[HN Gopher] Evidence that the FBI can hack into private Signal m...
___________________________________________________________________
Evidence that the FBI can hack into private Signal messages on a
locked iPhone
Author : foolinaround
Score : 197 points
Date : 2021-02-10 03:43 UTC (19 hours ago)
(HTM) web link (www.forbes.com)
(TXT) w3m dump (www.forbes.com)
| IgorBog61650384 wrote:
| I don't think this should surprise anyone. The FBI has multiple
| methods for accessing locked phones: using physical exploits like
| those provided by Cellbrite, or through baseband attacks - i.e.
| first attacking the cellular modem and from there using an
| exploit to get to the main ARM cpu, or through exploits or
| backdoors in any app the phone had that do background refresh
| through the web while the phone is locked. I think the current
| status of infosec means that anyone that is the target of a
| nation state intelligence agency or counter intelligence agency
| can be hacked. The question if that is actually done or not
| depends on how interesting they are and the lawfulness of the
| action and not on technical capabilities.
| lawnchair_larry wrote:
| Your understanding of baseband attacks is not correct. Having a
| baseband exploit would not facilitate this. Nor would
| exploits/backdoors in any particular app.
| sprayk wrote:
| Why couldn't a baseband attack facilitate this? It was shown
| at least as far back as 2017[0] that a program on a baseband
| could affect the memory of the application processor, and in
| 2018[1] that a specially crafted message can achieve an RCE
| on a baseband. Since then, cell modems have gotten even more
| integrated with APs.
|
| [0]
| https://comsecuris.com/blog/posts/path_of_least_resistance/
| [1] https://i.blackhat.com/us-18/Thu-August-9/us-18-Grassi-
| Explo...
| lxgr wrote:
| As far as I understand, the isolation between basebands and
| the main SoC has also been improved (using IOMMUs etc.)
| xoa wrote:
| > _Why couldn 't a baseband attack facilitate this?_
|
| Because this is about the iPhone, where the baseband is
| just a USB peripheral. There simply is no DMA. iPads and
| Macs have DMA controls in place as well. There are other
| iPhone attacks for sure, but they have been fairly
| conscious about keeping the baseband isolated for a good
| long while. So it's less likely to be the vector. Apple
| didn't spend a ton of money on a custom security processor
| and OS stack just to let a 3rd party vendor firmware walk
| all over it. From page 41 of their old iOS Security Guide:
|
| > _" To protect the device from vulnerabilities in network
| processor firmware, network interfaces including Wi-Fi and
| baseband have limited access to application processor
| memory. When USB or SDIO is used to interface with the
| network processor, the network processor can't initiate
| Direct Memory Access (DMA) transactions to the application
| processor. When PCIe is used, each network processor is on
| its own isolated PCIe bus. An IOMMU on each PCIe bus limits
| the network processor's DMA access to pages of memory
| containing its network packets or control structures."_
|
| You'll notice in those papers you link, that "iPhone" and
| "Apple" do not appear as subjects of the paper. Cellebrite
| and the like are probably doing other things.
| Jkvngt wrote:
| There's a reason Rosenfeld needs your phone number and it's
| becoming more obvious.
| exabrial wrote:
| I hate be a spoil sport, but generally I don't need protection
| from the FBI, NSA, CIA. I need convenience to unlock my
| phone/laptop quickly with a fingerprint, even after a restart.
| XKCD nails this: https://xkcd.com/538
|
| I'm MOST concerned with Google/Facebook continuously
| circumventing laws and violating my opt-out preferences. I'd like
| to have a null advertising ID for instance. Can't do that.
|
| And besides, you don't own root access on your devices.
| Apple/Google does. To think that a userspace app is secure where
| Google/Apple controls the kernel, or even something basic as
| remote screenshots is sort of silly.
| reaperducer wrote:
| _I hate be a spoil sport, but generally I don 't need
| protection from the FBI, NSA, CIA._
|
| Awesome. Good for you. However, there are people out there who
| are busy changing the world, holding the powerful to account,
| and generally being involved in society in ways that are less
| safe and more interesting than you do. This is about them, not
| about you.
| sterlind wrote:
| the US has problems, but the police won't hit anyone with
| wrenches to get them to talk. torture taints the evidence
| obtained.
|
| the reason spy agencies can do it is because they're not law-
| enforcement. that's why they have to use parallel construction,
| to launder the evidence trail.
