RINOA SUR
January 8, 2012 3:01 PM   Subscribe

Google-Motorola makes hardware that sits in between your Android phone and the person you are calling, which performs "lawful intercepts". If your conversation is going over someone else's network, how does replacing the OS with something that isn't Android help? Seems like the best you can do is avoid cell networks entirely, using a non-cell method for communication, like encrypted, peer-to-peer VOIP — something like Apple's FaceTime, perhaps.
posted by Blazecock Pileon at 3:17 PM on January 8, 2012

Heh: U.S government pushes "lawful intercept" laws, gets "lawfully intercepted". It surprises me they would be dumb enough to use tech that they compromised themselves.
posted by delmoi at 3:19 PM on January 8, 2012 [6 favorites]

Here's a talk from Roger Dingledine and Jacob Appelbaum to the Chaos Computer Club. It's about how Tor has been blocked by governments but it repeatedly touches on themes of how capabilities that are built into communications devices are re-purposed and abused.
posted by Grimgrin at 3:21 PM on January 8, 2012 [5 favorites]

I'm going to use this as another excuse to stop using email, im etc for work.
posted by humanfont at 3:25 PM on January 8, 2012 [1 favorite]

I'd imagine facetime calls are marginally less secure than Skype calls, Blazecock Pileon. I'm please Apple implements SRTP but presumably both Apple or Skype happily offer up your session keys.

In fact, these USCC conversations were very likely encrypted given the U.S. government has sound policies for that, they probably just ran into the backdoors India mandated in Apple products.

You'll need a session initialization protocol like ZRTP if you want a higher degree of security. Jitsi implements ZRTP for example.
posted by jeffburdges at 3:26 PM on January 8, 2012 [1 favorite]

Now that Microsoft owns Skype, I'm done using it.
posted by june made him a gemini at 3:31 PM on January 8, 2012 [1 favorite]

If your conversation is going over someone else's network

Pretty much this. The USA has had near-total control of its telecommunications industry for a century now, so you better believe the pressure is on for these new competitors to play nicely and give them all the access they are used to having. Software "lawful intercept" is interesting/terrible in that it circumvents the warrant standard for wiretapping, cementing a permanent infrastructure for continuing warrantless surveillance of the civilian population. The NSA is just blissfully datamining petabytes of communication these days...India sees exactly this happening in the USA and wants to get in on the action. Sure, why not.
posted by mek at 3:31 PM on January 8, 2012 [6 favorites]

Heh, one branch of the US government insists that companies create backdoors insecurities so that foreign governments can eavesdrop on other branches of the US government.

Well, that might not have been the intention, but it was obvious everyone.

The intention is that us little people get to have no privacy or personal security. So it's successful in that respect.
posted by -harlequin- at 3:40 PM on January 8, 2012 [5 favorites]

"… they probably just ran into the backdoors India mandated in Apple products."

I'm sure you really meant to say "… they probably just ran into the backdoors India mandated in Apple, RIM, and Nokia products."

Wouldn't want to be accused of sensationalist bias, would we?

(And I'm sure that, if you want to talk compromised communications, you'd have to admit that not only is it very likely that every other device manufacturer has similar backdoors, but the switching and transit networks the calls / data run over does too.)
posted by Pinback at 3:44 PM on January 8, 2012

How is there an internet without a video of Bruce Schneier playing the sad trombone? That is all.

While confirming that there is, in fact, not an easily found video of Bruce Schneier playing the sad trombone (because that would be embarrassing) I learned that there are in fact people who believe that the Stuxnet virus, and not a 130 foot wall of water slamming into the country is the cause of the issues at the Fukushima nuclear power plant. Suddenly the "no lunar landing" people seen so rational to me.
posted by Kid Charlemagne at 3:56 PM on January 8, 2012 [4 favorites]

Google-Motorola...

1. Google doesn't own Motorola yet.
2. Motorola isn't the only Android manufacturer out there.
posted by aspo at 4:00 PM on January 8, 2012 [2 favorites]

Not to be pedantic, but it's "eavesdrop."

