EncroChat Hacked by Police

French police hacked EncroChat secure phones, which are widely used by criminals:

Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Encrochat took the base unit, installed its own encrypted messaging programs which route messages through the firm's own servers, and even physically removed the GPS, camera, and microphone functionality from the phone. Encrochat's phones also had a feature that would quickly wipe the device if the user entered a PIN, and ran two operating systems side-by-side. If a user wanted the device to appear innocuous, they booted into normal Android. If they wanted to return to their sensitive chats, they switched over to the Encrochat system. The company sold the phones on a subscription based model, costing thousands of dollars a year per device.

This allowed them and others to investigate and arrest many:

Unbeknownst to Mark, or the tens of thousands of other alleged Encrochat users, their messages weren't really secure. French authorities had penetrated the Encrochat network, leveraged that access to install a technical tool in what appears to be a mass hacking operation, and had been quietly reading the users' communications for months. Investigators then shared those messages with agencies around Europe.

Only now is the astonishing scale of the operation coming into focus: It represents one of the largest law enforcement infiltrations of a communications network predominantly used by criminals ever, with Encrochat users spreading beyond Europe to the Middle East and elsewhere. French, Dutch, and other European agencies monitored and investigated "more than a hundred million encrypted messages" sent between Encrochat users in real time, leading to arrests in the UK, Norway, Sweden, France, and the Netherlands, a team of international law enforcement agencies announced Thursday.

EncroChat learned about the hack, but didn't know who was behind it.

Going into full-on emergency mode, Encrochat sent a message to its users informing them of the ongoing attack. The company also informed its SIM provider, Dutch telecommunications firm KPN, which then blocked connections to the malicious servers, the associate claimed. Encrochat cut its own SIM service; it had an update scheduled to push to the phones, but it couldn't guarantee whether that update itself wouldn't be carrying malware too. That, and maybe KPN was working with the authorities, Encrochat's statement suggested (KPN declined to comment). Shortly after Encrochat restored SIM service, KPN removed the firewall, allowing the hackers' servers to communicate with the phones once again. Encrochat was trapped.

Encrochat decided to shut itself down entirely.

Lots of details about the hack in the article. Well worth reading in full.

The UK National Crime Agency called it Operation Venetic: "46 arrests, and £54m criminal cash, 77 firearms and over two tonnes of drugs seized so far."

Many more news articles. EncroChat website. Slashdot thread. Hacker News threads.

EDITED TO ADD (7/14): Some people are questioning the official story. I don't know.

Posted on July 3, 2020 at 10:39 AM • 66 Comments

Comments

AlejandroJuly 3, 2020 11:45 AM

"...investigators who found a way in to the platform didn't try to break the encryption in any way. Instead, they went for the devices, installing malware to allow them to read messages before they were sent..."

Sounds similar to the system FB proposed for E2E encryption on all FB and Whatsapp traffic, BUT, also phone home with on a parallel connection (presumably to police, governments, intelligence agencies, whoever) to make sure nothing bad was going on. Remember "embedded content moderation"?

https://www.schneier.com/blog/archives/2019/08/facebook_plans_.html

Was it implemented? Anyone know for sure?

Peder Thorsø LauridsenJuly 3, 2020 2:16 PM

Its actually a good example of supply chain security and trust in proprietary security...
And the product, service fee etc is really quite similar to "criminals, please sign up here".
I think some might have learned a lesson and that they might have been better of using an ordinary encrypted chat service like ie Signal... ?
The Police would have been rather clever of it actually was then that created the phones/service on the first place but the would probably be a bit too much to hope for?

Another MouseJuly 3, 2020 3:15 PM

@Alejandro

German government calls this Quellen TKÜ or source telecoms surveillance, means a federal Trojan exfiltrating the comms pre encryption and post decryption.

Ulrich BocheJuly 3, 2020 3:25 PM

According to what was said on Dutch Public TV (NOS), the French authorities discovered the servers but Dutch investigators succeeded in getting access to the unencrypted streams and were able to listen in for several months. So they didn't break the encryption but accessed the clear text. Makes it so much easier :-)

In the Netherlands, around 100 people were arrested so far, in the UK alone police arrested 750 people.

Clive RobinsonJuly 3, 2020 4:12 PM

@ ALL,

This is being portrayed as the take down of clever criminals who are the "Mr and Mrs Big" of crime.

Actually they are not.

In tealiry they are low life street criminal thugs, who have managed by violence, murder and worse to move them selves up the street crime tree one or two levels beyond the normal low life thugs so they are not the lowrst of the low hanging fruit.

The reason the authorities are calling them the "Mr and Mrs Big" is purely for political reasons. These crime agencies for various reasons are costing big and delivering little in the eyes of politicians...

The reality is most if not all of these criminals are known to the police mostly through direct contact when they were just low level street thugs with an especialy nasty set of habits not just drugs, prostitution and murder but other crimes involving torture, disfigurment and kidnaping as well.

They are also not at all bright either, their OpSec is appaling due to lazyness, biging it up, and over confidence, which is why they are in such trouble. They thought themselves invincible but in reality they acted very stupidly including send pictures of themselves, their crimes the proceads of their crimes and much else related not just to their crimes but their families, associates, mistresses etc.

Remember that they could and should have learned from the mistakes of South American drug barons who actually had marginaly better OpSec, but still made what with hindsight I suspect even they now know were stupid mistakes.

Any reader of this blog for even a short time should know I think very little or nothing of "secure apps" and for good reason. That is the app is a very small part of the overal security and smart phones no matter how you slice or dice them are never ever going to be secure when manufactured for consumers.

The reason is the plaintext human interface is on the same device as what is effectively an open communications interface. Why bother attacking the crypto? Especially when you can do one of very many end run attacks around the applications security end point to the HCI via other apps, the OS and the I/O drivers etc.

If you want the sort of security the criminals thought they were getting from Encrochat they were never going to get it. Because consumer level smart devices lack "strong segregation" that is it's always possible to reach from the very insecure communications end point on device past the application security end point on the very same device.

To do what these criminals wanted would require to strongly segregated units, the first that has the communications end point on it, the second with the crypto and security end point on it as well as the Human Computer Interface (HCI). The second device also has one end of the "choke point" "gap crossing channel" on it. This crossing channel needs to be "strongly mandated" and "heavily instrumented" such that only desired secured communications can cross it.

Theres a few other requirments as well but that's the essential point to get across.

So any criminal who thinks they can by a secure system using consumer grade mobile phones is either deluding themselves or being sold a pile of bovine originated fertilizer by other criminals on the make.

Lets assume the figures given are approximately accurate. So that's 60,000 users each paying €3000 a year or 180 million euroes income which is arguably 200 million USD... Which makes it a nice little scam if you keep the other costs low.

If I was one of those Encrochat people I would currently be looking for somewhere to hide for ever because the sort of thugs involved like those from Morocco tend to get a bit inventive in the way they get retribution, and they have not just long memories but also that Middle East proclivity of cutting up relatives etc untill they think they have had sufficient vengence. Often as we know they can also pass such things down the generations as almost endless fudes...

But it looks like there are no end of chancers out there on the make... Because according to some reports within hours of Encrochat shutting down other services with the same sort of insecure design on consumer grade phones were advertising there services...

This whole episode as far as we know so far was entirely predictable to anyone reading this blog for more than a few months...

P.S. I've also mentioned fairly often how to avoid these pit falls and just how dificult it is to maintain the OpSec not just at your end of the comms chan but the other as well. Especially when we know there is no honour amoungst such criminals and they will rat you out more easily than they will find some one to stick your bits in a pig trough etc.

YawnJuly 3, 2020 7:18 PM

The effect of this will be negligible on crime networks who peddle illicit goods. The vacuum caused by the arrests will be filled virtually instantly.

Case in point - after 60 years of warring on drugs and various networks, illicit substances are cheaper, more potent, ever prevalent, in constant demand, and increasing in type.

The real unspoken tragedy is:

1. The claim of sovereignty over our own states of consciousness made by the government.
2. Idiotic policy (blanket prohibition) that empowers cartels and assorted undesirables.
3. An unwillingness to apply scientific rigor to the classification of drugs.

There is a deliberate and wilful ignorance regarding the actual harm (or lack thereof) caused by specific drugs, despite voluminous research conducted over decades. Exhibit A: Schedule I drug classification in the US which is based on pure fantasy.

Jesse ThompsonJuly 3, 2020 8:20 PM

@Clive Robinson

So any criminal who thinks they can by a secure system using consumer grade mobile phones is either deluding themselves or being sold a pile of bovine originated fertilizer by other criminals on the make.

Alright, so how about you buy two smartphones. Both have cameras, with physical shutters if you wish. Open Comms and Secure Endpoint units can communicate to one another via something like an animated QR code. One phone displays the code(s), while the other phone uses it's camera to gather that data.

A host to host USB-C link might allow faster bandwidth, but you'd have to be that much more careful that malware on the comms unit can do shady things with voltages to try to infiltrate the secure unit.

I think the real difference in an approach like this one is "it involves elbow grease from the user" and thus fails to maximize convenience. But that said, it's not the consumer grade hardware that is necessarily the bottleneck here.

Ismar July 3, 2020 10:38 PM

Very interesting story and it shows again that the E2E encryption is as good as its weakest link - the end point security.

As Clive mentions :

"To do what these criminals wanted would require to strongly segregated units, the first that has the communications end point on it, the second with the crypto and security end point on it as well as the Human Computer Interface (HCI). The second device also has one end of the "choke point" "gap crossing channel" on it. This crossing channel needs to be "strongly mandated" and "heavily instrumented" such that only desired secured communications can cross it.
Theres a few other requirments as well but that's the essential point to get across."

