Popular Android Package Uses Just XOR -- and That's Not the Worst Part 277
siddesu writes A popular "encryption" package for Android that even charges a yearly subscription fee of $8 actually does nothing more than give a false sense of security to its users. Not only is the app using a worthless encryption method, it also uses weak keys and "encrypts" only a small portion of the files. One wonders how much snake oil flows through the app stores, from "battery savers" to "antivirus." What is the most worthless app purchase you made? Did you ask for a refund?
Web sites (Score:5, Insightful)
PC Magazine - "PC Magazine Best Apps"
TRUSTe - Received "TRUSTe Privacy Seal"
Global Mobile Internet Conference App Space - "A top 50 app"
Thanks, I will take a note to never trust these web site reviews.
Re: (Score:3)
Re:Web sites (Score:5, Insightful)
People will gladly give good reviews to things they haven't even tried out yet. And even if they tried it they probably have no clue how to validate its effectiveness. It's the yelp effect, let someone give a review and they'll jump on board and proclaim "best broccoli beef ever".
Re:Web sites (Score:5, Funny)
People will gladly give good reviews to things they haven't even tried out yet.
Tornado App [xkcd.com] has good reviews.
Re: (Score:3)
it was pretty good broccoli beef, you have to admit.
Re: Web sites (Score:2)
It depends on the app, there are a lot of good apps out there for various purposes.
Re: (Score:2)
"CTIA nq vault" no relevant result
"PC magazine nq vault" => 4/5 by junior software analyst Sara Yin
"TRUSTe nq vault" => indeed [truste.com]
"Global Mobile Internet Conference App Space" => ???
Re:Web sites (Score:4, Informative)
http://www.techlicious.com/gui... [techlicious.com]
http://gmic2012.greatwallclub.... [greatwallclub.com] (I imagine NQ Mobile's Vault is the 'Vault' listed, NQ published a press release [nq.com] about it)
I can't find a free copy of PC Magazine's 2012 best apps, but given the others I have little reason to doubt it. The average reviewer has nary a clue about cryptography, and from an end user standpoint, the app seems well made and has several clever features. It would be easy to assume the app lives up to its claims.
Mind you, it still seems a useful app just for its ability to hide content from casual snoops (the app can even hide its presence on the device), though it is quite overpriced and likely to disappear after this entirely deserved PR disaster.
Re: (Score:3)
"The average reviewer has nary a clue about cryptography"
The average user's review is of no value anywhere.
Just go Amazon and check the reviews of any item at hand, say, a french skillet. They are "physical" items, the kind of things people have been using for ages and still, half of the reviews will be more or less like "the item arrived this morning; I haven't used it yet, it's still in its package so I didn't even see it, but I'll give it five stars because, hey, I'm happy".
Re:Web sites (Score:5, Informative)
Here's the TRUSTe info:
http://privacy.truste.com/privacy-seal/NQ-Mobile-US-Inc-/validation?rid=e0f97027-af9a-4b8a-91b5-2a33c58a520a [truste.com]
It only seems to cover security/privacy of their ecommerce site. So, their shopping cart may be secure, but it says nothing about app security as they seem to imply in their press releases [nq.com], etc.
Re: (Score:3)
looks like the company has quite a few such "protection" apps deployed on the play store and they even use their stock ticker symbol in the developer name, lol.
https://play.google.com/store/... [google.com]
NYSE:NQ feeling slashdotted in 3..2..1... now... https://finance.google.com/?q=... [google.com]
Re: (Score:2)
you trusted those websites before this? that's funny, sorry.
my most worthless purchase from play store? GTA III, probably. why? i don't make lots of purchases from the android market, play market or whatever they want to call it this year.
and that had it's worth only brought down by the crappy sniping control, which made one mission way too hard.
Re:Web sites (Score:5, Interesting)
Maybe they read the actual description of the app. The only thing it claims to encrypt is text messages, which TFA doesn't bother to check. The description doesn't claim to encrypt files, so unless it has been changed since the article was written it seems to be making stuff up to complain about.
The app hides files on your device. It does that by using a simple XOR cypher to encrypt the header of files and make them invisible to apps like the Gallery that look for files with valid JPEG/PNG/GIF headers. It works perfectly, the XOR cypher has the desired effect. Obviously it won't stop forensic examination from finding and decrypting the files, but it doesn't claim to. It's an app designed to hide your nude selfies and dick pics, not stops the NSA/GCHQ dataraping your phone.
