Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

CyanogenMod Integrates Text Message Encryption

Unknown Lamer posted about 8 months ago | from the only-criminals-text-with-aes dept.

Encryption 118

sfcrazy writes "People are now more concerned regarding their privacy after discovering about efforts made by governments to spy on their communications. The most practical solution to keep messages, emails and calls secure is to use a cryptographic encryption mechanism. However, just like the name of the method, the installation process is complex for most users. To solve this, CyanogenMod will come equipped with built in encryption system for text messages." Whisper System has integrated their TextSecure protocol into the SMS/MMS provider, so even third party sms apps benefit. Better yet, it's Free Software, licensed under the GPLv3+. Support will debut in Cyanogenmod 11, but you can grab a 10.2 nightly build to try it out now.

cancel ×

118 comments

Sorry! There are no comments related to the filter you selected.

MOD THE TROLL DOWN!!! (-1)

Anonymous Coward | about 8 months ago | (#45645801)

MOD THE TROLL DOWN!!!

Wonderful (-1)

Anonymous Coward | about 8 months ago | (#45645809)

A new channel for the paedophiles. Sigh.

Re:Wonderful (-1)

Anonymous Coward | about 8 months ago | (#45645973)

I was a victim of this. Mod parent up :(

Re:Wonderful (0)

Anonymous Coward | about 8 months ago | (#45648975)

Victims of paedophiles throughout history = x
Victims of governments drunk on power throughout history = y

I'm no historian, nor am I a mathematician...

Key exchange (5, Interesting)

Anonymous Coward | about 8 months ago | (#45645843)

The most important part of any crypto communication system is key exchange. Looks like this protocol uses automated SMS key exchange, and implementations should store keys similar to SSH. It's trivial to MITM, but it's a high risk attack because people can simply meet in person to compare keys.

Other problems (not MITM but end-to-end) (4, Interesting)

DrYak (748999) | about 8 months ago | (#45646589)

It's trivial to MITM, but it's a high risk attack because people can simply meet in person to compare keys.

Avoiding MITM has been successfully solved using the Socialist Milionaire [wikipedia.org] problem.
At most, 2 contacts need to call (voice) each other and compare a bunch of keywords. From that point onward, their communication can be trusted.

I see another problem:
The best (and nearest-to-perfect) secure solution requires end-to-end encryption. (the absolute first and last application on the chain to the encryption / decryption. Encryption is done on the first ever software getting the message, decryption is done on the last software drawin the message on the screen)

But CyanogenMod's implementation isn't end-to-end. They instead have integrated crypto in the SMS messaging service of the OS.
The intention is noble: You're not forced to use CyanogenMod's SMS App. You could use Skype or Facebook chat app (as long as the app supports handling SMS in addition to other communication)...
The main problem is easy to spot: ... These 3rd party app could actually be spying.

Re:Other problems (not MITM but end-to-end) (0)

Anonymous Coward | about 8 months ago | (#45647279)

In the Socialist Millionaire protocol, there's already a shared secret. What the protocol provides is a way for each party to determine that the other party has the same secret, without disclosing the secret to imposters. It's a type of zero knowledge proof, and there are many others.

Acquiring the shared secret is the problem, not verifying whether someone else also has the secret.

Re:Other problems (not MITM but end-to-end) (1)

gl4ss (559668) | about 8 months ago | (#45647509)

**Acquiring the shared secret is the problem, not verifying whether someone else also has the secret.**

but you don't need a shared secret, what you need is to verify that the public key is really from the other guys phone.. and not from a mitm bot.

Re:Other problems (not MITM but end-to-end) (2)

kenshin33 (1694322) | about 8 months ago | (#45647517)

except in this case the "secret" is public knowledge : public key finger print.

Re:Other problems (not MITM but end-to-end) (0)

wvmarle (1070040) | about 8 months ago | (#45648175)

But CyanogenMod's implementation isn't end-to-end. They instead have integrated crypto in the SMS messaging service of the OS.
The intention is noble: You're not forced to use CyanogenMod's SMS App. You could use Skype or Facebook chat app (as long as the app supports handling SMS in addition to other communication)...
The main problem is easy to spot: ... These 3rd party app could actually be spying.

Same for CyanogenMod itself. Who says this addition hasn't been implemented by an NSA employee, backdoor and all?

Use the Source, Luke! (3, Informative)

DrYak (748999) | about 8 months ago | (#45648349)

Same for CyanogenMod itself. Who says this addition hasn't been implemented by an NSA employee, backdoor and all?

Except that CyanogenMod itself is opensource.
You check the source yourself, and the source is seen by lots of other people. If there's a backdoor in there, someone is bound to see it.
Even if some NSA employee managed to use social engineering to sneak in an exploitable-bug while submitting a patch to improve otherwise the code, someone will end up noticing it. (e.g.: Both Debian and Android have had, at some point of time, a broken DSA generation which produced predictable key. Nonetheless, in both case the defect was noticed and corrected).

That's the whole point of RMS' rant about free and opensource being a necessity for security. If the source is open, you don't have to specifically trust the author of the source (who might either be a mole or clumsy and end up making bugs). You can instead trust the community (Debian, Android), or you could check it yourself (I'm able to do *some* light code reviewing for a few of my coding needs), or pay someone to do the checks for you (TrueCrypt is exactly getting this treatment, crowd funding style).