I would also like to add that, regardless of being able to separate the plain text to another disconnected device, one still needs to use the main device, which is connected to the internet, to send and receive (now encrypted) messages.

In this particular case, this fact would also be enough for the police to track down the whole network (might take some more time though) via using metadata only.

Hence, it looks like that the nature of the TCP/IP communications, makes it impossible (TOR is an attempt to overcome this) to hide the details of the end points involved in the communications.
Hence, those controlling (the most) of the network can identify the communicators regardless of communication content being encrypted or not.

When looked from this perspective, using E2E encryption could only be seen as painting the target of one's back as one of the people to place on the surveillance list and I would even argue that is why the authorities still allow for the E2E encryption software to be available as widely as it is now.

Clive RobinsonJuly 4, 2020 3:16 AM

@ Ismar,

I would even argue that is why the authorities still allow for the E2E encryption software to be available as widely as it is now.

When it comes to the ones that can think beyond five minutes in the future I would agree with you.

However much is run by "dictate" these days by people who are not the sort to think in the right sort of way. They believe in what was once called "divine right of kings" and thus fail to realise that neither they nor those they work for are either omnipotent or omnipresent.

We saw this not so long ago with an Australian minister of state basicaly claiming that the laws of man thought up for his and others convenience somehow had power over the laws of mathmatics and the laws of nature they describe. Foolish and pettifogging behaviour that brings disrepute on not just their venal nature but on the Office of State and by extension on the State and it's citizens as well.

There is an old saying about poachers and game keepers, likewise of using a thief to catch a thief. In essence they both mean the same you have to think in the right kind of way and no the ways of your quarry to catch them. We have similar old saws such as "To walk a mile in another man's shoes" they all come back to knowing the quarry or if you prefer your adversary.

The military philosopher Sun Tzu is sometimes credited with "To know your enemy you must become your enemy" which is a paraphrase of,

    "If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle."

But this knowledge is actually many many thousands of years older, we see it in cave paintings where the "spirit" or "essence" of prey and the hunt comes through without words.

People who understand this know that their quarry can always be found by their spoor and the tracks they leave, thus the quarry can be stalked[1][2]. The skill is then in knowing how to read the landscape and current environment better than the quarry such that you can get well within range of it and go for the kill quickly cleanly and without danger to ones self.

Knowing this is why I do not use clearly abnormal or vanity security applications and the like, because they leave visable "tracks" for others to follow. And the inevitable OpSec mistakes you or those you communicate with will make, are the "spoor" by which you become known and thus potentially the trophy on somebodies wall, or found burned to death in a forest outside Celle in Germany[2].

[1] https://en.m.wikipedia.org/wiki/Tracking_(hunting)

[2] Clifford Stoll clearly understood this with his book Cuckoo's Egg, Stalking the wily hacker and subsequent talks,

http://cyberforensicator.com/2017/03/11/cliff-stoll-still-stalking-the-wily-hacker/

IsmarJuly 4, 2020 4:08 AM

@Clive - so are we admitting the defeat then :-)?
Also, interesting link in footnote 2 - it managed to crash my browser tab :-)

Clive RobinsonJuly 4, 2020 4:20 AM

@ Jesse Thompson,

Alright, so how about you buy two smartphones.

Err no.

If you think about it the second phone is still a very insecure consumer grade device and has goodness knows how many communications end points in it that can be "got at"...

With regards,

can communicate to one another via something like an animated QR code.

As I mentioned years ago over on the Cambridge University's lightbluetouchpaper.org web site, using phone cameras is not a good idea. Because whilst the human eye is not generaly good at colour or intensity cameras are. Thus what you perceive as a black and white QR code of maybe a thousand bits, actuall has a hugh side channel in the intensity that could give four or more times the number of bits you do not see...

I've mentioned this issue in the past on this blog and more importantly the importance of putting the human or atleast inteligent instrumentation into the choke point gap crossing channel.

A host to host USB-C link might allow faster bandwidth, but you'd have to be that much more careful that malware on the comms unit can do shady things with voltages to try to infiltrate the secure unit.

It was exactly this issue I had to impress on @Nick P and a couple of others when talking about banking and similar authentication tokens.

But there is another issue, which is "mutability". Idealy the second device or token should be "unmutable" that is it should have no Flash ROM or battery backed up RAM etc on which malware can be put. This flies in the face of the way we build consumer grade devices these days.

Then there are security seals, cables and connectors to all consider as well.

Designing a secure second device is very far from simple, it's why I usually talk of using paper and pencil ciphers such as the One Time Pad and a match and ashtray for secure deletion. It's not only conceptualy easier to understand it's also a lot lot easier to come up with a secure system. Oh and a lot easier to get OpSec and usage right.

Which brings us to the weakest link in the chain, which you correctly identify with,

I think the real difference in an approach like this one is "it involves elbow grease from the user" and thus fails to maximize convenience.

As the old joke has it "Systems usually work as expected without users, that's when it all goes wrong" or the more pithy "The problem with 'fool proof' systems is you can never find a fool when you need one".

But your final point,

But that said, it's not the consumer grade hardware that is necessarily the bottleneck here.

The hardware consumer grade or otherwise is ment to be an "enabler" to make complex tasks become usable to ordinary individuals. The reason such devices go wrong and people get hurt is "assumptions" every system has them because they are what makes the specifications thus they are built in from day one.

Security engineers and secure systems designers have to grasp this point firmly,

    Like a Quality Control process a Security Process has to be in place and functioning correctly from "Day Zero". That is before someone even dreams up an idea that might eventually make it to the specification stage.

Because if the process is not in place then product will fail due to it's inbuilt assumptions that can not be "patched" etc.

Clive RobinsonJuly 4, 2020 4:38 AM

@ Ismar,

so are we admitting the defeat then :-)?

Don't be daft, it just makes the make more interesting ;-)

Not sure what might be in the second link to cause what you saw. I geberaly browse with both cookies and javascript turned off...

Because not only does it keep bandwidth down thus load speed up it also tends to keep out a lot of quite dangerous and unstable advertising crud...

Just "Google"[1] for "Stalking the wily hacker" and Cliff's name to find similar pages and links to Utube webanars by him. But as the book I believe is still in print some third of a century after it was first published, I'd get hold of that and read it, as it's actually quite fun.

IsmarJuly 4, 2020 5:42 AM

@Clive - managed to see the lecture - like it a lot , especially the last 5 mins or so.
We need the wisdom of elders to be transferred to younger generations which have been largely disconnected from this type of knowledge transfer in the post modern societies.

Clive RobinsonJuly 4, 2020 6:54 AM

@ Ismar,

We need the wisdom of elders to be transferred to younger generations which have been largely disconnected from this type of knowledge transfer in the post modern societies.

You might have noticed I gripe occasionaly that Security practitioners especialy but also the ICT industry in general as well,

    Does not learn from it's history, even when it's recent and well within living history. Thus is condemed every decade or less to relive those lessons it failed to learn from it's history...

I do not know when this is going to stop but it appears to go hand in hand with,

    The ICT industry appears to think that abstraction is the cure to all it's troubles. Thus it dog piles abstraction upon abstraction without first bothering to fix problems in the layers of abstraction they cover up.

Abstraction is not realy a solution to any problem as it's aim is to simplify by hiding details. The problem is especially with security that as the old saying has it,

    "The devil is in the details."

The totality of this dog piling behaviour is the computing stack is now so deep that it's nolonger possible for individuals or even teams of people to comprahend it in many of it's details, let alone it's entirety.

However there are some that do know where some of the devils hang out and these they co-opt into what we call malware. Sadly because we never learn, once you have found one type of devil it's siblings at other layers are not that difficult to find, because the same type of fault appears in nearly every layer of abstraction creating what are fault lines just waiting to be cleaved.

Thus the question arises that, "as such faults are reoccurring is as an industry ICT ever going to learn and start fixing things rather than hiding them?"

I suspect the answer is not in our life times as there are way way to many vested interests involved, all sticking out their "rice bowls" for a share of what they can get.

But one thing I can say is that we have another problem arising. As far as hardware goes we have effectively hit the wall as far as the laws of physics are concerned. That is we just can not make individual CPU cores run any faster. Thus to get more functionality we have to stop thinking serially and start thinking parallely. Unfortunately it turns out that few programmers are actually any good at thinking in a way to get good parallel processing...

Thus we need to find a way to resolve the issue, and because we don't learn from our history, we know it's going to be both more painfull to do and exceptionally fraught with problems we should have stopped dead a decade or so ago.

CuriousJuly 4, 2020 8:00 AM

How does one go from reading messages to finding the addresses of hundreds of users?

Singular NodalsJuly 4, 2020 9:09 AM

One would think on the grounds of not walking black cats under ladders, not getting off at the 13 th floor on elevators, and other general superstioner-ishisms, that one would avoid an app with a name that is too similar to “encroach”.

TatütataJuly 4, 2020 1:15 PM

This story is rather fishy. The first report I read about it was Thursday in the Dutch press (Huib Modderkolk, de Volkskrant, "Waarom criminelen geen WhatsApp gebruiken en meer over hoe de politie kon meelezen").

In particular, the utter lack of verifiable details (e.g., reviews) makes me rather suspicious. Was this service and its operator for real, or could this have been all along a sting operation organised from A to Z by police forces?

One tidbit of information is that Encrochat is allegedly a Dutch company. I tried looking up this name (and many variations thereof) on the Netherlands Board of Trade ( nttps://kvk.nl ) registry. No cigar. I also tried various European registries, without any better results.

