As President Trump wails about continuing leaks from his embattled government, White House press secretary Sean Spicer is warning staff about the use of encrypted communications apps. He has at least one valid point: it’s possible that any officials using those apps for government business could break the law requiring administration comms be preserved for future records.
As noted by Senators Ted Lieu and Don Beyer earlier this month, however, those apps could be crucial for whistleblowers to provide information to the press about matters of real public interest.
But what are those apps and how secure are they really? Lieu and Beyer recommended three. First, the de facto king of the crypto comms market, Signal. The free app is widely considered the best amongst cryptography experts. Lieu and Beyer also recommended WhatsApp, which uses Signal code to guarantee the security and authenticity of messages, as well as Telegram.
Signal defeating hackers
There’s good reason for leakers to trust Signal, outside of its creator being the much-respected cryptography developer and former Twitter security lead Moxie Marlinspike: despite numerous attempts to break its security, the integrity of message privacy has remained entirely intact.
But, just as with any software, that’s not to say Signal is invulnerable to attack. Researchers have uncovered problems before and next month more issues are set to be disclosed. Markus Vervier from X41 D-Sec GmbH and Jean-Philippe Aumasson of Kudelski Security exposed weaknesses in Signal last year, one allowing an attacker to append data to encrypted attachments and crash the app. The flaws were swiftly fixed by Open Whisper Systems, the developers of Signal, and were far from catastrophic, even before the patches.
But Vervier and Aumasson told FORBES they may have found some fresh issues in the actual cryptography of Signal, which they plan to reveal in the middle of next month at Amsterdam’s Hack In The Box conference. Vervier couldn’t reveal the full details: “We are currently triaging [the] possible flaws in cryptographic components.”
From his months-long probing of the app, Vervier believes one of the main problems with Signal and other private messengers lie in a lack of sandboxing within the apps, the kind that can help prevent exploits against third-party components used by Signal, whilst separating “dangerous features” (e.g. media files and GIFs) from the core messaging features, said Vervier. Indeed, the way they crashed Signal last year was through invalid media files, though they had to set up a spoofed Signal server to do that in the first place.
“All bugs in media parsers employed by these messengers are directly threatening the security of your private messages,” he said. “Therefore an attacker ‘just’ needs to exploit a media file parser that is running inside the context of Signal on Android or iOS [the Google and Apple operating systems] in order to access private messages. There are public examples of media parsing bugs for both iOS and Android nearly every month.”
But here’s the crucial point from Vervier: “We do not have any unreleased exploits at the moment that are [remote code execution] and reveal private messages.” To put it simply: as far as the public is aware, Signal remains unbroken.
WhatsApp and Telegram risks
What of WhatsApp then? Whilst message content should have a similar level of security as Signal due to the sharing of Open Whisper Systems’ protocol, there’s a different kind of risk for users of the Facebook-owned app: the Department of Justice could subpoena WhatsApp and track who a user is contacting, when and how.
As recently reported in FORBES, the government has repeatedly used what are known as pen trap devices to look at suspects’ WhatsApp behavior, even if they couldn’t get the message content. If the Trump regime starts cracking down on leakers, as his tweets suggest it might, pen trap orders could de-anonymize leakers. Signal, meanwhile, is known to have received only one request for user data from government; it told the FBI it could only provide the time of account creation and the last time it connected to Signal servers. Whilst Signal doesn’t store data like contacts and call records, WhatsApp keeps such information for an undefined period of time and now even shares snippets of metadata with Facebook where users agree.
As for Telegram, it has some shortcomings that mean it’s more difficult to recommend than other comms apps. For starters, its version of end-to-end cryptography, which it calls client-client encryption, isn’t switched on by default, it has to be turned on with the secret chat feature. Hackers have also successfully exposed Telegram on more than one occasion. As recently as August 2016, researchers revealed a weakness in the app, when attackers in Iran managed to steal messages of certain accounts where they could intercept Telegram messages for setting up an account on a new phone. The hackers also managed to exploit an issue in Telegram to uncover 15 million Iranian phone numbers using the app. In 2015, a security expert known only as The Grugq criticized the app for its “wonky homebrew encryption.” Having said that, no one has yet publicly broken the cryptography.
Also keep in mind that particularly advanced adversaries can also exploit a part of the telecoms backbone to spy on WhatsApp and Telegram messages, as proven by researchers last year. Though the domain of government hackers, so-called SS7 exploits remain effective where service providers haven’t added firewalls to prevent the attacks from working.
The ultimate message to those who want to leak? Carry on using Signal. When it comes to digital communications, it remains your best bet.
Got a tip? Email at TFox-Brewster@forbes.com or firstname.lastname@example.org for PGP mail. Get me on Signal on +447837496820 or email@example.com on Jabber for encrypted chat.
Source: SANS ISC SecNewsFeed @ February 28, 2017 at 09:24AM