{"id":46050,"date":"2024-12-05T16:09:06","date_gmt":"2024-12-05T21:09:06","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=46050"},"modified":"2025-02-21T16:33:50","modified_gmt":"2025-02-21T21:33:50","slug":"us-officials-recommend-encrypted-apps","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2024\/12\/05\/us-officials-recommend-encrypted-apps\/","title":{"rendered":"US Officials Recommend Encrypted Messaging Apps"},"content":{"rendered":"

Kevin Collier<\/a>:<\/p>\n

\n

The hacking campaign, nicknamed Salt Typhoon by Microsoft, is one of the largest intelligence compromises in U.S. history, and it has not yet been fully remediated. Officials on a news call Tuesday refused to set a timetable for declaring the country’s telecommunications systems free of interlopers.<\/p>\n

[…]<\/p>\n

In the call Tuesday, two officials — a senior FBI official who asked not to be named and Jeff Greene, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency — both recommended using encrypted messaging apps to Americans who want to minimize the chances of China’s intercepting their communications.<\/p>\n<\/blockquote>\n\n

Via John Gruber<\/a>:<\/p>\n

\n

It seems kind of new for the FBI to call encryption “our friend”, but now that I think about it, their beef over the years has primarily been about gaining access to locked devices, not eavesdropping on communication protocols. Their advocacy stance on device encryption has not changed — they still want a “back door for good guys” there. Their thinking, I think, is that E2EE communications are a good thing because they protect against remote eavesdropping from foreign adversaries — exactly like this campaign waged by China. The FBI doesn’t need to intercept communications over the wire. When the FBI wants to see someone’s communications, they get a warrant to seize their devices. That’s why the FBI wants device back doors<\/a>, but are now encouraging the use of protocols that are truly E2EE. But that’s not to say that law enforcement agencies worldwide don’t still fantasize about mandatory “back doors for good guys”<\/a>.<\/p>\n<\/blockquote>\n\n

Pieter Arntz<\/a>:<\/p>\n

\n

Sophisticated state-sponsored campaigns from China are constantly targeting network appliances and devices. Among the culprits are four major APT groups: Volt Typhoon, Salt Typhoon, Flax Typhoon, and Velvet Ant. Volt Typhoon made headlines earlier this year when the FBI removed their malware from hundreds of routers<\/a> across the US.<\/p>\n

The infrastructure that the US government relies to communicate on is made up of the same private sector systems that everybody else uses. By abusing their components that make up part of the infrastructure, the Chinese are said to have been able to eavesdrop on political and industrial leaders in multiple countries.<\/p>\n<\/blockquote>\n\n

John Gruber<\/a>:<\/p>\n

\n

While writing the previous item<\/a> regarding the FBI encouraging the use of E2EE text and call protocols, I wound up at the Play Store page for Google Messages. It’s shamefully misleading regarding Google Messages’s support for end-to-end encryption. As I wrote in the previous post, Google Messages does support E2EE, but only over RCS and only if all participants in the chat are using a recent version of Google Messages. But the second screenshot in the Play Store listing<\/a> flatly declares “Conversations are end-to-end encrypted”, full stop. That is some serious bullshit.<\/p>\n<\/blockquote>\n

I don’t see what the big deal is when the third sentence of the description says: “End-to-end encryption is on by default when you message other Google Messages users who have RCS enabled.”<\/p>\n\n

Apple marketed iMessage as end-to-end encrypted for years, even though it really wasn’t if you had iCloud backup enabled. And it still isn’t, by default—you have to opt into Advanced Data Protection. Neither the App Store<\/a> nor the Messages & Privacy<\/a> page mentions this.<\/p>\n\n

Tim Cushing<\/a> (Hacker News<\/a>):<\/p>\n

\n

The Government executed a search warrant at Defendant’s residence and seized fifty-two devices, including an iPhone and an iPad. Law enforcement identified contraband on several devices, but could not examine the iPad, which was passcode-protected, or the iPhone, which would not power on.<\/p>

The Government retained the iPad and iPhone for over a year.\nEventually, with the assistance of a digital forensics expert who had not previously been involved in the investigation, the Government was able to repair the iPhone and power it on. The Government then applied for, and received, a new search warrant. Pursuant to this authority, agents searched the iPhone and—thanks to intervening developments in digital forensics tools—the iPad.<\/p><\/blockquote>\n

The most logical assumption would be that a non-working device would be of limited evidentiary value. But the DHS (whose Homeland Security Investigations unit took point in this case) apparently felt otherwise.<\/p>

What’s almost hidden here is that reviving the phone led to the government being able to crack it, despite the presence of a passcode. And, in case you’re still wondering about the value of walled gardens, cracking the iPhone immediately led to cracking the iPad, which suggests if the government has one Apple device owned by a suspect it can get into, it can probably get into the rest of their Apple devices.<\/p>

[…]<\/p>

This is another government party extensively modifying seized property to make it more receptive to phone-cracking efforts. One would think a court would need to be apprised of this opportunity before it became a reality, if for no other reason than the original warrant only authorized a search, not the literal cracking of a cell phone (or its casing, at least) to replace a circuit board and install new firmware.<\/p><\/blockquote>\n

This was apparently an iPhone 6, however.<\/p>\n\n

Previously:<\/p>\n