Always strive to learn something useful. --Sophocles

This was a government order. And it was a secret. Apple was not allowed to reveal the order. The purpose of the order was allegedly to make it easier for the government to find CSAM, explicit child pornography. It was, in fact, admitting that they were not being very good at their investigations and wanted Apple to make it easier for them.

So Apple broadcast not only that they received the order, they actually broadcast the text of it.

And now they've announced that they are turning off ADP, Advanced Data Protection, a form of advanced encryption of iCloud information in the UK to comply with the order. If you turn on ADP, the only person who can access your data is YOU, which also means that you can lose it. That's the risk of encryption.

Apple basically engaged in naming and shaming the government, good for them! The Home Office said "We do not comment on operational matters, including for example confirming or denying the existence of any such notices." As of this time, Apple users in the UK can no longer turn on ADP, it is expected that with a future update it will be turned off for users who previously activated it.

Without ADP, the information is still encrypted, but it is done in such a way that if the government serves Apple with a warrant, Apple can get at the information. Need I remind people about an incident that I posted about a month or so ago about a back door that the U.S. government required telecommunications providers to install for surveillance purposes that the Chinese have cracked? Several telcom providers have been compromised, and it's an extreme fight to keep them out - it's an on-going problem.

I can't wait for a British tabloid to get ahold of some MP or Lord's data and splash it all over their paper.

https://www.bbc.com/news/articles/cgj54eq4vejo

https://apple.slashdot.org/story/25/02/21/1529255/apple-removes-cloud-encryption-feature-from-uk-after-backdoor-order

This is starting out with a warning: this article is really, REALLY deep computer security stuff, DO NOT dig into it if you don't have a minimal understanding of network encryption, SSH, RSA, etcetera! YOU WILL BE LOST!

RSA is a pretty much a deprecated encryption technique. While it was good in its day, it's somewhat broken and has been superseded by better methodologies, both because technology moves ever onward and because it's broken. Apparently it's mainly in use in old systems where companies haven't bothered to replace it: 'If it ain't broke, leave it alone', and just haven't budgeted the funds and time to get it done.

People who try to break computer security have found an interesting way to break RSA even worse. They monitor and sit and wait. The first thing that happens when establishing an SSH connection (and other secure types of connections) is a handshake - the computers send a few packets back and forth, exchange keys (encryption certificates), and get to know each other (proverbially). This handshake process is supposed to be encrypted and secured and not easily spied upon. Except sometimes it isn't.

Computers make mistakes. Sometimes the process that encrypts the handshake fails, it can be a memory bit failure, and this can reveal part of one of the private keys that provides the encryption to the handshake. These keys are generated by multiplying very large prime numbers. If you recover one of the keys, you can then recover the other key by dividing by great whomping big prime numbers. Once you break that, you have access to the certificates that created the secure connection and you can now sit in the middle and impersonate all traffic of either host.

This is what people in computer security call BAD.

OpenSSH applied fixes to try to prevent it, but some major vendors, including Cisco, roll their own code and had some pretty bad vulnerabilities to this problem. They might have fixed it, but when you're running closed-source software (where you've written your own code), rather than relying on an open software where there are tons of eyes looking for problems and testing, it's often weaker than the open source version such as OpenSSH.

Interesting times.

No real solid information as to whether or not this has been exploited in the wild as it's really hard to detect interception attacks like this.

https://arstechnica.com/security/2023/11/hackers-can-steal-ssh-cryptographic-keys-in-new-cutting-edge-attack/

The good news is that a non-technical jury found that Google's use of Java to create Android was not infringing. Oracle has been suing Google over this for years and the jury came back after three days of deliberation and said Google was OK with what they did. Considering that Sun, who was bought out by Oracle, also thought it was OK even though Sun didn't like it, probably was a key factor.

Revealed in the testimony was that Oracle tried to develop their own phone using Java and couldn't.

I'm not a huge fan of Google. Yes, their products are pretty good, and I use their search engine, maps, and Gmail regularly. It's their original 'Don't be evil' mantra that bugs me because they monetize everything. Now, a business has to make money to survive in business, but why couldn't they be more upfront about it?

The basic standard is that if you're not paying for a service, then YOU (and your information) is the product being sold.

