In my last thought piece, I addressed some of the pitfalls of entrusting secure messaging to SMS. In fact, I think it’s fair to say there should be serious doubts about using it for anything at all. I also promised to take a look at some of the other platforms most people depend on to be secure, and to reveal how the reality often doesn’t match up to the rhetoric.
The next logical step is to look at the physical phone in your hand, the mobile operating system it sits on, and the level of security it offers if you simply use it out of the box. The reality with mobile operating systems is that the global market is essentially split between two players: Apple’s iOS, with 27.84% and Android with 66.01%. The remaining 6.15% is divided between a number of players, including Windows and Blackberry, but don’t worry – there’s plenty to keep us busy with the big two.
For the first part of this article, let’s start with the ‘smaller’ player that is Apple’s iPhone – as much a style icon as a practical tool. The world over, the iPhone is marketed as a quality product, and part of that messaging refers to the device’s inbuilt security. Witness the grandstanding that took place when Apple was ordered by a US magistrate to give the FBI access to an iPhone owned by one of the San Bernardino shooters. In fact, the court case was dropped when the Justice Department and the FBI found an alternative way to get into the phone – which is a discussion for another day, but hardly something that inspires confidence.
Apple maintains that not even they can access your iMessages, and that you’re safe and sound on their platform. So how good it Apple’s encryption? The answer: not very. This according to cryptography professor Matthew Green and his team at Johns Hopkins University. In fact, after the team had spent several months researching the service, they found that it is not simply troubled, but has a permanent flaw that is unfixable, and recommended that Apple should replace iMessage completely.
Professor Green asserts in no uncertain terms that “In the long term, Apple should drop iMessage like a hot rock and move to Signal/Axolotl.” No much grey area there!
The historical problem for Apple’s claims of offering end-to-end-encryption is their use of a centralized key server – meaning that a server hack could expose the network. It also requires a perhaps unreasonable level of trust on the part of the consumer. Since the central server can produce a mirror set of keys, this enables any message to be opened in real time. And if it can be made possible by a hack, surely this ability is open to Apple themselves?
As I mentioned, this potential point of access applies only to real time messages. Unfortunately, however, a newly discovered flaw does also open up vulnerability for old messages. Essentially a man-in-the-middle attacker could take advantage of the fact that Apple doesn’t authenticate messages, by intercepting and replacing the digital signal algorithm, ultimately providing the attacker the ability to work out what the original message was.
Add to all this the recent findings by Jonathan Zdziarski, an iOS researcher. Zdziarski claims that messages deleted in WhatsApp are not in fact wiped totally from the app’s data base, and that they can be retrieved using the right forensic tools – and he reports the same can be said for Apple’s iMessage.
It’s not pretty reading for anyone holding an iPhone – but it needn’t be the end of the story. Seecrypt and Cellcrypt offer true end-to-end encryption, and with decentralised keys, generated on the fly. All messages are kept, individually encrypted, safely walled within the device, so even if Apple is cracked, your messages are safe. It’s why we’re trusted by both the enterprise and the government.
But what about those of you with an Android device as your tool of choice – are you safe from prying eyes? In the second part of this piece I’ll address the security challenges you face and what you can do about them.