WhatsApp To Offer End-to-End Encryption 93
L-One-L-One (173461) writes In a surprise move, nine months after being bought by Facebook, WhatsApp has begun rolling out end-to-end encryption for its users. With true end-to-end encryption data becomes unaccessible to admins of WhatsApp or law enforcement authorities. This new feature first proposed on Android only has been developed in cooperation with Open Whisper Systems, based on TextSecure. With hundreds of million users, WhatsApp becomes by far the largest secure messaging application. FBI Director James Comey might not be pleased. Do you have a current favorite for encrypted online chat?
Re: (Score:2)
Re:FBI Director James Comey may not care. (Score:5, Insightful)
What root console? If it is really END TO END, then WhatsApp can't see the data either.
Re: (Score:3)
If it is really END TO END, then WhatsApp can't see the data either.
True, but anyone sniffing the traffic can, if they have access to a decryption key. Not that we know of anyone who would possibly do that...
In my view, this encryption is not to be trusted unless and until it can accept keys that are generated outside the WhatsApp product. Otherwise, how much would you want to bet that the three letter agencies aren't getting a master key under a hush order?
Re: (Score:2)
Re: (Score:2)
Yeah, pretty much. The power of subpoena to acquire those keys would be trivial.
I think that's one of the problems Perfect Forward Secrecy is supposed to solve. If I understand it correctly, upon connection, the two connecting systems that support PFS generate brand new and ephemeral public/private key pairs for bootstrapping the encrypted connection.
Since those keys are ephemeral, even if some entity collected all the data between the two connecting systems, it would never be able to decrypt that data, even with subpoena in hand: those keys are long gone, as they only existed for a f
Re: (Score:2)
Not just generated externally, but a way to confirm the private key is *NOT* sent to anyone.
Re: (Score:1)
If it is really END TO END, then WhatsApp can't see the data either.
True, but anyone sniffing the traffic can, if they have access to a decryption key. Not that we know of anyone who would possibly do that...
In my view, this encryption is not to be trusted unless and until it can accept keys that are generated outside the WhatsApp product. Otherwise, how much would you want to bet that the three letter agencies aren't getting a master key under a hush order?
Facebook is the largest HUMINT database on the planet.
And they own WhatsApp.
On top of all that, they are a corporation within the United States.
Just curious what level of ignorance we have to walk around with here to assume they don't have the decryption key, and haven't had it since day zero.
How many more Snowdens need to come along to paint that picture any clearer?
Fuckety fuck fuck already.
Re: (Score:2)
would they even need that? vs decompiling the APK?
Re: (Score:2)
While WhatsApp does have a security hole. Using WhatsApp is more secure than using no encryption.
Re: (Score:2)
While WhatsApp does have a security hole. Using WhatsApp is more secure than using no encryption.
This seems to be most reasonable of the responses so far.
EFF has mentioned that when the end-to-end encryption is implemented, and then IF it passes their tests, they will update their Secure Messaging Scorecard [eff.org] for it. Right now its score is rather dismal: 2 of 7.
Currently there are only a few text messaging apps that get full points: TextSecure, Silent Text, OTR (Windows), CryptoCat, and something called ChatSecure which I had not heard of before.
Some people objected to CryptoCat being awarded al
Re:FBI Director James Comey may not care. (Score:5, Interesting)
The problem with WhatsApp is that it is closed-source, so you can't really check. You'll have to take their word for it. Also, they facilitate key exchange, so the whole "end-to-end" stuff is actually moot, since user is taken out of the loop and server can, at any time re-negotiate the keys and verify that MITM as a person A, that person B is trying to get in contact with. So it's all, once again, a lot of buzzwords, and zero security.
Re: (Score:1)
Re: (Score:2)
That's a bit unfair. Yes, any security system that tries to be entirely transparent cannot really be end to end secure, but nobody has ever built a mainstream, successful deployment of end to end encryption that lets you use a service even if you don't trust it. There are many difficult problems to solve here. Forward secure end to end encryption behind the scenes is clearly an important stepping stone, and OWS has said they will expose things like
Re: (Score:2)
Indeed.
And note the timing. This news (facebook, whisper systems) comes at the same time that EFF published the Let's Encrypt initative (EFF, Mozilla, Akamai, Cisco) .
I seem to remember there was an appeal to to make encryption the default coming from th3 w3c meeting a fortnight ago.