| DC1350 wrote:
| How is it possible that the FBI has so much advanced stuff when
| I've never met a skilled developer willing to work for what the
| government pays? Are their tools developed by high paid
| contractors?
| mhh__ wrote:
| 1. There are companies that sell technology to do this
|
| 2. The appeal of effectively being a spook has to attract some
| people to working for 3-letter agencies.
| nosequel wrote:
| First off, others have pointed out that these are 3rd party
| software companies providing the tools.
|
| I'd like to talk about your other point though:
|
| > I've never met a skilled developer willing to work for what
| the government pays
|
| So there are a lot of very skilled developers working for the
| government right now. I'd agree you probably haven't met them.
| I've found that people who work for the government, especially
| on TS/SCI systems, do not go out and "network". They usually
| can't or won't talk about their work. Yes they get paid far
| lower than what they'd get from a SV startup, but maybe people
| aren't solely motivated by money. There are some nice things
| about working for certain parts of the government. First off,
| there is excellent job security. You pretty much never have to
| worry about getting fired, it isn't even in the back of your
| brain. Comparing that to a startup where you are almost always
| out of breath being worked too hard and you have that fear
| every day your job is going to disappear. Second, while the pay
| not be totally up to par, it also isn't bad. The hours are also
| great, there are laws that govern contracts and projects that
| limit employees to 40 hours per week. You will not be asked to
| work over that, even in "crunch" time, because it breaks
| competition laws when contracts are offered up to outside
| agencies who put in bids to do the work. Lastly, and most
| importantly, there is often a sense of pride or duty involved
| in the job. I know HN isn't exactly the most rah-rah-yay-
| government crowd, but there are a lot of people out there who
| have a desire to serve the public somehow. They believe they
| can do more good on the inside compared to those on the outside
| who just simply complain about the government.
| analognoise wrote:
| You forgot a huge dimension of those jobs:
|
| As you get older, you are more valuable. No "silicon valley"
| syndrome about age: you'd never have to dye your hair, wear a
| hoodie to fit in, nobody will blink if you have to take a day
| off to take care of the kids.
|
| You can be a real adult - nobody comes into those programs
| and expects a ball pit or a foosball table, and nobody
| seriously thinks someone right out of college but who is up
| on the "latest framework" could take their job - because the
| jobs are deeply, deeply technical and require lots of
| experience. If you blow the doors off of everyone else in
| programming, great! That's one dimension. But it usually
| isn't the only one.
|
| "The pay is worse" - for software, undoubtedly. For hardware?
| It's usually a wash after adjusting for cost of living and
| the benefits are better on the defense side.
|
| I like defense because the systems are usually pretty badass.
| We have people leave for FAAMG occasionally, so it's not like
| we don't know who the people who are "that good" are! :)
| butwhywhyoh wrote:
| This is precisely my experience, and it's why I've been
| hesitant to leave this sector for so long. I could
| undoubtedly make more elsewhere, but the "badass" factor of
| what I'm working on would plummet significantly.
| reaperducer wrote:
| I know you're bring downvoted into oblivion for reverse
| ageism, but my experience mirrors your statements. I think
| the aggrieved HN masses just don't have similar, or much
| experience.
| j45 wrote:
| +1. Also upvoting the original comment because no one
| seems to be disagreeing with it with any words.
|
| Solving really hard problems is valuable. Little gets
| easier, but you can get better at it.
|
| You have me wondering .. Does expertise from experience
| (whether compressed into a few years or a lot) qualify as
| reverse ageism? Is anyone being excluded or denigrated?
|
| It seems plausible (but not exclusively) that the more
| time and effort you apply to something, the better you
| will probably get at it. Time alone isn't a measure of
| experience and expertise but it doesn't hurt.
|
| It's just describing what the experience of someone who
| has been at something for a while.. might end up like.
| salawat wrote:
| I try to keep my eye out for mysterious gaps, as I know
| what the defense sector tends to do to job histories. Plus,
| age-ism seriously pisses me off.
| [deleted]
| zigzaggy wrote:
| As someone who has spent many years working in defense /
| government contracting, I think you're touching on a really
| big reason a lot of people work in this world.
