Is Your App a Benedict Arnold

Most smartphone users rely on apps to access much of their online data. This can be problematic though since many app developers have little or no knowledge about security. A research project has unveiled a number of Android apps, many of which are developed by companies with deep enough pockets to hire dedicated security personnel, that communicate user credentials over plaintext:

Researchers have unearthed dozens of Android apps in the official Google Play store that expose user passwords because the apps fail to properly implement HTTPS encryption during logins or don’t use it at all.

The roster of faulty apps have more than 200 million collective downloads from Google Play and have remained vulnerable even after developers were alerted to the defects. The apps include the official titles from the National Basketball Association, the Match.com dating service, the Safeway supermarket chain, and the PizzaHut restaurant chain. They were uncovered by AppBugs, a developer of a free Android app that spots dangerous apps installed on users’ handsets.

By communicating your credentials over plaintext these apps are betraying your account security to anybody listening on the network. What makes this particular problem especially worrisome is that it’s difficult for the average user to detect. How many users are going to connect their phone to their wireless network, open up Wireshark, and ensure all of their apps are communicating over HTTPS?

Developers should be expected to understand HTTPS if they’re communicating user credentials back to a server. But the real source of this problem is the fact plaintext is still allowed at all. We’re well beyond the point where HTTP should be deprecated, in fact Mozilla is planning to do exactly that, in favor of HTTPS only. If HTTP is no longer allowed then we don’t have to worry about apps communicating data over it (we still have to worry about improperly configured HTTPS but that’s something we have to worry about currently).

Lazy Libertarians

This weekend several of my friends and I had the privilege of running the CryptoParty for B-Sides MSP. It wasn’t the first CryptoParty I’ve either hosted or helped host but all of the previous ones were for various libertarian groups. I cannot properly express the difference between being a part of a CryptoParty with security professionals versus libertarians. Unlike the libertarian CryptoParties I’ve been involved with, none of the people at B-Sides MSP went on a tirade about how the otherwise entirely incompetent government can magically crack all crypto instantly.

Libertarians like to consider themselves the paragons of personal responsibility. However, time and again, I see that a lot of libertarians putting more effort into making excuses for their laziness than doing anything productive. Using secure communication tools is one of these areas where supposedly responsible libertarians like to be entirely irresponsible. This is kind of ironic because libertarians tend to be the ones bitching about government surveillance the loudest.

It was during the CryptoParty at B-Sides MSP that I made a decision. From now on I’m going to call out lazy libertarians. Whenever I host or otherwise participate in a CryptoParty for libertarians and one of them goes off about the incompetent government suddenly being incredibly competent I’m just going to tell them to shut the fuck up so the adults can continue talking. If you are a libertarian and you sincerely oppose government surveillance then prove your sincerity by utilizing the really awesome and very effective tools we have available to secure our communications. Use Pretty Good Privacy (PGP) to encrypt your e-mails, call people with Red Phone or Signal, send text messages with TextSecure or Signal, and encrypt your computer and mobile device’s storage. Unless you’re doing these things I can’t take any claims you make about hating government surveillance seriously. If you want to be lazy and make up conspiracy theories that’s your thing but I am going to call your ass out for it.

Actual security professionals, some of whom knew a hell of a lot more about cryptography than me (not that that’s very hard), took these tools seriously and so should as well. The only people claiming that the government can break all cryptography instantly are conspiracy theorists who know absolutely dick about cryptography and people wanting to justify their laziness. Don’t be either of those. Instead embrace the personal responsibility libertarians like to tout and take measures to make government surveillance more expensive.

Thwarting Cellular Interceptors

The United States government has been using planes equipped with cell phone interceptors to surveil large areas. Recently planes have been spotted around the Twin Cities circling areas of interest for hours and it appears that they’re equipped with surveillance equipment:

The plane’s flight path, recorded by the website flightradar24.com, would eventually show that it circled downtown Minneapolis, the Mall of America and Southdale Center at low altitude for hours starting at 10:30 p.m., slipping off radar just after 3 a.m.

“I thought, ‘Holy crap,’ ” said Zimmerman.