And even if you don't compile your binaries yourself and doubt about the binaries offer as downloads by the CyanogenMod team (perhaps the binary you download contain a backdoor that isn't in the source), several tools are here to help too:

- GPG-signing of binaries (so you know the binary you got was actually from CyanogenMod and not one of the relay of NSA which ended up serving you a booby-traped binary, exactly like their slashdot clone)
- Deterministic build (a way for several independant people to check that the binary you have are produced from the official source and not by some NSA mole inside CyanogenMod who is injecting a backdoor before publishing them. It's used by Tor, Bitcoin, etc. It's being implemented for TrueCrypt too)
- Differential build (each time there's a discussion about trusting the source, there's always someone coming up with this old paper of C's author about booby trapped self-replicating compiler. And completely forgot that the author himself proposed a way to detect such booby-trapped shit. Not that this was ever seen in the wild. But in theory it's evitable, with these technique).

Re:Use the Source, Luke! (0)

DrXym (126579) | about 8 months ago | (#45649085)

TrueCrypt is exactly getting this treatment, crowd funding style.

After how many years? Truecrypt has been out for a decade, meets the definition of open source, and despite its relatively modest size is only now receiving audit to see if the source can be trusted and that the binaries everyone has been using were actually built from it.

As such I wouldn't hold much faith that just because Cyanogenmod is open that suddenly it's more secure than a proprietary product. It might be and open source is good for a raft of reasons, but I suspect anyone who wanted to throw an exploit could still bury it in plain sight if they wished. Cyanogenmod has a penchant for integrating bells and whistles so it might not even be somewhere obvious either.

At least this TextSecure protocol appears to be competently written though it does require some manual verification to prevent man in the middle attacks.

No magic, requires efforts (1)

DrYak (748999) | about 8 months ago | (#45649513)

As such I wouldn't hold much faith that just because Cyanogenmod is open that suddenly it's more secure than a proprietary product. It might be and open source is good for a raft of reasons, but I suspect anyone who wanted to throw an exploit could still bury it in plain sight if they wished.

No, indeed. Being opensource doesn't make CyanogenMod automagically secure. GPL and BSD license, aren't magic pixie dust, per se.
BUT being opensource at least make it 100% possible to audit CyanogenMod (unlike say, iOS. Even if you wanted you couldn't audit that one, because its source code is a well guarded secret by Apple).

If you're not content with approach of "let's wait. if there's something evil inside, someone is bound to discover it eventually, some day", YOU CAN DO something about it.

1. Either have a look at the code (if you have the necessary skills yourself).

2. Or you could pay someone to do it. Truecrypt is a nice example that this is possible to do. In fact you could have a good chance of success for crowd funding project for code review of CyanogenMod. This mode is quite popular among people who are more sensitive to control/security/privacy issue. If they are ready to jump through hoops to be sure that their phone runs the OS of their choosing, an OS that they can control and that they could trust, I'm sure some would be ready to set a few bucks aside and pay for crowd-funded project to check and guarantee the source code of CyanogenMod. Specially these days when people are specially made aware of privacy/security problem by the whole Snowden debacle.
Given that CyanogenMod is a critical piece of software (its an OS which lots of people use to run on their phones, and its a derivative of Android, which is the dominant Phone OS. And lots of people want to trust their phone), starting such a crowd-funded audit DOES terribly make sense.

I'm not interested enough to help start the project it self (I don't use Android/CyanogenMod, and I don't trust my phone anyway).
But I would probably give money to such a project.

---

As a side note: LOL @ our handles being only a few letters appart ( DrYak vs. DrXym, in a HAL / IBM style of letter shift)

Re:No magic, requires efforts (1)

Archangel Michael (180766) | about 8 months ago | (#45651283)

There is still yet another reason to trust OpenSource code, risk of being exposed. If you're the NSA, and you're inserting illicit code into Open Source, then you're at a very high risk of being exposed as a mole. This risk, being a known mole is too high for a "real" spy. If I were a spy agency, I wouldn't risk any assets for such a short term gain. Once exposed, a mole will have no trustworthiness AND all associations would likely become suspect. Basically, you're risking the whole operation on the assumption nobody is looking for you and therefore you won't be discovered.

Further, if I was the NSA, I would be looking at the raw code, looking for backdoors inserted by other agencies (Russian, Chinese, Israeli, Canadians), and I would assume that these other countries would be doing the exact same thing.

Combined with the above, these two assumptions (risk of exposure, looking for compromises) is sufficient to take the approach that the code is not likely compromised on purpose. This is not to say, that there are no risks, just that they aren't likely to be intentional.

Re:Other problems (not MITM but end-to-end) (0)

Anonymous Coward | about 8 months ago | (#45651273)

we're using ghostphrase, which allows for end-to-end security (just put encryption and decryption on an off-line laptop). It's not for SMS, but I think you could probably send the messages with a smartphone.

Re:Key exchange (1)

chihowa (366380) | about 8 months ago | (#45647601)

Today, we are launching our version initially into the CM 10.2 nightly stream to test the server load and make sure things are working at scale. Once things are dialed in, we’ll also enable this for CM 11 builds moving forward.

Depending on how it's implemented, the whole system [github.com] may depend on a central server that facilitates the initial key exchange (prekeys). That, in itself, seems like a massive compromise vector. Why should users need to trust a third party server for key exchange? It'd be much better to use a system like ZRTP where the users are expected to compare fingerprints out of band.

There is a method of key exchange that doesn't use the server (KeyExchangeMessage), but it isn't clear whether the user gets to choose which method is used (or whether there is even a system to verify fingerprints). On the [ convenient --- secure ] scale, this system looks to be dialed way toward convenient. Transparent to the users, both for good and bad.

Re:Key exchange (1)

Fnord666 (889225) | about 8 months ago | (#45647671)

Depending on how it's implemented, the whole system may depend on a central server that facilitates the initial key exchange (prekeys).

