Dirk Praet • March 16, 2016 6:48 AM

@ Rolf Weber

First there is nothing that needs to be “pushed onto the user’s device”. Even you said that the client doesn’t need to be patched.

It does not need to be changed if it is technically feasible to do all of the governments bidding by a MITM-attack on the server side only. But since we don’t know what exactly has been asked and to what extent the server side exploit would also reflect on the client, it is perfectly conceivable that it would need to be patched too. An a priori claim that this would never be the case is thus pure speculation on your behalf.

The second thing is that it is not about “creating a new vulnerability”.

Yes it is, @Rolf. I’m very sorry we can’t get it through your thick skull that the new vulnerability here is the exploit the FBI wants WhatsApp to develop, not the fact that every app with a central key server in theory is vulnerable to a MITM-attack. That an exploit/operator interface for that purpose would already exist is again pure speculation on your behalf, and it would make zero sense for WhatsApp/Facebook to have created it at any time in the development of the product.

So as to your allegations that our host is a lying sack of sh*t, you’re factually wrong on one account with a second one impossible to ascertain today meaning either of you can be right or wrong.

An exploit is no “change”, and it is an exploit on the WhatsApp server

But it is, @Rolf, and one that completely compromises the security of millions of users if it falls into the wrong hands. You’re being willfully blind.

And we don’t live in scary times where governments want to reduce our security

That’s exactly what the result of such government mandated backdoors will be, whether it is intended or not. Which once again you refuse to see. And it is beyond me that as a German you completely fail to understand the ramifications of a government that has the power to pry into our lives 24/7 and for which no one can have any secrets.

As to your tone, we would very much appreciate that you turn it down a notch. Your recent comments have evolved from disingenuous and irritating to downright rude and offensive. I get it that you are frustrated that no one with even the slightest clue buys into the benign government and IC gospel according to Rolf Weber, but please go and vent that anger somewhere else. Perhaps you should consider getting a hobby or a girlfriend.

Dirk Praet • March 16, 2016 6:19 PM

@ Skeptical

It’s silly. Can we, just for once, be slightly realistic in speaking about these things?

Either a device or particular piece of software is secure for everyone, or it isn’t. NOBUS has been debunked time and time and again, so yes, can we please for once be slightly realistic about these things?

I am as astonished by those who think private ownership of firearms to be an effective check on government abuse as I am by those who think ubiquitous warrant-proof devices and services to be effective checks on government abuse.

I can only reiterate my opinion that the exact conditions, methods and modus operandi for government subversion of contemporary electronic devices and communications needs to be thoroughly discussed in Congress and then voted upon instead of the executive branch seizing such unprecedented powers under a 200 year old statute. And which is also what Apple and most of the rest of the tech sector are asking.

Such an approach, in view of the potentially huge consequences of what the FBI is asking for, is entirely reasonable and I can only regret that you don’t see it that way too. If the government gets what it wants and the new piece of legislation passes constitutional scrutiny, then so be it and many of us will just move to non-US products. At which time the US tech sector can still convince Congress to outlaw such products all together and under TT(I)P try and sue foreign companies providing non-backdoored technology over “unfair competition”.

@ Rolf Weber

my credentials are the technical facts.

You are, as usual, conflating your opinion with facts.

If the criminals want to be secure from FBI access, they should be forced not to use a mass product, but do something else.

So what happens when a mass product gets subverted by the government? Scores of users – both ordinary citizens and criminals – eventually move on to something else that isn’t. And which in its turn becomes a mass product. Long term benefits for LE: none. All criminals have moved on, and those stupid enough not to were probably also dumb enough to screw up before the government mandated backdoors in the first place. There’s only victims here, i.e. the vendor of the original mass product and its remaining now less secure users.

So far, both in the Apple and the WhatsApp case, it is not about downgrading security properties. In both cases, it is about exploiting existing vulnerabilities.