I thought it was a variant on "Eve teasing".
posted by UbuRoivas at 4:07 PM on January 8, 2012

Holy shit, Grimgrin!   "Everybody that I've taught anything other than Tor to is in jail."   Wow!
posted by jeffburdges at 4:13 PM on January 8, 2012

Yeah, can we just head the Google vs Apple derail off at the pass? There's no there, there.
posted by mek at 4:14 PM on January 8, 2012 [3 favorites]

Google-Motorola makes hardware that sits in between your Android phone and the person you are calling, which performs "lawful intercepts". If your conversation is going over someone else's network, how does replacing the OS with something that isn't Android help? Seems like the best you can do is avoid cell networks entirely, using a non-cell method for communication, like encrypted, peer-to-peer VOIP — something like Apple's FaceTime, perhaps.

Dude seriously? seriously? The 'lawful intercepts' aren't done on the phone, they're done on the network. It makes no difference if you use a phone from apple or an android handset.

Not only that, what makes you think Apple didn't put 'lawful intercept' stuff into their facetime system? And beyond that, why, other then brain-dead phone-maker partisanship would you even use android as one example (almost certainly false) and apple as another (probably false as well)

It sounds like the intercepts were actually done via blackberry which is actually one of the most locked down and cryptographically sound systems out there. But, if blackberry works with the local government, they can get your data. An example of that not happening was when the UAE tried to install spyware on people's blackberries, but their servers couldn't handle the load, making it obvious what happened. Had they gotten the same deal that other countries did

If you want encrypted communications on android, there are plenty of possibilities. And there are a wide range of phones available running android, and as far as I know no one has shown any evidence of actual hardware bugs, as opposed to a way for the government to tap calls on exchanges, which would work with any ordinary phone call on any ordinary phone.

I'm sure you really meant to say "… they probably just ran into the backdoors India mandated in Apple, RIM, and Nokia products."

The three companies not making android phones. This isn't to say that android phones are safer. But yeah using an example of Apple phones giving up private information as an example of why apple phones are more private then Android is pretty insane.
posted by delmoi at 4:31 PM on January 8, 2012 [1 favorite]

can someone explain what "lawful intercepts" are? Really, that should have been in the FPP. Are they not actually lawful thus the scare quotes?
posted by rebent at 5:06 PM on January 8, 2012

can someone explain what "lawful intercepts" are?

Well, this is a giant topic, but CALEA is a good start. In brief, there are mandates that telecommunication equipment contain mechanisms to permit the copying of traffic so that when a warrant is issued for a wiretap, there isn't a "Oh but this model switch doesn't support that" excuse.

In practice it means any communication channel can be effortlessly redirected by any piece of compliant equipment.

This is why it's very important to use encryption properly if you care about your privacy, because encryption secures the content even if it's read in transit.
posted by odinsdream at 5:15 PM on January 8, 2012

The 'lawful intercepts' aren't done on the phone, they're done on the network. It makes no difference if you use a phone from apple or an android handset.

That's exactly the point. This isn't an Apple thing. This is a network thing. This FPP is worded very poorly.
posted by Blazecock Pileon at 5:23 PM on January 8, 2012 [1 favorite]

So, the US Government forced the telecom industry to create back doors, and other countries are exploiting them, in the USA, right? illegally?
posted by rebent at 5:27 PM on January 8, 2012

Or is it not illegal because the telecom is willingly giving the information to the foreign government?
posted by rebent at 5:28 PM on January 8, 2012

It's illegal because the US Govt. doesn't want it to happen, I presume.

Seconding the TOR talk above. If you want to skip to the ethics/browbeating part, 1h8m is a good place to get their gist. Essentially, totalitarian states are getting cheap Deep-Packet-Inspection surveillance software because American (largely) corporations are bankrolling R&D.

They liken the tech industry's support of surveillance in Iran, Syria, and China to IBM's role in automating the Holocaust.

Strong words, but not totally out of line.

