by Mike Masnick
Mon, Dec 16th 2013 3:33am
by Mike Masnick
Wed, Sep 18th 2013 8:25pm
from the not-a-good-thing dept
Over at the EFF, Hanni Fakhoury explains how this ruling could be a disaster for security researchers:
If you're a security researcher in the Ninth Circuit (which covers most of the West Coast) who wants to capture unencrypted Wi-Fi packets as part of your research, you better call a lawyer first (and we can help you with that). The Wiretap Act imposes both civil and serious criminal penalties for violations and there is a real risk that researchers who intentionally capture payload data transmitted over unencrypted Wi-Fi—even if they don't read the actual communications —may be found in violation of the law. Given the concerns about over-criminalization and overcharging, prosecutors now have another felony charge in their arsenal.There's a fairly big risk here that this interpretation of the law is going to create tremendous chilling effects on research.
Of course, there is a flip side. In theory, this might also mean that police can't scoop up WiFi signals either:
On the other hand, the decision also provides a strong argument that the feds and other law enforcement agencies that want to spy on data transmitted over unencrypted Wi-Fi will need to get a wiretap order to do so. We've seen the government use a device called a "moocherhunter" without a search warrant to read Wi-Fi signals to figure out who's connecting to a particular wireless router. This decision suggests that to the extent the government uses a device like this (or even a "stingray" to the extent it can capture Wi-Fi signals) to capture payload data —even if just to determine a person's location—they'll need a wiretap order to do so. That's good news since wiretap orders are harder to get than a search warrant.Still we've seen courts give much greater leverage to law enforcement scooping up communications, so this benefit might not actually be real. The risk and the chilling effects to security researchers, however, is very real. Having seen how often security researchers have been threatened and/or arrested for their research, giving law enforcement another bogus thing to use against them is a huge problem.
by Mike Masnick
Tue, Sep 10th 2013 12:49pm
from the it's-not dept
There are serious problems with this. Under no reasonable view is WiFi not a radio communication first of all. That's exactly what it is. Second, sniffing unencrypted packets on an open network is a perfectly normal thing to do. The data is unencrypted and it's done on a network that is decidedly open. It's like saying it's "wiretapping" for turning on your radio and having it catch the signals your neighbor is broadcasting. That's not wiretapping. Third, even the court here admits that based on this ruling, parts of the law don't make any sense, because it renders those parts superfluous. Generally speaking, when a court ruling would render a part of a law completely superfluous, it means that the court misinterpreted the law.
Bizarrely, the court seems to rely on the claim that most radio communications are "auditory" (i.e., involving sound) and thus data transmissions are somehow not radio. Seriously. This statement is so uninformed and flat out wrong that it's kind of shocking the court made it. Specifically the ruling says that the "telltale signs" of "radio communications" are that they're (1) "auditory" and (2) "broadcast" and then says it doesn't even need to consider whether or not WiFi signals are broadcast, since the fact that they're not auditory means they don't even have to consider that fact. Seriously. Read this and try not to bang your head on the nearest desk or wall:
We need not reach the question of what exactly constitutes a "broadcast" because the Wi-Fi transmissions in question were not predominantly auditory.The court also stumbles badly on the other key question in the lawsuit -- over whether or not these things are "readily accessible to the general public." Again, here, if you know anything about the technology you know without question that broadcasting unencrypted data over an open WiFi network are by definition "readily accessible to the general public." That's how it works and how it was designed to work. But the court says it's not because someone might send something "sensitive" from a secured network to an open WiFi network, and the sender didn't intend for that info to be available via open WiFi. But that gets the calculus totally wrong. First, if I'm sending something "sensitive," it should be encrypted, full stop. Second, the security of the endpoint recipient is the responsibility of that recipient, not the sender, so the whole analogy makes no sense.
Later, the court argues that WiFi isn't readily accessible because the signal is "geographically limited." But, um, again, that's true of just about any radio signal. If I have a low-power transmitter, that's still a radio transmitter. It also claims that it's "difficult" to access unencrypted data on an open network, but that's not true at all. They claim it requires "sophisticated" hardware and software, but that's not actually true, and if you believe it's true, you could basically make the same argument about all kinds of radio transmissions.
