Wednesday, August 15, 2018

S.F. Firefighters, Police Face Off in Charity Football Game and WhatsApp: The Bad Guys' Secret Weapon

There's a big rivalry football game at San Francisco's Kezar Stadium Friday and, while there's no competition over the benefits, there's a lot of pride on the line. Susie Steimle reports. (5-25-18) [Video Below]


WhatsApp: The Bad Guys' Secret Weapon
By: Olga Koksharova
WhatsApp makes use of the Open Whisper Signal communication protocol to secure communications with end-to-end encryption. WhatsApp users rely on that security to freely exchange messages, discuss sensitive things and, with limited success, avoid religious and political oppression in certain countries.

The streets of our country are no longer safe.
Criminals hide in plain sight, searching for the next easy mark.
And it’s not getting better.
Last year violent crime in the United States rose 4.1 percent.
Increasing your risk every time you step out your front door.
• American patriots must have a way to defend themselves.
• Americans patriots deserve to feel safe in their daily life.
• Americans patriots need to be able to fight back.

Which is why I’ve spent months re-designing the Strikepen Black™
Building on all of the customer feedback and tests from the first version.
We’ve upgraded our signature Strikepen to make it lighter, more powerful, and deadly.
And as a thank you to all of our local customers, I’m releasing the first shipment of this product FREE to a select group of American patriots.
That’s right.
You get the premier tactical pen on the market, completely free.
I’ve got a long list of self-defense experts, retailers, and shoppers who have been waiting for this release. But we’re sending the first batch FREE to our friends.
American patriots have the right to be able to protect themselves and their family.
But there’s only a limited number.

WhatsApp: The Bad Guy's Messenger of Choice

WhatsApp is extremely popular, easily being the number one instant messenger in the Western hemisphere. This, combined with its end-to-end encryption, make WhatsApp a popular tool among the criminals. Terrorists, scammers, extortionists and child molesters don't hesitate using WhatsApp to lure their victims, plan and coordinate illegal activities.

London, UK: Westminster Bridge attacker Khalid Masood allegedly sent a WhatsApp message that cannot be accessed by the police because it was encrypted. "We need to make sure that organizations like WhatsApp - and there are plenty of others like that - don't provide a secret place for terrorists to communicate with each other," said British Home Secretary Amber Rudd, trying to urge WhatsApp to provide a backdoor for British intelligence and law enforcement.

Australia government plans to ban end-to-end encryption, going as far as to claim the laws of mathematics no longer apply in Australia. "The only law that applies in Australia is the law of Australia", says Australian Prime Minister Malcolm Turnbull in a move to demand backdoor access to WhatsApp (and other messaging services) encrypted communications.

UAE already blocks WhatsApp voice and video calls as part of their policy on VoIP calls along with Azerbaijan, Belize, China, Iran, Kuwait, Morocco, Oman, Pakistan, Paraguay, and Saudi Arabia. Do these countries have a higher crime rate or a higher threat terrorism, or do they block WhatsApp for political reasons?

One thing the governments need to clearly understand: WhatsApp is not a weapon of mass destruction. It's just a reasonably convenient, reasonably secure tool that, for one reason or another, gained a large user base and became extremely popular with consumers. If a government bans encryption in 'big' messengers, they'll have to ban a range of open-source projects that are well beyond their reach and their jurisdiction. The bad guys will simply move to a different platform, of which there is no lack of. It's the regular Joe and Jane who will be left without protection.

WhatsApp Encryption Controversy

The UK and Australia call for banning encryption and forcing manufacturers to include obligatory backdoors into their security systems, arguing that the laws of mathematics don't apply down under. At the same time, the EU proposes quite a different legislation, banning encryption backdoors and making end-to-end security mandatory across most of Europe. Austria proposes a law making it legal for the cops to intercept encrypted messages.

If all those contradicting laws are passed, manufacturers will have a difficult choice to make. They'll have to either provide backdoors and break EU laws; provide no backdoors and break British and Australian laws; or just cease to exist.

USA, Germany Can Hack into WhatsApp Users' Phones

The CIA has developed an exploit that targets individual devices and allows experts to control and access everything on a smartphone, including messages. The thing is, the CIA exploit is all about getting malware onto phones. It's not about breaking, exploiting or compromising WhatsApp encrypted Signal communication protocol.

Following a similar path, Germany passes a law making it legal for the police to hack suspects' devices. The state-managed malware would intercept WhatsApp messages prior to encryption.

Technical Feasibility of WhatsApp-Spying Malware

Is the use of malware by law enforcement feasible? For some devices, absolutely, this could be technically possible. However, installing malware onto any iOS device could be troublesome from the technical standpoint. Even if installed, malware running on an iPhone would have very limited access to device user's activities.

We at ElcomSoft don't believe in malware for the purpose of WhatsApp extraction. We don't believe in hacking the Signal protocol either. And most definitely we don't believe in network-level blocking of WhatsApp or any other secure messenger.

On the other hand, we fully support the effort the law enforcement puts investigating crime. We have tools for breaking encryption for a lot of different formats. We have a tool for breaking into WhatsApp as well.

Did we say iPhones are secure, and WhatsApp even more so? Something new is coming from ElcomSoft to extract and decrypt iPhone users' WhatsApp communications. It's just around the corner. Stay tuned.

Due to its point-to-point encryption, WhatsApp became a popular tool among the criminals.

No comments:

Post a Comment