Insights For Success

Strategy, Innovation, Leadership and Security

text messages

Is WhatsApp security Good and trustworthy?

GeneralEdward KiledjianComment

Quietly and with little fanfare, Whatsapp released an update to all of its products enabling end-to-end encryption for its 1B+ end users. Funny enough, most users aren't aware that their Instant Messaging tool of choice is now powered by the worlds most secure end-to-end encryption protocol : Signal. 

Can I consider WhatsApp secure?

A couple of weeks ago, OpenWhisper systems announced that its Signal secure protocol has been imbedded into Facebook's WhatsApp instant messaging application. The question I receive daily is "should I consider my Whatsapp communications protected now?"

Before signal there was OTR

Before using the Signal protocol, it looks like the WhatsApp team evaluated the OTR (off the record protocol). OTR provides encrypted point to Point communication but it requires a real time collaboration of the users (aka both have to be online to secure the transmission) which isn't practical for WhatsApp. So they went fishing for something else and stumbled upon Signal.

The Signal difference

Signal actually created an encryption model using the text messaging approach, where messaging is encrypted but it is asynchronous (both parties don't need to be online simultaneously for it to work).

Although text messaging is simple, the complexity of the encryption is model is high.

The protocol was called axolotl. The salamander it is named for has self healing capabilities and the axolotl protocol also has self healing properties.

To simplify it for mass consumption, the procotol was renamed the Signal protocol and now has open source libraries. Cryptogrsphers have been able to build fully function encryption programs comptible with the consummer Signal apps.

Now powering Whatsapp

The integration is now complete in the latest version of Whatsapp on all platforms.

Users running these versions now get full end to end encryption for every message they send and every Whatsapp call they make. All the benefits of the signal protocol are now built in.

We have confidentiality which means the communication is encrypted.

We have integrity which means message alterations will be detected and fail the verification transaction.

Authentication is possible (which is good) but you need to take extra steps to do so. Keep reading.

Participant consistency is also important but defaults to off (has to be enabled manually).

They also claim to have destination validation, which requires the above 2 to work, so technically it is available and built in.

They have forward secrecy which means a future compromise of a private key will not allow the decryption of past messages.

They have backward secrecy, which means a past compromise of a private key will not compromise future protected communications. Keys are constantly being changed and re-negotiated.

They have message unlinkability, which means messages are independent, asynchronous, can arrive independently or be missing, without affecting the fucntioning or efficiency of the entire system.

Message repudiation is also there, which means the sender can deny sending a message. This works because the receiver can forge a message that looks like it came from the other party. Which means none of the participants can claim (to a 3rd party) that a message originated from the other party with verifiability. All that can be claimed is that the sender or the recipient sent the messages. To most this seems bad but in the world of security, this is a good think.

Simple but complex

We all know Whatsapp is a simple to use product but the actual encryption is very complicated and therefore beyond the scope of this post.

As an example, they create static Diffie Hellman encryption keys. Then they create a set of ephemeral keys. Then they use a triple Diffie Hellman protocol to exchange their ephemeral keys and they use a Diffie Hellman key agreement 3 times to take their private key and the other person's ephemeral public key and create a key agreement.

The other user takes his private key and the other persons Diffie Hellman public key to create a second agreement. Then they take the ephemeral keys and use that with Diffie Hellman to get a third set of keys and they concatenate all of these together to create a master session key.

The ratchet

In an interactive protocol a ratchet is where you evolve a key that you agree upon as you send messages back and forth. You ratchet the key forward.

The problem is that this requires real time communications. The innovation here is that they developed an offline ratchet using a hash. Each time both parties are online at the same time, an online ratchet is performed and resynchronize the offline ratchet hash.

First sessions establishment

In real time communications you can create a shared key in realtime. But how do you do this is an asynchronous model with someone you have never messaged before?

To solve for this issue, when you register your Whatsapp client with the server, your client pre seeds the server with 100 ephemeral public keys and assigns an ID to each. This means someone wanting to send you a message for a new communication stream, picks up one of those keys in order to bootstrap a secure message.

They use this public key and place it back on the server until you are online. When you come online, that blob is sent back to you. Your client will never allow the re-use of that public key (by removing it from the pending ephemeral key list). This one time use prevents certain types of attacks.

Perfect encryption

Knowing that Moxie (from OpenWhisper systems) worked on it and reading all the documentation, it looks like they implemented a perfectly designed asynchronous encrypted messaging system.

The one caveat & other thing

The one major exception is that you cannot be sure who you are talking to (authentication).

Threema, my favourite truly perfect encrypted and private messaging system, solves this by only guaranteeing authentication when you physically scan the QR code of the other participant's public key.

To solve this, Whatsapp provide a (per communication thread) QR code or 60 decimal digit user verification code. This code contains both parties encryption keys.

So the problem is you need to perform this verification at least once per conversation thread. This guarantees there is no middleman. Where you can't visually exchange codes, you can read the 60 digit code to each other. If the codes are different, it means there is a man in the middle.

For some reason if the codes change, you are not automatically notified. But under account security, you can enable this notification.

Go to Settings, then Account, then Security, and ensble the switch

Everyone needs to turn this on (participant consistency). The only time a code should should change during a conversation is if the other party installs the app on a new device (or a reset device), in which case you will already likely know and can disregard the alert.

I also want to remind readers that although the messages themselves are encrypted, there is still metadata. There is no technological way to communicate without leaving a trail of metadata today. Metadata is data about your data : such as who you communicate with, how often and how much data you exchange with each other.

Whatsapp is not open source

Many security researchers dislike closed source security applications because there is no way to independently validate the implantation (aka. Know for sure that no one has implemented a back-door or injected malicious code.)