Is it a coincidence that this comes in time with an open letter by AOL, Apple, Dropbox, Evernote, Facebook, Google, LinkedIn, Microsoft, Twitter und Yahoo to the US senat to vote in favor of the USA Freedom Act (which it did not
Re: (Score:1)
They claimed it's TextSecure's algorithm, but, client is closed-sources, so who's going to check? Also, big question is key handling - if server assigns them or even generates them or at least verifies them - then whole "end-to-end" is just theater. I would believe them if key verification was given into user's hands and client's code was opensourced to check that it won't start black carbon/copying all the messages to some "friendly third parties".
Re: (Score:2)
You assume that they either competently implemented encryption, or didn't maliciously leave themselves a back door for tracking and commercial purposes, or weren't secretly told by some three letter agency that if they didn't leave a backdoor they'd be in trouble.
Given that it's owned by Facebook, I'm not willing to attribute either competence or good intentions to anything they do.
At this point, I assume Zuckerfuck is a
Re: (Score:2)
--
JimFive
Re: (Score:2)
What root console? If it is really END TO END, then WhatsApp can't see the data either.
and you verify that it is actually clean and secure end to end encryption on a device like a smartphone (take your pick) ... how?
oh, i'm supposed to trust a random app running on a platform with (or entirely consisting of) proprietary closed software and hardware. har! har!
Re: (Score:2)
Re: (Score:3)
This is the same company that lied about the capabilities of its photo app, as well as stored the photos insecurely.
Why would they have to? All they need to do is present Whatsapp with a hush order to hand over keys.
When Whatsapp generates and maintains the keys, there's no real security here.
I even think it's not unlikely that they have implemented this in cooperation with the three letter agencies, in order to lure people into thinking it is safe. And the great unwashed masses will be fooled, as always.
Re: (Score:2)
This is the same company that lied about the capabilities of its photo app, as well as stored the photos insecurely.
Don't forget storing conversation logs unencrypted.
Or requiring a personally identifiable marker (a phone number) in order to work, even when everything goes over IP and supporting anonymous users would be trivial.
Great (Score:1)
Re: (Score:1)
Well, hello there friend. It must have been very uncomfortable to sit in a cryo cam for all these years, but while you were gone messaging apps have become more relevant than SMS-es and any carrier trying to ban them is to have a fecal storm on the matter, with billions of users for WhatsApp, FacebookMessenger, Hangouts, Viber, Line and whatnot.
Telegram (Score:2)
Do you have a current favorite for encrypted online chat?
Telegram. It's open source, uses end to end encryption, and, unlike whatsapp, supports multiple connected clients at a time - including desktop clients for all platforms.
Of course you'll be hard pressed to find anyone on telegram expect my wife and I. Kids don't care about security, or source code.
Re: (Score:2)
Re: (Score:2)
Telegram. It's open source, uses end to end encryption, and, unlike whatsapp, supports multiple connected clients at a time - including desktop clients for all platforms.
It's public domain, not open source.
End-to-end encryption is easy - you just need to send a courier with a one time pad.
And yes, there are telegraphs supporting multiple concurrent connections by using pitch shifting and filters so the receiver will only hear one set of beeps. But not more than a few.
Sure, there are desktop clients for all platforms - wooden, metal and marble top desktop can have clients, and there are even keys that mount on tilted desktops.
Of course you'll be hard pressed to find anyone on telegram
Indeed. Even Her Majesty The Queen stopped send
Re: (Score:2)
How can something in the public domain NOT be open source? If the source is free to look at, it is open source.
Re: (Score:2)
How can something in the public domain NOT be open source?
Open Source depends on copyrights.
Public domain depends on there being no copyrights.
Re: (Score:2)
Indeed. Even Her Majesty The Queen stopped sending telegrams a few years ago. A shame, really.
Your Monarch has, with great reluctance but a lingering sense of optimism, embraced modern communications, as it is nowadays one of a great many passing diversions into which the grandchildren seem to be. With this in mind the formal 'Queen's Telegram' has been revised to a streamlined, responsive format which I'm sure will meet with approval from the majority of citizens.
Now the day you turn 100 you get a single tweet from @HerMajLiz: 'lol u 2 old'
One time pad (Score:1)
"End-to-end encryption is easy - you just need to send a courier with a one time pad."
Key management is a PITA. Still, making pairs of DVDs filled with random noise isn't that hard. If you seal them with glitter nail polish and send a picture of the sealing back, then you and the recipient can be fairly sure it wasn't intercepted and copied.
USB sticks are larger, but you need to completely erase the USB or DVD after copying to disk. Then the program needs to enforce that used blocks on the disk are erase
The problem is always the client (Score:4, Insightful)
This really only works if the client is open source. Otherwise, you don't know that the client doesn't send the keys through a side channel or store them somewhere.