Re: (Score:3, Informative)
http://www.nq.com/vault- [nq.com] scroll down a bit under "NQ Mobile Vault Features." subsection "Photos & Videos" - "They’ll be encrypted..."
I'd say that was a claim that it'll encrypt them.
Re:Web sites (Score:4, Funny)
XOR is useless (Score:5, Funny)
Unless it's used with ROT13.
Re: (Score:2)
Twice.
Re: (Score:2)
I prefer to up my security level by using ROT13 exactly 24 times. I mean, you can't make heads nor tails of that mess of letters.
Re: (Score:2)
What's wrong with a 2048-bit salt and 1000x sha256? That seems pretty secure to me.
not another, iterations slow attacke for passwords (Score:2)
For a much longer plaintext, you'd be correct. Starting with a long plaintext and reducing the entropy by using it's hash would be bad. That's actually recommended practice for hashing PASSWORDS. Yes, it increases the risk of of collisions but given the length of passwords, that's not very significant. More significant is that it then takes an attacker 2048 times as long to check a password in an offline attack.
Re: (Score:2)
Because the second you feed the output of one hash algorithm into another as input you've limited the input space from 2^${N_BITS_ON_DISK} to, in this case, 2^228.
And you would like to argue that 2^228 is not enough ?
Re: (Score:2)
I used to do this to generate admin passwords for PAP2 devices going out in the field ;-)
device MAC address: 7eec2ada9f0b
device admin password: 0e8620ffe985
echo 7eec2ada9f0b | md5sum | md5sum | md5sum | cut -c -13
0e8620ffe985
Damn, I should have XORed it with a secret password on top of that then my scheme would have been really bullet proof...
Re: (Score:2)
I find it gives much harder to decrypt data when running it 3 times.
Re: (Score:3)
XOR is much much faster than your run-of-the-mill encryption algorithm.
Re:XOR is useless (Score:4, Insightful)
XOR is much much faster than your run-of-the-mill encryption algorithm.
OP and TFA are very misleading. XOR is not a "worthless" encryption method in itself... it all depends on how it is used.
For example, if used with a good quality key in a one-time pad, it is one of the few encryption methods that is even theoretically unbreakable.
But it does require a well-constructed key, and as with any one-time-pad scheme, key management is everything.
Re: (Score:3)
It's a component of pretty much all encryption algorithms, afaik.
Re:XOR is useless (Score:5, Funny)
Re: (Score:3)
Re: (Score:2)
The big advantage of XOR (Score:3)
is that it doesn't matter how weak your keys are!
Re:The big advantage of XOR (Score:5, Funny)
Also its implemented directly in the CPU, so both encryption and decryption are very fast.
Re: (Score:2)
Sorry, GP meant: the only fully hardware accelerated encryption method; implementation is approved by Intel Inc.
Re: (Score:3)
Not in a single CPU instruction it can't.
Re: (Score:3)
Not in a single CPU instruction it can't.
Sure it can. There's no practical upper bound on the amount of functionality that can be packed into a single instruction. CISC instruction sets with incredibly powerful instructions have been developed and used. The VAX instruction set is perhaps the best example. It enabled an assembler language that was darned near a high-level language, with single instructions that took up to a half dozen arguments and implemented sophisticated looping and searching operations in single instructions. Some of my favorit
Re: (Score:3)
What's the difference between "mobile CPU" and "laptop CPU"? In any case, most 4th generation i3 mobile/laptop CPUs don't support AES-NI [intel.com], nor do the current Intel Celeron CPUs [intel.com]. Many of those have been released as recently as 2014, so I would count them as "modern".
Re: (Score:2)
Well, the OTP was an 8-bit integer, and only applied to the first 128 bytes, if that makes it even more mind-blowingly insecure and even stupider.
Re:The big advantage of XOR (Score:5, Insightful)
Re:The big advantage of XOR (Score:5, Informative)
In fact, it's unbreakable if you do it right. (http://en.wikipedia.org/wiki/One-time_pad)
I'm disappointed that the person who submitted the story said "Just XOR".
Re:The big advantage of XOR (Score:5, Interesting)
If the key is as long as the message, XOR is not that weak.
As long as the key is as long as the message, and all of the key is unpredictable, and is never reused, then you have a provably unbreakable encryption system called a one-time pad. However, if you ever reuse the key someone can XOR the two ciphertexts together and the result will be the XOR of the two plaintexts, which can often be disentangled. Also, if the key is somewhat predictable, plaintext can be recovered. The US actually managed to decrypt some texts encrypted with a Russian one-time pad system, because the keys were produced by humans pounding "randomly" on typewriters... except humans aren't very good at generating random keystreams.