For $DEITY’s sake, man. Doesn’t it then even remotely occur to you that the exact purpose of an exploit is to breach, and thus downgrade security? And what are you babbling about a 2nd vulnerability on the client side? The absence of a key exchange checker UI is not a vulnerability, but a missing security control to mitigate a possible vulnerability on the server side. It’s only a vulnerability if it can be exploited somehow on the client side alone.

Once again, you are either showing off complete ignorance of basic security definitions and concepts, or you are deliberately distorting them to fit your Einzelgänger narrative. Neither of which reflect well on your credibility.

Dirk Praet • March 16, 2016 8:48 PM

@ Thoth

XMPP and OTR are actually rather complex stuff. I wouldn’t touch them with a 10 feet pole either. I would prefer something more binary and much more simple like a binary based protocol that is as close to using binary tags, lengths and fix positions.

No argument here. I just pointed them out because they are readily available on quite some platforms, configuration thereof within the grasp of the average layman while still being less insecure than other, more popular platforms like Skype and the like. I seem to remember that somewhere in the Snowden docs the NSA didn’t seem to like OTR a lot at the time, so that’s a plus.

And I conflated @Anura with @Markus Otella. I found Markus’s PoC pretty impressive.

@ Nick P.

I’d be interested in a compromise on such a situation. I’d rather them (or NSA) use one of the endpoint attacks we know they have.

The reason why they don’t probably has everything to do with the fact that in a court of law the defense might ask exactly how they have been able to unlock/decrypt a device. The government may then be compelled to reveal the exploit/endpoint attack used which would then end up being patched. After a few cases, they run out of exploits and are basically screwed. Forcing the issue in a legal way kinda makes sense in such a context, and no party would have to give up any exploits they’re sitting on.

Dirk Praet • March 17, 2016 8:11 PM

@ Nick P.

I recommended in my petition to the White House that they push for forced disclosure of individual keys via warrants over backdoors as a compromise.

RIPA in the UK already has that. But there are a number of drawbacks, for example when as in the SB case the owner is dead. And what to do when the owner refuses to give up the keys, even under duress? What if he has genuinely forgotten his password? Indefinite incarceration until he complies? The exact same sentence as when he would have been proven guilty of the crimes accused of, but without proof? I’m not sure something like that could ever stick under a traditional interpretation of the rule of law.

The way I see it, nothing prevents a company to knowingly and willingly backdoor a protocol, algorithm, application, device or service if it so choses. But which should come publicly advertised with an explicite “NSA inside” label, forfeiting the right to call the product “secure” (or whatever term agreed upon) in any way and with stiff penalties and punitive damages for all affected users when lying about it, whether the product is commercial or open source. Same thing if a company voluntarily chooses to cooperate with IC/LE (AT&T et al).

On the other hand, any company should also be free to offer unbreakable crypto without government mandated backdoors, and for all the reasons previously discussed.

I can however see exceptional circumstances in which the government could ask a company to provide assistance in unlocking or deciphering a device, conditions and methods of which need to be framed in a new piece of legislation that reflects the world of today.

1) An adversarial procedure with three parties: the government, the company and a privacy & civil liberties representative. No secret ex parte decisions with a gag order from secret courts under secret interpretations of the law.

2) Single warrants for single cases.

3) A high burden of proof on the government to show a clear and imminent danger with a formidable impact on national security and the public at large, and which all parties are read into under NDA. With which I mean a “24” scenario, not some local magistrate in Kalamazoo,MI demanding to unlock an iPhone in a divorce case.

4) No unreasonable burden on the target company, as in fully and permanently re-engineering the product, and without impacting the security of other users of the product. How far a company wants to go here will of course also depend on the severity of the case presented by the government.

All of which means that precious few cases will proceed, and that the government as in the past will have to keep on focusing on other methods and only in exceptional circumstances can resort to this type of solution. To me, that’s the only acceptable balance.

Dirk Praet • March 18, 2016 8:50 AM

@ Rolf Weber, @Thoth

I already said I don’t want to cover all messengers. If the criminal uses Signal, then bad luck for FBI. I just want to cover big players like WhatsApp or iMessage, who act under the jurisdiction of western democracies.

