The encryption is not broken, it's bypassed. The data go to an unintended third party, even when the encryption is legit, rendering the encryption useless.
So the word "bypass" is correct.
They have similar end result for the phone in question, but headlines like this can lead to people being less secure on the whole.
| WikiLeaks: CIA managed to bypass encryption on popular messaging services on Android phone (nytimes.com)
Of course this source is part of the same media that continually calls the election "hacked" despite there being no known technical irregularities with voting machines or vote recording or the actual election itself [^1] (that I'm aware of, at least). (Yes, computer systems were compromised, and data was exfiltrated from the DNC/related parties and released by foreign state actors. Unfortunately that is not "hacking an election." It's just plain and traditional information ops.)
So it's pretty par.
Mainstream news sources seem to continually get worse at reporting tech related stories, and I think there must be an even greater level of confusion when it comes to typical non-techinical individual citizens.
[^1]: Whether anybody is actually interested in actual elections running in auditable, effective, and functional way is apparently another question entirely, and the answer from most seems to be "nope."
Furthermore, from the point of view of the end-user, the important point is that WhatsApp and Signal are not necessarily secure to use. The exact nature of the security hole is not as important for the vast majority of users.
The current title [0] is wrong, but NYTimes is relatively clear:
> Among other disclosures that, if confirmed, would rock the technology world, the WikiLeaks release said that the C.I.A. and allied intelligence services had managed to bypass encryption on popular phone and messaging services such as Signal, WhatsApp and Telegram. According to the statement from WikiLeaks, government hackers can penetrate Android phones and collect “audio and message traffic before encryption is applied.”
It depends on how you define "bypass". In my opinion, accessing data before encryption is a form of bypassing... but it doesn't necessarily mean they can decrypt an already encrypted signal.
[0] "WikiLeaks: CIA managed to bypass encryption on popular services Signal, WhatsApp " as of this writing
edit: A new tweet referencing the article: "WikiLeaks release said CIA managed to bypass encryption in mobile apps by compromising the entire phone"
I think a lot of people in this thread are hating on NYTimes today for this headline because of the inaccurate WhatsApp encryption news stories of recent.
I could see myself being bothered if they had written that the encryption was "broken" or "cracked" as if you destroyed the boulder in your path. Bypass seems fine. Hacker News doesn't normally use bypass as a synonym for break, but for some reason today it i to the commentators
Exactly, and some people including me thought about this possibility years ago. The most secure system in the universe can still be hacked very easily by a malicious closed driver because device drivers have the highest access level to the underlying hardware. Every information being produced: (virtual) keyboard writings, data, contacts, sensors data, GPS, audio, files, etc. I mean everything can be accessed a lot before it reaches the encryption code and be relayed to a 3rd party without the user even noticing.
This plague won't go away, not until enough people with enough influence will require hardware manufacturers to document their hardware in order to create OSS and trustworthy device drivers.
The reality is that no matter how good the software engineers are; no matter how sound the algorithms; no matter how well funded the startup or open source project; it's completely outnumbered and completely out gunned. Nation states operate at a different scale and easily deployable encryption systems for novice users are white horse led brightly dressed musketeers drum marching to their general's firing line in the midst of a modern free fire zone.
To me, any secure communications systems that provides the convenience of app store downloads and over the air updates should be considered compromised. On the other hand, if someone thinks that a three letter agency might be interested in their communications and that person does not work for another three letter agency, they should probably assume that their signals are compromised if they are detected.
Step the fuck up Google. Android security is an embarrassment.
For regular people, the effort of encrypting things is simply not worth it because they're powerless against a really determined attacker. It's rational to protect against casual attacks from spammers and scammers, but protecting oneself against state-level attackers is futile unless you make a full-time job out of it.
Someone usually pipes up at this point saying 'we need to limit the powers of the state', like some sternly-worded law is going to undo the existence of the technology or take away the vast economic and political incentives to deploy it. Get real folks, technology doesn't get un-invented, and powerful organizations are just like powerful organisms; they're opportunist, they maximize their own chances of survival, and when they do collapse the resulting power vacuum is filled as rapidly as any other vacuum would be. One can certainly seek to govern the behavior of a state or state organ, but attempting to limit its technical ability is naive, for the same reason that you'd be naive to try to fix police brutality by legislating about the design parameters of police batons.