Re:The big advantage of XOR (Score:5, Funny)
And what data structure do you have lying around at encryption time that's as long as the plaintext?
That's right, the plaintext. Use that as your one time pad. It saves you the headache of generating high-quality randomness if you just XOR the plaintext with itself.
The resulting ciphertext is not only theoretically unbreakable without the key, it is also highly compressible for economical transmission.
Re: (Score:3)
You get a string as long as the plaintext consisting of NUL characters (0x00).
Re: The big advantage of XOR (Score:2)
If the key is as long as the message and only used once XOR is ok.
I'm honestly somewhat surprised... (Score:3)
There's still plenty of room for error when using someone else's tools, so I wouldn't necessarily expect the results to be bulletproof; but "actually uses an encryption algorithm; pity it fucks up key management." would at least be doable.
ROT13 (Score:5, Interesting)
I mentioned to the subscription that Microsoft used Rot13 to "encrypt" some registry entries in version W2K (I think was the version)
After reading bout XOR, ROT13 would be just about as good.
Not familiar with ROT13? = Abg snzvyvne jvgu EBG13?
Re: (Score:2)
Re: (Score:2)
Everyone knows that real pros use the _strrev function...
Never heard of _strrev function so looked it up, it doesn't look easy to implement for the cross platforms.
http://stackoverflow.com/quest... [stackoverflow.com] so yes a real pro would or could make use of it.
Re: (Score:2)
xor unbreakable with long (stretched) key (Score:2)
As others have pointed out, xor is actually very strong - unbreakable in fact, IF the key is long enough. A key may be made long enough by any of many key-stretching algorithms. Also, the same portion of the identically stretched key shouldn't be reused.
In practice, that means that plain xor by itself is limited to either a) short plaintexts such as passwords or other keys or b) highly secure one time pad based systems, which require that key books be shared ahead of time. XOR can also be used as an es
Re: (Score:2)
Your first line is wrong, wrong, very wrong. XOR is unbreakable if used with a proper one-time pad, but no output of a key stretching algorithm is going to meet that bar. The absolutely essential characteristic of a one-time pad is that every value it could contain is equally likely.
What you're trying to describe is more like how stream ciphers, such as RC4 work: you supply a key, and the cipher stretches that key into a bitstream of whatever length you require. XOR that bitstream with the plaintext to get
Re: (Score:3)
Re: (Score:2)
No, if you want an easy and unbreakable encryption system for your text just use EBCDIC. No programmer has stayed sane long enough to implement it.
meh, dd if=ebcdic conv=acsii
Re: (Score:2)
Decryption is slow though - takes 24 times as long.
questions answered below (Score:3)
Re: (Score:3)
Re: (Score:3, Informative)
I experimented with my old flip phone for a few days just to see if I could really go back and discovered that I found myself missing basic smartphone functionality, like threaded SMS conversations. It took all of five minutes for that to annoy the piss out of me. Then there's the smartphone functionality that has become a key part of my daily routine, like my exercise diary, the Wegmans app, my food diary, Google Maps, weather, and so forth. These are all apps that have value for productivity and/or hea
Re: (Score:3)
Re: (Score:2)
I wonder if someone's made a smartphone app for that: every time you press the button to turn on your phone's screen, it chirps with the Star Trek sound.
Re: (Score:3)
CBS has an app that would do the chirp when you did the "communicator flip"
https://play.google.com/store/... [google.com]
Comment removed (Score:5, Interesting)
Re: (Score:3)
You're talking about "feature phones" by the sounds of it. The old Nokia ones were not bad at all. They were excellent for calls and the UI, especially for calls, texts and the address book was far better than any Android phone I've ever used.
They also had a J2ME interpreter and ran some apps like a basic email client and so on. I could even thether through mine using a cable and some old style modem calls.
never saw the need???? are u insane (Score:2)
Even the cheap color lcd phones of 2002-2007 I needed smart features in.
I would hack a home made google maps, using JPEG map images.
I would copy dozens of .txt docs that were useful, like windows serial #s.
And dude, google translate is so cool when outside USA.
Re: (Score:3)
And dude, google translate is so cool when outside USA.
Like when you go to the UK and have to learn how to speak English properly?
