Bridgefy, the Messenger Promoted For Mass Protests, Is a Privacy Disaster

Bridgefy, a popular messaging app for conversing with one another when internet connections are heavily congested or completely shut down, is a privacy disaster that can allow moderately-skilled hackers to take a host of nefarious actions against users, according to a paper published on Monday. The findings come after the company has for months touted the app as a safe and reliable way for activists to communicate in large gatherings. Ars Technica reports: By using Bluetooth and mesh network routing, Bridgefy lets users within a few hundred meters -- and much further as long as there are intermediary nodes -- to send and receive both direct and group texts with no reliance on the Internet at all. Bridgefy cofounder and CEO Jorge Rios has said he originally envisioned the app as a way for people to communicate in rural areas or other places where Internet connections were scarce. And with the past year's upswell of large protests around the world -- often in places with hostile or authoritarian governments -- company representatives began telling journalists that the app's use of end-to-end encryption (reiterated here, here, and here) protected activists against governments and counter protesters trying to intercept texts or shut down communications.

[R]esearchers said that the app's design for use at concerts, sports events, or during natural disasters makes it woefully unsuitable for more threatening settings such as mass protests. They wrote: "Though it is advertised as 'safe' and 'private' and its creators claimed it was secured by end-to-end encryption, none of aforementioned use cases can be considered as taking place in adversarial environments such as situations of civil unrest where attempts to subvert the application's security are not merely possible, but to be expected, and where such attacks can have harsh consequences for its users. Despite this, the Bridgefy developers advertise the app for such scenarios and media reports suggest the application is indeed relied upon."

The researchers are: Martin R. Albrecht, Jorge Blasco, Rikke Bjerg Jensen, and Lenka Marekova from Royal Holloway, University of London. After reverse engineering the app, they devised a series of devastating attacks that allow hackers -- in many cases with only modest resources and moderate skill levels -- to take a host of nefarious actions against users. The attacks allow for: deanonymizing users; building social graphs of users' interactions, both in real time and after the fact; decrypting and reading direct messages; impersonating users to anyone else on the network; completely shutting down the network; and performing active man-in-the-middle attacks, which allow an adversary not only to read messages, but to tamper with them as well. "The key shortcoming that makes many of these attacks possible is that Bridgefy offers no means of cryptographic authentication, which one person uses to prove she's who she claims to be," the report adds. "Instead, the app relies on a user ID that's transmitted in plaintext to identify each person. Attackers can exploit this by sniffing the ID over the air and using it to spoof another user."

The app also uses PKCS #1, an outdated way of encoding and formatting messages so that they can be encrypted with the RSA cryptographic algorithm. "This encoding method, which was deprecated in 1998, allows attackers to perform what's known as a padding oracle attack to derive contents of an encrypted message," reports Ars.

Re:

[Anonymous Coward]

Yeah, I love how these people are being brought in from Chicago and Milwaukee just to burn down Kenosha. Oh, they're just protesters! Protesting civilization!

Re:

[Marxist Hacker 42]

Yet if they use this app, there's a simple hack- break into their communications with orders to march on and burn down police stations.

Oh wait......that's what they're already doing, isn't it.

Re:

[ArchieBunker]

I'd love to know who organizes this and where the buses park. I also want to get paid for rioting. Who do I contact for payment? Do I need a 1099 form or do they pay cash?

Community organizers? Crowds on Demand, BLM

[raymorris]

> I'd love to know who organizes this

Community organizers?

But seriously, there are a people organizing this stuff, it doesn't just happen at random. You have the companies that are pure profit and will deliver a crowd for any customer, such as Crowds on Demand:

https://www.latimes.com/busine... [latimes.com]

Then you have those that organize to advocate particular goals. For example, Black Lives Matter is a corporation, professionally managed. The founders, friends of Venezuelan dictator Nicolas Madur, have stated th

Re:

[ArchieBunker]

Oh that's a good one. Venezuela is now the bad guy instead of Russia? The clenched fist has been a black power symbol for decades.

But again I ask, who pays for these supposed crowds and protesters? How are they paid?

Re:

[raymorris]

Who said Venezuela is bad? If you don't like their goals, that's YOUR judgement.