I doubt such an approach would fly from a legal point of view. Most western democracies have firmly enshrined into their constitutions the concept of legal equality, i.e. that everyone must be treated equally under the law regardless of race, gender, national origin, color, ethnicity, religion, disability, or other characteristics, without privilege, discrimination or bias.

In the US, SCOTUS has repeatedly upheld that certain constitutional rights also protect legal persons such as corporations. It is thus hardly thinkable that mandated backdoors could only be imposed on a select group of companies depending on their size or number of users while others offering similar products would be exempt. In addition, commercial law provides more specific state and federal statutes governing unfair competition and disadvantages. Bottom line: mandated backdoors either apply to all or to none.

Which leaves us with the international angle. You may argue that 99% of private persons don’t give a rat’s *ss about their privacy and that mandated backdoors will only cause a minority of them to ditch Apple or other US products. That’s probably true, but it will definitely affect purchases by foreign public sector and business entities where confidentiality of data and communications is of the essence. And those do represent a huge part of their sales revenues.

Do you really think anyone doubts for a second that it’s just a matter of time before the NSA, in its continuing mission to harvest foreign intelligence, goes after your government mandated and company implemented backdoors too and starts exploiting them? What country or company can possibly be looking forward to that?

Comey’s crusade is not going down well with the US tech industry. Lost revenues are probably the main reason Apple is now vehemently fighting the FBI’s court order and why they’re being supported by other tech behemoths.

In short: you and Comey are in an increasingly isolated position. Even the US IC is not backing him up. You’re taking a purely ideological stance, benefits and necessity of which at this time are questionable at best, and in the process completely ignoring or downplaying the very real and huge political, technical, economical and security implications thereof.

Dirk Praet • March 19, 2016 12:17 PM

@ Rolf Weber

If companies decide to voluntarily implement “backdoors”, or if they are required by courts or lawmakers, they can implement it securely.

No they can’t, Rolf. But let’s assume for argument’s sake that they can.

Government A legislates mandatory backdoors which vendors start to implement. Subsequently, governments B to Z start doing the same thing and companies have the choice to either comply or back out of that jurisdiction. In no time, the entire backdoor management becomes a technical and logistical nightmare placing a completely unreasonable burden on any company.

Smaller outfits decide that all the fuss is not worth their trouble and dump their security related products and ideas, thus stifling innovation. Especially low-funded open source projects suffer because everyone can inspect their code and eventually die or become closed source. Security research needs to be heavily regulated or even banned because you can never tell when you have hit a genuine product vulnerability or a government mandated backdoor, tampering with which may end you up in jail.

The secure backdoors mandated by country A can now be used against them by the intelligence services of countries B to Z who have compelled companies from country A to deliver backdoors to them too. Crime syndicates go after the backdoors too and succeed in all kinds of banana republics where they have already deeply infiltrated the government. The public sector and security sensitive business entities in countries B to Z start dumping products from country A that in its turn does the same with products from countries B to Z that are backdoored too. The end result: a complete balkanisation of the internet and the tech industry with everybody less secure than before.

There really is a good reason why folks like @Skeptical are so adamant about the SB case being a stand-alone, one-off case that is perfectly covered by existing legislation. Contrary to you, he has thought this through and is very well aware of the potentially devastating blowback of universally mandated backdoors.

I believe I have sufficiently indulged in your claim that it would somehow be possible to create secure backdoors. Could you now please return the favour in contemplating if only for one minute that you are dead wrong and what the consequences thereof could be on top of the above?

Dirk Praet • March 20, 2016 8:05 PM

@ Figureitout

So it’s not possible in any way to subvert client mode of it or make a bunch of outbound connections?

It probably is if you work long enough on it, but even getting the client to work already is a bit of a challenge in that TAILS is very restrictive about network connections, so there first are a couple of tweaks to make. But as I already said before, putting TeamViewer in TAILS Candy was more of an experiment rather than a persistent feature meant to be permanently installed and enabled.