Oracle is, of course, going to appeal the verdict. Had Google lost, it is rumored that they could ask for as much as $9 BILLION dollars, insert your best Dr. Evil voice as needed.

http://arstechnica.com/tech-policy/2016/05/google-wins-trial-against-oracle-as-jury-finds-android-is-fair-use/


The bad news concerns Apple. Amongst the many lawsuits against it at any given time was one from VirnetX that claimed that Apple was infringing against its patents with its Facetime and iMessage apps. Yesterday they lost the case. VirnetX is a patent troll: they buy lots of patents, wait for a product that is vaguely similar to be successful the go crying to the East Texas courts. VirnetX claims that Apple has done irreparable harm to its brand, even though they've never produced a product and no one has heard of them outside of the patent troll game.

So Apple may have to cough up a heck of a lot of money, or possibly turn off iMessages and Facetime, which would suck in a major way and probably FINALLY! get the attention of Congress and the need for patent reform.

Me, personally, I don't use Facetime but I can appreciate the product. I use iMessages regularly, and I love the fact that my texts, which are all so sexy and top secret, are very strongly encrypted and my cell carrier can't see them since they're shunted through Apple's servers. So I would hate to see them go.

Apple is, naturally, going to appeal the decision.

http://arstechnica.com/tech-policy/2016/05/patent-troll-that-beat-apple-now-wants-judge-to-block-facetime-imessages/

However....

Apple just hired the co-founder of Silent Circle, Blackphone, and PGP Corp. Jon Callas is an expert when it comes to encrypted communications, so presumably he's going to beef-up Apple crypto and possibly revamp iMessages and Facetime so they're even more secure and perhaps no longer infringe on VirnetX's patents.

http://www.reuters.com/article/us-apple-encryption-callas-idUSKCN0YF2J1

A little bit about open source software. The open source development model says that anyone who has the coding skills can contribute to big, complicated, programming projects. Anyone. As lone as your code is good, runs, and does what it's supposed to do, you are in. This is the model that gave us linux, which is the underpinning of a vast majority of servers on the internet and World Wide Web.

The issue, of course, is that it's conceivable that someone with nefarious intent could insert dodgy code that passes superficial inspection and that someone then has in-place a vulnerability, exploit, back door, whatever.


TrueCrypt is a disk encryption product that encrypts your entire drive, AKA whole disk encryption. Your computer won't boot unless you enter a password on powerup. You can remove the hard drive from the computer, and the whole thing is still encrypted. You can also create hidden 'shadow' volumes that are hidden from normal view: basically you can have multiple encrypted virtual hard drives on your system and they appear invisible, so if you're forced to give up your crypto key, such as by the UK gov't officials or someone using rubber hose decryption (they beat you with a rubber hose until you give up your crypto key), they theoretically won't find the hidden encrypted volume.

This is a great feature for foreign reporters or human rights workers.

The issue is that TrueCrypt is an open source software project, and in the post-Snowden world, it's possible that it was compromised a long time ago by the NSA or its proxies. So an audit was launched: examine every line of code for correctness, lack of vulnerability, and strength of its encryption. The first phase has been completed: the code appears correct and free of vulnerabilities. Now they're examining the strength of the encryption and the pseudo-random number generator (PRNG).

PRNGs are programs/algorithms that provide random numbers to encryption systems, and surprisingly, it's not easy to generate random numbers. One of my favorite PRNGs was a project run, IIRC, by UC Berkeley where they had two lava lamps going and a web cam pointed at them and doing integrations to provide pseudo-random numbers. I have no idea if the project is still running. The problem is, if the PRNG in a piece of crypto software is not sufficiently random or can be predicted, then the strength of the encryption is pretty much zero. It might be strong against common criminals, but it'll fall to supercomputers.

So now they're examining the encryption and the PRNG, which will tell us if the software is really good. As it stands, Bruce Schneier thinks its good enough to continue using.

