From encryption to darknets: As governments snoop, activists fight back

http://arstechnica.com/business/the-networked-society/2012/02/from-encryptio...

From encryption to darknets: As governments snoop, activists fight back

By Cyrus Farivar | Published February 15, 2012 2:22 PM "Open hardware" for a mesh network node As the Arab Spring hits its first anniversary, tech activists around the globe are continuing their efforts to enable secure communicationsbespecially in areas of the world that are in conflict or transition. After all, it's become an open secret that governments ranging from Assad's Syria to local American law enforcement to the newly created government of South Sudan are actively trying to find out what is being said and transmitted over their airwaves and networks. In response to the pressure, a huge range of projects, apps and strategies have been designed to protect mobile communications (voice, text, and data) as well as more traditional Wi-Fi networks and even individual computers. These projects are being developed all over the world by some small, local organizations, as well as larger, more ambitious projects that are receiving funding from the likes of the New America Foundation. The organization is a key part of the US Department of State's $70 million being spent on "Internet freedom" projects, including a so-called "Internet-in-a-suitcase" deployment. As US Secretary of State Hillary Clinton made clear in a speech last year, "The United States will continue to promote an Internet where peoplebs rights are protected and that it is open to innovation, interoperable all over the world, secure enough to hold peoplebs trust, and reliable enough to support their work." But technology both gives and takes away. Just as tools to help activists become cheaper and easier to use, so too do the surveillance countermeasures often deployed by government agencies with deeper pockets. The "security" of disposable phones Out of the six billion mobile phones in the world, less than 30 percent are smartphones. That means the overwhelming majority of phones in use today are fairly limited in their capabilities; generally speaking, they don't have extensive storage capacity and are not very sophisticated in terms of their Internet capability. Of course, the main reason why people use them is that they're cheapbthe classic Nokia 1600 still sells for under $20 on eBay. The company's newer version, which include a small flashlight, and even a dual-SIM option, costs just $50. Nokia 1600 Nokia 1600 Wikimedia Commons Security experts agree that trying to protect communications on a non-smartphone is basically a lost cause. But there may be a small silver lining, according to Nathan Freitas, an adjunct professor at New York University and the head of the Guardian Project. "There's a different kind of security there," he said. "[Cheaper phones] tend to be disposable. You can change SIM cards and change phones. In that range, there's maybe greater social security because you're not worried about a really expensive device and you can have 10 of them. So I think there's perhaps more anonymity in a $20 phone." Activists have become sensitized to the fact that their phones can easily be tracked, and many advise taking out the SIM card and battery when headed to a potentially sensitive location. In countries where phones and SIM cards can be bought for little cash and with no identification, it may actually be easier to fool authorities by using featurephonesbswapping the physical locations of cheap phones and also varying the SIMs. For phones that may be slightly more sophisticated, such as the Nokia 6300, which has the ability to run Java applications, apps like OTR4j provide for the Off-the-Record (OTR) protocol. "The problem has always been usability," Freitas added. "The complexity of security when scaled down to a small screen and a nine-digit input pad doesn't really work." Of course, securing communications, whether over mobile networks, WiFi, or even a single computer, ultimately comes down to one phrase: strong cryptography. Implementing such crypto for phone communications used to be expensive. Just think of President Barack Obama's phone, a BlackBerry that features a tightly controlled whitelist of people who are allowed to interact with him. Other commercial products that offer end-to-end encryption range from British-made Cellcrypt software (over $4,000 for a five-year license) to the Cryptophone, produced and sold by a small team from the famed Berlin hacker collective the Chaos Computer Club. But most activists aren't able to afford such a high level of protection, and many security experts and researchers are skeptical of phones that don't release their source code and thus cannot be fully vetted and audited. However, as the need for more secure mobile communications has gone up, the price of smartphones has come down. While iPhones and BlackBerrys go for hundreds of dollars, Android smartphones are rapidly approaching the $100 mark. In fact, a used Google Nexus One is going for less than $100 on eBay these days. "The era of the super-cheap dumbphone is ending in most places, except