Nice passive voice there, NYT.
This a perfectly useless bit of information in that it says nothing about how this penetration could occur. Pretty much anything can be cracked with a trojan. Something like a currently valid remove exploit would be a much bigger deal.
I could say that all the secure apps are broken because I can stand behind you and look over your shoulder while listening to anything you might say.
> As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks. The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.
https://wikileaks.org/ciav7p1/
Given the fact that car makers don't even have "PC age" security in their cars, things are looking pretty bad for self-driving cars in general.
Former U.S. National Coordinator for Security, Infrastructure Protection, and Counter-terrorism Richard A. Clarke said that what is known about the crash is "consistent with a car cyber attack". He was quoted as saying "There is reason to believe that intelligence agencies for major powers — including the United States — know how to remotely seize control of a car. So if there were a cyber attack on [Hastings'] car — and I'm not saying there was, I think whoever did it would probably get away with it."[68]
Cenk Uygur, friend of Hastings' and host of The Young Turks, told KTLA that many of Michael's friends were concerned that he was "in a very agitated state", saying he was "incredibly tense" and worried that his material was being surveilled by the government. Friends believed that Michael's line of work led to a "paranoid state".[80] USA Today reported that in the days before his death, Hastings believed his car was being "tampered with" and that he was scared and wanted to leave town.[81]
[1] https://en.wikipedia.org/wiki/Michael_Hastings_(journalist)
Not really. The possibility of taking over unmodified cars remotely was not very widely known at the time. An organization that knew about that and had the technology to actually do so would not want to use it except on high value targets that they could not reach by more conventional means, because they would want to keep this capability under the radar of potential targets for as long as possible.
Due to the nature of his work Hastings would have been easy to take out by conventional means. He was an investigative reporter. It would be easy to feed him a lead on some story, like some important political person having a connection to a drug gang, and set up a meeting in a sketchy part of town with someone who says they want to give him confidential information about that. There would be nothing suspicious about that, and it would be easy to arrange for this fake meeting to go bad and end up with Hastings dead.
This would look like a sad but not totally unexpected way for a bold, risk taking, investigative reporter to die, and there would be not even a hint of a connection to any government agency.
If his car did not have remote vulnerabilities, and so any takeover involved modifying the car, then killing him by car takeover is even more absurd. It runs the risk of the modifications being discovered between the time they are installed and the time they are used (what if he takes his car in for service and the mechanic finds them?), and if used in a place where the agency doing the assassination does not have control of the scene afterwards risks the mods being discovered in the wreckage.
Also in the police report, I believe his brother said he had been using DMT and he tested positive for what was likely Adderall. He was in a unique state to truly be paranoid and throwing psychedelics in the mix could cause one to try to cope in ways that challenge reality.
Of course, this also would be the perfect time to stage a murder and it's not improbable that someone did discuss killing him. Also DMT only last 5-10 minutes, he certainly wasn't driving while doing it and if anything, it can give you a sense of peace and acceptance to the craziness of life.
I never thought they seemed implausible.
Potential assassination?
According to the statement from WikiLeaks, government
hackers can penetrate Android phones and collect
“audio and message traffic before encryption is applied.”
The interception happens prior to the encryption being applied. Think of it as a dongle on the wire between your keyboard and the computer. It doens't matter if the computer is secure - the message is intercepted prior to any encryption.
This is, what I am assuming, has happened here.
Edit: lots of stuff deleted for very valid criticism, as below.
ChromeOS and Android both implement FDE. There are some legitimate criticisms of (especially) the latter, voiced by e.g. Matthew Green, but you're just speaking nonsense here.
There's very little value in per-app encryption on desktop OSes; it's security theater.