(As a side note, most of the modern operating systems have built-in disk encryption. The problem is that they have weaknesses. Apple's encryption, for example, has a recovery key built-in for the boot partition, so if your entire drive is one partition, you're not as secure as you thought. I don't know much about how strong Microsoft's full disk encryption is or what known weaknesses there are, I don't keep up on their products as much as I probably should. The advantage of using a third-party crypto package like TrueCrypt is that you won't have a vulnerability like this, assuming it passes the audit, which I'm pretty confident on. The disadvantage is that if you lose your primary encryption key, there's nothing the OS vendor can do, all your contents are gone.)


https://opencryptoaudit.org/reports/iSec_Final_Open_Crypto_Audit_Project_TrueCrypt_Security_Assessment.pdf

https://www.schneier.com/blog/archives/2014/04/auditing_truecr.html

They're applying strong crypto and logging to the voice stack, not much detail as to whether the data on the phone is encrypted which I think would be fairly trivial. They're also discussion about Germany encrypting other smart phone OS's. It'd be cool if the software were released to the public, but that'd totally screw law enforcement and CALEA.

http://www.h-online.com/security/news/item/NSA-German-government-using-Android-for-secure-phones-1466294.html

Her attorney said that it wasn't clear to him if she installed the software herself. She has not yet declared this in court, so the prosecution hasn't announced any plans to deal with this yet.

I wouldn't think it would be hard to compel her to provide a list of possible passwords then run permutations of those against the encrypted image. But you run in to the easy bypass of providing them with a list of reasonable yet wrong passwords that stand zero chance of decrypting the drive.

I'm also curious if the prosecution and investigating law enforcement agency followed procedure and are doing their forensic examination from a cloned image of the drive and not messing with the drive itself, otherwise they open an argument for the defense that their messing with the computer has corrupted the drive and it cannot be decrypted. They probably did, but cases have been lost before where investigating authorities haven't followed correct procedure.

http://www.wired.com/threatlevel/2012/02/forgotten-password/

http://yro.slashdot.org/story/12/02/07/0327233/defendant-ordered-to-decrypt-laptop-claims-she-had-forgotten-password

DNS, the Domain Name System, is a database lookup that translates a domain name entered into a browser or other program into an IP address. You type www.google.com, DNS does a lookup and finds that Google's IP address is 74.125.227.83. Simplifies things all around.

Usually your default DNS provider is configured by your ISP which looks upstream to heftier DNS servers for their information. You can configure your computer to use any DNS server that you like, but you could be potentially violating terms of service of your ISP or the other server.

The problem is that the DNS lookup process happens in plain text, meaning that you are potentially vulnerable to man-in-the-middle snooping and possible alteration. There have been a lot of effort over the last couple of years to make DNS more secure, including encryption. And now an encrypted DNS system is available!

The DNS service provider OpenDNS is providing encrypted lookups to its DNS servers for Mac clients. A Windows version is promised, and since the source code is available on GitHub, I'm sure a *nix version will be available soon.

http://www.h-online.com/security/news/item/DNSCrypt-a-tool-to-encrypt-all-DNS-traffic-1392283.html

So theoretically, if you get pulled over for a traffic stop, the officer can suck your phone dry using the same sort of device they use in cell phone stores to transfer data between phones. Your best defense is to silence it and put it in the glove compartment and refuse all requests to search your car without a search warrant.

Since this is an appellate court, hopefully it'll get appealed to the SCOTUS.

http://yro.slashdot.org/story/11/10/06/1234232/calif-appeals-court-approves-cell-phone-searches

This is pretty cool! It's not a common attack vector, but it's one that has been exploited and wouldn't be difficult. They're using AES-128, which is not easily broken. The cool thing about it is that it's going to sell for $40! The bad thing is that it isn't ergonomic, otherwise I'd be seriously interested.

http://www.h-online.com/security/news/item/Microsoft-wireless-keyboard-with-128-bit-AES-encryption-1254793.html

A 19 year old refused to give up a 50 character password and is sentenced to 16 weeks in jail. He's being investigated for child exploitation. In England, you can't make the excuse "I don't remember it" without going to jail. It's not yet against the law in the US, but who knows how long that will last.

http://www.bbc.co.uk/news/uk-england-11479831

http://it.slashdot.org/story/10/10/05/2038219/British-Teen-Jailed-Over-Encryption-Password

And an XKCD cartoon showing the true value of disk encryption: http://xkcd.com/538/