Either way, there's a fundamental fact here that the courts don't seem to recognize: when you broadcast unencrypted data on an open network it's there for anyone to access. It seems ridiculous to then claim that it's illegal to access it when it's presented in a manner that more or less cries out "come take a look!" This really feels like a situation where the court looked at what Google did, decided it didn't like it, and then tried to tap dance around reality to make it a violation of the law even though it's almost certainly not a violation.
by Mike Masnick
Mon, Sep 9th 2013 5:34am
from the no-matter-what-phone-it-is dept
The United States' National Security Agency intelligence-gathering operation is capable of accessing user data from smart phones from all leading manufacturers. Top secret NSA documents that SPIEGEL has seen explicitly note that the NSA can tap into such information on Apple iPhones, BlackBerry devices and Google's Android mobile operating system.The "location" tidbit is particularly interesting, in part because that's one point that Senator Ron Wyden has asked the NSA to discuss repeatedly: whether or not it's tracking people's location info based on their mobile phones, and the NSA has denied that they do (or, rather, indicated that they're not doing that currently).
The documents state that it is possible for the NSA to tap most sensitive data held on these smart phones, including contact lists, SMS traffic, notes and location information about where a user has been.
The documents also indicate that the NSA has set up specific working groups to deal with each operating system, with the goal of gaining secret access to the data held on the phones.
As for the Blackberry, that's often been pitched because it was supposedly much more secure than other phones -- but the NSA figured out how to get around that. And here's an interesting tidbit: for a little while, they lost access because RIM changed how it encrypted its data:
The documents suggest the intelligence specialists have also had similar success in hacking into BlackBerrys. A 2009 NSA document states that it can "see and read SMS traffic." It also notes there was a period in 2009 when the NSA was temporarily unable to access BlackBerry devices. After the Canadian company acquired another firm, it changed the way in compresses its data. But in March 2010, the department responsible declared it had regained access to BlackBerry data and celebrated with the word, "champagne!"The 2010 cracking of Blackberry data is interesting, because we've noted previously that the NSA had claimed a "major" breakthrough in breaking encryption in 2010. This was first reported by James Bamford a few years ago, and discussed in more detail just last week with the revelation about their encryption hacking efforts. These may have been different breakthroughs, but interesting to see the timing.
The documents also state that the NSA has succeeded in accessing the BlackBerry mail system, which is known to be very secure. This could mark a huge setback for the company, which has always claimed that its mail system is uncrackable.
Either way, it's yet more confirmation of the capabilities of the NSA to tap into almost anything if it really wants to.
by Mike Masnick
Wed, Mar 27th 2013 10:14am
Whatever You Think Of The Google WiFi Settlement, It's Bad That It Requires Google To Attack Open WiFi
from the that's-just-silly dept
That said, EFF is pointing out why the settlement is stupid -- not for Google, but for open WiFi and security. First, these technologically clueless attorneys general are requiring Google to create videos and ads promoting WiFi encryption... with a focus on old and bad standards like WEP, which is like saying you should be locking your front door with a cheap chain lock. It's a "lock," but one that could be broken by pretty much anyone in seconds.
Even worse, though, is that the settlement requires Google to push the message that the only way to protect yourself is to lock up your WiFi. But that's ridiculous. Open WiFi, by itself, is not a bad thing. Yes, unencrypted data could be exposed, but the better answer is to encrypt your data, such as by using a VPN. As EFF notes, end-to-end encryption is always going to make more sense than just encrypting your access point and hoping that keeps people out. And, yet, much of the settlement focuses on having Google push people to lock up their WiFi.
The solution to public surveillance problems should not involve discouraging people from providing public resources like open wireless, since this cuts against the general interest and takes away a common good. As we've explained elsewhere, wireless encryption provides few benefits compared to the much stronger end-to-end encryption, a technology that can thrive alongside environments with open wireless access. The settlement could have gone so much farther by educating people how to run open wireless networks safely and securely—for example, through open guest networks.Of course, this is the kind of thing you get when you let grandstanding politicians tell companies how they need to act concerning technology they don't understand.