There are two domain names, https://encrochat.network (registered 16 February 2015, all details redacted), and https://encrochatsure.com (no data whatsoever available through whois). Both domains appear to have become active around early 2016. ">Encrochatsure.com actually lists a street address:

Contact:

Ebbehout 1, 1507 EA Zaandam

Email Address: info@encrochatsure.com

PGP Email : team@encromail.ch

Phone : +31 20 – 8950047

This address apparently corresponds to a nondescript office building in an outer suburb of Amsterdam. Trying this key in the KVK.NL register returns three firms in Zaandam (the crèche in the ground floor, an umbilical cord blood bank, and a real estate agent). The building management company is domiciled in an Amsterdam suburb. But nothing resembling a telecom operator. Was there anything more than a name plate at this address? If the operator is itself operates beyond the law, it makes itself vulnerable.

How could they have acquired a significant stock of phones of two different makes, modify them in a non-trivial way, recruit a network of resellers in several countries, manage the financial fluxes, and all that without apparently any kind of footprint or bona fide. Did they attract the attention of the Belastingdienst (~Dutch IRS)?

Curiously, the site purports to have no less than eight representatives in Canada, but only one in most other countries. Canada is where a server of one of their predecessors/competitors Ennetcom had been seized. A mere coincidence?

Encrochat was mentioned on this site in a squid thread comment from 2016. The claims made by the company are rather tall and imprecise. A telltale sign of snake oil? I would think many many times over before handing out thousands a year to these guys...

We've known for at least the last five months with the Crypto AG and related revelations that governments aren't above setting up fake secure communications suppliers. Is this another example of this?

One problem I see is how they were able to establish probable in the various national legislations for the bulk interception of communications. Is evidence collected according to, say, a Dutch warrant, admissible in a British court, if the reasons for obtaining the said warrant wouldn't be acceptable to wig-wearers? Even if there actually was an Encrochat company, would a warrant directed to them automatically extend to their customers' communications?

I did find an earlier Vice story on this subject: Joseph Cox: An Anonymous YouTube Video Has Started a Battle in the Secretive Secure Phone Industry, 24 January 2018. (VIDEO)

TatütataJuly 4, 2020 1:17 PM

This story is rather fishy. The first report I read about it was Thursday in the Dutch press (Huib Modderkolk, de Volkskrant, "Waarom criminelen geen WhatsApp gebruiken en meer over hoe de politie kon meelezen").

In particular, the utter lack of verifiable details (e.g., reviews) makes me rather suspicious. Was this service and its operator for real, or could this have been all along a sting operation organised from A to Z by police forces?

One tidbit of information is that Encrochat is allegedly a Dutch company. I tried looking up this name (and many variations thereof) on the Netherlands Board of Trade ( nttps://kvk.nl ) registry. No cigar. I also tried various European registries, without any better results.

There are two domain names, https://encrochat.network (registered 16 February 2015, all details redacted), and https://encrochatsure.com (no data whatsoever available through whois). Both domains appear to have become active around early 2016. Encrochatsure.com actually lists a street address:

Contact:

Ebbehout 1, 1507 EA Zaandam

Email Address: info@encrochatsure.com

PGP Email : team@encromail.ch

Phone : +31 20 – 8950047

This address apparently corresponds to a nondescript office building in an outer suburb of Amsterdam. Trying this key in the KVK.NL register returns three firms in Zaandam (the crèche in the ground floor, an umbilical cord blood bank, and a real estate agent). The building management company is domiciled in an Amsterdam suburb. But nothing resembling a telecom operator. Was there anything more than a name plate at this address? If the operator is itself operates beyond the law, it makes itself vulnerable.

How could they have acquired a significant stock of phones of two different makes, modify them in a non-trivial way, recruit a network of resellers in several countries, manage the financial fluxes, and all that without apparently any kind of footprint or bona fide. Did they attract the attention of the Belastingdienst (~Dutch IRS)?

Curiously, the site purports to have no less than eight representatives in Canada, but only one in most other countries. Canada is where a server of one of their predecessors/competitors Ennetcom had been seized. A mere coincidence?

Encrochat was mentioned on this site in a squid thread comment from 2016. The claims made by the company are rather tall and imprecise. A telltale sign of snake oil? I would think many many times over before handing out thousands a year to these guys...

We've known for at least the last five months with the Crypto AG and related revelations that governments aren't above setting up fake secure communications suppliers. Is this another example of this?

One problem I see is how they were able to establish probable in the various national legislations for the bulk interception of communications. Is evidence collected according to, say, a Dutch warrant, admissible in a British court, if the reasons for obtaining the said warrant wouldn't be acceptable to wig-wearers? Even if there actually was an Encrochat company, would a warrant directed to them automatically extend to their customers' communications?

I did find an earlier Vice story on this subject: Joseph Cox: An Anonymous YouTube Video Has Started a Battle in the Secretive Secure Phone Industry, 24 January 2018. (VIDEO)

TatütataJuly 4, 2020 2:06 PM

Many arrests and seizures were apparently made in April, i.e., three months ago.

Was it really necessary to wait all of three months to make these public releases, or could the timing have something to do with current events (BLM...), or the perennial quest of public authorities to create an informational panopticon?

And if incriminating messages are used as evidence before courts, how could one be sure that their contents hadn't been "enhanced" in some way to improve the odds of a conviction?

SureleeJuly 4, 2020 2:08 PM

I dont know too much about Encrophones, a fast google doesnt make me any wiser
so i am leaning more towards a lawenforcement company on the getgo

Also i can see or not see somekind of "psyop" against using hardware compelled of
these companies not only Encro but the whole bunch, naming them as non trust worthy

And in that i think the most is won, and perhaps rightly so, if you dont talk face to face
then you dont know who else is listening, and even then you dont who else is listening

I think the bust was nicely done, congrats
what can we as a security community learn from it, not much as I can see

vas pupJuly 4, 2020 3:48 PM

@Tatütata did good job looking for details of the company.

@all:
"Encrochat took the base unit, installed its own encrypted messaging programs which route messages through the firm's own servers,
=>and even physically removed the GPS, camera, and microphone functionality from the phone."

I still can't get the idea who (I mean organization - not person) prevent manufacturers of commercial phones provide REAL control by the user of those features above (I marked them with =>) by hardware design which incorporated kill switch rather than creating opportunity for utilizing those features by hacking software. I could understand when phone is provided to employee by employer, otherwise it is pure "1984" shadow.

Any thoughts?

Clive RobinsonJuly 4, 2020 4:32 PM

@ Tatütata,

This story is rather fishy.

That's the second issue with it.

The first is the near total lack of details about what actually happened.

Some stories give the impression the French found the servers and did something to them... But what is unstated.

Other stories give the impression it was the phones that had some form of malware loaded on them by the Dutch.

As for the UK, well it's mainly a lot of political puffery, designed to make vast "mountains of mole hills" by implying the "secret sauce" that was the key to the success was British.

As for ownership of the company it's been indicated it was set up and run by a couple of Scotish Criminals. If it was I suspect that they have very much disappeared of the face of the earth befor others force them to depart the earth...

What is far easier, is to see through the smoke screen of "Mr and Mrs Big" as I've indicated they are street thugs not criminal masterminds from the reported behaviour and what has been confiscated in terms of cash and drugs.

I guess the next "thrilling installment" will be the court cases. I suspect that there will be pushback from the defence lawyers over the legality of the methods used. Which in turn will liberate other details of the technical methods used.

So sit back relax get the cat on your lap and a large bowl of popcorn there may be some good entertainment in this story yet to come.

aiJuly 4, 2020 5:34 PM

PLease let me see the big picture about this story...

"
allows detectives across the UK to make almost 750 arrests collecting almost two tonnes of drugs and $97 million in cash.
"
what a success!!! -- so $97 million was actually in the civillians hand...in the business life, now it is out of it...
"
Encrochat sold smartphones for about €1,000 ($1,100), and a cellular service offering worldwide subscriptions for €1,500 ($1,690) for six months of service, Europol reported.
"
what a success!!! -- so they payed actually millions of euros of tax... now they pay nothing, becuase they r closed!
"
"
The Kinahan gang, dissident republicans and other Irish criminal groups have used the hacked Encrochat service
"
what a success!!! I lived even in Ireland and never had a problem with any damn Irish gang....
"
However, earlier this year French police were able to remotely install malware in the Encrochat devices,
"
is this the future??? So hackers hacking hackers??? And everything is legal...
--
And to close my lines... I am very happy to pay for all of this, and actually the prisoners fee for the next 20 years and of course... to feel myself so secure
half a million people died all around the world...
tks everyone.. it was an unbelievable mission and very, very succesfull job.

Clive RobinsonJuly 5, 2020 1:40 AM

@ Tatütata,

And if incriminating messages are used as evidence before courts, how could one be sure that their contents hadn't been "enhanced" in some way to improve the odds of a conviction?

It would not be the first time that the digital evidence was "modified"...

Look up "Operation Ore" in the UK as Wikipedia puts it,

    "Operation Ore was a British police operation that commenced in 1999 following information received from US law enforcement, which was intended to prosecute thousands of users of a website reportedly featuring child pornography. It was the United Kingdom's biggest ever computer crime investigation, leading to 7,250 suspects identified, 4,283 homes searched, 3,744 arrests, 1,848 charged, 1,451 convictions, 493 cautioned and 140 children removed from suspected dangerous situations and an estimated 33 suicides. Operation Ore identified and prosecuted some sex offenders, but the validity of the police procedures was later questioned, as errors in the investigations resulted in many false arrests."