Bearing the call sign N361DB, the plane is one of three Cessna 182T Skylanes registered to LCB Leasing of Bristow, Va., according to FAA records. The Virginia secretary of state has no record of an LCB Leasing. Virtually no other information could be learned about the company.

Zimmerman’s curiosity might have ended there if it weren’t for something he heard from his aviation network recently: A plane registered to NG Research — also located in Bristow — that circled Baltimore for hours after recent violent protests there was in fact an FBI plane that’s part of a widespread but little known surveillance program, according to a report by the Washington Post.

[…]

Zimmerman, who spotted the plane over Bloomington, said he pored through FAA records to find the call letters for each plane and then searched for images of them. He found photographs that show the planes outfitted with “external pods” that could house imagery equipment. He also found some of the planes modified with noise-muffling capability. That’s not common for a small plane, he said.

[…]

Other devices known as “dirtboxes,” “Stingrays” or “IMSI catchers” can capture cellphone data. Stanley said it’s still unclear what technologies have been used in the surveillance flights.

It’s unknown if these planes are surveillance craft or equipped with cell phone interceptors but the evidence of the former is great and the government’s program to use such craft for cell phone interception indicates the latter is likely. That being the case I feel it’s a good time to discuss a few tools you can use to communicate more securely with your cell phone.

Modern cellular protocols utilize cryptography. What many people don’t realize is that, at least in the case of Global System for Mobile (GSM), the cryptography being used is broken, which is why cell phone interceptors work. Furthermore cryptography is only used between cell phones and towers. This means your cellular provider, and therefore law enforcement agents, can listen to and read your calls and text messages.

What you really want is end-to-end encryption for your calls. Fortunately tools that do that already exist. Three tools I highly recommend are Signal, RedPhone, and TextSecure from Open Whisper Systems. Signal is an iOS application that encrypts both voice calls and text communications. RedPhone is an Android app for encrypting calls and TextSecure is an Android app for encrypting text communications. Signal, RedPhone, and TextSecure are all compatible with one another so iOS users can securely communication with Android users. All three applications are also easy to use. When you install the applications you register your number with Open Whisper System’s servers. Anybody using the applications will be able to see you have the applications installed and can therefore communicate with you securely. Since the encryption is end-to-end your cellular provider cannot listen to or read your calls and text messages. It also means cell phone interceptors, which rely on the weak algorithms used between cell phones and towers, will be unable to surveil your communications.

As the world becomes more hostile towards unencrypted communications we must make greater use of cryptographic tools. It’s the only defense we have against the surveillance state. Fortunately secure communication tools are becoming easier to use. Communicating securely with friends using iOS and Android devices is as simple as installing an app (granted, these apps won’t protect your communications if the devices themselves are compromised but that’s outside of the threat model of planes with cell phone interceptors).

Why Political Activism Won’t Stop Mass Surveillance

Time and again people ask me why I don’t involve myself in political activism to stop mass surveillance. My answer is doing so is pointless because no matter how hard you beg the state it will never handicap itself. Case in point, the Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-collection and Online Monitoring (USA FREEDOM) Act (I hope a staffer was paid a nice bonus for coming up with that acronym). It has been hailed as a solution to the National Security Agency’s (NSA) mass surveillance practices. However the bill, as so often is the case, does the opposite of what its name implies and advocates claim. Instead of curtailing NSA surveillance the bill codifies it:

After only one hour of floor debate, and no allowed amendments, the House of Representatives today passed legislation that seeks to address the NSA’s controversial surveillance of American communications. However, opponents believe it may give brand new authorization to the U.S. government to conduct domestic dragnets.

[…]

However, the legislation may not end bulk surveillance and in fact could codify the ability of the government to conduct dragnet data collection.

“We’re taking something that was not permitted under regular section 215 … and now we’re creating a whole apparatus to provide for it,” Rep. Justin Amash, R-Mich., said on Tuesday night during a House Rules Committee proceeding.

“The language does limit the amount of bulk collection, it doesn’t end bulk collection,” Rep. Amash said, arguing that the problematic “specific selection term” allows for “very large data collection, potentially in the hundreds of thousands of people, maybe even millions.”

In a statement posted to Facebook ahead of the vote, Rep. Amash said the legislation “falls woefully short of reining in the mass collection of Americans’ data, and it takes us a step in the wrong direction by specifically authorizing such collection in violation of the Fourth Amendment to the Constitution.”