|
| Many years ago, when my career first started, I was an
| idealist who thought the way I could give back (as someone
| who couldn't get into the military for physical reasons)
| was to work in the defense sector. I also tried very hard
| to get interviewed by an SV company, but I didn't qualify
| for an interview due to going to the wrong college and
| getting the wrong degree.
|
| And I have worked on some seriously badass programs and
| with some really cool systems and people. In my older age,
| it's funny because I've come full circle. I'm actually
| using my experience, and the new all-remote world, to
| interview with some tech companies. I'm also starting to
| sour a lot on working with the government and military
| because my idea of "giving back" has become much more
| cynical. EDIT- I meant to say here that I've become much
| more cynical, and working with the government no longer
| feels like "giving back." Nowadays I give back by working
| on social issues.
|
| BTW, I'm also upvoting / interacting with your comment
| because (a) I think you're getting downvoted by people who
| disagree with you, rather than by people who think you've
| broken some rule, and (b) I think your perspective
| represents a pretty common way of looking at SV from the
| outside world.
| mhoad wrote:
| I appreciate your ability to walk into the middle of the
| bee hive to knock it over with this comment.
|
| It was amusing to read and I don't disagree with what you
| said but I don't feel super qualified to judge either.
|
| I've only seen that silicon valley start up culture from
| the outside when my partner worked at a YC company while
| they were going through a later stage fundraising round.
|
| It wasn't as cartoonish as you make it sound at all but
| your impression at least seemed in the ballpark of true.
| selykg wrote:
| Not a government worker, but I work in non-profit areas.
|
| I do make a lot less money in this role than I would in a
| startup environment or SV. But, work life balance is
| significantly better. Benefits are actually the best I've
| ever seen (no cost health plan and they put the full amount
| of the deductible in an HSA for me each year, generous 401k
| match with only a 1 year vesting schedule, summer hours so I
| can spend more time in daylight, a pension with a very easy
| vesting schedule, plenty of time off, etc).
|
| I'd work a government job for similar reasons. It's not about
| pay for me. I need enough to live, enough to plan for
| retirement, and a little extra to enjoy my life.
|
| I work to enjoy my life, I don't work to die early or just to
| work. My life comes first, work comes second and finding a
| company that respects that and encourages it to some extent,
| is worth more to me than high pay and a worse environment to
| work in.
| ddtaylor wrote:
| It's also worth noting that depending on their security
| clearance they _can 't_ go out and network or have public-
| facing profiles.
| tptacek wrote:
| There are plenty of prominent people in software security
| that have IC backgrounds.
| jaywalk wrote:
| You clearly didn't read the article, since they call out the
| two companies who supply this type of technology to law
| enforcement organizations.
| DC1350 wrote:
| I'm more interested in their compensation than how they get
| paid. I know lots of work is done by contractors.
| warent wrote:
| I don't get this. Your original comment said "Are their
| tools developed by high paid contractors?" but now you're
| claiming to have already known.
|
| What exactly are you asking?
| DC1350 wrote:
| I know contractors are common but I don't know if they're
| paid a lot or if they can ignore the government employee
| pay scale.
| Jtsummers wrote:
| Of course they can ignore the gov't employee pay scale.
| Contractors get paid variable amounts, depending on what
| they're working on and for whom.
|
| Many defense contractors (can't speak to the intel side
| of things) get paid 25-100% more than their GS
| counterparts, if they have an actual counterpart. Though
| that's not universal. Their pay is also not capped, like
| civilian pay is in the US federal government.
|
| EDIT: For further context, a technical GS employee
| (engineer, computer scientist) will be in a minimum of a
| GS-12 position after a few years of experience (usually
| 3-5). Most technical positions cap at GS-14. GS-15 is the
| highest of the GS grades, but mostly reserved for
| management and a select smaller group of senior technical
| people. A GS employee programmer will usually be a GS-12
| or GS-13 until they reach a more senior position (usually
| with a higher degree than just a BS and often 10-20 years
| of experience, tending towards the higher end of that).
|
| Here is a link to the _base_ pay, everyone gets more than
| this but it depends on where they work:
| https://www.opm.gov/policy-data-oversight/pay-
| leave/salaries...
|
| Federal employees also get a 5% match on their 401k
| equivalent (TSP), 13-26 days of leave a year (rolls over,
| cap at 30), 13 days of sick leave a year (rolls over, no
| max), 10 federal holidays, a pension (1% of pay for each
| year of service, 20 years = 20%), and pretty decent
| insurance. If the goal isn't "get rich quick", it's not a
| bad gig.