Re: (Score:2)
I would like to report that I have been free of a cell phone for approximately 3 years now and am still alive, happy, and savvy to the things happening in the world.
You don't need to have that thing attached to your face at all hours of the day.
Re: (Score:3)
Re: (Score:3)
Re: (Score:2)
Wait a sec... I'm supposed to pay for those things???
Re:questions answered below (Score:4, Informative)
F-Droid [f-droid.org] is a true friend. And that's a rare thing in these circles.
Re: (Score:2)
Re:questions answered below (Score:4, Informative)
Have fun living in the past.
Here's the reasons my smartphone is extremely valuable to me:
1) Mobile internet access / WiFi hotspot: I can use my phone to give my laptop internet access anywhere there's cellular data service available.
2) Camera: it's not as good as a dedicated camera, but it's better than no camera at all, and is really handy for taking quick photos of things if image quality isn't paramount. Also can take reasonably good videos. You never know when you'll need to film the cops beating someone.
3) Email access: While definitely not as powerful as reading it and typing on my laptop, it's handy to be able to check my email on-the-go.
4) Voice mail: With Google Voice, I can see a transcript of people's rambling voicemail messages. I can read them in seconds, instead of having to waste time listening to them drone on and on.
5) Games: I like doing crosswords when I'm stuck somewhere and bored and have nothing better to do. The "Shortyz" app is brilliant for this.
6) Weather: My phone tells me what the temperature in my zipcode is, and can easily bring up further weather info. It's nice knowing what the high and low will be without having to watch the weather report on TV like in the bad old days, or having to get to a computer to look on a weather website.
7) Google Maps: I use this for navigation all the time. I really don't know how I ever got along without it; oh yeah, I do know, it was horrible, as I had to mess around with paper maps, stopping and asking for directions, making wrong turns, getting lost, etc. Maybe if you never leave your little town or go anywhere new, you won't see the point of this, but for those of us who travel a lot and move frequently it's a godsend. It's also amazingly useful for finding businesses, looking up their phone numbers, seeing their hours at a glance, etc.
8) Texting: For close friends this is pretty handy for staying in touch at times, though I don't use it that much. Smartphones make this better with an actual (on-screen) keyboard, instead of the shitty dumbphone method of using the 0-9 keypad to try to type messages.
9) Playing music (like a "walkman" if you remember those): I can store my entire music collection in my phone and play anything I want through headphones, like when I'm at the gym. No need for a separate iPod. You can also use internet music services like Pandora.
10) Alarm clock: I not only don't need a separate alarm clock, I can set multiple alarms for all kinds of different events. It also has a stopwatch and a countdown timer.
11) Calculator: With the "RealCalc" app, I have an on-screen calculator and looks and works a lot like my old HP-48G RPN calculator.
12) Flashlight: It's handy to have a flashlight on hand sometimes.
13) Uber/Lyft: With these apps, you can call up a ride easily, see where the car is, and pay for it all with your phone and without having to mess around with calling for a cab and talking to people.
If you don't see the need for a smartphone, you probably live an extremely simple life consisting mostly of sitting in a rocking chair on your porch and watching the world go by all day long. For those of us who aren't retired and idle, it's an enormous convenience.
Re: (Score:2)
Have fun living in the past.
I really hope that the future contains more than the dubious benefits of owning a smartphone.
Re: (Score:2)
What is the most worthless app purchase you made? Did you ask for a refund? 1. several were worthless. 2. no. only cost $0.99. bottom line: gave up on the smartphone in 2013. have a dumb phone now. ignorance is bliss.
And that is what they are counting on. If you cheat a billion people out of $1, then hopefully those billion people won't care enough about it to tell the net person not to buy it. P.T. Barnum rides again.
Re: (Score:3)
What's the deal with that? How can they justify converting a paid app into an ad-supported one?
Surely there will have been some legal cases by now for the times that has happened. I mean, I personally just delete the app and never* buy from that publisher again, but surely some class action lawyers have been able to get a lot of money for themselves and a small coupon for the many many victims of this practice over the years.
Re: (Score:2)
Ahh.. forgot the *
*never - or until I forget their name, or they change it and I don't notice, whichever comes first. It's not like I keep a list.
XOR encyption is uncrackable as long as... (Score:5, Informative)
Re:XOR encyption is uncrackable as long as... (Score:5, Informative)
And you NEVER reuse that key.
Re:XOR encyption is uncrackable as long as... (Score:5, Informative)
And it's generated from a quality source of entropy.