Re:

[Jerry]

The founders of the BLM movement state their training and political ideology in this interview: https://www.youtube.com/watch?... [youtube.com]

Re:

[raymorris]

For those who for whatever reason don't care to click the video, the BLM founders say "we are trained organizers. We are trained Marxists".

Re:

[nightflameauto]

Whoah, buddy. Calm down. Protesters shouldn't be arrested just for protesting. This is still America, despite our headlong dive into authoritarianism. People shouldn't be arrested just for stating a view and standing in solidarity. Being disruptive has a whole host of ranges all the way from blocking a street to the aforementioned riots and there's likely a line in there somewhere where the consideration of police retaliation should be considered.

But the very fact that in some cities police participate

Re:

[fuzznutz]

You are using the archaic definition of protester. The MSM Newspeak definition is someone who commits assault, arson and destruction of public and private property. I can see where you might get confused.

Re:

[smooth wombat]

I love how whenever the media or the democrats/liberals say "They are protesters" they think we are supposed to just give them a pass. No, fuck you. You protest you get arrested...fucked off.

So you're saying we should go the route of the Boston Massacre [wikipedia.org] which, ironically, had a non-white as its first victim [wikipedia.org]. Good to know you've learned from history.

Re: Mass Protests

[reanjr]

Protest is protected in the U.S. If you arrest protesters illegally, it's you who deserves to be arrested.

Re:

[kenai_alpenglow]

So attending church in a large sanctuary practicing the recommended CDC practices (You know, 1st amendment stuff) is unlawful and you can get arrested for doing so. While rioting ("peaceful protesting") is fine and dandy and actually encouraged? Even if it results in Black Lives Dead, Black Stores Burned, etc? Sorry, the Left has a lot more things to learn about the Constitution. And civilization in general.

Re:

[skids]

I had to laugh when I looked at a news channel comment page on one of the early new stories on Kenosha.

Almost everyone was complaining that the article was headlined "Protestestors blah blah blah" and opened with video of a burrning dump truck.

The lefties were upset that those who had been peacefully protesting before the violence were being lumped together with the rioters.
The righties were upset that the rioters were being called protesters.

And except for the ones that dropped racist dog-whistles, you rea

Re:

[kenai_alpenglow]

Biden 2020--you mean that guy (and his party) who denies riots happened?

Re:

[skids]

I'm just going to say "bullshit", because your post is a lie, and move on.

Re:

[smooth wombat]

Yeah, I love how these people are being brought in from Chicago and Milwaukee just to burn down Kenosha.

Why not? It happened in St. Paul. People from outside of the city [cbsnews.com] either came themselves or were brought in to cause harm. In fact, a white supremacist was caught on camera destroying property [go.com] and inciting riots in Minneapolis.

Re:Mass Protests

[hey!]

You're a fool if you assume any app's "encryption" is going to keep you safe, but not because a secure app isn't possible. It's because creating an app that is secure against sophisticated and persistent enemies is beyond the ability of most development teams.

It's not the algorithms that are a problem, it's the whole system. Even here the deprecated PKCS version -- although a red flag -- isn't likely to be a practical concern for the intended use. It's the numerous security holes baked into the system's design. Security is a non-functional requirement; you can't cobble together a sloppy prototype then agile-iterate into shape by functional testing, at least with respect to security.

Re:

[Bearhouse]

At last an insightful post, that will probably stay at "1", while the inflammatory pro and con "right to protest" vs. "right to riot" offtopic bullshit gets modded up.

Indeed, people capable of designing and implementing a designed from the ground up totally secure mesh network, capable of resisting a nation state funded attack, are all probably enjoying high-paid jobs for...said nation states. The days of a bunch of hopeful amateur hackers trying to beat the man are long gone.

who promoted the app?

[bmimatt]

Quick infiltration of people with no clue using a trojan horse app designed to be insecure?
I do not know, but it sure stinks to see people get duped like that by an app.

Re:

[GuB-42]

Using Hanlon"s razor "Never attribute to malice that which is adequately explained by stupidity"

Bridgefy is explicitly designed to help large crowds communicate when the cell network is saturated. Protests are large crowds. Bridgefy saw an opportunity there, slapped in weak cryptography and called their app "private" to make it more appealing in that context.