From the WhisperSystem posting:

The Cyanogen team runs their own TextSecure server for WhisperPush clients, which federates with the Open WhisperSystems TextSecure server, so that both clients can exchange messages with each-other seamlessly.

Re:Key exchange (1)

Pi1grim (1956208) | about 8 months ago | (#45648133)

Wait, wait, wait. If they federate with some other service, why not federate it with XMPP networks? AFAIK TextSecure uses OTR or some variation of it. And if you make it talk to other xmpp servers out there it's not yet another messenger, it's a step towards future.

Re:Key exchange (0)

Anonymous Coward | about 8 months ago | (#45648299)

I'm no cryptographer, but what about PGP? I'm no expert but it seems perfect for this kind of thing. Both people just need to swap public keys first.

Re:Key exchange (1)

Joce640k (829181) | about 8 months ago | (#45648473)

Both people just need to swap public keys first.

There's the problem, right there...

I personally find this very important... (-1, Offtopic)

espiesp (1251084) | about 8 months ago | (#45645859)

Because I definitely would not want the .gov peeking in on me and finding out what I'm having for dinner or knowing that I love my family. OH THE HUGEMANATEE!

Re:I personally find this very important... (1)

Anonymous Coward | about 8 months ago | (#45645867)

So you won't mind me installing cameras in your house and tapping all your phones then?

Re:I personally find this very important... (-1)

Anonymous Coward | about 8 months ago | (#45646921)

Are you actually just a complete mental defective that doesn't see a difference between the information gained from SMS and from installing cameras in somebody's house? Are you *really* ignorant of that gross extrapolation to argumentum ad absurdum or are you just acting retarded?

Then of course there's the halfwit that modded this stupidity up.

Re:I personally find this very important... (0)

Anonymous Coward | about 8 months ago | (#45646939)

How is there any difference? Privacy is privacy. You're the only mental defective that I see around here.

Re:I personally find this very important... (0)

Anonymous Coward | about 8 months ago | (#45647765)

Are you actually just a complete mental defective that doesn't see a difference between the information gained from SMS and from installing cameras in somebody's house? Are you *really* ignorant of that gross extrapolation to argumentum ad absurdum or are you just acting retarded?

Then of course there's the halfwit that modded this stupidity up.

It's like the old joke...

Would you sleep with me for $10,000,000? ... Sure!
Would you sleep with me for $10? ... Hell no, what kind of girl do you think I am?
We've already established that, we're just haggling over the price now.

If you're willing to invade someone's privacy, you're willing to invade someone's privacy.
Once we establish that fact, we're haggling over matters of degree, not matters of kind.

Re:I personally find this very important... (0)

Anonymous Coward | about 8 months ago | (#45646017)

Because I definitely do not want the .gov overstepping their boundaries and ignoring my right to personal privacy. They have no reason to peek in and look at my personal life when I've done nothing wrong.

Re:I personally find this very important... (1)

BlueStrat (756137) | about 8 months ago | (#45647549)

Because I definitely do not want the .gov overstepping their boundaries and ignoring my right to personal privacy. They have no reason to peek in and look at my personal life when I've done nothing wrong.

The problem is needing to protect oneself from un-Constitutional violations of the BoR by an obviously power-mad ruling elite in the first place.

With the immense resources of the US government available and few if any restrictions to methods, if the TLAs want in, they'll get in.

Until the size & power of government and the bureaucracy are massively rolled back and accountability plus term limits enacted and enforced, it's a losing game. They'll get to whomever they need to get to to make sure their abilities to un-Constitutionally spy and gather/analyze masses of data on anyone and everyone without consequence are retained. They already have enough data to blackmail just about anyone in or with power and lots more. Congress won't and can't fix this because of this reason.

We are forced to play by *their* arbitrary, constantly shifting, often counter-intuitive, sometimes retroactive laws, acts, and regulations which they are not constrained by because "national security" "that's classified" "redacted" and "fuck you".

I'm watching this move for a Convention of States (Article V).

http://conventionofstates.com/ [conventionofstates.com]

It's not without it's risks, but something has to rein in this "Imperial Federal Government" and it's myriads of agencies, departments, "czars", the corruption, the blatant, damaging, and heinous violations of basic civil rights, militarized police terrorizing the citizenry, the crushing spending/debt, etc etc etc, or else living in the US will really begin to resemble living in the old USSR under Stalin.

Maybe that old meme that the US will eventually become socialist/communist/fascist/authoritarian and Russia/China become the new havens of capitalism and individual freedom has some validity.

Ah, the sweet, sweet irony if in 20-30 years, Russian (or Chinese) travelers are smuggling blue-jeans into the US.

Strat

Re:I personally find this very important... (0)

Anonymous Coward | about 8 months ago | (#45651311)

conventionofstates.com leads to Citizens for Self-Governance (http://selfgovern.com/) which points to the leadership page (http://selfgovern.com/about/) which lists a bunch of Tea Party Patriots founding members as their current leadership.

Aren't we still pissed at these guys for being Koch shills?

Re:I personally find this very important... (1)

Archangel Michael (180766) | about 8 months ago | (#45651365)

The problem is that our current bureaucracy is such that it inherently protects the ruling elected class from accusations of tyranny, while providing the services needed to be a tyranny. This is why the players change from Republican Tyrants to Democrat Tyrants, giving the illusion accountability. There is no accountability. The whole IRS, Benghazi, ObamaCare, Patriot Act etc etc etc going back to Nixon proves this. Nixon was held accountable, because he went beyond the Bureaucracy's protection.