It revolved around a case of an American web site "Landslide" that did not supply porn but acted as a gateway to pay to view porn sites in the Far East etc. The evidence used agaist people was the information in Landslide's database which was sometimes confirmed by credit card charges, that the US Post Office amongst other US agencies supplied to law enforcment world wide.

Michael Mead of the United States Postal Service contradicted his US testimony under oath in UK courts regarding several details relating to the investigation.

Apparently the "front page" of the Landslide website, as supplied to the UK police was falsified in various ways. Thus the finger pointing started...

The UK investigation was run by Jim Gamble, a man of questionable past in Northern Ireland. He made lots of statments to the press in fact he was hardly out of the media during that time. He then went on to an even more questionable future at CEOP. Several allegations were made against him, about resource usage and misleading statments so he again moved on (MicroSoft amongst others got the benifit of his questionable tallents)1.

Under Jim Gamble the police even despite being notified very early on that credit card fraud was involved[1] failed to investigate this aspect, so keen were they on show trials and publicity. This was alsi despite a clear warning from the FBI which was why there were only a hundred US prosecutions despite there being tens of thousands of US details in Landslide's database.

Under Jim Gamble the whole UK investigation was a compleate mess and the more people dug into it the more questionable or outright tampered with evidence was found.

Of significant note the investigation used an "IT expert" who was anything but it turns out, who had apparently falsified various details of his past and he was arrested for possession of child pornography. What this person had or had not done was never made clear[3]. The reason the police used the wrong law to search under and thus what ever evidence there was never got presented into court thus the public domain. It appears officially all of the failings of the case were laid at his door... Thus all the other police officers involved must therefore have been "shining angels, paragons of virtue, unfairly vilified" etc etc which was most certainly not the truth. In otherwords the man became "a useful idiot". Some believe that this was done deliberately that he was a "scape goat" for police officers who had significantly "bloted their copy books" and should have been thrown out of the police force. Whilst I have know idea if he was used that way, I do know that some police officers should have been thrown out from the top of the investigation downwards.

Any way read the "Controversies" section of the Wikipedia site,

https://en.m.wikipedia.org/wiki/Operation_Ore

But remember that the Wikipedia editing rules have excluded much of what went on, and it appears some in officialdom have used the EU "right to be forgotton". Oh one thing they Wikipedia article has got wrong is about the releasing of the list of names the US supplied to the UK Met Police, they were not secret, you could obtain them under a "Freedom of Information" request[4].

Although not published it was very clear that the Landslide database contained the names of quite a few people "connected to the establishment" that were never investigated... This gave rise to someone reverse engineering of what became known as the "VIP list". Various people claim that it can be shown that the VIP list has been used by amongst others Jim Gamble to obtain influance. Amongst which was the strange movment of a number of "Sky News" journalists to out of the way places, in effect "shutting them up".

[1] Somebody I knew at the time got pulled into it, and the evidence against them was a credit card transaction made when they could prove they were thousands of miles away. This led to a private investigation showing that credit card details had been stolen. Later suspected of being via a UK ePos terminals used in a supermarket petrol station[2].

[2] The same Supermarket later found that their ePos terminals had been tampered with in the "supply chain" and that a cellular device installed in them was "dialing home" with hundreds of thousands of Credit and other purchase card details. The only way the security sealed tampered units could be told appart from those that had not been modified in the supply chain was by a slight difference in weight.

[3] At the time it was claimed he had failed to properly erase hard drives he owned that had been used to copy suspects hard drives and this was the cause of the failed search warrant.

[4] One person who despite what happened to him decided to fight back, Simon Bunce went public to clear his name. And if you read what he did you will see that he was able to get the information to clear his name and show up what was going on,

http://m.digitaljournal.com/article/252684

He mentions the FOI but more importantly he says how it changed his life and from what I gather still does.

SpaceLifeFormJuly 5, 2020 2:00 AM

Operation Venetic

I think it went down this path:

Suspects caught with the phone in active state,
and were being watched. Bad OPSEC.

Note: reports never mention baseband removal.

And WIFI still there. So, all known radios still intact, whether being used or not.

That is the main fail by the criminals here. I guess they were stupid enough to believe that it must be super-duper secure because it costs so much.

But, the comms and the crypto are not separate.

So, the suspects can be watched, and located, and
via traffic analysis, can guess and/or confirm who they may having been communicating with. LE almost certainly had good ideas of the end points in many cases.

No need to break any encryption.

Court in France gets the ball rolling.
Gets NCA involved.

SIM card group KPN forced to divulge SIM information.

Cellcos force downgrade attack on users with target SIMs and control routing of the cell traffic. Collect it all. Not the WIFI, but the phone is now a suspect via it's id, and can be tracked via towers.

More traffic analysis confirms more suspicions.

Encrochat lose control of their Certs.

Backdoor forced to the phones to capture plaintext and all comms including ciphertext. Including WIFI.

Both plaintext and comms sent to common server in near realtime. Should be able to correlate endpoints.

hxxps://security.stackexchange.com/questions/82121/sim-card-cryptography

hxxps://newsakmi.com/news/world/uk-news/crime-kingpins-on-encrochat-phone-network-smashed-by-investigators-called-them-pack-of-hyenas/


Clive RobinsonJuly 5, 2020 4:13 AM

@ SpaceLifeForm,

I guess they were stupid enough to believe that it must be super-duper secure because it costs so much.

Let me see there was that fable about an Emperor and his cloths...

I guess some things never change ;-)

One bit I would like to know more about is the alledged "Dual operating system" it's not clear if infact the OS's switched or if one ran inside a virtual machine or not.

Whilst I've written OS's for microcontrolers that do talk to cellular modems (ie mobile phone RF but no screen, mic/speaker screen or keyboard) I've not written one with an all singing all dancing "smart" interface.

Thus I've suspicions this second OS was either not a new OS or even an OS at all. That is it could have been a stripped down version of Android or one of the Chinese very cheap phone OS's or more likely it was an environment within an existing Android OS. The later means that the system builders would not need to build device drivers and the like.

Also some articles alude to the fact the "secure" stuff actually went through the companies servers in France. That is it sounds like the phone actually used the Internet connectivity not the ordinary phone service / SMS etc.

I've thought about doing a secure voice app that way, because the GSM codecs effectively stop you using encryption across the GSM audio / Voice channel[1][2].

Whilst it's not trivial a competent java coder using standard libraries could build a prototype voice encryption system in a couple of days. What would realy take the time is ensuring data dropouts were not an issue and of course all the complex and fraut KeyMan stuff that users just expect to work (see the "Why Johnny can't encrypt" PGP papers).


[1] You may remember "jack pair" they were trying to do encryption of audio and use a phones audio channel. As I said back at the time, whilst they could get it to work across a traditional POTS audio channel, I thought that they would not have any success with mobile phones due to the use CELP codecs pioneered / invented by the NSA[2][3].

[2] GSM uses Code-excited linear prediction (CELP) codecs weighted fir a male germanic voice. CELP is a linear predictive speech coding algorithm originated by Manfred Schroeder in the mid 1980's from work into secure speach systems going back into WWII which gave us the "Hot Lines" we heard about in the press during the cold war. The important thing to note is "linear prediction" that is most audio signals are not random but fairly predictable and in a linear way. Thus overly simply you can do "curve fitting estimation" of the audio signal and not need to send this as data. In effect the codec actually has quite a low bandwidth. If you think about the encryption process for a moment, what you do is take an audio signal put it through an A-D converter encrypt the digital output and put the result into a D-A converter and put the resulting audio output onto the phone audio channel. The problem is that the encrypted audio is not predictable or linear at all it's random and looks like high bandwidth noise... Whilst you might with care get this down a POTS audio channel of high bandwidth, you have no chance with a CELP audio channel of effective low bandwidth[3]. You simply can not squeaze a quart into a pint pot.

[3] For some time now that "hinky" part of my brain has wondered if the NSA let the CELP encoders loose on the world because they knew it would make strong voice encryption not possible... It is the sort of "mess with the standards" finesse that would appeal to them. After all there are things people can do about implementation weaknesses like those in AES, and likewise but to a lesser extent there are things you can do about protocol weaknesses... But base level standards weaknesses means a tear up the design and start again approach and you get the "backwards compatability" issue by the truck load and the new mess that can give rise to fairly easy "man in the middle" "fallback attacks".

Clive RobinsonJuly 5, 2020 4:20 AM

@ ai,

By the way... the solution is a linux tablet made by an American geek with linux.NOT android.

Err no, not at all.

The actual problems are rather more fundementl than that, and involve hardware segregation as a minimum which "tablets" just will not give you.

Jonathan WilsonJuly 5, 2020 6:27 AM

It is a pitty the Neo900 project (which aimed to be a sequel to the excellent Linux based Nokia N900 phone) never really got off the ground. One of the plans for that device was to segregate the closed hardware from the main system. The cellular stuff was a separate module with no access to the main CPU/RAM/Flash and there were plans for a hardware disconnect that would completly shut off the cellular radio, same with GPS and WiFi and things.

And the idea was that it would be possible to run 100% FOSS software only on the main SOC (apparently some flavor of TI OMAP chip) and in doing so avoid potential backdoors.

Shame the project died though.

aiJuly 5, 2020 8:07 AM

Clive Robinson,

"
The actual problems are rather more fundementl than that, and involve hardware segregation as a minimum which "tablets" just will not give you.
"
yep.unfortuantely probably you r right.It is 1 solution.But i am not sure even if there would be any soultion ..-->for a frase "idiots"..
And this will be soon or later rather a political problem... not a criminal.One of a politician will cacth this wave in the ocean of mess, and jump on it and will fly and will win the game.I think some paper mentioned about something religion stuff around it.Or maybe am I wrong?yep probably....