Security is hard, and it is not really something you see, worse, when you see it, it tends to be an annoyance. I suspect neither users nor developers

cryptography is hard

[Anonymous Coward]

Writing cryptographic applications is really, really hard. Anyone who tells you otherwise, don't listen to them...

Surprisingly so

[raymorris]

It's surprising just how hard it is to get get right, how many waya there are to leave holes. I've been studying the field a bit for twenty years as a security professional, and I'm not totally confident in my own application code. Even though I know the mode I used is provably secure (ind-cca), I've also been taught how to break so many systems that appear so secure.

Some people say "it's AES, so it's secure" or "it's using SSL, so it's secure". Not true at all. A lot of things using AES not only aren't secure as an application, even the ENCRYPTION isn't secure. AES can be not secure? Yes, definitely. Here's one that confuse a lot of people - if it's using SSL, it's definitely not secure.

Re:Surprisingly so

[Bert64]

Yes, encryption is complicated and very easy to screw up...
But using a standard that was deprecated over 20 years ago is just ridiculous.

The problem is that people listen to buzzwords. They equate "ssl" and "encryption" with being secure, and for a local app which runs on your physical device it might be possible to verify some of the claims (as this research shows) in other cases (eg a website) it's usually not possible...

How many websites ask you to sign up with your real info, and have some text claiming that they hold your data "encrypted".. What does that actually mean?
Maybe the raw data is encrypted when on disk, but in order to be used (ie the site has to function) it needs to be decrypted, so where is the decryption key held? They might be using disk encryption so while the data is technically encrypted, once the system is booted it can be accessed as if it wasnt - which does absolutely no good whatsoever if someone compromises the system while it's running. Such an implementation is only effective against someone who physically steals the disks, and even then you're assuming that they aren't able to steal the keys at the same time.

Re:

[sabbede]

Except PCKS #1 wasn't deprecated, it was updated. RSA (PKCS#1) is used for key exchange and authentication in TLS 1.2, and for certificate signatures in TLS 1.3. You'll even find it used here, in Slashdot's certificate. The real question is how it is used - where in the name of the cipher suite will you find the letters RSA.

Re:

[K. S. Kyosuke]

Just to be clear, presumably by "SSL", you mean "the thing that isn't TLS"? Or does this include SSL's successors as well?

Re:

[raymorris]

My point was, knowing the distinction is awfully important, as is the fact you said "successors", plural. TLS 1.0 (from 1999) is quite insecure, and still widely used, because Windows is so slow to move into this century.

Right now at work I'm dealing with a problem where the "security" company, ADT, uses only TLS 1.0. That doesn't work with the rest of our security infrastructure. We need them to advance to at least 2006-era security, TLS 1.1. We need our "security" company to use security from THIS cen

Re:cryptography is hard

[skids]

The first step is the doozy and it's the one where most of the mistakes are made. And there's a reason why.

The first step is trusted key exchange. For all but a very few applications, key exchange *must* be trusted. It's not enough to be sure both sides got a key that nobody else knows. You also have to know that both sides are who they say they are. Add to that, for some applications, initial key exchange must also be private... which means only the two sides of the conversation know who they are talking to.

The reason this is hard is because it cannot be solved by code. Code can facilitate it, but a real-world interaction is required to prove someone is who they say they are, and if intermediaries are involved in establishing that identity, they must also be trustworthy.

This costs manpower, takes time, and for distributed trust webs like PKI, would in an ideal world require an organizational structure with a lot of redundancy and careful safeguards. In the real world, CAs pretend to have that, but don't.

Producers of these products... even standards bodies... throw up their hands and gloss over this. Worse, if they even allow users to engage in the simplest form of trusted key exchange (between two individuals who already know each other), they don't provide a well documented procedure and interface for doing so. So the user base remains uneducated on the matter and nothing ever improves.

Good

[Anonymous Coward]

I hope the long dick of the law comes back to fuck anyone involved in Burning, Looting and Murdering right in their asses.

