Friday, April 15, 2016

Mobile messenger security...could it be any worse?

Recently, a prominent court case has led to a lot more people noticing the fact that BBM (Blackberry Messenger) apparently uses a symmetric cipher (3DES) with one key for everybody.
This seems to be old news, it is e.g. mentioned in this forum post from 2014. Indeed the investigation for that court case ran between 2010 and 2012. But it has now received a bit more attention.

Now I hope you agree that a globally shared symmetric key basically provides no secrecy at all. Indeed even a berryreview.com article from 2010 states:
BlackBerry Messenger and PIN to PIN messages are NOT encrypted. They are scrambled using a global cryptographic key which EVERY BlackBerry in the world uses.
(emphasis in the original)

Drawing comparisons is difficult. E-mail is insecure but often at least the connections are encrypted. SMS is hopefully encrypted with A5/X of GSM (including its security problems). Still both are usually visible to the network operator or service provider.

So how can we do better?
For Android, iOS and now as a Chrome browser extension, there is Signal. Which is also used by many of the ECRYPT fellows. The signal protocol, formerly known as axolotl has also recently been adopted for the new encryption in WhatsApp. Signal is still to be preferred however, since it is open source, has reproducible builds and there is no Facebook behind it to correlate the metadata to. While neither Signal nor WhatsApp hide metadata, the encryption seems to be solid.

So let's say you get rid of your Blackberry with BBM and get an Android phone with Signal instead? How's your security?
Unfortunately Android has a systematic problem with security updates.
Consider this devastating graph from androidvulnerabilities.org. Even ignoring details about how the collected their data which would probably cause a bias towards being too optimistic, it shows that almost all Android devices are susceptible to a known vulnerability. (For obvious reasons unknown vulnerabilities are not included.)

There are some interesting projects trying to improve the situation, for example CopperheadOS or the Guardian Project (who have teamed up with f-droid in an attempt to provide a true open-source ecosystem). It does however look like a really good solution is still some time away.

But for end-to-end encryption Signal looks like an excellent choice.

No comments:

Post a Comment