The only fix I can see is that we need to get rid of the career Bureaucrats, which is, of course, impossible. We're screwed.

Re:I personally find this very important... (1)

Anonymous Coward | about 8 months ago | (#45650167)

funny that the same people who think the gov wants to know their shopping lists have absolutely no problem with firing gays from their jobs because they might be having buttsex at home. But at least the employers don'tinvade privacy, they simply assume without any evidence at all, and that's perfectly fine with that crowd

Re:I personally find this very important... (0)

Anonymous Coward | about 8 months ago | (#45646033)

Awesome. And as a side benefit, we'll be making it like totally impossible for them to figure out our social media screen names, since there's no way they could legally or even practically collect and analyze umpteen exabytes of meta-data!!!11

p.s. Hcqngr #42. V'z nobhg gb tb gnxr n cbbc. V'yy yrg lbh xabj ubj vg pbzrf bhg.

Re:I personally find this very important... (0)

Anonymous Coward | about 8 months ago | (#45646049)

Ideally they wouldn't be able to decrypt any texts, including the countless "what's for dinner" and "I love you grandma", etc. Safety in numbers.

Re:I personally find this very important... (0)

Anonymous Coward | about 8 months ago | (#45646185)

When only some data is encrypted, then the "bad guys" (whoever you might consider those to be) know what to go after.

Re:I personally find this very important... (5, Interesting)

PopeRatzo (965947) | about 8 months ago | (#45647393)

Because I definitely would not want the .gov peeking in on me and finding out what I'm having for dinner or knowing that I love my family.

How do you feel about the private contractor that's doing the snooping knowing what you've had for dinner and that your wife has breast cancer and selling that information to companies who can now try to sell you miracle cancer cures? How comfortable are you with prospective employers knowing your child has autism and needs extra attention, which might possibly mean more absences from work?

Remember, most of the data collection and first-level analysis is not done by "the government" but by a private company that works for the government. And, that private company has corporate clients besides the government. How comfortable are you knowing that anyone who can afford to pay having access to all your personal communications?

And what happens that day you disagree with what the government is doing? How comfortable are you knowing that you're planning to go to a political demonstration? How comfortable are you with your boss or potential employer knowing?

How comfortable are you with a techie with anti-social tendencies having access with all your family's communication? Your wife's, your daughter's? Because who do you think is working for that private contractor who's working for the government?

Re:I personally find this very important... (3, Insightful)

Anonymous Coward | about 8 months ago | (#45648705)

And what happens that day you disagree with what the government is doing?

This.
People who agree with what the NSA and pals are doing believe in a fair and stable government, but what if it changes? What if suddenly your rulers become tyrants?
It's not like it's never happened before in history.
At that point, even if you can stop the data collection, it's already too late. They've already got all of your past history. Suddenly, something which may be innocuous to today's society may be a death sentence in tomorrow's.

What strikes me most is to hear many of the same people asking for Snowden's head in one breath (Government spying is OK!) and defending their right to bear arms with the other (can't trust the government, we might have to revolt!).

Re:I personally find this very important... (1)

Archangel Michael (180766) | about 8 months ago | (#45651385)

We are already ruled by tyrants, they are the Bureaucracy. Try to fire them and see how tyranny works.

Re:I personally find this very important... (2)

flyingfsck (986395) | about 8 months ago | (#45647655)

So you don't mind the corrupt PFY contractor at the NSA/GCHQ telling the HR manager at that place you applied for work the results of your last STD test do you?

Hard to take CM privacy concerns seriously (3, Interesting)

geminidomino (614729) | about 8 months ago | (#45645881)

Even before the buyout, the CM team refused patches to basically integrate pdroid into the mod, for fear of "angering developers." So even if something like this works, all the bad guys have to do is hit up the app market for the data it's sucking up anyway.

Re:Hard to take CM privacy concerns seriously (-1)

Anonymous Coward | about 8 months ago | (#45645947)

May I please pee in your butt?

Re: Hard to take CM privacy concerns seriously (1)

Anonymous Coward | about 8 months ago | (#45646183)

There was a time when trolling was an art.

In my day, we crafted clever well-written responses with a single link that supposedly contained more information but was actually a photo of a man stretching his rectum with both hands.

The next generation of trolls was more nostalgic and reached into the previous generation's culture to find a goofy music video to link to. Not very imaginative but at least it could be considered an homage.

This generation...your generation, has passed on the entire idea of the clever ruse and simply resorted to talking like a toddler.

At this pace, your children will be trolling you by responding with simple words like "poop", and the next generation possibly grunts.

I propose that you reverse this path and lead your generation to surpass the previous ones in trolldom. We are watching, and we are waiting...

Re: Hard to take CM privacy concerns seriously (0)

Anonymous Coward | about 8 months ago | (#45646251)

yeah, well poop!

Re: Hard to take CM privacy concerns seriously (-1)

Anonymous Coward | about 8 months ago | (#45646269)

May I please pee in your butt, grandpa?

Re: Hard to take CM privacy concerns seriously (1)

Absolutely.Geek (2913529) | about 8 months ago | (#45647461)

LOL When you just gotta feed the troll, do it with style..

Re:Hard to take CM privacy concerns seriously (3, Insightful)

Rennt (582550) | about 8 months ago | (#45648945)

That's kind of a re-invention of history. CM simply didn't integrate pdroid because it was a support nightmare waiting to happen. At the time of the pdroid discussion, Steve said that they were already working on a bunch of privacy features that would meet the usability standards they were aspiring to... and here we are.