Singular NodalsJuly 5, 2020 10:28 AM

Further along the line of jumping sideways at the slightest hint of movement in the shadows, one might also have been expected to avoid a device whose name is too similar to “crochet” as in “oh, what a tangled web we weave ...”.

https://en.m.wikipedia.org/wiki/Crochet

TatütataJuly 5, 2020 10:46 AM

get the cat on your lap

Since you mention it... I buried my beloved Barclays Bank (among her many aliases) this week, she was barely 12. The end wasn't pretty, but mercifully she did not suffer very long, albeit still too long for me. And I became as frustrated with veterinarians as with regular physicians. <paranoid_mode>Could she have been hacked by a TLA</paranoid_mode>?

But by the time this business develops, I will have probably adopted her successor.

The idea of blindly trusting an obscure third party to make a production phone "secure" is really boggling.

It might be feasible to build a Bluetooth peripheral exclusively used as a handset and for messaging. An Atmel or PIC microcontroller might perhaps be enough to drive a small touchscreen, the Bluetooth interface, crypto, and codec. In any case, the smallest Raspberry ARM undoubtedly has enough oomph to drive such a thing, the issue is more one of packaging. The code could would be designed to run under the barest of supervisors without all the bells and whistles of Android, *nix, and co. The host phone would only be used as a modem that could be as compromised as one wants, the sensitive part is physically segregated. Yes, you'll have to trust at some point your display and bluetooth module suppliers...

BTW, technically, it wasn't the French police, but the gendarmerie, who was involved. The police is a civilian institution under the authority of the Minister of the Interior, and is present in most larger cities. The gendarmerie is a part of the army, and is in charge of the countryside and smaller localities. They also have military-specific duties, like rounding up conscripts and deserters in times of war, and can be called up for front line service. I was a bit surprised to see them involved in this. In any case, either corps dislikes being mistaken or associated with the other one.

Singular NodalsJuly 5, 2020 11:25 AM

@Tatütata

gendarmerie is a part of the army

Wait, you’re saying Ludovic Cruchot had something to do with Encrochat ?

This is far deeper than I had realized.

Clive RobinsonJuly 5, 2020 2:39 PM

@ Tatütata,

Since you mention it... I buried my beloved Barclays Bank (among her many aliases) this week, she was barely 12.

May she rest peacfully.

But by the time this business develops, I will have probably adopted her successor.

In my experience interesting cats adopt the people that think they own them[1], especially "social cats" that adopt several people at the same time. You think they are out chasing small furry or featherd things, when in fact they are enjoying a nice saucer of real chicken four doors down[2].

But before somebody says "off topic" back to the "business" at hand,

The idea of blindly trusting an obscure third party to make a production phone "secure" is really boggling.

It is and it is not depending on which view point you take. Whilst there are certainly one or two people who read this blog capable of building a mobile phone from base components, they are unlikely to have the resources to get it through the GSM approvals process.

Thus you have to think of another way to do it. Motorola for instance has the G24 java quad band RF moduals you can buy in fairly cheaply. I used them for a secure USB memory module project, that later morphed into an in and on taxi cab advertising system with some degree of interaction for the passenger.

The point is if you think about it no base component has any inherent security properties it's the way you design them into sub assemblies and systems that gives then security properties.

But even buying in base components can be problematical. System On a Chip (SoC) semiconductors when encapsulated can be smaller than a grain of wheat. Thus can be fairly easily concealed in a connector or cable assemply that most would assume would be entirely passive. This means that you have to have a fairl resource expensive "Goods Inwards Test" (GIT) system that involves amongst other things Xray equipment and destructive testing of a significant percentage of incoming items (normal GIT sampling based on statistics does not apply to security). It would take a book to describe even some of the ways I've thought up on how to poison the supply chain in order to work out how to do Security GIT with any degree of success. Trust me when I say it's not something you want to be doing as it makes each unit almost bespoke from begining to end of production and at eye wateringly expensive cost.

The thing is that you end up having to buy in sub assemblies any way so you have to think about not ensuring security but mitigating potential insecurity which can be one heck of a lot less expensive. Thus a module such as the G24 because it's designed to be generic you can connect a mic / speaker / screen / keyboard to it and have a basic functioning mobile phone for less than 50USD. However you don't have to because it also has a couple of serial ports or USB ports by which you can use it exactly like an old fashioned high speed modem, and yes it does use the AT command set with one heck of a lot of argumentation.

Which would make it idea for,

The host phone would only be used as a modem that could be as compromised as one wants, the sensitive part is physically segregated.

However you need to take the idea backwards a bit because,

Yes, you'll have to trust at some point your display and bluetooth module suppliers...

May not actually be an issue. You can design in mitigations because these items are small enough that they can be not just properly segregated on a single PCB but also properly shielded from the environment. At which point it does not matter to much if they are backdoored because there is little or nothing an attacker can gain from doing so.

As an excercise I went through a design and it turns out with careful design the only part where security is an issue is the "smart card" you use for doing the crypto. Yes the unit is a bit bulky, a bit heavy and the battery life is not going to be that great... But consider the Apple iWatch -v- a conventional battery watch, it has exactly the same set of disadvantages... So yes you probably can get users to buy suchva secure systen even with those inconveniences.

With regards,

In any case, either corps dislikes being mistaken or associated with the other one.

Even the French have one of those sayings that broadly means "It was ever thus" ;-)

[1] Many years ago my sister got home late from work the night before Xmas eve to find a small pile of delapidated and very muddy black fur near the front door. On taking it inside it was clear that what ever it was, it was in a very bad way, so an emergancy apointment with a vet to put the poor creature out of it's missery was made. On the way there the little bundle of fur and dirt made it clear it was a fighter. So having lost an eye and kidney and having several broken bones instead the little bundle that was mewing went into surgery. After quite a period spent in a box in the kitchen one day first a head then a body emerged and slowly investigated the kitchen. A few weeks later even with snow she was out and about investigating the territory, appart from a wonky leg and an odd way at looking at you, you would not have known what she had been through (and cost). Sadly as with all living creatures she reached the end of her days and died peacfully one day.

[1] My son has a nemesis that is likewise coated in black fur. It's clearly a social cat and my son's mum likes it a lot, even though it technically belongs to the family next door, who likewise had it turn up on their doorstep in a state one day. Untill we found out who "owned" the cat we called it "Madam le Fur Ball" because it's fairly petite and sashays like a courtesan with the tail expressing idle disdain for all that is around it. Well it turns out it's not a madam but a bit of a pit bull scrapper with other cats, and the lady of the house next door is inordinately fond of it and brushes it's coat out every morning and evening. Sadly for the cat their son named it after a Harry Potter character, so it's labled with the name "Dudley" or "Dudders"... A crueler fate than the poor beast deserves, especially as it appears to have way more than nine lives. One of which surely must have gone when it came to our door with it's face half hanging off after a territorial fight with another cat or possibly a fox. Needless to say it is back in "rude health" flicking his tail with disdain and we just call it "LFB". Oh and it has a fondness for donner kebab even with chilly sauce that most would not believe...

TatütataJuly 5, 2020 4:58 PM

Wait, you’re saying Ludovic Cruchot had something to do with Encrochat ?

Ah ouais, there is indeed a certain homophony.

I should have rather used this segment from "Le gendarme et les gendarmettes" (1982 - but it's even more dated than the 60's original films), where the pandores are
introduced to the boundless possibilities of information technology... (I'm not familiar with the equipment. Are these perhaps banking terminals from CII Honeywell Bull?)

Even the French have one of those sayings that broadly means "It was ever thus" ;-)

"Et il en a toujours été ainsi.". The German translation is more literal: "Es war immer so". There are also rivalries between branches of the police itself.

I consulted back in late 80s for a couple of guys who were trying to put together an analog cell phone design. Their PCB was riddled with stray couplings and ground loops. And they weren't even started on the EMC or the (comparatively) simple call protocol. (I quickly decided I wanted to have no part of that mess). So, yes, a module is the way to go these days. Only the largest volumes with the tightest specs would justify the expense of a component level design.

I think we agree that it's technically possible to built a decent peripheral appliance from scratch that has less risk of compromise, either as a bluetooth accessory to a smartphone, or an autonomous cellular device, as long as stick to the bare minimum features. The question then becomes operational: how do vet and initiate your contacts with your fellow scofflaws.

TatütataJuly 5, 2020 5:20 PM

This was from back in 2016, I don't know if it was ment to be funny at the time as it was posted on April 1st, but...

I thought that Encrochat's service was only messaging only, not voice.

But seriously, a lowly SIP/VoIP server? How do they expect to remain accessible from all networks, especially mobile ones, when many providers still routinely block VoIP access through port blocking or deep packet inspection.

I notice that their Certifying Authority is in Panama.

The three IP addresses mentioned in the Medium article, 216.187.86.233, 124.217.254.93, 185.55.53.173, route respectively to Vancouver BC, Kuala Lumpur, and Britain, but none seem to be active at this time.

(OOOPS, A duplicate of this message was posted by mistake to the squid thread. Sorry. This one is at the right place.)


WeatherJuly 5, 2020 8:15 PM

@All
Sha1 should have been thrown out 10 years ago, but that would be hard to achieve.
Starting to think the same with Sha2, suggest you move to Sha3.

SpaceLifeFormJuly 6, 2020 2:59 AM

@ Tatütata

I think that this Encrochat story ties to what you found.

VOIP is totally insecure, but at the time, the telcos would be losing money on that, so they would block. Now, it is likely a profit centre, because it is easy to tap and sell the data.

Back then, there was another name in Canada. Supposedly a competitor to Encrochat, but that may be a cover story.