It is apparent that too little thought and analysis went into this settlement document, and, as a result, the requirements do the public a huge disservice by hurting the Open Wireless Movement.
by Mike Masnick
Fri, Jan 11th 2013 5:38pm
Nokia Running A Man In The Middle Attack To Decrypt All Your Encrypted Traffic, But Promises Not To Peek
from the not-too-comforting dept
After sensing the backlash, Nokia pushed out an update of the browser that appears to remove the man-in-the-middle attack, even as it had tried to claim there was nothing wrong in the first place. However, the original researcher who discovered this, Gaurang K Pandya, updated his post to note that it's not all good news.
Just upgraded my Nokia browser, the version now is 22.214.171.124.48, and as expected there is a change in HTTPS behaviour. There is a good news and a bad news. The good news is with this browser, they are no more doing Man-In-The-Middle attack on HTTPS traffic, which was originally the issue, and the bad news is the traffic is still flowing through their servers. This time they are tunneling HTTPS traffic over HTTP connection to their server
by Mike Masnick
Fri, Oct 1st 2010 2:01am
from the time-to-stop-using-your-blackberry dept
So it seemed a bit odd when India again demanded access to RIM Blackberry messages, leading to a standoff where RIM eventually "backed down" and offered to help India spy on users. However, the Indian government is now complaining that the solution doesn't let them spy enough:
The telecom department has rejected the interception solution offered by Canada's (RIM) for its secure corporate email service. What's more is that it has spurned RIM's technical solution for decoding all chat communication on the popular BlackBerry Messenger service...Reading between the lines, it sounds like RIM is still sticking to the fact that, thanks to end-user encryption, it simply can't reveal the message contents -- but it sounds like it agreed to offer access to other information, which the Indian government feels is not enough. Of course, for all of India's rather public admission that it wants to spy on all sorts of communications, it doesn't seem to recognize that it's scaring companies away from doing business in India, as the threat of having communications spied upon is too big a risk.
In an internal note, dated September 28, reviewed by ET, the telecom department's security wing claims security agencies have been unable to intercept or monitor secure email communication made through the (BES) in readable format. "RIM maintains that it does not have the keys that can be offered to security agencies for converting secure corporate email into readable format," said a senior DoT official with direct knowledge of the matter. The DoT internal note claims law enforcement agencies have failed to intercept chats on the BlackBerry Messenger platform, which runs counters to the home ministry's recent position that it is satisfied with the interception solution offered by RIM.
by Mike Masnick
Tue, Dec 29th 2009 3:15pm
from the yeah,-because-the-eavesdroppers-care dept
"This is theoretically possible but practically unlikely," said Claire Cranton, an association spokeswoman. She said no one else had broken the code since its adoption. "What he is doing would be illegal in Britain and the United States. To do this while supposedly being concerned about privacy is beyond me."There are so many things wrong with that statement it's hard to know where to begin. First, claiming it's "theoretically possible, but practically unlikely" means that it's very, very possible and quite likely. To then say that no one else had broken the code since its adoption fifteen years ago is almost certainly false. What she means is that no one else who's broken the code has gone public with it -- probably because it's much more lucrative keeping that info to themselves. Next, blaming the messenger by announcing that cracking the code is "illegal in Britain and the United States" is not what anyone who uses a GSM phone should want to hear. They should want to know how the GSMA is responding and fixing the problem -- not how they're responding to the public release. Finally, if it's "beyond" her why cracking a code used for private conversations and showing that it's insecure is all about being concerned about "privacy" -- she should be looking for a different job. This has everything to do with privacy. The GSMA claims that the code is secure for private conversations, and this group of folks is showing that it is not. That seems to have everything to do with privacy.
by Mike Masnick
Tue, Sep 23rd 2008 11:16am
from the details-missing dept
by Mike Masnick
Tue, May 27th 2008 10:26am
from the so-sorry dept