Not a good idea to bring a smartphone to a protest

[Powercntrl]

If you’re arrested, it can be searched and something something something, privacy. Back in non-paranoid reality though, if you’re not a wanted criminal, a drug dealer, or a pedo, the worst thing that will happen is your phone sits in an evidence locker until it is obsolete.

Better yet, don’t go to protests. Instead, get involved in the political change you want to see happen. Volunteer, canvass, make calls, donate (if you can). Don’t whine like a baby that someone else needs to do

Re:

[Anonymous Coward]

Better yet, donâ(TM)t go to protests. Instead, get involved in the political change you want to see happen. Volunteer, canvass, make calls, donate (if you can). Donâ(TM)t whine like a baby that someone else needs to do something.

Should be said louder and more often. You don't create and build up by destroying and burning down. Creating a good society, even on a small scale, is HARD WORK. At the very minimum people have to eat, so someone has to plant crops and raise livestock. That's often backbre

Re:

[Nidi62]

Better yet, donâ(TM)t go to protests.

Should be said louder and more often. You don't create and build up by destroying and burning down.

Destroying and burning down isn't protesting. At best, that's letting off frustration, at worst it is a malicious action. Peacefully protesting-sit ins, marches, shows of solidarity and support, etc are great ways to effect change. Because it shows people, particularly people in power, that there are a lot of people that support a cause. It can start a snowball effect.

protests can be an effective way of change

[pereric]

Better yet, don’t go to protests. Instead, get involved in the political change you want to see happen. Volunteer, canvass, make calls, donate (if you can).

You realize that going to a protest may actually be the method available to "get involved in the political change you want to see happen"? In democracies they are a a legitimate way of influencing policy - and in a less democratic society, other democratic means of affecting policy (like a multi-party system) may not be available.

Also, mass protests like in Belarus have helped substantially to topple regimes. For example, the recurring protests in German Democratic Republic cities before the fall of the Berlin wall. The Velvet Revolution in Czechoslovakia, the liberation of the Baltic states, or more recently the Maidan Nezalezhnosti protests in Ukraine.

Re:protests can be an effective way of change

[AmiMoJo]

In the last few days we saw that despite the long on-going protests, despite it becoming a national election issue, despite all the media attention, a cop thought it would be okay to shoot an unarmed black man in the back 7 times.

This is a sign that democracy is failing.

Re:protests can be an effective way of change

[zugmeister]

You mean the unarmed guy that when told to get on the ground by cops with guns drawn decided it would be OK to walk around his SUV and start grabbing something out of the front? You don't think he bears any responsibility at all?

Re:

[AmiMoJo]

Yes, this one: https://youtu.be/UtZu3q9J3pM [youtu.be]

The guy is calmly walking away from the cops in a non-threatening manner. We don't know what he was doing, perhaps going to get the ID that the cops had requested or perhaps intending to drive away. It seems unlikely he was going for a weapon as he did not appear agitated or hurried and there were two armed cops a metre away with guns aimed at him, and also his children were in the back of the car at the time.

So unless you think that the punishment for not stopping

Re:

[Cylix]

Let me tell you what happens if you ignore police officers ordering you to stop with guns drawn and you reach into a vehicle.

You get shot.

No one is going to wait to see if you are getting a gun or teddy bear. The police see someone who isn’t listening and is reaching for a weapon. Unless the officers have decided to play roulette then you get put down.

Re:

[AmiMoJo]

It's the fault of the police officers for drawing their guns on a calm, unarmed man whose kids were nearby.

Re:

[kenai_alpenglow]

Again, what is your proof? What happened before that video? Why did he not stop when told to? Sounds suspicious, and deadly force was likely justified depending the rules that police force had in place.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[nagora]

Let me tell you what happens if you ignore police officers ordering you to stop with guns drawn and you reach into a vehicle.

You get shot.

Good reason not to arm the cops, then. At least, those cops.

Re:

[GunJah]

I've never supported defunding the police, but yours is the most cogent argument I have heard to support a complete overhaul of policing in the US.