Don’t drink and write

You don’t have to explain yourself to someone who is rapidly building a reputation for rude and offensive comments against anyone who doesn’t agree with his opinions.

not Dirt…innocent mistake

That’s ok. You owe me a Jack Daniel’s next time you’re in Belgium. I’d love to discuss your recent work with you 😎

@ Rolf Weber

But why do you live with this “insecurities” with all other crypto implementations?

We try to secure our data and communications with crypto because it’s one of the best tools in the arsenal. But nobody, not even our host who has some relevant experience in the field, will ever claim it’s bulletproof. Algorithms and implementations may be flawed. Technological or mathematical advances may suddenly render previously solid crypto vulnerable to practical attacks. In practice, not a week goes by without some new research, vulnerability or exploit making headlines and being discussed on this blog. Since there is no such thing as a 100% secure algorithm or implementation, neither is there a secure backdoor. Why the heck is that not sinking in with you?

But back to your question: vendors and users accept the risk of doing crypto because the risks associated with not doing so are much bigger. And we try to mitigate our risk (= Asset + Threat + Vulnerability) by making algorithms and applications as strong as humanly and technically possible. Any which way you turn it, your government mandated backdoors – whether secure or insecure – will significantly impact any crypto related risk analysis.

If insecure, they either preserve existing or create new vulnerabilities making everybody less secure, in the process imposing on vendors an unreasonable burden of backdoor management and exposing them to potentially huge liabilities in case of a breach. If somehow by an act of $DEITY (or sheer luck) they would be secure, the scenario I have described in one of my previous posts may well ensue. Short: from a risk management perspective, nobody in his right mind can possibly support what you and Comey are proposing.

Being so easy to design and implement, the remaining risks (because nothing is 100%) for my proposals are very, very low.

No they aren’t, Rolf. Pick up a book about security design and risk management some time. While you’re at it, start with answering my balkanisation scenario instead of calling it a straw man argument. It’s a potential outcome of what you’re proposing, not a refuting of an argument you didn’t make. But we had already previously established that your understanding of certain common definitions and concepts is not always entirely spot-on.

And since you decided to venture into the domain of logical fallacies, do allow me to point out some of yours.

If you argue that Athens is proof that we should go without “backdoors”, is then Heartbleed proof that we should go without SSL?

Ever heard of a non sequitur argument, Rolf? A fine example of a propositional fallacy leading to the either disingenuous or downright stupid conclusion that the product should be dumped instead of the vulnerabilities closed.

I highly doubt that the law enforcement “backdoor” enabled the attack. It just made it more convenient for the attackers.

Conjecture, Rolf, or an interesting case of an informal fallacy known as “argumentum ex silentio”, where a claim is based on the absence of, rather than the existence of evidence. And what do you not understand about the fact that rogue software was using the lawful wiretapping mechanisms of Vodafone’s digital switches to tap about 100 phones? You’re just showing off again that you refuse to take anything into consideration that does not fit your narrative.

The security still depends on the password strength, access lists, the sshd software security, and much more.

No, it doesn’t. Once a backdoor is installed, none of that matters any more. That’s the entire purpose of a backdoor, but you’re just not getting that. And, by the way, you really should switch to key instead of password based authentication when using ssh. That’s what most technical security practitioners with half a clue do.

Dismissing a claim as absurd (“technical bullshit”) without demonstrating (proper) proof for its absurdity is an informal fallacy known as the appeal to the stone or “argumentum ad lapidem”. Your “don’t drink and write” comment at @Figureitout was a nice example of the “argumentum ad hominem”, or evading a reply by conducting a personal attack instead.

I say that smartphone manufacturers should be able to unlock their own phones, if the following conditions are met:

So you keep repeating, Rolf, and so we keep refuting without you listening. Reiterating a position time and time and again does not make it a better argument. It’s actually yet another informal fallacy called “argumentum ad infinitum” and which consists in repeating a previously discussed opinion until nobody cares to go against it anymore.