Re: (Score:1)
This really only works if the client is open source. Otherwise, you don't know that the client doesn't send the keys through a side channel or store them somewhere.
Perfect is the enemy of the good.
Taking passive surveillance out of the picture is a step in the right direction. If the code saves the keys so that it can be fetched in an "active" attack (e.g., warrant) that kind of sucks, but it's better than having everything in cleart-text to be vacuumed up without any kind of over site.
Re: (Score:2)
Re: (Score:2)
Of course it sends the keys to WhatsApp! If you install the client on a second phone, it just works, right?
So they're either:
1) generating a new key on each device and encrypting all incoming messages to every client's public key (or just encrypting the session key, a la PGP. -- While this isn't sending the key back to the mothership, new keys can be added at will, so copying traffic is easy.)
2) generating one key per account and shuffling it to newly installed clients through their server (possibly encrypt
Re: (Score:2)
Bingo!
I worked for a company that had secure online backup software, and these kinds of things are exactly what they did. The original software really honestly didn't have the key. They even sent it to an escrow service whose contract said they could never ever give us the key. But later, features were added to the system: The server could transcode mp3 files and stream them to your phone - how could it decrypt the mp3 files to transcode them for streaming, if they didn't have the key? And the install.e
Well, the WhatsApp guy has good motive (Score:1)
I sure hope he hasn't been compromised, by green paper 'malware', or *an offer he can't refuse*.
Re: (Score:2)
Considering he sold out for $19B, there is not much left to be compromised.
This idea... (Score:2)
needs to be implemented at all levels of the internet, hopefully it gives the American Stasi like the NSA, CIA, and FBI major headaches...
I have been wondering about WhatsApp (Score:2)
But to stand out and offer end to end encryption where WhatsApp can't read your stuff will be interesting. The question is: "Do we trust them."
Re: (Score:2)
I've heard of WhatsApp for ages.
Most of my contacts are on Whatsapp.
But I didn't start using it until my Italian girlfriend introduced me to it - because texting internationally via WhatsApp costs you 63p a year as opposed to nearly that per text!
All the ex-pats and foreigners that I know seem to be the biggest users of it.
Wikr (Score:2)
Wikr [wickr.com] is what I use. Right now it's only available as an iOS and Android app. You specify how long you want your messages to exist for and the countdown starts when the receiving party views the message. Slightly clunky, but very very secure:
From the website:
App:
ID and device info are cryptographically hashed with multiple rounds of salted cryptographic hashing using SHA256.
Data at rest and in transit is encrypted with AES256.
No password or Password hashes leave device.
Mess
Re: (Score:2)
Re: (Score:2)
Re: FBI. That may be true (albeit difficult to do). However, that would be the end of their business, so it would be somewhat pointless to ever agree to that (they have already declined such a request). For reference here is their guidelines for law enforcement requests:
https://wickr.com/wp-content/u... [wickr.com]
And the report of them denying an FBI request:
http://www.slashgear.com/wickr... [slashgear.com]
Here's a question (Score:1)
Do you trust the people behind this? If so why?
Re: (Score:2)
Still subject to traffic analysis. (Score:2)
Still subject to traffic analysis.
Most of the information they want in the first place is "who is talking to who when and for how long", which is still in the clear, even if there is end to end encryption. So most of the important data, what government agencies in the news have called "Just Metadata", is still capable of being intercepted (and is).
Once they have an associative pattern that they think indicates a crony in an illegal activity, *THEN* they target the content of the conversation. In this part
Re: (Score:1)
Mod parent up! He is right. This is a huge step forward. Especially with those new encrypted phones(android lollipop & iPhone 6)
All these years.. (Score:2)
And here I thought my solution of attaching matching pretzels to each cup, and then tying the string to the pretzels, ensured our communication was private. The only difficult part was trying to add a third party after you had already eaten the bag of pretzels, as finding a third matching pretzel at that point was sometimes quite difficult.
Whatever their friends use (Score:2)
What encrypted messaging app do I use? None. My friends don't use it. I had *one* friend I could talk into installing Telegram. But it's really not "secure" because it saves things on your device, and the desktop version saves things in the clear, so anyone with access to your computer can ready them.
Like another poster said, the other end is your weak link. An open source app might even be worse, because someone could modify their app to say a message was deleted when it wasn't. Or rather, their device cou
Wickr - has this and time-expiry messages (Score:1)