perhaps in Congo and Sudan," Freitas added. "The era of needing the super-secret $5,000 ninja phone is also ending because we can replicate all those features on a $100 phone." Smartphones get crypto, Tor On Android phones, two projects in particular are worth keeping an eye on for those interested in securing voice, text, and data communications. Orbot in action Orbot in action One key piece of open-source software is Orbot, a year-old project that emerged from the Guardian Project. Orbot basically brings Tor to mobile browsing, anonymizing online use and routing around a network that may be blocked or filtered. So far, Freitas says, there have been about 300,000 downloads via the Android Marketbbut he adds that as an organization concerned with privacy and anonymity, the Guardian Project doesn't keep very close tabs on who is using it. "I can tell you I get about 10 e-mails a week from Iran," he added. The second is the suite of programs available from famed security researcher Moxie Marlinspike and his security startup Whisper Systems, which was acquired by Twitter in November 2011. Two programs, RedPhone and TextSecure, respectively aim to provide strong cryptography for voice callsbby turning them into end-to-end encrypted VOIP callsband text messages. RedPhone uses the well-established ZRTP protocol developed originally by Phil Zimmermann of PGP fame, while TextSecure uses a variant of the Off-the-Record (OTR) protocol. (Both had been temporarily pulled in the wake of the Twitter acquisition, but they have since been re-released with open-source licenses.) When installed, both applications are designed to automatically switch from a traditional voice call or text message to using the strong encryption when possible. If the person on the other end of the call or text also has the same apps installed, a small secure icon will appear on the screen, making it simple for even non-geeks to understand that the security is active. "Really, our focus was to make something as frictionless and invisible as possible," Marlinspike said. Countermeasures Security experts are quick to note that no security tactic is ever 100 percent bulletproof. The idea, of course, is to mitigate risk and reduce the chances of something terrible happening. In the mobile world, there are two main possible attack vectors: a "virtual" breach, where someone has access to intercepted text messages, voice, and data traffic, and a "physical" breach, where someone has access to a mobile phone's hardware. The tools above only address the virtual breach; but what about a physical breach? "Using a program like RedPhone or TextSecure is great, but it's like putting bulletproof glass on a cardboard box," said Chris Soghoian, a Washington, DC-based computer security researcher. "The bigger issue for researchers and activists is that the state of security on mobile is so bad. Google made a deal with the devil, allowing carriers to control the update process." As a result, he explained, most Android users have out-of-date versions of the operating system, with known security holes. Worse still, until late last year, no Android phone offered full-disk encryption. "If the police seize your phone, it's probably going to be easy for them to exploit a flaw to steal your data," Soghoian said. There are a few mobile phone forensics tools available to law enforcement, most notably the CelleBrite Universal Forensic Extraction Device, a hardware tool which can easily snag data from just about any smartphone, including Android devices. In 2009, German security researcher Karsten Nohl showed that the GSM industry's standard encryption protocol, known as A5/1, was able to be cracked. Nohl's group showed how to do the same thing on the cheap a year later. Earlier this year, another team from Bochum, in western Germany, outlined its technique for breaking through a related encryption system found on many satellite phone calls. "Spooks are listening into calls, just like they always have," said Eric King of London's Privacy International, in an e-mail. "With A5/1 being brokenbyou can decrypt and listen into 60 calls at once with a box smaller than a laptop." Another possible attack vector is through the use of an IMSI catcher. An International Mobile Subscriber Identity number is a 15-digit unique number that sits on every SIM card. IMSI catchers effectively fool a phone and SIM into thinking that the IMSI catcher is a mobile phone tower. Such devices can be used as a simple way to just see what phone numbers are being used in a given area, or even to intercept the audio off of voice calls. Portable IMSI catchers are made by Swiss and British companies, among others, but in 2010, security researcher Chris Paget announced that he had built his own IMSI catcher for only $1,500. (Strong crypto comes to the rescue again, though; as Marlinspike pointed out, "You canbt IMSI catch a RedPhone call.") But mobile security remains spy-versus-spy to some degree, each measure matched by a countermeasure. In December 2011, Karsten Nohl released "Catcher Catcher"ba piece of software that monitors network traffic and looks at the likelihood an IMSI catcher is in use.