Re:XOR encyption is uncrackable as long as... (Score:5, Informative)
And the key remains private.
Comment removed (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
But in this case the key size is 1 byte, and only applied to the first 128 bytes of the file. So there's that.
DMCA (Score:5, Funny)
Re: (Score:2, Insightful)
you are modded funny, but the sad thing is your post is actually informative.
Re:DMCA (Score:4, Informative)
I think Slashdot should take down this article. Under the DMCA it's illegal to bypass flimsy methods intended to enforce security.
To be precise, it's illegal to bypass flimsy methods intended to enforce copyright. Since this tool isn't marketed as a DRM system, the DMCA doesn't apply.
What are you protecting? (Score:2)
So encryption. What are you protecting? Many Many passwords to your banking, health care, etc. ?
So the question re:
You can build a sophisticated cypher that does not require polynomials, massive primes or any of the stuff that RSA uses in an afternoon with a little imagination that will stifle pretty much anyone except for the most ardent code breakers. So the questions need to be answered.
Create a two dimensional array each dimension being 64K in siz
AIDE premium key (Score:2)
Guys. The worst part. I found it. (Score:2)
Basic OS Functionality (Score:3)
It's silly that Windows XP from 2001 still has a better list of basic OS functionality, bundled applications, and diagnostic tools than either Android or iOS can claim today. I'd gladly pay for a phone OS separate from my phone if I could get solid functionality covered.
Android also falls way short of iOS and Windows Phone for device to device migration. Settings and preferences from apps only migrate if they are Google first party or if the app developer stores your settings on their server and uses a Google (or similar) sign in. Setting up a new device, or even ROM is nowadays a longer process (~4 hours) than on a PC to get everything operational, and that is with using tools like Titanium Backup and similar.
Re: (Score:2)
"XOR"? WTF? This thing is a "Vigenère cipher" (Score:5, Informative)
You could at least have some minimal accuracy in the stories. XOR is not a problem and perfectly secure if used with a secure key-stream, like is done in modern stream ciphers. The problem here is that this is a "Vigenère cipher", where a very short, repeating key-stream is used. It was designed in 1553 and a general break was published in 1863.
Re: (Score:3)
RC4 biases paper (PDF) [cr.yp.to] would like to hear more about your secure key streams...
Yes, XOR can be used as a component of perfectly secure cipher (and is, indeed, used in one part or another of many real-world ciphers) but in practice the most popular stream cipher in the world is broken.
Single Byte Key (Score:2)
So the single byte key is derived in some undiscovered manner from the password. Given how weak the encryption is known to be already, I wonder if one out of 256 encryption keys turn out to be a zero byte. In such a case, the encryption would leave the file unchanged. (Could be patched with "key=key?key:1;")
I thought they were bragging... (Score:2)
After reading just the title I thought that they were bragging - other people have figured out how to use just NAND gates to build their computers (theoretically) - WE USE ONLY XOR!!!!! :)
(Thankfully, the summary cleared it right up for me)
Better, faster encryption engine. (Score:2)
char
EncryptChar(char x)
{
return 0;
}
Start Scratch (Score:2)
Re: (Score:2)
Well, this has nothing to do with linux or android so that slashdotter may still be right. It is about an add on app that you use to encrypt and obfuscate stuff. It can just as easily be written for the Iphone or windows or even mac as it has nothing to do with the underlying platform except running on it.
Re: (Score:3)
Except that the app isn't open source. If it was someone probably would have spotted this sooner. So if anything this highlights the danger of using closed source anything crypto related. Sure OSS stuff might have problems, very very clever people might be able to insert back doors and weaken algorithms in ways others might not see, and any software can have subtle bugs, but at least very basic FRAUD as in it does not even attempt to do what it claims would get spotted.
That and the authors probably never
Re: (Score:2)
Except that the app isn't open source. If it was someone probably would have spotted this sooner.
Why wouldn't anyone spot the very not-random "encrypted" data that would result from XORing the same byte over and over, like runs of consecutive bytes, just eyeballing it.
Shouldn't there have been at least as many eyes on the output as the source? Nobody tried compressing one of these files and wondered why it got such a good ratio?
If the source was available, why would that be any more likely to be checked than the above? Source is cool and all, it just doesn't mean people automatically look at or under
Re: (Score:2)
Cool story, brah. Will you also regale us with stories about how you don't own a TV as well?
Re: (Score:2)
Re: (Score:2)
It doesn't convert links for ACs.