@ Niko

The idea that not providing a backdoor to the US is a credible legal defense for not providing a backdoor to China in a Chinese court is sheer nonsense.

That’s not what I said. While the absence of a backdoor will certainly not prevent any government from demanding one (e.g. the Blackberry case I quoted), the known presence thereof will make it considerably harder for US companies to either fight or stall such requests in court because neither unreasonable burden or domestic legal restrictions can be used anymore. Wanna bet how this plays out if ever the US legislates mandatory backdoors? It’s gonna be a backdoor bonanza even backroom diplomacy won’t be able to contain anymore.

@ Sancho_P

The fourth one is good, at least no secret remote access.

As in Animal Farm’s Seven Commandments, it will be the first limitation to be lifted as soon as both domestic and international requests will start pouring in and Apple (or vendor X) cannot cope with them any longer in a for LE acceptable time frame.

Dirk Praet • March 21, 2016 12:33 PM

@ Rolf Weber

The only reason that can prevent this regimes from trying to push companies like Apple or WhatsApp is that they cannot really compel these companies, because what’s needed can only be enforced at their headquarters, and they are located in the U.S.

You are not listening, Rolf. From a legal vantage, they perfectly can and it doesn’t make one bit of a difference whether or not the headquarters are in the US. If you really believe that China is going to FedEx its iPhones to Cupertino for unlocking, or submit to a US government or court decision whether or not an unlocking request is lawful, then who’s being naive here?

Of course there is a secure backdoor, but not a 100% secure.

You cannot change industry-wide accepted definitions to fit your narrative, Rolf. Once an implementation of any kind contains a deliberate backdoor, it is no longer considered secure, irrespective of who is or is not able to access it. The reason for that is that security is agnostic, not biased (or religious) in how it views adversaries. It only differentiates in their capabilities, not in their intentions, i.e. whether or not they are the good guys that have a really good reason to circumvent it.

As @Clive already tried to explain to you too: in security, there is no such thing as being a little bit pregnant. You either are, or you are not. If that’s too absolutist a position for you, then that’s too bad and good luck with starting up your own security cult.

I already explained that the “lawful wiretapping mechanisms” were most likely only convenient for the attackers, not necessary

Argumentum both ex silentio and ad infinitum. You cannot prove your statement, and on calling you out on it, you just repeat it.

I know, and I know it is because you have no technical arguments against my proposals.

Nobody is saying your backdoors are technically impossible to implement. You’re using a straw man argument. What we are saying is that it cannot be done in a secure way as to prevent abuse, exposing both the complying companies and the product’s users to unacceptable risks.

Subverting key exchanges means compromising one of the most critical security components in any communications application like WhatsApp. For years, people have been trying to make it more secure against MITM attacks. All of which goes out of the window when your benign governments have their way, leaving crippled and insecure applications prone to all kinds of attackers, even from a purely technical vantage.

Whether you like it or not, that’s the general consensus among the vast majority of security professionals. Calling us a sect does not change that. In fact, it’s another informal fallacy known as inflation of conflict, in which disagreement over a certain topic is used to put into question an entire group of experts or the legitimacy of their field.

We techies implement and use “backbones” almost every day. We configure remote access, we implement and use remote updates, we share data and secrets, we build tunnels …

Has it ever occured to you that this is the exact reason why many of our systems and networks are so insecure? All too often what you describe is done by cocky greenhorns with a very limited understanding of, and experience with security, convinced that their take on things is the only right one, even when all industry guidelines and best practices are telling the opposite.

We do this because we are able to weigh the risks against the benefits.

An informal fallacy known as false authority or appeal to authority. Being an experienced system or network engineer does not make you a security or risk management expert. In your particular case, you have failed to produce any formal credentials in either security or risk management, and based on your comments, I doubt anyone on this blog is going to credit you with any either.