Don't forget that this message encryption follows on from the App Privacy Mode that they have successfully deployed since then (and makes much of pdroid redundant). They are taking a measured and transparent approach to privacy. Just as a serious organisation should..

Re:Hard to take CM privacy concerns seriously (1)

geminidomino (614729) | about 8 months ago | (#45649543)

That's not what the mailing list said. And no, the current offerings don't come even close to pdroid, or "enough", for that matter. It's pitiful theater at best.

Spy vs Spy (4, Interesting)

BringsApples (3418089) | about 8 months ago | (#45645951)

Seriously, why are The People trying to play Spy vs Spy with their own government? The government owns the internet. It's as silly to encrypt your license plate as it is your text messages. You have no way to do so. If you're able to send a text, then you're using a carrier of some kind. That carrier has no control over the government's ability to get the data if the government wants to. Remember, it's metadata that we're talking about. "Who talked to who - and what time(s)". Linking people together is what it's all about. They don't need to know what you're talking about, so long as they know who you're talking to.

Re:Spy vs Spy (2, Interesting)

Anonymous Coward | about 8 months ago | (#45646293)

You show...good but not total understanding. In current systems this works.

In past systems this has been handled.

See mixmaster, remailers, etc.

If whisper does this right, what people know is "35 messages go into mixmaster3 at time t" and "15 messages go out of mixmaster3 to mixmasters 1..n at time t+1" and "16 go out to realworld addresses A1...Ai"

A good enough tumbler chain crushes most metadata analysis for short messages, provided you'll live with limited message loss, and a bit of latency that makes real time not highly practical.

It could work given enough volume.

Re:Spy vs Spy (0)

Anonymous Coward | about 8 months ago | (#45646315)

A) SMS encryption needn't only be about securing your text messages from governments; there are a variety of vulnerabilities in the phone system that allow others to intercept your texts (ask most anyone who's ever been to DEFCON just how trivial this can be).

B) Just because you're not able to get around metadata siphoning doesn't necessarily mean you're going to throw up your hands and go "here's the contents of my messages as well".

That all being said, anyone using SMS messages to do anything particularly sensitive isn't playing with a full deck. But, sometimes desperate times call for desperate measures, and it never hurts to have a few more tools at one's disposal that may eek out whatever minimal privacy gains can be had.

Personally, I'd much rather see more work done to port i2p over to Android for anything being kept particularly anonymized and private... The way addressing works with i2p tends to make even the metadata pretty obscured. For secure SMS, I doubt it'll ever get better than using a combination of burner phones and OTP crypto...but public key crypto tends to have its convenience benefits, and this is welcome, if not groundbreaking.

Re:Spy vs Spy (0)

Anonymous Coward | about 8 months ago | (#45646349)

Seriously, why are The People trying to play Spy vs Spy with their own government? The government owns the internet. It's as silly to encrypt your license plate as it is your text messages. You have no way to do so. If you're able to send a text, then you're using a carrier of some kind. That carrier has no control over the government's ability to get the data if the government wants to. Remember, it's metadata that we're talking about. "Who talked to who - and what time(s)". Linking people together is what it's all about. They don't need to know what you're talking about, so long as they know who you're talking to.

Nothing but metadata, eh?

Mighty strong assumptions coming from those sitting outside the fortress.

It's almost as strong as assuming metadata is the only thing they care about.

Good luck with that shit.

Re:Spy vs Spy (5, Insightful)

hawguy (1600213) | about 8 months ago | (#45646399)

Seriously, why are The People trying to play Spy vs Spy with their own government? The government owns the internet. It's as silly to encrypt your license plate as it is your text messages. You have no way to do so. If you're able to send a text, then you're using a carrier of some kind. That carrier has no control over the government's ability to get the data if the government wants to.

Isn't that the whole point of this project? It allows you to encrypt your data, so unless you think the government has a secret back door into every encryption algorithm, when you encrypt your data, the government can't see it. They may still be able to see who you're talking to (a TOR-like extension might help), but they won't know what you're saying unless they compromise your phone (or happened to compromise the key exchange).

Remember, it's metadata that we're talking about. "Who talked to who - and what time(s)". Linking people together is what it's all about. They don't need to know what you're talking about, so long as they know who you're talking to.

Despite what the NSA wants you to think, it's not just "Metadata" -- any analyst who believes that a conversation is with a foreign correspondent can retrieve the entire contents of the conversation -- text, email, etc with nothing more than a slightly better than 50% belief that one party in the conversation is foreign. No warrants or other oversight required.

Do you think the government should be able to retrieve your private conversations on an analyst's "hunch"?

Re:Spy vs Spy (0)

Anonymous Coward | about 8 months ago | (#45646835)

Do you think the government should be able to retrieve your private conversations on an analyst's "hunch"?

Yes

Re:Spy vs Spy (1)

hawguy (1600213) | about 8 months ago | (#45647111)

Do you think the government should be able to retrieve your private conversations on an analyst's "hunch"?

Yes

That's clever coming from an Anonymous Coward, but you should feel free to bcc AnyAnalyst@NSA.gov on all of your emails.

But I'd rather keep my conversations private.

Re:Spy vs Spy (1)

Archangel Michael (180766) | about 8 months ago | (#45651449)

Actually, this is a clever sort of attack. It is the one where every public email address of the goverment becomes a spam bucket of inane email conversations, such that if you include them in the BCC field for every email you send, it overwhelms these in boxes with more stuff than they can troll through, making it completely useless.

Re:Spy vs Spy (1)

BringsApples (3418089) | about 8 months ago | (#45647309)

Do you think the government should be able to retrieve your private conversations on an analyst's "hunch"?

