Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Fwd: Firefox OS with built in support for OpenPGP encryption

Micah Lee micah at micahflee.com
Fri Sep 20 11:15:54 PDT 2013


On 09/12/2013 04:14 PM, Erik de Castro Lopo wrote:
> Bernard Tyers - ei8fdb wrote:
>
>> Stefan: Why not?
>
> For verification, OpenPGP on smartphones is *possibly* ok. For
> a device used to sign or encrypt smartphones are totally
> inappropriate regardless of the potential convenience.
>
> No such agency and the like are almost certainly able (with the
> help of carriers and manufacturers) backdoor and exploit all
> the major smartphone brands and models [0].
>
> Smartphones are horrendously complex, rely heavily on untrusted
> binary blobs, have mutiple CPUs some without direct owner/user
> control (eg the CPU doing the baseband processing) [1].
> Currently these devices are impossibly difficult to secure.
>
> Erik
>
> [0] http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html
> [1] http://www.geeky-gadgets.com/baseband-hacking-a-new-way-into-your-smartphone-17-01-2011/

I completely disagree. Ubiquitous end-to-end encryption will help 
protect against *dragnet* surveillance. The fact that smartphones are 
imminently pwnable doesn't change this fact. Even if you're using a 
Carrier IQ-infested/baseband backdoored device, adversaries would still 
need to *target* you in order to compromise your OpenPGP conversations.

Saying that we shouldn't encourage OpenPGP on smartphones is like saying 
we shouldn't encourage it on Windows computers either. There's a big 
difference between encrypted internet traffic and endpoint security, and 
just because the endpoint isn't 100% secure doesn't mean you should give 
up on encrypting traffic.

Undetectable, sniffing the wire eavesdropping is the preferred way that 
NSA and GCHQ conduct surveillance. Every time they try to hack into a 
laptop or smartphone they run the risk of detection. They might be 
really good, and detection might be very unlikely, but it's still risky 
because these are active attacks, and they are much more expensive than 
getting handed all the data passively. They can't afford to do *dragnet* 
endpoint attacks.

There doesn't seem to be these same complaints against OTR on 
smartphones, and in fact Gibberbot and ChatSecure seem to be celebrated 
by this community, but they suffer all the same problems (and likely 
even more, because they run on Android and iOS) that OpenPGP built-in to 
Firefox OS would. For that matter, RedPhone, CSipSimple and OStel, 
TextSecure, and Orbot also all from running on smartphones. Should all 
these projects get discouraged too?

At this point, nothing is completely secure. The most talented hackers I 
know use ThinkPads (with alleged Chinese hardware backdoors [0]) and run 
Debian (researchers recently crashed 1.2k Debian packages with automated 
fuzzing [1] -- how many of these are overflows, how many have already 
been systematically weaponized by the NSA?). Should we discourage people 
using OpenPGP on ThinkPads, or when using Debian?

The best we can strive to do is make surveillance more expensive, force 
it to be targeted, force it to be detectable, and make the cost of 
spying on everyone as expensive as possible. I'm really happy to hear 
that Firefox OS is building end-to-end encryption tools into their 
phone, something that I hope all smartphone OSes copy.

[0] 
http://www.afr.com/p/technology/spy_agencies_ban_lenovo_pcs_on_security_HVgcKTHp4bIA4ulCPqC7SL
[1] http://lists.debian.org/debian-devel/2013/06/msg00720.html

-- 
Micah Lee
@micahflee



More information about the liberationtech mailing list