This article was authored by Don Sambandaraksa, and was originally posted on telecomasia.net.
Privacy does sell. Or at least, it has received a breath of fresh air in the form of the wake-up call from Edward Snowden’s leaks.
This has resulted in a steady stream of of privacy-enhancing applications out there to keep what we are communicating and whom we are communicating with safe from prying eyes. From what was once the domain of hard-core crypto-nuts and the tinfoil hat brigade today there are many encrypted communications channels out there that are verging on being user-friendly.
Remember when BlackBerry Messaging was secure? When it was denied access to countries in the middle east and India because it could not be intercepted? RIM had to comply and allow access by authorities and undermine the entire secure messaging model, leaving it no better than Whatsapp (with very weak encryption) and LINE (with no encryption).
While this may allow these companies to enter and operate under oppressive regimes, it also opens up your private messages to anyone in the middle from telco to carrier. Expecting privacy and taking steps to ensure privacy is not a crime yet, depending on where you live.
Pretty Good Privacy and its open source counterpart the Gnu Privacy Guard is a widely used standard in public key encryption. They are used to sign everything from emails to software packages as well as for encryption. Each key is made up of a pair. The public key can be posted in public and can only be used to encrypt messages to the private key holder or verify the private key holder’s signature. The private key can be used to decrypt messages and to sign messages.
A public key can be published in a public phone book and security of the messages can still be maintained – though verifying the identity of the publisher of the key is another matter.
Post Snowden, there has been a new flurry of activity. The Android Privacy Guard, an Android port of GPG, has just received its first update in almost three years after being practically abandoned. Another Android port of GPG by the Guardian Project is in a basic beta state – if you can imagine using a command line app on an Android phone, that is pretty much how basic it is.
But how trustworthy is the core Android OS? Today chipset vendors keep many of their drivers closed and proprietary and it is conceivable that backdoors exist within them. Replicant is an attempt to create a fully open source Android fork that can be verified to be secure, unlike official Android in which we simply have to trust Google and all the chipset vendors who supply the drivers.
On the desktop there is the Enigmail plug-in for the fat-client Mozilla Thunderbird and a number of plug-ins for Chrome that do the encryption in-browser. Mailvelope and My Mail Crypt for Gmail work in Chrome and ChromeOS too (even the ARM version of ChromeOS) making email encryption easy for someone used to accessing their email through a web browser.
The NSA has worked to weaken voice encryption in 4G standards so why not use a SIP phone and the encrypted ZRTP protocol for VoIP instead. On Android csipsimple supports ZRTP (as well as more regular non encrypted protocols) and is closely integrated with the Android phone dialler. No, it is not quite as seamless as the built in SIP client on Nexus phones, but it is quite usable with decent 3G.
In the IM space, Threema is one that seems to be aimed at NSA spying concerns while being as easy to use as the more colourful apps out there. Another post-Snowen alternative to Skype with video chat is tox.im, though that is only vapourware at this moment in time.
But both are closed source, and Snowden taught us that the NSA has a tool called an NSA letter that can force commercial software developers to insert backdoors into their software, or in the case of Microsoft, engineer it from the ground up to allow for real-time NSA access. Arguably open source software is the only verifiable platform that can be classed as secure. That said, being based anywhere outside of the USA without Americans on the team seems to be the claim to secure fame cited by these new providers.
Over the past months I have been relying a lot on an IM protocol called OTR (off the record) which regenerates keys often, so that even if a key is compromised, older messages are not decryptable. OTR is available on Windows, Mac and Linux (through a PIDGIN plugin), on Android through Gibberbot (now renamed Chatsecure) and even has a client on iOS. It works as a layer over any XMPP chat service such as Google Chat or Facebook chat. It even automatically integrates with TOR to provide a layer of anonymity in addition to security.
And yes, there is a TOR client on Android called Orbot these days.
Another personal favourite is Bitmessage. It is beyond rudimentary, the UI is a joke and integrating it with NameCoin for ID lookup is not for the faint hearted, but it does have its merits. Bitmessage uses a modified version of the Bitcoin protocol to send messages to everyone on the network at the same time the way Bitcoin sends a copy of the coin transaction ledger to everyone all the time. Only the intended recipient will have the private key to decrypt it, and he will only know he was sent a message by trying to encrypt everything coming in and seeing if his key fits. By sending the same message to everyone at the same time, it defeats traffic analysis to provide anonymity as well as privacy.
Privacy and security should be a selling point going forward. At the very least it has inspired a whole new generation of startups who hope so. The question is what will the incumbents who have collaborated with regimes around the world do now? RIM has indicated it wants to sell off BBM now that the encryption has been broken, effectively selling off just the name. Many others seem to be ignoring it and hoping it will simply blow over, as if they enhance privacy they will be thrown out of the country or thrown into jail.
The lesson of Lavabit’s Ledar Levision is one that has scared many from taking a stance. Lavabit is a secure email provider so when the NSA came to Levision demanding keys to access the email accounts, he had no choice but to comply. Well, he did comply by printing out the keys in a tiny font and handing it over on paper, and when he was forced to hand over an electronic copy, he shut his company down, only to be prosecuted for contempt of court.
If you haven't already, please take our Reader Survey! Just 3 questions to help us better understand who is reading Telecom Ramblings so we can serve you better!Categories: Other Posts · Security