Re:

[kenai_alpenglow]

Yeah. Statistically (google it if you want specific numbers), the white guy would have have also been shot and nobody would have cared. Remember the white lady who got shot by a "Cop Of Colour" in MN? I didn't see any riots after she was killed? Yep, much, much differently...

Re:

[Sumus Semper Una]

You mean the unarmed guy that when told to get on the ground by cops with guns drawn decided it would be OK to walk around his SUV and start grabbing something out of the front? You don't think he bears any responsibility at all?

Responsibility for getting shot? No. For getting arrested? Yeah. For getting tased? Sure. For being physically restrained? Certainly.

When you use lethal force as a deterrent, your bar for invoking it should really be higher than "because I asked you to stop."

Re:

[inhuman_4]

You don't think he bears any responsibility at all?

In the mind of a SJW personal responsibility cannot exist, everything must be society's fault. If individuals are responsible for the outcomes caused by their choices, then equality of opportunity will not necessarily lead to equality of outcome. Which is an existential threat to any ideology founded on the idea that everyone is the same and that the sole cause of unequal outcomes are unequal opportunities.

So you can point at this guy saying he behaved in a way no reasonable person would and so he is at le

Re:

[Powercntrl]

This is a sign that democracy is failing.

Democracy literally means "rule by the people".

It's failing because collectively, most Americans don't bother to get involved/informed in politics and many of the ones who do, have sports team fan loyalty to their favored party.

It's the same situation with open source software - the quality of the end result is proportionate to the effort people are willing to put into it. 15 million non-programmers shouting in the streets that the software needs fixing isn't going to make the code update itself.

Re:

[flyingfsck]

I also don't understand how a 6 shooter police revolver can fire 7 times, but I guess in the US anything is possible.

Re:

[AmiMoJo]

There were two cops so it's possible the other one fired as well.

Re:

[onyxruby]

Your talking about the guy who had a warrant and was being arrested for domestic abuse? The one who was violent and fighting with cops a moment before one who had a knife in his hand and was trying to climb back in the car with the victim he sexually assaulted and her young kids?

How about some context? Hereâ(TM)s another headline once you have more context and facts. Cops save black woman from violent attack by domestic abuser. while her young children watch.

Re:

[AmiMoJo]

I looked for evidence of your claims but could only find some social media posts. Have any reputable news agencies confirmed any of this?

There is no knife visible in the video.

In any case there was no good reason to shoot him.

Re:

[onyxruby]

Star Tribune is a liberal news source if that is what you mean by reputable. This court record shows he has a warrant for domestic violence and sexual assault. This was the first indication that he was a violent person.
https://www.startribune.com/pr... [startribune.com]

... there was an active arrest warrant in Blake's name at the time of the shooting, the Tribune reported. Court records indicate Blake had been charged with third-degree sexual assault, trespassing, and disorderly conduct in connection with domestic abuse on

Re:

[AmiMoJo]

Some interesting details from the Star Tribune, thanks. Looks like the police lied about the knife, a common tactic.

The man who said he made the cellphone video, 22-year-old Raysean White, said he saw Blake scuffling with three officers and heard them yell, âoeDrop the knife! Drop the knife!" before the gunfire erupted. He said he didn't see a knife in Blake's hands.

Reminds me of that guy at the petrol station with his hands out the window of his car. The cop keeps screaming for him to put his hands in the car so he can shoot him, and then shouts "gun" when the guy refuses because he knows the cop is trying to murder him.

Online court records indicate Kenosha County prosecutors charged Blake on July 6 with sexual assault, trespassing and disorderly conduct in connection with domestic abuse.

So not paedophilia as some people are claiming, and only charges not proven yet. I'm sure as a black man he will get a fair trial though

Re:

[DarkOx]

You mean a man who may or may not have happened to be unarmed at the time; as far as the cop knew but who was the subject of a level three sex offense warrant, and had a history of violent armed confrontation with police. - There fixed that for you.

Re:

[AmiMoJo]

Do you have a source for any of that? The only references I can find are some tweets and a YouTube video.

Seems more like an attempt to smear at this stage.

Re:

[kenai_alpenglow]

Don't see any source for your claims, other than a youtube video that does not cover the entire event.