Dirk Praet • March 26, 2016 10:16 AM

@ Rolf Weber

I only say it is technically possible. Good that you seem to agree eventually.

Please be so kind as to not twist my words. No one here has ever said that it isn’t technically possible. The debate is over whether or not it is possible to do it securely. Capisce?

Correct, but it should only show that you need better arguments than just refering to “experts”

Yes, Rolf, we know what you mean. And there’s something deeply troubling about demanding strong technical arguments from other people while at the same time defending your own position with pretty much every known fallacy in the book.

@ Clive, @ Wael

A minor correction “difficult to detect” should be “impossible to detect” in human terms and likewise impossible to bypass within the device.

Let’s assume for argument’s sake that vendor “Alpha” on behalf of government “X” of the country it has its corporate headquarters in succeeds in implementing a bullet proof, undetectable backdoor in a popular secure IM app. Backdoor access is protected by a clever, cryptographically sound key authentication mechanism and granted to LEA “LX1” of country “X”.

That’s all good and dandy, but how does that scale when LEA’s “LX2”, “LX3” and “LX4” start demanding keys too on top of similar requests by the governments of countries “Y” and “Z” for their LEA’s “LY1”, “LY2”, “LY3”, “LZ1”, “LZ2” and “LZ3”? It’s reasonable to assume that the intelligence communities of countries A to Z will not only demand keys for themselves too but will also dedicate significant resources to uncovering the known backdoor subsystem itself in an effort to exploit potential flaws or vulnerabilities possibly not known to the vendor. In no time, organised crime syndicates will try to get their hands on access keys too.

It’s pretty obvious that something like this is going to put an enormous burden on any company and expose it to gigantic liabilities the moment access keys or the backdoor subsystem itself one way or another gets compromised. On top of that, the moment the presence of a backdoor is publically known, the product it was built into will be ditched by any private or public entity even remotely concerned with he confidentiality of its data/communications, which in most cases will also mean the very people targeted with the backdoor in the first place.

So until such a time that someone comes up not just with a technically bullet proof solution but also one that scales and does not impose unreasonable security and financial risks on both vendor and users of the product, there is no way anyone can convince me it can be done in an even “reasonably” secure way.

Dirk Praet • March 26, 2016 5:10 PM

@ Clive

For obvious reasons testing for NOBUS is dangerous –but managable– thus it’s better to assume it exists and mitigate, ie assume the channel is open and move the end points with a One Time code or cipher.

If the new mandated decryption bill of senators Burr and Feinstein passes, then all plausable deniability is also out of the window.

@ Wael, @ Figureitout, @ Clive

Without going into the technical details, even at the Conceptual Architecture level: how is this a valid solution?

It isn’t.

One could use something like OAuth 2.0.

Preferably not. It has already had numerous security flaws exposed in implementations and has been described as inherently insecure by quite some folks including a primary contributor to the specification who stated that implementation mistakes are almost inevitable.

The problem is who is the real owner that grants access to the mobile-resident spyware ? Still doesn’t solve many of the issues.

I suppose it would be the vendor, granting access to LEA “LXn” either on a permanent or case-by-case basis upon presentation of a valid warrant. It’s reasonable to assume that LE would push for the former as to avoid unpleasant waiting times while vendor Alpha’s legal department is vetting the (many) request(s). The following question is where interception and decryption take place. At the vendor’s premises? Or would every LEA have it’s own private backdoor interface ? There’s a couple of very interesting scenarios here which I leave to @Rolf Weber to think through.

Dirk Praet • March 27, 2016 11:12 AM

@ Niko

The question was what if some authoritarian regime, say China, asked a US company for cryptographically weak software so that they could spy on dissidents or their own citizens.

Which I argued would be harder to fight if the US itself already had mandatory backdoor legislation in place.

Dirk Praet • March 27, 2016 6:21 PM

@ Niko

it would make it harder for US companies to deny other countries back doors and challenge those requests in foreign courts, based on an unreasonable burden argument.