Just trying out TOR for the first time. Pretty point-and-click, plus you get to surf with smugness.
posted by anthill at 5:44 PM on January 8, 2012 [1 favorite]

That's exactly the point. This isn't an Apple thing. This is a network thing. This FPP is worded very poorly.

I guess that's why the whole 'Google-Motorola' thing grated on people a bit, and looked a bit like you were really sensitive about the whole Apple handing over keys thing (and once they've handed over one set that is known about, you'd be dumb to assume that the Facetime keys are also secure).

Frankly, if you need security you need to control all keys yourself, and it's really best to have an open source toolchain at all points. This is particularly so when it is explicitly stated that all mobile manufacturers had to give keys over in return for market access - it strongly implies (given that it is directly stated) that no mobile phones sold in India should be trusted out of the box.

I am really very surprised that the NSA isn't giving people custom equipment for this kind of thing, actually.
posted by jaduncan at 6:03 PM on January 8, 2012

India has been pressuring all major telecommunications players into adding "lawful intercept" backdoors (previously). We cannot yet tell what companies implemented special backdoors for India, what companies gave India the backdoors they created for the U.S., what companies dragged their feat, etc. All we know is that India's RINOA SUR program let them eavesdrop on the USCC and RINOA stands for RIM, Nokia, and Apple. I assume this means they access Blackberry, Symbian, and Apple communications in a similar way, perhaps some way that permits them to intercept traffic inside the U.S., not just inside India.   All close source software is insecure, period.
posted by jeffburdges at 6:14 PM on January 8, 2012

There are several people crediting Christopher Soghoian (previously) with exposing this one. Did his tweet just publicize it? Or was he the one who found this document in the Lords of Dharamraja release?
posted by jeffburdges at 6:24 PM on January 8, 2012

The 'lawful intercepts' aren't done on the phone, they're done on the network. It makes no difference if you use a phone from apple or an android handset.

That's exactly the point. This isn't an Apple thing. This is a network thing. This FPP is worded very poorly.

Where are you getting that? The leaked "RINOA SUR" document specifically claims collusion with Apple, RIM, and Nokia. That could mean backdoor access to data stored corporate servers, such as users' email (which IIRC RIM openly acknowledges), but it could also mean actual backdoors into the mobile operating system.
posted by qxntpqbbbqxl at 6:39 PM on January 8, 2012

This isn't an Apple thing. This is a network thing.

These days an untrusted network can be worked around pretty easily. (Which is a bit glossing over some parts of the equation, but for things like email contents it's true.) It's pretty clear from the article that the data that was not sent in the clear.
posted by aspo at 6:45 PM on January 8, 2012

I am waiting for an open source smart-phone. It will mimic some other smart phone to keep from getting locked out of the network and will have the ability to set PGP networks for data between themselves.

It will also need to have a bridge mode that allows users of these phones to create ad-hoc networks between themselves as necessary.
posted by psycho-alchemy at 7:14 PM on January 8, 2012 [2 favorites]

It's fascinating to think about what a government "wants".

A government is a very large hierarchy of individuals, each with unique motivations and goals. They are all probably motivated by some combination of greed, social pressure, career ambition, lust for power, sloth, sense of duty/responsibility, morality, and more I probably haven't thought of.

How all those different people with all those different motivations come together to form an organization that appears to itself have motivations and goals is very strange.
posted by Salvor Hardin at 7:30 PM on January 8, 2012

psycho-alchemy, you can get TOR for Android (ORBOT), which will encrypt the content and obfuscate the destination of your data communications. Of course it will do nothing for voice/textmsg.

Combine with an open source Android build and it's close to what you're after... assuming there's no hardware/firmware backdoors.
posted by anthill at 8:14 PM on January 8, 2012 [2 favorites]

As a fun side note: CALEA aggregation software is, without any exception I've tested, completely and totally pwn-bait. It's a security nightmare. The telcos have to shield themselves from it. *Smart* US LEAs protect their intercept workstations from it (or protect themselves from the intercept workstations).

Big brother combined with yet another .gov welfare for crappy incumbents program.
posted by graftole at 8:21 PM on January 8, 2012

That's exactly the point. This isn't an Apple thing. This is a network thing. This FPP is worded very poorly.