There are many dots.

AIQ, SCL Canada, Cambridge Analytica. Panama Papers.

I believe Operation Venetic is larger than known.

WinterJuly 6, 2020 4:42 AM

More details are given in this Dutch newspaper story:
https://www.nrc.nl/nieuws/2020/07/02/hoe-een-pgp-hack-narcostaat-nederland-feilloos-blootlegt-a4004789


A passable translation by Google is here:
https://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fwww.nrc.nl%2Fnieuws%2F2020%2F07%2F02%2Fhoe-een-pgp-hack-narcostaat-nederland-feilloos-blootlegt-a4004789

It is the latest in a long list of cases where the (Dutch) police get access to dark web and encrypted services by hacking into the end-points.

Personally, I would stick to Signal running over Tor on burner phones (if that is even possible) or secure messaging over onion routers. Nothing is really secure, but legal deniability is worthwhile in itself.

The point is that Signal and Tor are heavily used, and scrutinized, services. Hacks would be either noticed early, and if not, much too valuable to waste on a petty (drug) criminal.

If you are really valuable, you never use these devices yourself. That is where you have minions for.

Clive RobinsonJuly 6, 2020 5:14 AM

@ Winter,

That is where you have minions for.

Yup, at least you get why I say these "Mr and Mrs Big" as the police call them are in reality only one or two levels at bets above the lowest of hanging fruit in the criminal world of street thugs.

I think it should be comming clearer to people that the police are themselve trying to "big it up" for some political or financial reason...

MarkHJuly 6, 2020 5:23 AM

@Clive:

As for the UK, well it's mainly a lot of political puffery, designed to make vast "mountains of mole hills" by implying the "secret sauce" that was the key to the success was British.

Of course this triumph would have been impossible without the British, who deployed their famous arsenal:

• pluck
• stiff upper lips
• the effortless superiority of hereditary aristocracy
• the dregs of Watney's Red Barrel
• world-class football hooligans

Need I say more?

Anyway, I read that the pubs have opened. What could go wrong?

Clive RobinsonJuly 6, 2020 5:42 AM

@ Tatütata,

But seriously, a lowly SIP/VoIP server?

Apparently so, "Who'd ave thunk?" ;-)

Just take others probably open source work and make a few changes.

How do they expect to remain accessible from all networks, especially mobile ones, when many providers still routinely block VoIP access through port blocking or deep packet inspection.

If you reread the articles and have a "thousand mile stare" between the lines, you will see it looks like they rented mobile space from a Dutch Telco, and in effect created their own private mobile network, presumably with roaming. Thus they would alow VoIP etc across their mobile network as part of their connectivity contract but probably only to their own server IP addresses...

I notice that their Certifying Authority is in Panama.

Ahh the ideal place as it has few if any extradition treaties alows barer share companies and the like, and a good place to end a canoeing holiday provided your partner does not flap their gums.

In the UK we have a number of Limited Liability Partnerships, supposadly to protect accountants and lawyers assets from negligence claims... Well from what I've been told if you have one and use it as part of a "financial tunnel" as it's a Partnership not a Share company it is exempt from most of the UK Companies House rulesabout filings, thus a simple "no for profit" or "Not actively trading" decleration each year surfices. Further apparently quite a number have "partners" that are Pabamanian legal entities...

As @SpaceLifeForm points out with,

AIQ, SCL Canada, Cambridge Analytica. Panama Papers.

That this operation grandiose as it's being portrayed is very probably a smaller part of a larger operation. The aim of which is not to stop "dangerous" criminals at all --that's the excuse for the public--, but "grab assets" for the agencies and the Treasury...

Clive RobinsonJuly 6, 2020 6:38 AM

@ MarkH,

Anyway, I read that the pubs have opened. What could go wrong?

Oh how about "viral droplets" become "projectile vomiting" and all those late night "street pizzas" now full of virus cause a transfer to say foxes?

After all we know cats and mink thus presuambly stoats, ferrets, pole cats, and all big cats will become disease reservoirs. Might as well include a few other "urban" spiecies for the fun of it not.

4891July 6, 2020 7:18 AM

@ Clive Robinson

Thus what you perceive as a black and white QR code of maybe a thousand bits, actuall has a hugh side channel in the intensity that could give four or more times the number of bits you do not see...

triggers us to suggest displaying the qr code not on a screen but on a (peripheral) checkered board with the exact number of squares (electronically/mechanically set to black or white) needed to display the (one-time pad) ciphertext.

Clive RobinsonJuly 6, 2020 11:41 AM

@ 4891,

displaying the qr code not on a screen but on a (peripheral) checkered board...

The simplest of which would be a print out from a black and wgite printer.

As some know I've a saying when it comes to this sort of communications[1], which is,

    PAPER Paper never Data.

The problem with QR codes though is the Mk I Eyeball backed by the human brain can not "instrument" the data held in the QR or any other type of printed graphical code (though a few can read shop bar-codes).

Thus if you can not instrument the QR code you can not pass it on to a secured system...

However the way around this is to use two systems, the first "instruments" the QR code and puts it in human readable form on a screen etc and if it passes the human eye then it can be passed onto the secured system.

This process can if you are handy with scanning equipment be automated sufficiently to take some of the drudge out, but at the end of the day it's neither convenient at low volume traffic or realistically usable at high volumes of traffic.

[1] It's the advice I give about handing over what some incorrectly call evidence. Put simply "You can see what you are giving them" when you hand over everything on paper. The problem with electronic files is "meta-data", not just that from the file system, both visable and not so visable[2], but tucked away in the custom file formats of which Microsoft in particular have favoured in the past that has provided a trove of hidden meta-data that is information others, that have no reason or right to see. Oh and you can also stop your opposition OCRing it in[3], thus using computers and other IT tools to build searches and databases.

[2] It's not just the file system meta-data such as file names etc. All but small files consist of a linked list of disk sectors. The order and placment of these can reveal other meta-meta-data such as a file that has been erased, it's sector size and when it was deleated. Wietes Venema and Dan Farmer brought to peoples attention using time as a form of digital archaeology. However Brian Carrier wrote the book on it, with "File System Forensics Analysis".

[3] At the end of the last century "DMR by Watermarking" was briefly a big thing. In essence it used "Direct Sequence Spread Spectrum"(DSSS) techniques used for their "Low Probability of Intercept"(LPI) in radio networks and applied the spreading first one dimmensionaly then later two dimensionally[4]. The ideas all came crashing down when researchers at the UK Cambridge Laboratory came up with a software program that distorted a two dimension image such that it broke the DRM but left the image sufficiently unperterbed that the human eye did not pick up on it...

[4] As such DRM Watermarks are the equivalent of a covert side channel that can leak information, it's would be wise to use the anti-watermark software on any images you are going to make available outside of a closed group.

4891July 7, 2020 10:08 AM

@ Clive Robinson

Considering

The simplest of which would be a print out from a black and wgite printer.

feels susceptible to side-channel attacks (wondering if dropping qr codes altogether and using ocr on the ciphertext would be any better) and

However the way around this is to use two systems, the first "instruments" the QR code and puts it in human readable form on a screen etc and if it passes the human eye then it can be passed onto the secured system.

still requires the leap of fate that none of the systems are compromised and lying to you, we're back to square one: doing it by hand.

That however is error-prone, doesn't provide message authentication/integrity and

...it's neither convenient at low volume traffic or realistically usable at high volumes of traffic.

especially when padding is added (we've encountered it in a few implementations but still wondering if it's really necessary).

While we're at it, do you think the data diode used in tinfoil chat adds any value?

Clive RobinsonJuly 7, 2020 2:34 PM

@ 4891,

While we're at it, do you think the data diode used in tinfoil chat adds any value?

It's a "simple diode" based on a photodiode and without error correcting feedback, it's about as good as you are going to get with a soldering iron and an Internet or even over the counter component supplier.

So whilst it is possible in theory that the opto-coupler be replaced by one that has been modified in some way... It would be unlikely that such a modified device would survive a well thought out Hi-Pot test.

Even then you can with a little thought add other ordinary "signal diodes" to the circuit, as well as instrumentation, to make the difficulty of "reversing" it by an opponent hard.

The purpose of data diodes is to reduce the likely hood of unknown reverse "Shannon Channels" causing covert control channels thus data geting back from the insecure output side back to the secure input side. To do this you need a device that has a very very low reverse current gain, and a true low resistive input impedence with a sufficiently high input voltage threshold on the preceding circuit to prevent any change at the output being passed back. Thus any reverse current would need such a high voltage at the output that any instrumentation would catch it. However you must remember that any such instrumentation would need to be "feed forward" not "feed back". The easiest way to do this is use "differential signalling" across the "diode gap" thus you take the two signals at the output side and drive the equivalent of an XOR gate as an instrumentation detector. It's, output will be very fine pulses at the switching transients as you must expect some unequal delays across the two diode gaps. However any other high from the gate would be some kind of error. The simplist way to deal with this is to put the XOR output through an integrator and this into a simple threshold detector that then drives a transistor as an output "gating device" that shorts the Data Diode output to ground that the opponent is trying to drive a reverse signalling current into.