Political activism can’t solve problems. At most is can be used to convince the state to rewrite its rules, and then only temporarily, so that it can continue doing the same thing but claim it isn’t. The only way widespread surveillance can be curtailed is if every one of us begins encrypting all of our communications. Even if some of us utilize weak cryptography it will still increase the overall cost of operating the system. Clear text requires no resources to read. Weak cryptography still requires some resources to identify the algorithm(s) used and to reverse them. Furthermore the text of any encrypted communication is unknown to the eavesdropper until it’s unencrypted. Strong cryptographic tools, on the other hand, are practically (as in the time required is longer than the information’s usefulness) impossible for spies to crack.

Stop begging the state to neuter its spying capabilities and take back your privacy. A good place to start is to begin utilizing tools that allow secure communications.

Deprecating Non-Secure HTTP

One of the biggest weaknesses of the Internet, in my opinion, is the fact secure connections aren’t the default. E-mail servers often don’t transmit messages to other e-mail server over secure connections. Many Jabber servers don’t utilize secure connections to other servers they’re federated with. Even the protocol most of us deal with multiple times on a daily basis to interact with web servers, the hypertext transport protocol (HTTP), isn’t secure by default. This lack of security has been a boon for national spy agencies such as the National Security Agency (NSA) and the Government Communications Headquarters (GCHQ). Even private businesses have been exploiting the lack of secure HTTP connections so they can better spy on their customers for advertising purposes. At this point it’s clear that non-secure Internet connections need to die.

To this end Mozilla, the developer of Firefox, has announced its plan to depricate non-secure HTTP:

Today we are announcing our intent to phase out non-secure HTTP.

There’s pretty broad agreement that HTTPS is the way forward for the web.  In recent months, there have been statements from IETF, IAB (even the other IAB), W3C, and the US Government calling for universal use of encryption by Internet applications, which in the case of the web means HTTPS.

After a robust discussion on our community mailing list, Mozilla is committing to focus new development efforts on the secure web, and start removing capabilities from the non-secure web.

This could be a huge move in the right direction. If every major browser deprecated non-secure HTTP it would force web servers to make secure connections available by default or lose users. More importantly, in my opinion, is that getting rid of non-secure HTTP would also eliminate the what’s encrypted guessing game. Many websites only utilize a secure connection for specific actions such as logging into an account or sending credit card data. Other interactions with the web server are done over a non-secure connection. That guessing game can make users believe that they’re connection is secure even though it isn’t.

Deprecating non-secure HTTP isn’t a straight forward move. Enabling transport layer security (TLS) isn’t as simple as flipping a switch. You need to obtain a keypair signed by an authority that major browsers trust, load them on the web server, and ensure those keys aren’t compromised. Administrators also have to keep up on recent security news so they can reconfigure their server when new exploits are discovered. Managing certificates could become much easier if Let’s Encrypt gains traction. Ensuring broken TLS protocols and features aren’t being used is a more difficult task but one that will likely be made easier as more sites move towards TLS. With that said, deprecating non-secure HTTP must be done regardless of the challenges involved.

CryptoParty in Minneapolis on May 9th

Do you want to learn how to communicate securely but don’t want to spend any money? Join CryptoPartyMN at The Hack Factory this Saturday between 13:00 and 17:00. We’ll teach you how to secure your stuff and won’t even hit you up for loose change!

This event will serve as a dry run before our main CryptoParty at Security B-Sides MSP on June 13th and 14th. Some mistakes will likely be made but I think we’ll be able to help you secure your life with a decent amount of competency.

If you’re interested in attending please RSVP here.

Yet Another Reason to Use HTTPS On Your Site

Transport Layer Security (TLS), often referred to by its predecessor SSL, helps protect the privacy of your users and prevents malicious actors from altering the content being sent between them and your servers. Since it’s such a powerful tool you should think every site would enable it by default but they don’t. If the privacy of your users and the integrity of your data isn’t enough to convince you to enable TLS maybe this will:

With CloudFlare, websites can afford extra security to users with Full SSL (Strict) encryption. Long story short, this strips certain identifiers from the traffic data ISPs use to block websites like TPB; since the information is routed through CloudFlare, website IP addresses are also hidden behind the delivery network. In the UK, where all major ISPs were strong-armed into blocking TPB in 2012, this has all but turned back time, with thepiratebay.se now accessible for Virgin, EE, BT and TalkTalk customers. Sky is the only popular provider still managing to block the site; you aren’t notified, as such, but the page won’t load anyhow.