The FPP says Apple, RIM and Nokia. It's likely android phones are just as risky, but it's also possible that the USG is mostly using blackberries and iPhones (I'm not sure what the deal is with Nokia). However, it would have been better to say "Android phones are probably also at risk" then to make some crack about how facetime is secure. For one thing, we don't really know if facetime is secure. I don't know if it uses encryption at all, and if not, it would be easy for the government to listen in.

On the other hand, there are real ways to improve security. If you're going to say "do this to make yourself more secure" then it should actually work.

Can one of the mods please correct "eves dropped" already? It hurts!

"Eve's drop" is a pretty unusual eggcorn. I think "ease drop" is pretty common, but apparently ear drop (which makes some sense) is also common enough to get listed.
posted by delmoi at 8:43 PM on January 8, 2012

By the way: I've always thought steganography would be a good way to avoid eaves dropping. You and the person you're talking with could generate a fake video stream, one that looks like a person talking in order to get yourself a nice high-bandwidth stream to add data too. Then, a regular text chat or audio chat could be layered on top of that.

Regarding facetime, I found this link which says facetime is encrypted if you're using WPA for your wireless connection. But WPA only encrypts the radio data between your iPad and your router. It doesn't do anything once the packets hit the wires. So presumably, the data is completely unencrypted as it passes through the internet, making it easy for governments to tap facetime chats, along with any other unencrypted network traffic from your device.
posted by delmoi at 8:53 PM on January 8, 2012

Regarding facetime, I found this link which says facetime is encrypted if you're using WPA for your wireless connection.

Did you even read your own article?

In addition to your existing infrastructure each FaceTime session is encrypted end to end with unique session keys. Apple creates a unique ID for each FaceTime user, ensuring FaceTime calls are routed and connected properly.

Facetime uses SIP over TLS for end-to-end encryption of the conversations. I'm not sure where else to go from here unless you have some tinfoil hat conspiracy about a back door in SIP, TLS, Facetime, etc.
posted by Talez at 10:21 PM on January 8, 2012 [1 favorite]

Hmm, strange. I was looking over other links as well, and there were some that seemed to indicate it was unencrypted. If you're using TLS it shouldn't make much difference if you're also using WEP on top of that as well.
posted by delmoi at 12:12 AM on January 9, 2012

If you're using TLS it shouldn't make much difference if you're also using WEP on top of that as well.

It doesn't do diddly to the Facetime connection but the question answered in the article was was directly related to full HIPAA compliance not just whether Facetime is encrypted.
posted by Talez at 12:28 AM on January 9, 2012

WEP and WPA are only local; they encrypt the radio signal you're broadcasting to all and sundry, but it does nothing for the traffic once it hits the Internet. It's link-local encryption only, and purely for the radio hop. Further, WEP is so weak that it's completely useless, and WPA using TKIP is no longer truly secure either. You want WPA2 using AES encryption -- that's not presently known to have weaknesses.

But all that guards is the radio signal. As soon as it's back on the wire, it's in the clear unless you run some other encryption scheme somewhere.
posted by Malor at 1:10 AM on January 9, 2012

As we've discussed VoIP security here, I'll explain the issues around TLS, SRTP, and ZRTP briefly :

Transport Layer Security (TLS) provides an encrypted connection between you an another machine with whom you directly communicate, usually a server. In general, one expects that state level attackers can perform man-in-the-middle attacks against TLS because they can bypass the CA system.

SRTP provides an encrypted RTP channel that lets you encrypt SIP streams, i.e. VoIP connections. SRTP doesn't define a complete key exchange protocol. I'd expect venders base key exchange upon this vulnerable CA system, or their own private keys, again vulnerable to state level attackers.

ZRTP provides a secure key exchange protocol for SRTP by introducing a human component. After automated key exchange, your ZRTP enabled client displays a short string that you verbally compare over the encrypted channel.

We assume even a state level attacker cannot completely mimic your friend's voice.
posted by jeffburdges at 1:25 AM on January 9, 2012

We assume even a state level attacker cannot completely mimic your friend's voice.