GrimaSJuly 7, 2020 7:04 PM

So, questioning the assumptions behind a post by our host is now off-limits, eh? Or so the removal of my two or three remarkably benign posts in this thread would strongly suggest. No doubt he would claim that those posts were "OT" regarding technical security, even though much more outrageously OT crap is tolerated here on a regular and recurring basis, apparently so long as he sympathizes and agrees with it. Ah, well, I've sadly become accustomed to watching those I once idolized compromise every shred of their integrity for no apparent reason, I guess I should not have expected anything better from Schneier. I don't require that I agree with decisions made by admins of moderated forums, but I do require some evidence of at least an effort to maintain objectivity and consistent standards. I no longer see any such evidence here. I am not willing to waste any more time or effort (veluable to me, at least) in a space where heavy-handed POV moderation is the norm. I wish all of you good fortune.

citr0nJuly 8, 2020 2:32 PM

@ Clive

Do you know all the people that use these phones? I think not. You might think the real big fishes don't use these kind of phones because they are to smart but you are wrong as is shown multiple times with previous hacks of cryptocommunication (at least in the netherlands). These criminals are no it-specialists and some will start using these and after a while will recommend them to others and that way whole gangs including the mahor bosses start using these.

This specific hack was possible because they physically infiltrated the server which provided OTA updates to these encrochat phones. By pushing an manipulated update that made all the phones also send a duplicate of each message to the authorities they could watch them realtime.

SpaceLifeFormJuly 8, 2020 3:14 PM

@ citr0n, Clive

"You might think the real big fishes don't use these kind of phones..."

I believe you have misread Clive's point.

The big fishes do. But there are always bigger fishes.

"This specific hack was possible because they physically infiltrated the server which provided OTA updates to these encrochat phones."

No physical access required. Get control of TLS cert, and MITM.

Clive RobinsonJuly 8, 2020 4:51 PM

@ citr0n,

Do you know all the people that use these phones? I think not.

I've already made the point about the alledged aproximately 60,000 user base but only about 750 arrests. That's only 1.25% of the userbase.

You might think the real big fishes don't use these kind of phones because they are to smart but you are wrong as is shown multiple times with previous hacks of cryptocommunication (at least in the netherlands).

I've already said they are not realy the "big fishes" but jumped up street criminals already known to the police.

Smart criminals take great care not to be known to the police even for speeding. Once beyond a certain value point they become the equivalent of directors that remain out of sight behind assistants etc. That is they only work "face to face" and only through others they trust as couriers etc. Because like Osama Bin Laden they learnt the pit fall leasons of electronic communications quite some time ago. Also the have learnt other lessons from terrorist organisations such as those in what used to be Ireland a hundred or more years ago. These techniques are fairly well tried and trusted and work as well now as they always have done if you care to remain current with certain technologies and how to mitigate their effects.

But even when they talk to people in person they do it in a veiled way so that even if they are recorded they have deniability.

These "big fish" did none of that which indicates not only an indiference to OpSec which is a fatal mistake in of it's self but they also "flapped their gums" by "bigging it up".

But if you want an idea of who might know these much more secure OpSec techniques keep your eye open for "glass top desks and single sheets of paper" especially what is known as "flimsy paper" that is like cigarette paper very thin and often coated with an oxidizing agent such as one of a number of nitrates. Such flimsies when lit burn hot enough that they actually float in the air whilst burning to an almost invisable ash (which is why magicians use strips of them in their shows). If you were in certain military signals units at yeoman / forman of signals or similar rank/duties you used to get issued with flimsies and other similar items including One Time Pads that you would keep in the safe, and desks in the secure areas were all glass topped.

One reason to do such things is for a "home station" to "boot strap crypto" at an "out station" that has lost KeyMat due to a bug out etc. You do this,by exchanging KeyMat over a known to be unsecured and monitored comms channel such as an "Engineering Order Wire" (EOW).

If you think this sounds like fiction as I've indicated it's standard OpSec taught to certain people professionally. Also in more depth to those who have to work "Under NOC rules" etc. It's not hard to find out about these techniques quite a few millitary and intelligence people are taught them as what is in effect "basic training" for under cover work, and people "pass them on". But you can work out most of them from first principles if you are even half way smart.

The fact that these alleged "Mr and Mrs Bigs" were not taking any OpSec precautions with their communications tells you that they were not even halfway smart in this regard...

I've detailed methods before on this blog whereby you can communicate verbaly across any circuit, they've effectively been public knowledge since WWII. But you communicate not just with the equivalant security of One Time Pad ciphers but also with language that is totaly innocuous even if monitored in real time continuously as well as being analysed. The problem though, is that the covert channel created, has a very low bandwidth, something like one to three bits per code phrase. (sentence).

As I've said before I do not use secure messaging apps or any encryption technology that would not be fully expeted for simple electronic transactions on-line.

I can explain it all again if you or others would like but it's a little lengthy.

citr0nJuly 8, 2020 4:53 PM

@ SpaceLifeForm

Well in some cases there might be bigger fishes yes, but definitly not always. Top guys of the Sinoloa cartel even got breached by previous similar hacks. And don't forget that the top guys or the whole network don't have to use these phones themselves to be exposed, the lower level guys or network are stupid enough to mention them especially when they think they can talk freely. Because this hack was so big it really made whole global networks and maybe even more importantly the way they operate visible. Also many connected corrupt goverment and police officials are seen now. Arresting the top guys most of the times does nothing because they are replaced instantly, but now they have to find complete new operation and communication strategies. I'm sure they will find these new strategies in time but not on a very short term. Therefore i think this is a bigger blow than we might think.

I'm no security expert or technician at all so i believe you right away if you are saying physical entry is not necessary for these hacks (never heard of this site, just got here by googlimg encrochat), but the OTA patch story is what's being said about this specific hack by inside sources in the Neteherlands

citr0nJuly 8, 2020 5:15 PM

@ Clive

Prepare for many more arrests to come from this hack, that percentage will definitely rise. The arrests made now are mostly for investigations that were already started before the hack or because they had to catch them red handed. Also police has the obligation to take action if they know someones life is in danger (eventhough it is a criminal) while they would rather not because it might expose the hack to soon.

But i agree that in this cat and mouse game there will definitely be a few guys that will never be seen. Most of the times the criminals are a little step ahead of the authorities, but sometime like in this case it's the other way around for a short while.

We have a nice dutch saying for this (translated): A water drop on a sizzling plate

SpaceLifeFormJuly 9, 2020 12:12 AM

@ Citr0n

"never heard of this site"

It's totally a Marxist club here. Run away while you can!

Clive RobinsonJuly 9, 2020 3:37 AM

@ Citr0n,

Prepare for many more arrests to come from this hack,

Oh I fully expect them, as I've mentioned before I suspect three things about these current announcments.

Firstly that the likes of the "Panama Papers" are the starting point.

Secondly the main reason behind this is to "Fill the Treasury" by grabbing assets, issuing long jail sentences.

Thirdly it's also a "stage setting" excercise as well as a publicity stunt and a favour to certain people in the US.

As you note,

The arrests made now are mostly for investigations that were already started before the hack

Yes in the case of those they have publicized so far, they almost certainly were known to the police as they rose from petty street thug in their teens upwards through the ranks, stamping and stabbing their way up the tree by out and out violence and removing the competition and disposing of the bodies (which is generaly the hardest part of committing murder and for which assistance is generally required). That is there were a stack of open cases and reasonable suspects but not enough to get it through a court case, and even if there were only of those much lower down the food chain who were more frightened of those above them than by the authorities.

This has been the way it is since long befor the "Kray Twins". Current organised crime realy got going after those involved got usefully trained and practiced during WWII, and they had no shortage of weapons etc afterwards. We are now into the fourth or fifth generation of what are effectively "crime families" and their associates including accountants and lawyers. It's these associates the authorities want to get because they are the ones effectively building the shields behind which the familes progress.

The Panama Papers released all sorts of information about those building shields not just for the thugish drug and violance gangs and families who run them, but for the smarter criminals as well. And it would appear there is a vast amount of money involved, including the sorts of sums Dictators, Tyrants, Despots and corrupt politicians wield and are of third world nation GDP size. To put it simply drugs money is "small change" when it comes to the money involved with illegal arms trades at nation levels, where even the size of the "sweetners" are in the hundreds of millions.

For obvious reasons first world nations would like these sums not in someone elses pocket but their own. Importantly though whilst the wish to get rid of the street thugs and violence involved, they don't actually want to destroy the illegal arms trade which they profit from already, but just "tax it". That is you pick the fruit as it ripens, you don't chop the tree down.

It's the "professional" associates of accountants and lawyers that can be seen as the rippening fruit. But importantly whilst the governments want the money, they don't want to work to hard at it, because they don't want white collar criminals in jail.

Thus a lot of this publicity is about FUD anyone who's used one of these phones now knows they are on a list and that the authoritie are after them. Thise who do not practice good OpSec will now probably not remember what they said or texted so don't know by how much further they have incriminated themselves, hence the uncertainty and doubt puting fear in their minds. But it's slightly worse than that, because "People judge you by the company you keep" thus even though others may have had nothing what so ever to do with the drugs, violence, tourture and murder, those phones can be used to associate them with it in other peoples minds, a tactic we saw in the UK with Operation Ore that caused over thirty people some of whom were almost certainly innocent to commit suicide, families to shatter, loss of jobs and ability to work and major mental health problems (in fact Operation Ore did so much harm and has cost the UK so much that it is a prime example of an utter disaster).

Such a level of threat will be used as an easy form of leverage against those "ripe fruit" and they will thus be easy to squeeze into an "accomadation" not only to hand money over but to give evidence against others.

But also the US has a few issues going on at the moment with the FBI and DoJ trying to get encryption off of consumer devices like mobile phones or at least get "golden key" entry. They lost the first round to Apple and now they are trying another approach with the FUD of "fake news" and "Russia-gate" etc etc. With Facebook making politicians look impotent we have a couple of very dangerous pieces of legislation up for voting in the EARN-IT and LAED soonsered and managed by Lindsy Graham.