TLS makes blocking access to websites more difficult (although not entirely impossible). Many web filters rely on identifiable information viewable in plaintext streams. When you encrypt those streams with TLS those filters are no longer able to see the identifiable information and therefore can’t block access.

Avoiding censorship is just another reason why you should not only enable TLS on your site but make its use mandatory by disabling unsecured connections (or redirecting them to secured connections as I do with this blog).

Signal for iOS Now Supports Secure Text Messaging

One of the things I try to do is find tools that enable secure communications without requiring a degree in computer science to learn. OK, few of the tools I’ve seen require a computer science degree but most people are notoriously lazy so any barrier to entry is too much. I’ve been using and recommending Wickr for a few months now because of its relative ease of use. It’s a good tool but there are two major flaws in my opinion. First, it’s not open source. Second, it requires a separate user name and password, which is a surprisingly high barrier to entry for some (I’m talking about people with little security knowledge).

For a while Android users have enjoyed Red Phone for secure phone calls and TextSecure for secure text messages. Some time ago an app called Signal was released that gave iOS users the ability to call Red Phone users but there was no app that was compatible with TextSecure. Since some of the people I talk to use Android and others use iOS I really needed a solution that was cross platform. Fortunately the developers of Signal, Red Phone, and TextSecure just released an update to Signal that enables secure text messaging.

It’s a very slick application. First of all it, along with every other project developed by Open Whisper Systems, is open source. While being open source isn’t a magic bullet it certainly does make verifying the code easier (and by easier I mean possible). The other thing I like is that it uses your phone number to register your app with Open Whisper System’s servers. That means people can see if you have the app installed by looking up your number, which is magically pulled from your contacts list, in the app. If it’s installed on your end the app will let them send you text messages or call you. There are no user names or passwords to fiddle with so the barrier to entry is about as low as you can go.

Signal isn’t a magic bullet (no secure communication tools are). For example, since it’s tied to your phone number it doesn’t preserve your anonymity. Wickr, by allowing you to use a separate user name, does a better job in that department although it’s still not as good as it could be since it doesn’t attempt to anonymize traffic through something like Tor. Messages also aren’t set to self-destruct in a set amount of time like Wickr’s messages do. But it certainly fulfills some of my requirements when talking with people who aren’t technically knowledgeable or are just plain lazy.

PGP On the iPhone

I’m a big fan of OpenPGP. Not only do I use it to sign and encrypt e-mails but I also use it to sign and encrypt files that I upload to services such as Dropbox and Amazon S3. But mostly due to a lack of time I didn’t have much luck finding a decent iPhone app for OpenPGP. The main problem is that all of the OpenPGP apps aren’t free and I don’t like spending money unless I know I’m getting a good product. I finally decided to drop a whopping $1.99 and try the app that had the best reviews, iPGMail.

Due to the limitations of the iPhone, namely it doesn’t let you write plugins for other apps, iPGMail and other iOS OpenPGP solutions aren’t as slick as something like GPGTools. But iPGMail is as easy to use as you’re going to get. You can either copy the encrypted body content of an e-mail and paste it into iPGMail to decrypt it or, if the encrypted e-mail came in as an attachment (which is what I always do), you can tap and hold on the attachment icon and the option of opening it with iPGMail will appear. Additionally you can encrypt and upload or download and decrypt files from Dropbox, which is a feature I appreciate.

The app allows you to generate 4096-bit keypairs or, more importantly to me, import an already existing keypair. Because my e-mail server lies in my apartment I just e-mailed my keypair (in an encrypted format, of course). When I opened the e-mail on the iPhone and tap and held the attachment icon I was able to open it in iPGMail and import it.

I’m not saying that this app is the best thing since sliced bread because I haven’t had a lot of time to play with it. But so far I like what I see and it has done everything I’ve wanted in an OpenPGP app on my iPhone.