| chrononaut wrote:
| > everyone gets more than this but it depends on where
| they work
|
| For those interested, here is a link to the base pay with
| the locality adjustment for each geographic area:
| https://www.opm.gov/policy-data-oversight/pay-
| leave/salaries...
| jaywalk wrote:
| Contractors are not government employees, so why would
| the government employee pay scale apply to them?
| DC1350 wrote:
| Everything I know about contractors and government work
| comes from Edward Snowden's memoir where he was paid like
| garbage ($120k as a senior IIRC) to work as a contractor
| for the NSA. That's why I thought it might matter. I'm
| sorry you don't like my question
| Kranar wrote:
| When someone asks a question, why not just answer it
| instead of questioning the person and making them feel
| stupid about not knowing something?
|
| At any rate, the U.S. government imposes many standards
| on federal government contractors including minimum wage
| standards, hiring practices, paid sick leave, a host of
| responsibilities that any contractor that wishes to do
| business with the federal government MUST adhere to. For
| example, in the area of construction all federal
| contractors must pay employees at a minimum, the
| prevailing wage including benefits for the locality of
| the construction site. It's not unreasonable to think and
| to ask what are the requirements and responsibilities
| that IT professionals working as federal contractors
| might also have. There are a ton of other requirements
| and conditions that you can read more about some of those
| requirements here:
|
| https://www.employer.gov/EmploymentIssues/Federal-
| contractor...
| jaywalk wrote:
| Sometimes a little prodding can lead to more learning.
| Your answer on the other hand is so coddling that it
| could lead someone who's not paying attention to
| believing that the government pay scale actually _does_
| apply to contractors.
| jaywalk wrote:
| It has nothing to do with contractors. The FBI buys a
| product from a company that does this stuff. They do not
| develop it, nor do they contract out the work to develop
| it. They buy an (essentially) off the shelf product that
| does this.
| agilob wrote:
| > I've never met a skilled developer willing to work for what
| the government pays?
|
| Is that your bubble that's poorly skilled?
| jerry1979 wrote:
| People sometimes have a hard time seeing outside their bubble.
| For example, how many Mormons do you know?
| notyourday wrote:
| Most of skills required gov operations are done via companies
| holding government contracts. Those that work for government
| directly for a low pay compared to what they could get in the
| industry simply aren't smart enough to figure out how to work
| via a 3rd party for a much higher pay.
| fl0wenol wrote:
| Yes.
| angry_octet wrote:
| Maybe you're hanging out with the wrong people?
| Miner49er wrote:
| There's companies that sell exploits like this to governments.
| everdrive wrote:
| If you own the phone, the messages are decrypted. This seems to
| be more about the phone access than anything to do with Signal,
| right?
| elliekelly wrote:
| The iPhone's terrible battery life isn't a bug, it's a privacy
| feature! I wonder if the FBI's evidence protocol involves
| immediately plugging in an iPhone to maintain the vulnerable
| state:
|
| > That latter acronym stands for "after first unlock" and
| describes an iPhone in a certain state: an iPhone that is
| locked but that has been unlocked once and not turned off. An
| iPhone in this state is more susceptible to having data inside
| extracted because encryption keys are stored in memory.
|
| I do wish Apple would add "restart" as one of the system
| actions in the Shortcuts app.
| SailingSperm wrote:
| This should bring into question even more Signal's
| implementation of using real phone numbers for accounts. It is
| NOT privacy focused.
|
| Even if this 'hackability' is an issue only with the security
| of the phone/hardware - able to be hacked and thus reach the
| decrypted signal messages - That also means, that person's
| Signal contacts also have their real identities exposed. (Where
| they wouldn't be if the account names/ids could be arbitrary
| like eg. wickr)
| mr_toad wrote:
| > It is NOT privacy focused.
|
| It's not _anonymity_ focused.
|
| If I want to have private conversations with friends, family
| or colleagues signal is fine.
| [deleted]
| kerng wrote:
| Yes, nothing special - if someone else has your phone, it's not
| your phone anymore.
| keyme wrote:
| Of course.
|
| All these articles and "criticisms" of Signal started popping
| up right after the recent WhatsApp mini exodus. What a
| coincidence.
