TECHNOLOGY

The CIA Did Not Break The Encryption Of WhatsApp, Signal, Or Telegram

If encrypted messaging applications do not appear to be compromised by the CIA, the agency is using numerous techniques to take control of mobile terminals on iOS and Android.

Vault 7, the CIA espionage toolkit unveiled by Wikileaks, is causing a lot of discussion. Among the different methods disclosed, those relating to secure instant messaging are creating controversy.

Indeed, according to several American media, the American intelligence agency would have the ability to bypass encryption and access encrypted messages from services such as WhatsApp, Signal, Telegram, Wiebo, Confide, and Cloackman. However, several people or organizations believe that this is moving too quickly.

Encryption Is Not Compromised

Our colleagues at The Intercept have dug into the Wikileaks documents and believe that the CIA has not succeeded in breaking the encryption of messaging applications but does, on the other hand, have the means to take complete control of mobile terminals, which makes all the difference, according to the webzine, because with this control, the CIA can collect audio and text traffic before the messages are encrypted, without, however, calling into question the reliability of PGP, VPNs, or Tor.

For its part, Open Whisper Systems, which is at the origin of Signal messaging, explains in a tweet: ” Today’s CIA/Wikileaks revelations relate to malware on phones, not to exploits targeting Signal or allowing to break the Signal encryption protocol. » We remember that last December, Signal added a layer of security by adopting “domain fronting.” The latter consists of hiding messaging traffic in encrypted connections of CDNs (Content delivery networks) or significant Internet services, including Google, Amazon Cloudfront, Amazon S3, Azure, CloudFlare, Fastly, and Akamai. As a result, the traffic generated by the application cannot be distinguished from other, more innocuous data.

Snowden Is Concerned About The Hacking Of iOS And Android

Another actor to react to the supposed capacity of decryption of messaging applications by the CIA is Edward Snowden. The whistleblower, exiled in Russia, commented on the controversy on Twitter, explaining: “ It is incorrect to say that the CIA hacked these applications and their encryption. But the documents show that iOS/Android was hacked – a much bigger problem.

In the CIA documents, we find, in particular, a list of exploits concerning iOS. Most were developed in-house, but others came from the NSA and Britain’s GCHQ.

There are at least 14, with various code names such as Ironic, Dyonedo, Redux, or Rhino. Indeed, the list needs to be updated, and Apple assures that the exploits cited have since been corrected (notably with the arrival of iOS 8). However, experts believe that some of them can still work. And to mention, for example, the so-called Captive Portal technique, which configures the browser to route all traffic to a CIA server.

Android also does not escape the CIA’s surveillance efforts. The mobile OS is or was vulnerable to 25 techniques from the intelligence agency’s portfolio. Some have never been deployed, like HGH. The code names are as fanciful as ever: Bonobo, Creatine, Glutamine, or Salazar. As with iOS, the list is a bit dated, but with the fragmentation of Android, many of these techniques still need to be updated.

The Cyber Arms Race

More broadly, the publication of these documents highlights two issues. The first is highlighted by Julian Assange, founder of Wikileaks: the proliferation of cyber weapons. “ The meaning of ‘year zero’ (the name given to the first burst of documents revealed by Wikileaks) goes well beyond the choice between cyberwar and cyber peace. The disclosure is also exceptional from a political, legal and forensic point of view .”

The second problem lies in the impact that such revelations will have on other countries and Europe in particular. Massive espionage by the NSA, with the Prism program, defeated Safe Harbor on the grounds that European’ data was no longer adequately protected in the United States. The Privacy Shield replaced the Safe Harbor, but it is already being challenged in European justice. The CIA toolkit casts a new shadow on transatlantic relations.

TechSmashers

Tech Smashers is a global platform that provides the latest reviews & news updates on Technology, Business Ideas, Gadgets, Digital Marketing, Mobiles, Updates On Social Media and many more up coming Trends.

Recent Posts

The Role of SEO in Social Media Marketing

Social media marketing and search engine optimization (SEO) are two pillars of digital marketing that… Read More

2 months ago

Top 10 Premium TWS Headsets in India

Many people consider True Wireless Stereo (TWS) headsets essential since they provide wireless communication without… Read More

4 months ago

Company Culture: How Technology Can Support HR

“Transformation,” the new martingale for decision-makers, has been on everyone’s lips for several years. Digital… Read More

6 months ago

How To Choose Your Keywords

Finding the most sensible expressions for your website is one of the essential pieces of… Read More

7 months ago

App Field Service – Digital Solutions for Mobile Workers

Working in the field requires very good communication and access to always up-to-date information. Constantly… Read More

7 months ago

How RFP Automation Can Streamline the Proposal Process

For businesses that regularly engage in competitive bidding, Request for Proposal (RFP) processes can be… Read More

7 months ago