Technology is only as good as its implementation and although the encryption math is perfect, applications rarely are. At some point we have to put our crazy hats down and trust that companies are tying to do the right thing for their users.

Conclusion

Facebook has done a very good job and with the flip of a switch, they have gifted 1B people with easy to use and powerful encryption. I still love Threema because it has better authentication but the truth is none of my contacts use it.

I am excited that more people will be brought into the wonderful world of encryption and have their discussions protected.

Canada's Anti Spam Law (CASL) and what it means and CASL 2.0

technologyEdward KiledjianComment

Over the last month, I received several emails asking me about CASL (the Canadian Anti Spam Law) which went into effect July 1 2014. The purpose of CASL is to protect consumers from unsolicited email messages.

Nothing in this article should be construed as legal advice. Always check with a qualified legal professional.

What is CASL

There are well written white papers by lawyers that provide the legal perspective on CASL and how it impacts business'. If that applies to you, you should go find and read some of those. The Canadian Anti-Spam Law was designed to protect canadian email addresses (.ca) from receiving unsolicited commercial messages. The main drivers are:

  • Consent  : the sender needs to secure and record detailed explicit consent from the recipient that they want to receive your marketing content
  • Identification : The law required that you clearly identify who is sending the message and who it is being send on behalf of. The recipient must have a way to easily reach you.
  • Unsubscribe :  The recipient must have a simple and clear way to unsubscribe from your mailing list. 

Each message you send must contain Identification and unsubscribe.

Not only email

Legislators made sure CASL protect canadians from multiple mediums of commercial message delivery including emails, instant messaging, social media, etc. 

Assume this applies to all mechanisms you use to contact a customer for marketing purposes.

Does this CASL apply to me?

Let me keep this simple... CASL applies to any entity pushing a marketing message and you should plan on adhering to its standards. 

Does CASL apply to not for profit organizations?

As currently worded, the law provides an exemption for government certified charities performing fund raising through emails. Conversely other revenue generating activities are not exempt. 

The identification and unsubscribe requirements of the law apply to not for profits also.

If you want to add subscribers from one list to another, then you will need explicit consent. 

Non commercial messages (aka regular business type emails) are not covered by CASL. 

You can learn more on the government's website (link)

CASL and email address harvesting

A practice used by some email marketers or resellers of marketing lists is to harvest email addresses using electronic programs to collect email addresses from websites, mailing lists, forums, etc.

CASL amends PIPEDA to forbid the activity of email harvesting.

CASL 2.0

January 15 2015 an additional provision will go into effect called the Computer Program Rules. This new provision will require express consent before the installation of a computer program on someone's PC, smartphone or other electronic device. 

This new wave of CASL comes with very stiff penalties that can reach $10,000,000 for companies. This new wave goes beyond Canadian borders. It applies to organizations (can be located anywhere) installing programs on a computer located in Canada or to Canadians installing program on computers outside of Canada (or under the direction on someone in Canada). 

This section of CASL is fairly complicated so I will let you research the interwebs for additional information if you think it applies to you. 

CASL Best practices

In addition to following the CASL requirements stated above, many organizations are also verifying receiver interest in their messages every 6 months. 

Organizations that can prove that they have an existing business relationship will have 3 years to comply but industry best practice says you should plan to comply immediately.

Apple to fix messaging issue for users migrating to Android

technologyEdward KiledjianComment

When an iPhone users sends a message to another iPhone user it is done via Apple's proprietary iMessage platform and users are identified by their telephone numbers. If you are a user that switches from an iPhone to Android without first disabling all iMessage logins on all your devices then you may end up in a situation where iPhone users can no longer message you. Anytime they try sending you a message, Apple will think you still have an iPhone and hold them until your iPhone comes back online (which may be never if you have migrated).

Apple seems to acknowledge the issue to Re/Code (link) with this statement

We recently fixed a server-side iMessage bug which was causing an issue for some users, and we have an additional bug fix in a future software update,” Apple told Re/code in a statement. “For users still experiencing an issue, please contact AppleCare.

Users had complained that AppleCare agents were also unable to fix the issue but Apple says this limitation has since been resolved. As for what software changes could be implemented to fix this with a future update, we'll have to wait and see.

Quebec court orders Telus to pay $2.6M for texting fees

technologyEdward KiledjianComment

The Quebec Superior court has ordered Telus to reimburse customers to the tune of $2.6M in text messaging fees. This is a  result of Telus unilaterally changing terms and conditions for 172425 customers in Quebec (charging 15 cents per incoming text message).

If you are one of the affected customers, you could receive a whopping $15 but know that Telus is reviewing the decision. They could of course appeal the decision so we'll have to wait and see.


Canadian carriers ready for t-911 but emergency centres aren't

technologyEdward KiledjianComment
Image by  UCL Mathematical and physical services  under creative commons license

Image by UCL Mathematical and physical services under creative commons license

The Canadian wireless Telecommunications Association has been spearheading a 911 initiative to allow those with hearing or speech impairments to text 911 emergency response services. The trial, started in 2012, was such a success that CWTA members (all major carriers and their sub-brands) have been busy upgrading their networks to support the service nationwide.

On January 24 2014, the CWTA announced that its member carriers have completed the required upgrades but that the 911 control centres themselves haven't implemented the required technologies. 

“At this time, the T9-1-1 service is not available in any region of the country. The service will be implemented by 9-1-1 call centres in different municipalities or regions at different time periods over the next several years.”

Once the regional 911 control centres upgrade their equipment, carriers will be ready to act  act as an intermediary link between the affected user and the 911 emergency control centre. To use the service, a user will have to register with their carrier for it and have a compatible device.