| TaylorAlexander wrote:
| I mean it makes sense. People are concerned about data
| privacy on WhatsApp so they move to signal. Then the people
| who have always said "signal isn't perfectly secure" must
| reiterate to the masses what that have said many times
| before.
| baxtr wrote:
| Maybe your assumption that something dubious is going on can
| be eliminated by Occam's razor? Because: any business that
| gains in popularity will automatically also see higher press
| coverage.
| marricks wrote:
| Occam's razor is good in theory but when you have powerful
| actors that can collude against people's best interest it's
| very harmful.
| EGreg wrote:
| Just like women in tech -- or any male dominated industries
| -- have proportionately more unfortunate encounters with
| men because each woman has more men around her to begin
| with?
| filoleg wrote:
| Isn't it the case not just in tech, but literally in any
| field that is male-dominated? I strongly doubt that the
| problem you describe is any less prevalent in finance or
| academia, for example. Not a comprehensive list, of
| course, those were just two off the top of my head.
| EGreg wrote:
| Yes obviously any male dominated industries was the point
| cyberlurker wrote:
| Where is the data that "women specifically in tech have
| more unfortunate encounters with men" than other
| industries?
| johnisgood wrote:
| WhatsApp is even worse, let us not even go there. If
| anything, I would go with Briar.
| selivanovp wrote:
| That's why a sane person should't trust any messenger, especially
| if it works in android/iOS/Windows.
|
| And Signal specifically works like a red flag for monitoring
| software- this user has something to hide!
| tobib wrote:
| > And Signal specifically works like a red flag for monitoring
| software- this user has something to hide!
|
| Less accurate though with every new user.
| tsuru wrote:
| I've had a hard time believing that this isn't government
| standard practice for an SSaS since Hushmail spoke about it in
| 2007. https://www.wired.com/2007/11/encrypted-e-
| mai/#:~:text=Hushm....
| vzaliva wrote:
| Nice try, Facebook :)
| ostrophonics wrote:
| is partial AFU mode anything less than a backdoor?
| Enginerrrd wrote:
| The idea of AFU isn't inherently bad. The problem is that too
| many concessions have been made in favor of usability.
| sprt wrote:
| I suspect it's a needed trade-off between security and
| practicality. I have no idea how "needed" it is though, can
| someone shed some light on this? Also, couldn't Signal add
| their own encryption layer?
| tprynn wrote:
| Signal could add app-level encryption, but who would this
| serve? Signal can't do anything better than what the
| OS/hardware provides in terms of encryption. Even if they let
| you specify your own signal-specific password/encryption key:
|
| * Non-technical users either won't use it, or will use a weak
| key
|
| * Technical users are better served by making sure their
| device is secure and hard-locked with a strong passcode (tip:
| 5 presses of the lock button on iPhone wipes in-memory
| encryption keys, essentially exiting "AFU mode")
| kuyan wrote:
| > (tip: 5 presses of the lock button on iPhone wipes in-
| memory encryption keys, essentially exiting "AFU mode")
|
| Is this the same thing as holding down the lock button and
| one of the volume buttons on one of the newer iPhones? I'm
| referring to this doc: https://support.apple.com/en-
| us/HT208076
| tprynn wrote:
| Yes, it's basically a side effect of activating Emergency
| SOS. The five-press shortcut works on all iPhones as far
| as I'm aware. As the doc says:
|
| "If you use the Emergency SOS shortcut, you need to enter
| your passcode to re-enable Touch ID, even if you don't
| complete a call to emergency services. "
| codetrotter wrote:
| I have an iPhone X and I have it set to not use FaceID
| for unlocking the phone itself.
|
| But I temporarily enabled it now to test. Maybe I am
| pressing the power button wrong but rapidly pressing it
| five times does not prevent it from allowing FaceID to
| unlock the phone. Whereas power plus volume up button
| does indeed.
|
| Btw, when I normally have FaceID disabled from unlocking
| the phone, does it wipe in-memory encryption keys when
| locked with a single touch to the power button or not? I
| was assuming that it did, but I realized now that this
| assumption might not be correct.
| [deleted]
| neonate wrote:
| https://archive.is/EdcT6
| torwayburger wrote:
| "..., stealing users from WhatsApp ..."
|
| Genuinely curious about this statement. Is it tantamount to theft
| if the user migrates by choice?