Not just on unreasonable burden, but on domestic statutes that could be argued to conflict with such requests and need to be resolved too. I refer to the ongoing Safe Harbour/Privacy Shield limbo between the US and the EU.

However, since Microsoft, for instance, could produce a Chinese Windows, a Russian Windows, and a US windows, a vulnerability in one wouldn’t be a vulnerability in the other and the economic espionage argument falls away.

Yes, technically they could do that, which lands us right back in the backdoor scaling and management discussion.

Dirk Praet • March 29, 2016 4:59 AM

@ Rolf Weber

Again: My proposal isn’t designed to give law enforcement keys or any kind of “direct access”. My proposal is that the service provider must be able to circumvent his own encryption.

Please explain how this works in practice for say, an IM conversation agency LXn wants to track in real time. Are you suggesting that the vendor at their facilities will record and decrypt all communications of persons under an LE warrant, store the logs and then send them to LXn? How is that a practical approach to prevent or stop a crime in progress?

And just how many resources and staff do you think a company would require to accomodate in a timely manner a constant stream of valid LE requests? How does this solution scale?

It seems that currently a lot of criminals use phones that are unlockable.

Because they don’t know they are or just don’t care. Watch this change after the recent Apple v. FBI sh*t storm and outcome.

The point is that “backdoors” do not necessarily result in exploits.

Wishful thinking. Once there is a known backdoor, people will eventually research, break and exploit it.

My proposed “backddors” would be well known. Everybody would know that phones with default software are unlockable by the manufacturers, and everybody would know that WhatsApp is capable to intercept messages.

As @Wael already asked: even from a conceptual angle, how is this for LE in any way a valid solution if it works for the dumbest of criminals only, and in the case of an IM without real time interception?

Dirk Praet • March 29, 2016 11:10 AM

@ Rolf Weber

Like it is practiced already today with “traditional” monitoring. … The messages or the streams are copied and the agancy is granted access to these copies.

That’s not how it happens in “traditional” monitoring. When LE wants to monitor someone’s phone conversations, they get a warrant to tap into the central switching networks in the phone system which allows them to easily listen in without being detected. They also have access to the stations that relay mobile phone calls, which lets them eavesdrop on wireless communications. That’s a direct access system, not one in which the phone company somehow copies, logs or relays conversations.

I don’t know, but it seems feasible, at least Skype seems to be able to handle it.

“I don’t know” is not a valid answer when presenting any type of solution. No one except M/S and US IC/LE know exactly how Skype monitoring is being done today. If past methods are to provide any clue, the logical approach would be similar to a phone tap. The method you are describing sounds counter-intuitive, tedious, inefficient and resource intensive.

As an engineer, surely you must see that too. I think you just don’t want to go there because in doing so you would be casting serious doubts on your own “no direct access” mantra.

You simply cannot prove this claim.

The NSA’s ANT catalog is about 50 pages of previously unknown backdoors that were eventually found out about. And there’s not only Vodaphone Greece: Juniper, DUAL EC DRBG, Sercomm DSL routers, the PGP full-disk encryption backdoor, backdoors in pirated copies of commercial WordPress plug-ins, the Joomla plug-in backdoor, ProFTPD, the Borland Interbase backdoor, the 2003 Linux backdoor, BackOrifice, the tcpdump backdoor, the suspicious _NSAKEY in NT4 SP5 etc. etc.

Whether or not these backdoors were introduced by product vendors, state actors or other attackers doesn’t make any difference from a security or risk management perspective. We may not be able to empirically prove that every backdoor out there has or ever will be found out about and exploited, but from what we know there statistically is a more than reasonable chance that eventually many, if not most, will be. Conversely, you cannot prove that there is even one out there that hasn’t been compromised and which, funny enough, would actually disprove your own claim.

The simple fact of the matter is that introducing backdoors is like dealing drugs: the question is not if you will be caught but when you will be caught. Especially when you go tell the world you are a dealer.