Not at all, I think the whole thing is total bullshit, beyond expression and pushes the bounds of humanity itself. However That means nothing to anyone but me, maybe some others. What our government needs is some small, no matter how small, reason to point a finger. Don't forget, the whole war in Iraq started because of a "hunch". And they found out that that hunch was wrong. Well... the wars (yes wars) machine keeps on turning, brother.

...so unless you think the government has a secret back door into every encryption algorithm...

Where have you been man? See here [techreport.com] .

Re:Spy vs Spy (1)

hawguy (1600213) | about 8 months ago | (#45647629)

...so unless you think the government has a secret back door into every encryption algorithm...

Where have you been man? See here [techreport.com] .

There's a big difference between a backdoor in a published encryption algorithm and a backdoor in commercial encryption software/hardware. It's much harder to hide a backdoor in a well known algorithm that's been under international scrutiny. Though I do have my doubts about the ECC constants [stackexchange.com]

Re:Spy vs Spy (0)

Anonymous Coward | about 8 months ago | (#45647739)

They may still be able to see who you're talking to (a TOR-like extension might help),

You don't even need something TOR-like, you can just use TOR. The Cyanogen version of TextSecure uses Push, not SMS (i.e. your data connecgtion instead of the normal texting service). If you enable transparent proxying using the existing official Tor app (requires root), it should work just fine to hide who you're sending to/recieving from.

Re:Spy vs Spy (1)

crazyvas (853396) | about 8 months ago | (#45648187)

One other point to add to the parent: Whatever you give up now, whether it's metadata alone or metadata + content, consider that this will be stored forever. It might be become easier/legal to probe into these several years down the line. If the govt's storage systems are incompetent, they might all even become public at some point.

It is /still/ worth protecting what you can.

Re:Spy vs Spy (0)

Anonymous Coward | about 8 months ago | (#45649599)

with nothing more than a slightly better than 50% belief that one party in the conversation is foreign.

A threshold they can overcome with a simple Bayesian inference. US population: 300 million, World population 7 billion, odds that a given person is foreign 63/70 > 50%. Heck that even beats out a 90% threshold (barely), so I don't know why they didn't set the bar higher to make people think it was less bad. Guess they didn't have to.

Re:Spy vs Spy (0)

Anonymous Coward | about 8 months ago | (#45650637)

It is the constitutional right to freely associate that is challenged by the collection of who is talking to who. There is no right to privacy.

Re:Spy vs Spy (0)

Anonymous Coward | about 8 months ago | (#45647647)

At a minimum you're increasing the amount of noise they have to filter. I agree that this is a rather futile enterprise, and likely does nothing to keep big brother out of the room. However, I'm all for making their job that much harder and annoying as I compare local Thai restaurants or decide on what's in store for tonights festivities with my friends.

If all this does is increase the amount of entropy in their 'information washing', why not do it?

The Importance of Metadata (1)

flyingfsck (986395) | about 8 months ago | (#45647703)

The Importance of Metadata:

It is not Who you know, or What you know, or even What you know about Who you know.

It is Where is Who, that provides the targeting for the missile.

Re:Spy vs Spy (0)

Anonymous Coward | about 8 months ago | (#45647955)

Actually, the SMS's are stored on the ISP server in plain text while waiting to be delivered to the recipient. When I worked for a wireless provider we could hop on the main server that did SMS to read errr troubleshoot SMS problems. :)

So IMO this is a good idea simply because communications should be encrypted because they are going over the internet. You wouldn't send your mail in a transparent envelope, so why do the same with email/SMS? If the government/powers who be want to snoop, they still have alternatives..

Re:Spy vs Spy (1)

jovius (974690) | about 8 months ago | (#45648091)

Playing Spy vs Spy with the government is a form of democratic control of things related to you. That control has been lost to agencies and bureaucrats. There should be a trusting relationship, but the trust is broken. The trust itself is based on an empty facade, which was effectively proven by Snowden (and others..). The power is an illusion. In the end an individual can independently act regardless of the conditioning.

Re:Spy vs Spy (0)

Anonymous Coward | about 8 months ago | (#45648569)

>the government owns the internet.

And this got +5 and nobody called you out on such a trollish statement...Cannot believe my eyes.

So which government exactly is owning the internet?

A license plate is perhaps my IP address, certainly not the content of my private messages.

The carriers could provide perfect end-to-end encryption and have no way of actually knowing what they transported.

Then you suddenly assert we are talking about metadata (which is not the same as "text messages" to me), and is also not what the encryption is meant to prevent. I still think the government has no business in making networks of who talks with whom. That is not something I want my government to be occupied with, unless there is a concrete and specific reason to do so in isolated cases, and with judicial oversight.

Last but not least: who was claiming this was only to play Spy vs Spy against the government? I think there are plenty of other reasons to encrypt your data.

There is not a single interesting statement in your post...

FTW (0)

Anonymous Coward | about 8 months ago | (#45645977)

This is so increadibly awesome. The biggest impediment to encrypted communications has always been that it's not enabled by default, and requires active particpation by the user (see: SSL being so much more common than PGP or disk encryption). I've been using TextSecure for years now (before WhipsperSystems was bought by Twitter), but it's been of limited use since I couldn't convince all my friends to use it. Now that everyone on CM will have it by default, things just got a little more awesome.

