CyanogenMod Integrates Text Message Encryption

sfcrazy writes "People are now more concerned regarding their privacy after discovering about efforts made by governments to spy on their communications. The most practical solution to keep messages, emails and calls secure is to use a cryptographic encryption mechanism. However, just like the name of the method, the installation process is complex for most users. To solve this, CyanogenMod will come equipped with built in encryption system for text messages." Whisper System has integrated their TextSecure protocol into the SMS/MMS provider, so even third party sms apps benefit. Better yet, it's Free Software, licensed under the GPLv3+. Support will debut in Cyanogenmod 11, but you can grab a 10.2 nightly build to try it out now.

Key exchange

[Anonymous Coward]

The most important part of any crypto communication system is key exchange. Looks like this protocol uses automated SMS key exchange, and implementations should store keys similar to SSH. It's trivial to MITM, but it's a high risk attack because people can simply meet in person to compare keys.

Hard to take CM privacy concerns seriously

[geminidomino]

Even before the buyout, the CM team refused patches to basically integrate pdroid into the mod, for fear of "angering developers." So even if something like this works, all the bad guys have to do is hit up the app market for the data it's sucking up anyway.

Spy vs Spy

[BringsApples]

Seriously, why are The People trying to play Spy vs Spy with their own government? The government owns the internet. It's as silly to encrypt your license plate as it is your text messages. You have no way to do so. If you're able to send a text, then you're using a carrier of some kind. That carrier has no control over the government's ability to get the data if the government wants to. Remember, it's metadata that we're talking about. "Who talked to who - and what time(s)". Linking people together is what it's all about. They don't need to know what you're talking about, so long as they know who you're talking to.

Re:Spy vs Spy

[Anonymous Coward]

You show...good but not total understanding. In current systems this works.

In past systems this has been handled.

See mixmaster, remailers, etc.

If whisper does this right, what people know is "35 messages go into mixmaster3 at time t" and "15 messages go out of mixmaster3 to mixmasters 1..n at time t+1" and "16 go out to realworld addresses A1...Ai"

A good enough tumbler chain crushes most metadata analysis for short messages, provided you'll live with limited message loss, and a bit of latency that makes real time not highly practical.

It could work given enough volume.

Other problems (not MITM but end-to-end)

[DrYak]

It's trivial to MITM, but it's a high risk attack because people can simply meet in person to compare keys.

Avoiding MITM has been successfully solved using the Socialist Milionaire [wikipedia.org] problem.
At most, 2 contacts need to call (voice) each other and compare a bunch of keywords. From that point onward, their communication can be trusted.

I see another problem:
The best (and nearest-to-perfect) secure solution requires end-to-end encryption. (the absolute first and last application on the chain to the encryption / decryption. Encryption is done on the first ever software getting the message, decryption is done on the last software drawin the message on the screen)

But CyanogenMod's implementation isn't end-to-end. They instead have integrated crypto in the SMS messaging service of the OS.
The intention is noble: You're not forced to use CyanogenMod's SMS App. You could use Skype or Facebook chat app (as long as the app supports handling SMS in addition to other communication)...
The main problem is easy to spot: ... These 3rd party app could actually be spying.

RTOS on the chip that controls wireless, etc.

[dsoodak]

There was an article posted on either slashdot or boingboing which linked to the following: http://events.ccc.de/congress/2011/Fahrplan/attachments/2022_11-ccc-qcombbdbg.pdf [events.ccc.de] Summary: the (usually) proprietary firmware on the chip that controls real-time functions such as wireless communication (which requires so many different standards to be adhered to that it ends up being a real mess and rarely rewritten) is surprisingly easy to hack. I believe there was a quote that you could get remote code execution after sending it a string of less than 100 bytes. It also mentioned that the chip with the main OS is often a slave to the one with the RTOS. Just curious if anyone knows if CyanogenMod accounts for this particular type of security vulnerability.

Re:I personally find this very important...

[PopeRatzo]

Because I definitely would not want the .gov peeking in on me and finding out what I'm having for dinner or knowing that I love my family.

How do you feel about the private contractor that's doing the snooping knowing what you've had for dinner and that your wife has breast cancer and selling that information to companies who can now try to sell you miracle cancer cures? How comfortable are you with prospective employers knowing your child has autism and needs extra attention, which might possibly mean more absences from work?

Remember, most of the data collection and first-level analysis is not done by "the government" but by a private company that works for the government. And, that private company has corporate clients besides the government. How comfortable are you knowing that anyone who can afford to pay having access to all your personal communications?

And what happens that day you disagree with what the government is doing? How comfortable are you knowing that you're planning to go to a political demonstration? How comfortable are you with your boss or potential employer knowing?

How comfortable are you with a techie with anti-social tendencies having access with all your family's communication? Your wife's, your daughter's? Because who do you think is working for that private contractor who's working for the government?