| beervirus wrote:
| It's just a figure of speech.
| brandmeyer wrote:
| Universal encryption is a defense against blanket vacuuming of
| communications for later offline analysis. Its a defense against
| a massive parallel MITM attack against the world's communications
| infrastructure.
|
| Its not a defense against targeted attacks of individual devices.
| Guthur wrote:
| Yeah exactly, we can't read cypher text and so aren't included
| in the end to end encryption contract of signal. Frankly this
| is nothing to do with signal and everything to do with phone
| security.
| heavyset_go wrote:
| Does Signal still require you to register and verify using a
| real cell phone number?
| godelski wrote:
| Yes. But note that Signal doesn't know your number.
| Usernames are being promised this year too.
| heavyset_go wrote:
| > _But note that Signal doesn 't know your number_
|
| Courts can compel them to keep these records, and require
| them to not disclose to their customers that they are
| doing so.
| godelski wrote:
| My understanding is that the phone number is never even
| sent to Signal in the first place. So doing so would
| result in a git commit.
| [deleted]
| godelski wrote:
| In addition to this, I frequently hear people talk about how
| Signal would prevent monitoring of groups like those that
| stormed the capital. As if you can create a secret
| communication channel that members of the public can join but
| the FBI is unable to infiltrate.
|
| Signal and E2EE stop dragnets, not targeted efforts. Which
| honestly is exactly what I want and seems like what we want in
| a free and open society. Monitoring shouldn't be the default
| but only happen when there is a warranted reason to monitor,
| preferable with a literal warrant. This embodies the idea of
| "innocent unless proven guilty" but balances the ability to
| move from suspicion to evidence gathering and minimizes the
| collection of data of innocent people. It's not "if you have
| nothing to hide then you have nothing to fear" but "if you have
| nothing to suspect then you have no reason to search." I don't
| know how a dragnet doesn't violate the 4th amendment.
| brandmeyer wrote:
| > Which honestly is exactly what I want and seems like what
| we want in a free and open society. Monitoring shouldn't be
| the default but only happen when there is a warranted reason
| to monitor, preferable with a literal warrant.
|
| Its more than warrants, though. The evidence of the last few
| decades is that warrants aren't enough to block dragnets.
| Warrants can (and are) avoided through parallel construction.
| Unscrupulous agents will go off on "LoveInt" missions if it
| suits their ethics.
|
| Universal encryption uses _economic_ force to make dragnet
| surveillance infeasible where ethical force has failed.
| BugsJustFindMe wrote:
| > _As if you can create a secret communication channel that
| members of the public can join but the FBI is unable to
| infiltrate._
|
| Back in the day people used to, hilariously, have MOTD
| notices on all of their illegal servers saying the internet
| equivalent of "You have to tell me if you're a cop".
| lima wrote:
| > _Monitoring shouldn 't be the default but only happen when
| there is a warranted reason to monitor, preferable with a
| literal warrant._
|
| In many cases, well-done E2EE like Signal stops dragnets
| _and_ targeted efforts. Even with a literal warrant.
| p1necone wrote:
| No they don't, they just force the police to do regular
| police work and infiltrate the group the old fashioned way
| rather than using mass surveillance.
| lima wrote:
| They do. The reality is that there's plenty of non-
| secret, non-controversial warrants which go nowhere
| because the police can't get the data (at least here in
| Germany).
|
| I'm not saying it's good or bad, simply stating the fact.
| godelski wrote:
| I'm not sure I buy this, but it depends how we define
| targeted attacks. If we include getting access to the
| device, which I think is reasonable, it obviously doesn't
| stop targeted efforts. Not to say it doesn't make it more
| difficult. Remotely, are we only talking Signal or the
| system as a whole? AFAIK nothing is unhackable, only
| difficult to hack. But as long as we're playing the cat and
| mouse game I'm happy. Improving defensive technologies
| shouldn't ever be stopped or hindered. I'm not sure why
| this isn't seen as a national security issue but that's a
| bigger discussion.
|
| But my main point is that most people are afraid of large
| organizations of terrorists or bad actors will be able to
| discuss things without the ability for the FBI to surveil
| them. Well you can't have "large" and "vet everyone to an
| extremely high degree." Sure, this will make it more
| difficult to stop small groups, but those have been
| notoriously difficult to find and stop in the first place.