Re:FTW (0)

Anonymous Coward | about 8 months ago | (#45646297)

In most cases that only helps if they use supported phones -- the CMdevs (formal or informal) only work on phones they own, and they tend to be mid-high to high-end models on GSMnetworks. CDMA phones, especially models that sell for under $120 used/refurbished (e.g. what a poor person on an 'inexpensive' network like Ting might afford), rarely qualify.

trop tarde (0)

Anonymous Coward | about 8 months ago | (#45646023)

It is bad that a major event like Snowden's disclosure was needed to spur more encryption. The principles of safety and privacy do not require an accident before hand to be recognized.

Re:trop tarde (1)

plover (150551) | about 8 months ago | (#45647571)

The principles of safety and privacy do not require an accident before hand to be recognized.

Actually, most safety and security activities are the direct result of an attack or accident. For example, traffic signals are usually erected at unsafe intersections only after a certain number of severe accidents. Sony didn't encrypt their users' passwords in their database, even though hacking of it has been a very real possibility for many years (and I'm only presuming they've encrypted it since the leak.) The world (except for Israel) didn't get truly strong airline security until after the September 11th attacks.

They're already tracking us in WoW (1)

WillAffleckUW (858324) | about 8 months ago | (#45646051)

I don't see the point, since the encryption methods are probably also hacked, and we probably has OS libraries with whisper routines that just invoke built into our devices.

All the backdoors are wide open, and the front doors too. We live in Stasi Germany.

Re:They're already tracking us in WoW (2, Informative)

Anonymous Coward | about 8 months ago | (#45646341)

I've seen little suggesting the NSA has been breaking much crypto at the algorithm level...most of what I've seen in the leaked materials has suggested more in the way of mitm attacks (sometimes through key forgery, as the NSA essentially has root certificate authority). The public key side of this of course still leaves that possibility entirely open if one doesn't take care to do a secure key exchange, but it's still a step in the right direction.

Re:They're already tracking us in WoW (0)

Anonymous Coward | about 8 months ago | (#45646587)

Pretty sure they broke all the major crypto before 2004.

Re:They're already tracking us in WoW (0)

Anonymous Coward | about 8 months ago | (#45646605)

http://spectrum.ieee.org/telecom/security/can-you-trust-nist

http://www.fiercegovernmentit.com/story/nsa-inserted-backdoor-nist-random-number-generator-method/2013-09-09

http://www.networkworld.com/news/2013/101713-cisco-nsa-backdoor-274965.html

Re:They're already tracking us in WoW (1)

ewieling (90662) | about 8 months ago | (#45646365)

Are you advocating people more or less say "I give up. You win." to governments?

Re:They're already tracking us in WoW (1)

Mister Liberty (769145) | about 8 months ago | (#45646413)

You gotta be of ill will to read that in his comment. I don't think you are. Question then is why your
comment. Answer: maybe you are more desperate than him. A shallow answer. Morale: let's be sure
we're all on the same side and do something on the technical as well as the political level.

Re:They're already tracking us in WoW (0)

Anonymous Coward | about 8 months ago | (#45646423)

WillAffleckUW is obviously one of Them. WAKE UP SHEEPLE!

Re:They're already tracking us in WoW (0)

Anonymous Coward | about 8 months ago | (#45646625)

Of course not, they would never plant an agent in plain site.

oh.

Re:Spy vs Spy (0)

Anonymous Coward | about 8 months ago | (#45646555)

With the end to end surveillance and massive quantities of spare super computer time there is very little you can do to keep them out of your data.
I just want them to work for it a little bit. Why should we just make it easy?
So no more broadcasting in the clear if you can help it.

Hello world (1)

JeremyWH (1354361) | about 8 months ago | (#45646715)

aFskf8as sdfjsdf a8Pg7d !!

One minor part in a bigger problem. (1)

relaxinparadise (943965) | about 8 months ago | (#45646997)

While anything to prevent any intrusion into peoples private conversations is laudable, it's just treating a symptom of the greater problem. Just my opinion, but I would also like to see efforts made so governments and any other authorities don't spy on their people as well as these kinds of efforts which make it so they can't spy on their people.

Key distribution and metadata? (1)

Richard_J_N (631241) | about 8 months ago | (#45647011)

I looked at this, and there are 2 things I can't understand:

1. How does key distribution work? Even public-key crypto of this type doesn't necessarily work if there is a man in the middle.
2. How is metadata protected? For an SMS, often the timestamp and sender/recipient pairing is as revealing as the message content.

Re:Key distribution and metadata? (1)

EmperorArthur (1113223) | about 8 months ago | (#45647373)

From what I gather the encryption scheme is vulnerable to MITM attacks, and doesn't do anything about metadata.

Every message is encrypted with a unique key so if they MITM a conversation they'll only get that conversation's data.

MITM isn't hard for agencies like the NSA, but it takes a hell of a lot more effort than passive taps.
The idea isn't to prevent a targeted attack, the idea is for users to prevent large scale data collection.

RTOS on the chip that controls wireless, etc. (3, Interesting)

dsoodak (3022079) | about 8 months ago | (#45647075)

There was an article posted on either slashdot or boingboing which linked to the following: http://events.ccc.de/congress/2011/Fahrplan/attachments/2022_11-ccc-qcombbdbg.pdf [events.ccc.de] Summary: the (usually) proprietary firmware on the chip that controls real-time functions such as wireless communication (which requires so many different standards to be adhered to that it ends up being a real mess and rarely rewritten) is surprisingly easy to hack. I believe there was a quote that you could get remote code execution after sending it a string of less than 100 bytes. It also mentioned that the chip with the main OS is often a slave to the one with the RTOS. Just curious if anyone knows if CyanogenMod accounts for this particular type of security vulnerability.

