Thursday, 16 May 2019
First things first: earlier this week WhatsApp announced that they had closed a remote code execution vulnerability, affecting all platforms, that attackers could exploit simply by calling a user’s WhatsApp account — whether the call was answered or not. (A buffer overflow, no surprise.) They revealed to The Financial Times that this vulnerability had been exploited, targeting an unknown but presumably small number of users, by software from NSO Group, an Israeli company that sells expensive, exclusive, world-class hacking tools to governments (or at least NSO claims only to sell their software to legitimate governments). The FT story is locked behind their paywall (which makes me wonder why WhatsApp went to them with the story), but TechCrunch has a good summary.
Long story short, this was a bad bug that was apparently exploited in the wild. A reasonable point to be taken from this story is that end-to-end encryption is not a panacea. If an attacker manages to install malware on your device, whether via remote exploit or physical access to the device, it’s game over, because they’re now inside one of the ends.
It’s like if you have a secure communication line between two rooms, but an attacker gains entry into one of the rooms. The problem is not with the communication line.
“End-to-end encryption is not a panacea” was not the lesson taken by Bloomberg columnist Leonid Bershidsky. His take currently runs under the headline “End-to-End Encryption Isn’t as Safe as You Think”. When I first saw the story two days ago, though, the headline was “WhatsApp’s End-to-End Encryption Is a Gimmick”.
I point this out from time to time, but the way most websites’ CMSes work is that an article’s URL slug — like the “juiced_headline_of_the_week” segment in this very post’s URL — are derived from the article’s original headline. But when a headline changes, the URL shouldn’t change unless you have a way to redirect traffic going to the old URL to the new one. Most websites don’t do that. So when they change a headline, you can still tell what the original headline was by looking at the URL slug. For some reason, with a lot of news websites, they don’t bother updating the headline in the HTML
<title>element either, so you can read the original headline in your browser tab.
The URL slug from Bershidsky’s column: “whatsapp-hack-shows-end-to-end-encryption-is-pointless”.
<title> tag: “WhatsApp Hack Shows End-to-End Encryption Has a Vulnerability”.
These various evolutions on the headline range from bad (“End-to-End Encryption Isn’t as Safe as You Think”) to criminally bad (“WhatsApp Hack Shows End-to-End Encryption Has a Vulnerability / Is Pointless / Is a Gimmick”).
Bloomberg, of all publications, should be on its tip-toes to make sure it gets anything related to cybersecurity exactly right — every i dotted, every t crossed. Their reputation is in tatters in the wake of last year’s “The Big Hack” debacle — a story which they still haven’t retracted (or shown to be true with any actual evidence).1
Instead, they’re publishing this nonsense from Bershidsky:
The tug of war between tech firms touting end-to-end encryption as a way to avoid government snooping and state agencies protesting its use is a smokescreen. Government and private hackers are working feverishly on new methods to deploy malware with operating system-wide privileges.
It’s no smokescreen. Bershidsky’s profound mistake is his apparent belief that security is binary — totally secure or totally insecure. And so in his mind, this week’s WhatsApp exploit means WhatsApp is insecure, and since other such exploitable bugs almost surely exist in other apps and in OSes, no messaging system is secure.
Security is not binary, though — which is obvious if you give it even a moment’s thought. A locked door is more secure than an unlocked one. A door with two locks is more secure than one with a single lock. A locked door with a locked gate in front of it is more secure than one without a gate.
Security exists on a continuum. The definition of continuum is instructive: “a continuous sequence in which adjacent elements are not perceptibly different from each other, although the extremes are quite distinct”. It’s not secure or insecure; it’s more secure or less secure. Just like faster vs. slower or heavier vs. lighter. There are first grade primers that cover these concepts.
In the same way a door is more secure locked than unlocked, messaging of any sort is more secure encrypted than unencrypted. End-to-end encrypted messaging is more secure than encryption that is not end-to-end — it truly is an essential distinction.2 Just because the government or a criminal might be able to exploit software on your device even if the communications were E2E encrypted doesn’t make E2E encryption a “smokescreen”. Especially in the case of law enforcement — it is orders of magnitude easier to issue a subpoena to, say, your email provider than it is to attack your devices with malware to obtain the information they seek.
This week’s WhatsApp exploit was the work of some of the most talented hackers in the world. Calling them geniuses is no hyperbole. Finding vulnerabilities that allow remote code execution is (usually) extremely difficult. Actually writing the code to take advantage of them — turning a theoretical vulnerability into a working and deployable exploit — requires some of the best programming talent in the world. And on the other side, the security teams at goliath companies3 like Microsoft, Amazon, Apple, Google, and Facebook employ equally talented programmers trying to close all possible vulnerabilities.4 It’s a cat-and-mouse game at the very highest level of programming and mathematical talent.
Obtaining a subpoena requires nothing of the sort — simply the regular mechanics of law enforcement, judicial oversight, and compliance with the law. Snooping on unencrypted network traffic is similarly trivial. Obtaining email via subpoena requires you to be able to make a free throw; doing what this week’s WhatsApp exploit seemingly accomplished requires you to be Steph Curry and hit 9 three-pointers in a single game against a playoff-caliber NBA defense.
Here’s Bershidsky’s closing:
The hard truth for activists and journalists in need of secure messaging is that the more tech-savvy they are, the safer they can make their digital communications. One can, for example, encrypt messages on a non-networked device before sending them out through one’s phone. But even that wouldn’t guarantee complete security since responses could be screen-captured.
Truly secure communication is really only possible in the analog world — and then all the old-school spycraft applies.
In other words, digital communication can never be completely secure, only analog can, except when that’s compromised by “old-school spycraft”. Complete guaranteed security with well-known exceptions. It boggles the mind that this was written and edited by sentient humans, and that they’ve spent two days slowly decreasing the asininity of the headline instead of just doing what obviously ought to be done and retracting the whole piece.
- Previous Post