 100644 index 0000000..be531e5 --- /dev/null +++ b/content/posts/infosec/threema-analysis-of-a-secure-messenger.md @@ -0,0 +1,42 @@ +--- +title: "Threema: analysis of a secure messenger" +date: 2023-01-09T14:41:00+01:00 +draft: false +tags: ["encryption","data privacy","instant messenger"] +author: "Olivier Falcoz" +hidemeta: false +ShowReadingTime: true +ShowPostNavLinks: true +showtoc: false +cover: + image: "/images/" + alt: "" + caption: "" +--- + +[EDIT: 09.01.2023]: Threema [has reacted](https://threema.ch/en/blog/posts/news-alleged-weaknesses-statement) to the publication in bold terms: + +> The [research] paper is based on an old protocol that is no longer in use. The presented findings do not apply to Threema’s current communication protocol “Ibex” or have already been addressed. None of them ever had any considerable real-world impact. + +See how the story develops. + +--- +Threema is a Swiss encrypted messaging application which has been widely advertised as a secure alternative to Signal, WhatsApp or Wire. Their website claims the app is used by more than 10 million users and 7,000 corporate customers. Prominent users of Threema include the Swiss Government, the Swiss Army and the current Chancellor of Germany, Olaf Scholz. + +A group of academic researchers from the [Applied Cryptography](https://appliedcrypto.ethz.ch/) Group at ETH Zurich (Swiss Federal Institute of Technology) presents [seven attacks against the cryptographic protocols](https://breakingthe3ma.app/) used by Threema in three distinct threat models. + +Seems the researchers were quite happy with the outcome as they claim that *all the attacks are accompanied by proof-of-concept implementations that demonstrate their feasibility in practice*. + +*"Don't roll your own crypto"* is already a classic - ok, except for the Telegram App maybe. This mantra should also be extended to "*don't roll your own cryptographic protocol*" they write. + +## Key Takeaway +> There are some principles well-known in the research community which have not fully made their way into the community of developers using cryptography. +> +> 1. **Using modern, secure libraries for cryptographic primitives does not, on its own, lead to a secure protocol design**: libraries such as NaCl or libsignal can be misused while building more complex protocols and developers must be wary not to be lulled into a false sense of security. While the mantra "don't roll your own crypto" is now widely known, it should be extended to "don't roll your own cryptographic protocol" (assuming one already exists that meets the developer's requirements). In the case of Threema, the bespoke **C2S protocol could be replaced by TLS**. +> +> +> 2. **Beware of cross-protocol interactions**: even if a protocol on its own is considered secure, there is no a priori guarantee that it will be secure when composed with other protocols. Cross-protocol interactions can undermine the original security guarantees, as we have shown with the vouch box forgery and Kompromat attacks. Such bad interactions can be prevented by **following the key separation principle** which states that a system should use **different keys for different purposes**. +> +> 3. **Proactive, not reactive security**: our inability to find an attack on a protocol does not imply it is secure. New attacks could be found at any moment and known attacks only get stronger over time if left unaddressed. Often, secure systems and protocols follow a design-release-break-patch process (a reactive approach). This is inconvenient for users and often requires the maintenance of backwards compatibility. Developers should instead adopt a proactive approach, where **the system or protocol is formally analyzed during the design stage**. + +Report: [Three Lessons from Threema](https://breakingthe3ma.app/) (.pdf) by Prof. Kenneth G. Paterson, Matteo Scarlata, Kien Tuong Truong diff --git a/content/posts/infosec/why-i-wont-recommend-signal-anymore.md b/content/posts/infosec/why-i-wont-recommend-signal-anymore.md new file mode 100644 index 0000000..4fc381d --- /dev/null +++ b/content/posts/infosec/why-i-wont-recommend-signal-anymore.md @@ -0,0 +1,41 @@ +--- +title: "Why I won’t recommend Signal anymore (damn'it)" +date: 2016-11-06T20:59:00+06:00 +draft: false +tags: ["signal app","encryption","surveillance","data privacy","xmpp","instant messenger"] +author: "Olivier Falcoz" +hidemeta: false +ShowReadingTime: true +ShowPostNavLinks: true +showtoc: false +cover: + image: "/images/" + alt: "" + caption: "" +--- +I don't like WhatsApp - I don't mean the app by itself, it's a great app - but its owner, Facebook. And I don't like Facebook owner, Mark. Mark Zuckerberg bought WhatsApp for a [whooping USD 19 Billion](https://www.forbes.com/sites/parmyolson/2014/10/06/facebook-closes-19-billion-whatsapp-deal/) in 2014. Why would you do that? + +When you invest such a *mahoosive* amount of money in an instant messenger, you probably expect a *mahoosive* return on investment, right? Unless it’s about philanthropy. Not sure Mark is that sort of guy. So be prepared to switch to another instant messenger. + +* Telegram? Looks promising, need to dig in a little regarding their cryptography and the team behind the project. +* Signal? Looks very promising, cool find ! + +Wait. + +Sander Venema seems to disagree though: + +### [Why I won’t recommend Signal anymore](https://sandervenema.ch/2016/11/why-i-wont-recommend-signal-anymore/) -- Sander Venema + +> To be clear: **the reason for this is not security**. To the best of my knowledge, the Signal protocol is cryptographically sound, and your communications should still be secure. The reason has much more to do with the way the project is run, the focus and certain dependencies of the official (Android) Signal app, as well as the future of the Internet, and what future we would like to build and live in. [...] +> +> ### Multiple problems with Signal +> +> * Lack of federation[^1] +> * Dependency on Google Cloud Messaging[^2] +> * Your contact list is not private[^3] +> * The RedPhone server is not open-source[^4] + +[^1]: Moxie [made it clear](https://github.com/LibreSignal/LibreSignal/issues/37#issuecomment-217211165) that he does not want LibreSignal, a modified version of Signal that removed the Google dependency, to use the Signal servers +[^2]: Google usually has root access to the phone, there’s the issue of integrity. Google is still cooperating with the NSA and other intelligence agencies. PRISM is also still a thing. +[^3]: Signal associates phone numbers with names, hashes them before sending them to the server, but since the space of possible hashes is so small for phone numbers, this does not provide a lot of security. +[^4]: The server component of RedPhone is not open source. What prevents the RedPhone server code from being released (whether it is legal issues or simple unwillingness) is unclear. \ No newline at end of file