Re:

[kenai_alpenglow]

And your proof that is the correct and whole story? Almost all of these riot-inducing causes tend to be either not the whole story, or complete fabrications. Remember "Hands up-don't shoot"? That was really "hands in running position, charge at the cop". Even this George Floyd guy had what could be a lethal dose of fentanol (sp). On-camera witnesses thought he was having a heart attack--and the cops called the paramedics early on in the situation. Not the type of action you'd expect if they really wanted t

For ultra-dense crowds: music festivals, mostly

[DrYak]

Yeah that's really going to be useful for "rural" areas.

Actually yes, rural area, but not for the reason you think.

This was designed for nothing more but inciting riots

Nope. Nothing to do with that.
Initially, Bridgefy was designedto bu used in music festivals and concerts.
And there's your "rural" setting: most of the outdoor music festivals tend to be orginized in the country side. Usually these area are completely under-served with cell services.
In some countries in central and northern Europe, the telecom provider will quickly dispatch temporary mini cells to better cover the festival premise (cell-tower-on-a-trailer is a standard sighting in most festivals I've been in DE, CH, even CZ...).
In other countries, nobody bothers (In FR I've seen this happening even at festivals just at the outskirts of Paris. The same festival also managed to run out of wine). So suddenly you have a giant crowd of people, who are all packed in a rural area with crappy cell service: result nobody can contact anyone else, impossible to send messages (even SMS delivery takes ages, etc.) so it's difficult to coordinate with a group of friends.

You have several approaches to this kind of sitatuation:
- In cities, they are shifting toward 5G for this exact situation. That generation's protocol is designed for overcrowded use.

In rural areas:
- Method 1: "Bring your own hardware", push-to-talk short-wave radio is designed to work without infrastructure and some types can even work in crowded area (though not necessarily if *everybody* bring their own talkies with them). So some people who are used to outdoor sports and have such systems at home bring their gear to festivals.
Later some start-up have jumped in and you see on indiegogo and kickstarter start-ups trying to sell some dedicated hardware (with localisation and messaging added-in) which was initially planned for outdoor sports but is also advertised for festivals.

- Method 2: "use alternative networks on the phone". Instead of using cell service, you can use other radio services on your smartphone. Some festivals feature their own Wifi network to enable some level of communication.
But that startup has decided to instead use bluetooth mesh networks.
It should in theory work not so bad, because it works without any existing infrastructure and rely on nothing more than devices that you already have in your pocket.

But for this to work, you need to have a lot of users deployement. (It's hard to mesh a network when there's only 2 person in the crowd of festival goers using the service, after all). (As opposed to push-to-talk hand held radio which can work on a festival premise even if nobody else has one).

So Bridgifiy has massively advertised their app as working even when there's no service (again, true given the mesh network).

Some people have noticed that it works also in other situation with poor service, such as public demonstrations.
(Be it because ultra large crowd over whelm the cell service, or be it because authorities are actively trying to block internet access).

And, being a typical start-up, did what all start-up would do: they asked EFF to review their code... No, I'm just kidding. Of course not.
They just decided to "pivot" and to massively advertising and try to gain share in this new discovered market, no matter if their app isn't suited.

And indeed, their app was never designed for public demonstration and protest. The "works even with poor service" part inherited from its crowded music festival part might work there too, but there's a whole other dimension of security, privacy, etc. which was never planned in the first place.

That's how you end up with this app in demonstration and protest: a repurposed music festival app.

since BT is useless beyond about 20ft.

Two big mistake in your assesment:

- In general Bluetooth Class 1 ca

Of course it is

[argStyopa]

It's counterintuitive but at this point I'd expect any worthwhile domestic security service in any country to have long ago penetrated these sorts of casual messaging apps as a matter of course.

Hell, I'd expect the BEST ones might even be designed directly by such security services, with surveillance built right into their dna.

So ironically that this is privacy disaster is a thing, certainly, but it's probably ALSO a sign that it's not a purpose-built honeypot either.

Any open source auditable alternative apps?

[Ungrounded Lightning]

It seems to me that,this sort of application is both a natural for open source, security auditable, solutions and an INSANE place to use a closed-source tool.

Are there any open source, auditable, alternative apps?