Hmm... I bet it's at least theoretically possible. Especially with the low fidelity of phone calls. But one thing voice synth doesn't do well is get emphasis and cadence right. The other problem would be detecting the passphrase and replacing it in real time.

But something like a faked voicemail, I bet they could do.
posted by delmoi at 3:29 AM on January 9, 2012 [1 favorite]

ZRTP doesn't use a passphrase but derives a verification code from the Diffie-Hellman key exchange. A man-in-the-middle attack would invalidate that key exchange because each party contributes prior randomness.

You could even chat about your family for several minutes before verifying the key exchange and/or just use video call mode. Btw, you need not verify all ZRTP calls, just the ones where it cannot do verification using the previous session's key, like whenever you switch devices.
posted by jeffburdges at 5:09 AM on January 9, 2012

odinsdream or anyone else: how do you encrypt your communications: email, mobile phone, or on skype?

Is it even possible to fight off snooping governments and intel agencies? It seems they can get at anything, pretty much, if they want to.
posted by Azaadistani at 3:15 AM on January 10, 2012

Azaadistani; this MetaTalk thread is a good starting point to answering your question about day-to-day use of encryption.
posted by odinsdream at 6:24 AM on January 10, 2012

There are two answers depending upon whether your talking about user-to-user or user-to-server encryption, Azaadistani, please note these two terms replace the ambiguous term end-to-end.

User-to-user encryption :

I believe the primary obstruction to user-to-user encryption is that CALEA prevents major commercial software distributors like Apple, Microsoft, Nokia, RIM, etc. from shipping secure products, meaning all the people with whom you wish to converse aren't using secure protocols.

There are plenty of well secured open source encryption tools available, but the problem becomes convincing your conversation partners to use them. You could however bias your communications towards protocols with more user-friendly cryptography standards :

VoIP calls the easiest communications stream to secure. Jitsi attempts ZRTP on all SIP connections by default. ZRTP doesn't require exchanging keys in advance.

IM conversations are easy to secure using off-the-record messaging, since many open source IM clients like Adium, Jitsi, etc. support off-the-record messaging, but you must manually enable OtR and verify signatures.

Email is rather painful to secure because PGP and GnuPG (GPG) makes key management painful and never gets well integrated into Email clients. You could always create yourself a GPG key and publish it just in-case anyone wishes to contact you that way.

Btw, Skype cooperates wit the Chinese government according to this outdated Zfone (ZRTP) demo.

User-to-server encryption :

Afaik, these protocols are subject to legal discovery at the server, meaning CALEA need not apply. Also, our politicians don't like investigating corporate malfeasance.

Secure shell (ssh) isn't particularly user-friendly but it's become so ingrained that thankfully everyone uses it. VPNs are probably fairly secure, even the closed source ones, assuming they're used properly.

Tor is infinitely more user-friendly than any VPN unless you running bittorrent. Tor sounds trustworthy as well. Please note the line "Everybody that I've taught anything other than Tor to is in jail" from the 28C3 talk linked by Grimgrin.

You can improve your browsers security by using HTTPS Everywhere.

Of course, SSL and TLS are vulnerable to CA and DNS poisoning type attacks, but they're all the browsers support and better than nothing. You could verify the certificates yourself if your paranoid. And they might improve with DNSSEC, Sovereign Keys, or whatever. SOPA/PIPA is designed to prevent us from fixing these.


For mobiles, Android has good OSS versions for all these available from the Guardian Project.
posted by jeffburdges at 6:57 AM on January 10, 2012

Or it might all be fake.
posted by Pinback at 8:51 PM on January 11, 2012 [1 favorite]

They're probably just trying to shield the Indian public from their cricket test series debacle down under.
posted by UbuRoivas at 1:51 PM on January 14, 2012

Symantec admits its networks were hacked in 2006
I.e. they released something, but not much evidence they got it off the IMI. For all we know, they could be a poorly run false flag op by China or Pakistan or whoever.
posted by jeffburdges at 10:20 AM on January 19, 2012