| [deleted]
| alexisread wrote:
| I've upvoted you but wanted to nitpick (sorry) - innocent
| unless proven guilty doesn't have the temporal connotations
| that 'until' has.
| godelski wrote:
| If we're going to nitpick I think HN is the place that this
| is acceptable, especially when done in a good manner. I do
| think you make a good point since "until" implies that
| anyone is guilty given enough time. I'll try to adopt this
| change into my vernacular. I updated my comment in an
| effort to acknowledge and support this idea.
| newacct583 wrote:
| > I frequently hear people talk about how Signal would
| prevent monitoring of groups like those that stormed the
| capital
|
| Those folks walked over on public roads from a Trump rally
| down the street, live streaming on a hundred cameras as they
| did it. Of all the things that went wrong on the 6th,
| surveillance was clearly not one of them.
|
| What I think you're remembering is more the point that Signal
| and Telegram provide harder-to-surveil forums for the people
| who got radicalized. That having all that chatter be private
| by default means that we won't see the next extremist faction
| before its born. And that's a fair enough point. Q
| communities on Facebook and Twitter made it easy to see where
| these people were coming from.
|
| But even there, the nature of radicalization is that it
| happens in a big group. There may be surveillance-proof
| channels on Telegram where modern right wing extremists are
| assembling to find like minded souls, but _finding them_ isn
| 't a problem at all. The ones that are hard to find die out
| by definition.
| nefitty wrote:
| This comment helped clarify a lot of my intuitions regarding
| privacy.
| koolk3ychain wrote:
| This is why I keep a "universal hammer" at my desk. If the gov
| boys walk in all I have to do is use it on my phone / laptop.
|
| Problem solved.
|
| Thinking about upgrading to a small commercial grade shredder
| or microwave.
| azinman2 wrote:
| What are you doing such that those thoughts even cross your
| mind?
| jb775 wrote:
| Rather than hacking Signal itself, maybe they were able to access
| the iOS app preview files from the iOS app-switcher? I'd imagine
| the app-switcher (the feature when you swipe up to switch between
| recently used apps) works by overwriting a screenshot every time
| it's minimized. Maybe they were able to access this data directly
| or indirectly (or maybe even via iCloud).
|
| There's a setting in Signal where you can hide the screenshot in
| the app-switcher, but could still be triggered and stored
| somewhere. Or maybe they just got lucky and one of the guys had
| it disabled.
| [deleted]
| deanclatworthy wrote:
| Why would criminals not use expiring messages? Bizarre that you'd
| go to these lengths to use e2e chat and then not expire your
| messages after say an hour.
| girvo wrote:
| All the ones I knew did, for exactly this reason, and still
| didn't speak too freely on it. Cant be too careful.
| hnrodey wrote:
| Criminals are quite often not the sharpest tools in the shed.
| Expiring messages, staying up on the latest hardware, etc.
| csydas wrote:
| Because expiring/detonating messages are not valid security.
| Signal even warns of this:
|
| https://support.signal.org/hc/en-us/articles/360007320771-Se...
|
| If Charlie is selling drugs to Bob and Alice, expiring messages
| don't help Charlie out if the others are finding ways to
| capture data on the screen before the message expires (which,
| is very common for very innocent, non-malicious reasons).
|
| Similarly, though I've not tested this with signal
| specifically, other chat apps' implementations of expired
| messages can be futzed with by simply disconnecting the phone
| from all network connections.
|
| People who need true privacy, regardless of the reason, aren't
| using chat apps readily available from stores since the apps
| only prevent passive snooping, they do nothing to help
| establish circles of trust. Such business is either conducted
| out in the open without concern for who sees what (you can see
| this in countless pictures online when people openly sell stuff
| like weed), or such business stays off chat apps completely
| because there's no way to validate who is holding the phone on
| the other end. The transactions occur indirectly using proven
| safe methods for the courier and buyer (dead drops, mail
| tricks, etc)
| r00fus wrote:
| If one were to need true privacy as you say, shouldn't there
| be benefit to overlapping security approaches?
|
| Ie, use E2EE, use expiring messages, use out-of-band
| challenge/accept (ie, recipient has to mention keyword or
| conversation stays plausibly deniable) all seem applicable.
| moftz wrote:
| The smart ones don't get their phones seized by the FBI
___________________________________________________________________
(page generated 2021-02-10 23:00 UTC)