The timing of these unplesent stories is distinctly suspicious in this respect. In effect these stories are extream corner cases and if what was going on had continued it would have realy only effected other very similar types of criminal. Now however it's a major news item with all the "Think of the Children" strings to pull. So the chances that EARN-IT and LAED get passed has gone up enormously.

Oh and guess what Lindsay Graham slipped major changes in under "manager privilege" over the Independence day holiday, when peoples attention was elsewhere, and "COVID-talk" about the irresponsible youth and increasing infection rate in the US was happening in the more liberal press...

citr0nJuly 9, 2020 5:33 PM

@ Clive

Very insightful, you definitely made a much deeper analysis of the current state of crime around the world than i did. I'm just a guy who is a bit intrigued by the lives of the underworld around the world (without aspiring any of it), since dutch king pin Klaas Bruinsma and reading the book about the Heineken kidnapping. Some of the kidnappers became dutch bosses themselves after that. Anyway, i will let you all get back to the on-topic security talk.

By the way, i don't get most of the security terminology, but it sounds like you know how to make the ultimate cryptonetwork/-phones, that's big money 😁

It's been nice talking, bye bye

Clive RobinsonJuly 10, 2020 1:39 AM

@ citr0n,

but it sounds like you know how to make the ultimate cryptonetwork/-phones, that's big money

Sadly there is no "ultimate" just "as good as we currently know how" because of the "Unknown Unknows" issue[1] or as others call them "Black Swans"[2].

And whilst their may be "big money" now, there was not a decade or so ago, but always preasure from those Government Agencies for legitimate businesses.

Having been involved in "secure systems design" before which in many ways is a follow on from "Intrinsically Safe" and medical electronics design I'm aware of just how much there is in "sunk costs" for a legitimate design.

As others have noted the EncroChat phone more or less advertised it's self at the criminal community.

The thing is it sounds like it was a very poor copy of the Silent Circle Blackphone 2 (some of the source of which used to be in a popular Open Source code repository). Back a decade ago when Silent Circle hit the news, it was making what appeared were the right moves and about $650 got you one off of Amazon... But since the CEO changed, it's gone in a different direction, which appears to be firmly under the thumb of the US Government and all that implies in the current political climate[3].


[1] Although Donald Rumsfeld was credited with an expression along these lines he was not the first. My usage is sufficiently different as well and it talks about instances and classes of attack vectors. So you can have four possabilities "unknown unknowns", "unknown knowns", "known unknowns" and "unknown unknowns". Many incorrectly think that the transition states do not realy exist, but with a little thought you can see they do. Take "unknown known" that is a known class but without a yet known instance[2]. Consider "Rowhammer" it was known for years by some design engineers that such attacks were possible, but nobody had come up with an example of how to do it mainly because elegant attacks were assumed and there were apparently adequate margins in designs. Then somebody "brute forced" it with a battering ram type approach and the attack worked, the design margins were thus shown to be inadequate. But also there can be a new instance of an attack found by chance, this usually happens with random input. Untill someone follows the attack through it's process you do not know how it functions, thus what class it falls into, and you might find that the class was not known. I've discovered a few of these myself over the years with issues to do with the "logon process" in VMS, a couple of Unix varients and Microsoft NT varients. I still do not know about the VMS as nobody would allow me to "follow it through" and as it was nearly fourty years ago back when system manufacturers did not tell you anything, infact they tended to attack those who found faults with their systems... Unix systems you sometimes had the source to thus could trace it back but even when not Unix systems people tended to want to fix not fight.

[2] History shows us that in early medieval Europe when the Holy Roman Empire was building, there was debate as to if all swans were white. That is they recognized that there were other aquatic birds such as ducks and geese that came in different colours but swans were different in that only white ones were then known. As trade routes opened up with Indo-China and what we now call the Far East, stories of strange animals came with the trade. Some of them were fanciful, and some turned out to be true as is the case of "Black Swans". Which is why Nicolas Taileb called "unknown, knowns" "Black Swans". Although he did make the mistake of also calling it the "Impact of the Highly Improbable" which he might now regret as "unknown knowns" are actually rather more common in enginering and science, after all they are in effect proto-hypotheses.

[3] https://en.m.wikipedia.org/wiki/Silent_Circle_(software)

SpaceLifeFormJuly 10, 2020 2:49 AM

@ Clive

I believe you may find this interesting.

Telco intercepts. Plausible in this story?

hxxps://www.bellingcat.com/news/uk-and-europe/2020/07/09/k-for-kurator-or-catch-me-if-you-can/

Clive RobinsonJuly 10, 2020 4:44 AM

@ SpaceLifeForm,

>>

I'm always very cautious about Bellingcat stories, as it appears others are from the first comment.

Which correctly points out that those who get out of prison early during a war have been turned to the authorities advantage. We saw this a lot in WWII with safe breakers and other highly technically skilled criminals teaching would be NOC's to do what was required to get at paper records etc.

The FBI has dobe similar with cyber-criminals but has apparentky "screwed the pooch" to often for their offers to be trusted any longer.

But the question arises as to what use the person is?

From the article it indicates he probably has no technical skills and is just a "grab-artist" with a sufficient "glib ability" to be a con-artist as well.

But one sentence if true might be the key,

    "Andrey Kunavin was more than a stand-alone criminal, but one integrated with higher-level Russia-based organized crime groups."

In Russia the "higher-level" includes the Oligarchs some of whom are very close to Putin.

I guess we will have to wait and see if Bellingcat have got this bit right or not.

SpaceLifeFormJuly 10, 2020 4:04 PM

Danger, Will Robinson!

A thread:

hxxps://twitter.com/moxie/status/1281353114063257600

1) I think it's increasingly important to consider how discussions around technology are perceived across the full spectrum of backgrounds (from technical to non-technical) for everyone interested in the topic of their own privacy/security -- which is basically everyone now!

...

In addition to being the basis for non-phone # based addressing, the other big benefit for most users is that rather than Signal contacts syncing to Google and Apple from the address book, they'll remain encrypted within Signal.

But it's a big change that we have to do carefully

SpaceLifeFormJuly 10, 2020 5:41 PM

The Dutch have been busy in recent years, no?

This from 2017-10-09

hxxps://www.thedailybeast.com/meet-danny-the-guy-selling-encrypted-phones-to-organized-crime

Crucially, some of the encrypted phone firms, or at least a number of their resellers, are seemingly aware of this customer base, and have marketed their products on sites specifically visited by criminal communities.

...

In Manupassa’s case, after Dutch authorities seized Ennetcom’s servers they pushed a message out to all of the firm’s phones: if you’re, say, a doctor, lawyer, or other non-criminal user of the devices, please get in touch. No one responded to the message, even though, according to court records, Ennetcom had some 20,000 users.

maqpJuly 20, 2020 8:34 PM

@Clive Robinson, @4891

Wrt QR codes, you might find Hak5's take on PGP ciphertext transfer via QR-codes (app being Grencode) interesting: https://www.youtube.com/watch?v=D_xrlAGzQfs It's of course usable in TFC-like split TCB configuration too (Source Computer has public keys and private signing key, and Destination Computer has private decryption key and public signature verification keys), but as PGP lacks forward secrecy and deniability, and as TFC automates data the transfer, TFC's a bit more practical in long term use.

Clive RobinsonJuly 21, 2020 3:02 AM

@ maqp,

Long time no hear, I trust you are well and gainfully emoloyed in these somewhat uncertain times?

In principle there is nothing wrong with the idea of QR codes or for that matter printing out blocks of text and OCRing them in with a scanner[1].

The practical problem in what are effectively "analog signals" is "covert side channels" that also carry across undesirable information[2].

As a design engineer I can design the ones I know about out as part of the design process.

As a consumer however I have to "trust" unknown designers, some of whom are almost certainly designing in covert channels either by design or lack of knowledge[2].

I do however have an advantage over most consumers, in that if I can identify and get at the signal path I can instrument it to look for anomalous behaviour, assuming of course I've an idea about what it is I'm looking for...

In most cases "black box testing" will not help as the covert signal can be authenticated / checksumed in some way such that only valid signals and a very very small probability --say 1 in 2^256-- random signals would get through[3].

Thus the advantage of an OpenDesign on both hardware and software is advantageous in that it enables me to pick out the points that need to be instrumented and what to look for in the way of anomalous behaviour. It also means I have the ability to change things if I find areas of concern.

A point that appears to be lost on most consumers who lack the knowledge and abilities to gain advantage of OpenDesign, even though they do in many other areas of their lives.

[1] Except... We already know that printers and scanners have built in covert channels supposadly to stop people printing "fake currency". So as with all things "security" you can expect it to broaden out with time gaining more capabilities due to "mission creep" and the law of "inadvertant consequences" that befalls all modern technology legislation.

[2] The problem with analog channels is you effectively have three domains to worry about,

1, Time / jitter.
2, Amplitude.
3, Frequency / phase.

As RF engineers can tell you a problem in one domain can become a problem in another domain when you try to remove it in the first domain... The simple example is amplitude noise on a phase modulated signal, the simple solution is "limiting" however adding a hard limiter causes the amplitude noise to fold over into phase noise, thus degrading the required signal even further.

[3] This is not quite true because true black box devices do not exist they always leak a little information about their internal fubctioning. This is down to the laws of physics give you an opening and issues to do with human thinking. That is all work requires energy and no working system is 100% efficient therefore there will always be an indicator somewhere if you can find it. Also work in systems at a primitive level is frequently sequential as that is the way humans think. Thus a "1 in 2^256" problem can become a simple walk down a few integration steps to find the edges or not that give you the 256 bits you are looking for. This was the problem they had with Smart Cards back in the 1990's and it still exists in many systems today.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.