I shudder to think of what your "secure communications" app does. I hope you're a good lawyer. ;)
How does not encrypting local storage relate to this story? You're just pulling that one out of thin air to somehow prove your point. Besides the fact that there is no correlation between encrypting local storage and intercepting keystrokes or more broadly owning the kernel, it's also false. Though there are concerns with how disk encryption is implemented in Android and there are ways around it, it's come with FDE since version 5.0.
Encrypting local storage wouldn't have saved you one bit from this kind of thing where they just intercept the keystrokes. And your app wouldn't be safe from it either.
Of course, this is a bit of a balancing act, because many disabled people legitimately benefit from the accessibility services, but they are like a huge vacuum from which displayed and entered textual data from your application can be sucked out.
This is also why every single reputable source on security is condemning the NYT for running such an irresponsible headline, since it was not about flaws in the secure messaging apps or their encryption in any way.
And in my opinion, if you require security that the CIA can't bypass, you won't find it in any mainstream consumer hardware or software.
I'd suggest taking the same approach with your "secure, end-to-end encrypted communications" app you keep mentioning here[0]
A one-way sha256 hash of a message using a password that has to be 8 characters long[1] and can't accept special characters[2] is not a secure communications app
It is trivial to find the plaintext in these situations.
Your Chrome extension has a very elementary RCI bug in it[3], which because of your extensions broad permissions[4] profile means anyone with your extension installed can have any code executed by visiting any page.
To release (excuse me) crap like this on one hand while FUD'ing Google's security practices on HN on the other requires a level of hubris that I don't think i've ever previously encountered.
[1] http://i.imgur.com/CsgOkZ2.png
[2] http://i.imgur.com/uZg0E4l.png
Would you consider heavily caveating statements you make about information security? A lot of what you say here is basically wrong.
A national security lawyer could provide interesting insight into how the CIA is allowed to use these tools vs NSA.
That is appreciated, and you are in the minority.
I'm taking this advice, btw, and being more circumspect when I post in the future.
To what are you referring to here, precisely?
Since AOSP is open source, is there a specific line of code that you can point to that contains (or is emblematic of) this insecurity?
Your article doesn't seem to say.
as a "(slightly-higher than script-kiddy-level) web developer" I'm going to guess that he doesn't actually know very much about AOSP, the Linux kernel, or indeed GNU/Linux security in general. So his emphatic statement "Compare the security of Android - which we now know to be 'owned' by the US Government" is pretty much worthless as he's very clearly speculating about things that he doesn't understand.
You want to distinguish between:
- remote takeover (like stagefright vuln)
- ability to take control of the device from within an app sandbox
- ability to unlock a device in your physical possession (FBI was able to do this on prev V of ios)
The background video on gibber is awful, makes it very hard to read the page. I've just opened it in another browser with all the JS on and again your page totally doesn't work with the google ajax switched on. Worth fixing.
So your comparing the current security of the iPhone with old CIA Android and Chrome exploits from circa 2011-2013?
But this is just as secure as full disk encryption of the device right?
Just hacking the device while it is being used is what every iOS jailbreak does. And there seem to be quite a number of them.
Not sure why you mention "secure local storage"; none of that local storage is secure if the device is compromised! That can then be bypassed in the same way that you bypass WhatsApp or manipulate any other app on the device.
If you are running something based off of AOSP, you're running code that was touched by Google employees. Is your fear that Google is installing backdoors to help the CIA? If so, why are you afraid of that?
https://wikileaks.org/ciav7p1/cms/page_11629096.html
As you can see they pretty much all reference very old versions of Android (v4) and Chrome.
Tox on the other hand seems much more secure... though I guess if you're phone is compromised you're pretty much screwed to start with (which is not too hard with all the bloatware one needs these days).
Long story short: if someone obtains your Tox private key, they are able to impersonate you in the conversations with other people without you realizing it.
Tox developers admitted this was an issue. Fixing this means changing the protocol itself (which will affect everyone).
Tox is still experimental (which they admit here: https://github.com/TokTok/c-toxcore/issues/426) and it is not advisable to use it.
disclosure: working on an open source alternative for messaging