Re:RTOS on the chip that controls wireless, etc. (0)

Anonymous Coward | about 8 months ago | (#45648113)

There is a project called Neo900.org where they are building a phone that keeps the wireless modem chip separate from the application CPU for this reason. You'll eventually be able to run Replicant OS on it which is based on CyanogenMod.

Utility of text messages (1, Troll)

Gothmolly (148874) | about 8 months ago | (#45647097)

Text messages are useful because they're banal. "I'll be late" "pick up milk" "what section are you sitting in?" "when do we need to leave?" If you're committing any relevant content to SMS you have different problems that security isn't solving.

Re:Utility of text messages (0)

Anonymous Coward | about 8 months ago | (#45647863)

Want me to get off of your lawn while we're at it?

you FAIL iT (-1, Redundant)

Anonymous Coward | about 8 months ago | (#45647127)

Stand anymore, OF AMERICA) today, SOMETHING COOL and building is Little-known You don't need to sure th4t I've spot when done For From a technical

Doesn't work with MMS (0)

Anonymous Coward | about 8 months ago | (#45647689)

I recently uninstalled TextSecure because I couldn't send or receive MMS messages with it. It is supposed to work, but there is always an error when trying to view a picture someone sends me.

Re:Doesn't work with MMS (1)

EmagGeek (574360) | about 8 months ago | (#45649157)

It does work. You just have to RTFM and set it up properly.

How keys are managed (4, Informative)

Fnord666 (889225) | about 8 months ago | (#45647711)

From the Open WhisperSystems Blog: [whispersystems.org]

The TextSecure Protocol

TextSecure's upcoming iOS client (and Android data channel client) uses a simple trick to provide asynchronous messaging while simultaneously providing forward secrecy.

At registration time, the TextSecure client preemptively generates 100 signed key exchange messages and sends them to the server. We call these "prekeys". A client that wishes to send a secure message to a user for the first time can now:

Connect to the server and request the destination's next "prekey."
Generate its own key exchange message half.
Calculate a shared secret with the prekey it received and its own key exchange half.
Use the shared secret to encrypt the message.
Package up the prekey id, the locally generated key exchange message, and the ciphertext.
Send it all in one bundle to the destination client.

The user experience for the sender is ideal: they type a message, hit send, and an encrypted message is immediately sent.

The destination client receives all of this as a single push notification. When the user taps it, the client has everything it needs to calculate the key exchange on its end, immediately decrypt the ciphertext, and display the message.

With the initial key exchange out of the way, both parties can then continue communicating with an OTR-style protocol as usual. Since the server never hands out the same prekey twice (and the client would never accept the same prekey twice), we are able to provide forward secrecy in a fully asynchronous environment.

Re:How keys are managed (1)

spacefight (577141) | about 8 months ago | (#45648253)

Since the server never hands out the same prekey twice (and the client would never accept the same prekey twice), we are able to provide forward secrecy in a fully asynchronous environment.

PFS only if you trust the server. Haven't we seen the "trust the server"-concept a few times too much lately?

Re:How keys are managed (0)

Anonymous Coward | about 8 months ago | (#45648815)

If the server gave out the wrong key then the message would not be decryptable by the receiver, unless you also have a MITM on the SMS transmission side.
At some point you have to ask yourself if your scenarios are realistic.
If this one is, you damns sure shouldn't use Android, because hacking your phone would be much easier than this double MITM.

Re:How keys are managed (1)

flyingfsck (986395) | about 8 months ago | (#45650235)

Man, I can see a few holes in that, and I only read one of Bruce Schneier's books...

and the cost? (1)

crispi (131688) | about 8 months ago | (#45648195)

So now your 20 character "just on the way home" text message blows out to a couple of thousand bytes, and your telco provider has to send your SMS as 10 SMS now, and charges your accordingly.

New and innovative! (0)

Anonymous Coward | about 8 months ago | (#45648399)

the cryptographic encryption, brought to you by the department of redundancy department.

Code quality? (1)

hweimer (709734) | about 8 months ago | (#45648605)

Encrypting your stuff is all good and nice, but you should use a piece of software that has been written using established secure coding standards. Just because it's open source doesn't mean it's also secure (cf. PHP, OpenSSL). Rather, being open source is a necessary, but not a sufficient criterion in the evaluation of security-critical applications.

Given the track record [f-droid.org] of this particular application, I'm a bit skeptical whether one should really use it for anything serious.

Re:Code quality? (1)

gnoshi (314933) | about 8 months ago | (#45649279)

Hmm. I feel OK about trusting someone who understanding encryption standards sufficiently well to to identify SSL implementation bugs in major browsers (and construct exploits for them) working on encryption software that I use.
What I got out of the F-Droid conversation was that someone complained about a bug (which they overstated) that had already been fixed, and because Moxie himself wasn't publishing to F-Droid the version on it didn't get updated.

CM11 nightlies also include it (1)

georgeb (472989) | about 8 months ago | (#45649259)

CM11 nightlies starting with cm-11-20131210-NIGHTLY also include WhisperPush according to the changelog. I'm still on 20131208 on Nexus S so I can't check how it actually behaves.

Too bad it's GPLv3 - Stay Away! (0)

Anonymous Coward | about 8 months ago | (#45649815)

The inability to lock down systems for security (must publish all encryption keys). The inability to keep patents. The implicit right of audit of software. Scaaary! Any chance of a GPLv2 fork?

Here .. let me fix that for you (1)

johnlcallaway (165670) | about 8 months ago | (#45650037)

"A few people are now more concerned regarding their privacy after discovering about efforts made by governments to spy on their communications."

There .. that's more accurate....

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>