More thoughts on consumer privacy and electronic communication

The Guardian and NDR are reporting allegations that Google handed over journalists’ private personal data en masse in response to “catch-all” warrants against WikiLeaks’ employees, and then was not allowed to inform its clients, the journalists, that it did so for more than two years. On the NDR article page you can watch an interview in English with Sarah Harrison, an editor at WikiLeaks.

WikiLeaks’ founder asserts that Google was complicit in the USA’s violation of its own constitution. I am not a lawyer, journalist, spy, political agitator, or hacker1. But the slippery slope facilitating that hand-over of data, irrespective of its legality, creeps me out.

I’ve written in the past about email encryption and encrypted instant messaging options on our phones. Since then, I’ve been using Threema on iOS and Android to keep prying eyes of all stripes away from my instant messages to and from my friends. That works easily when the sender and the recipient(s) are both on their phones, but not when one or both are on computers with full-sized, non-fiddly keyboards. I want to be able to chat on a computer running Linux, Mac OS X, or Windows with comparable security to what I get from Threema on our phones.2

Public Key-Based Instant Messaging?

Psi works on Windows, Mac OS X, and Linux with the same encryption technology I use to secure my email messages.
Psi works on Windows, Mac OS X, and Linux with the same encryption technology I use to secure my email messages.
I found Psi to be a reasonable instant messaging program that works with the computers I use, and the public keys I already use. I got started using it right away, and started my search for instant messaging software for our phones using the same concept. But I’ve found nothing, so far anyways, that does on a mobile platform what Psi does on a computer — using PGP public key cryptography to secure messages.

Most Secure Apps Use OTR

While searching, I found the EFF’s secure messaging scorecard, and I think I figured out why none of the mobile apps secure messages with PGP public key cryptography: they’re striving for Perfect Forward Secrecy. That’s a way to encrypt your messages for the short-term only. With public key technology à la PGP and GPG, you keep your private key for the long haul. You will need it to decrypt any messages encrypted for you (either by someone using your public key, or by you yourself). But with Perfect Forward Secrecy, the messages you send are not retrievable later by any means, by anyone. This seems better suited for instant messaging anyways — it’s not supposed to be part of your permanent record. Threema addresses this point in their FAQ, too: it requires all parties to be online in the same “session,” so there’s no way to send an encrypted message to someone who’s not connected at the moment you send it. That’s why they don’t rely on OTR. In that sense, Threema’s product is just like PGP-encrypted email, except that you can’t use it on a desktop computer…yet.3

The mobile apps I found for secure instant messaging use OTR (“off-the-record”) as the protocol for PFS. This put me back to the drawing board in my hunt for an app I could use on my phone while my chat buddy (most frequently Sarah) is using her computer.

Putting It All Together

For secure messaging with other users, Threema seems to be the best if we’re all on mobile devices, or PGP/GPG if we want to do it via email on our desktops.4 But, for a secure mixed mobile+desktop environment, it’s clunky.

I hit upon the combination of running my own chat server — see this tutorial on arstechnica.com for hints — and XMPP chat clients on the desktop and mobile platforms using OTR. I had trouble setting up ChatSecure on our phones until I got the DNS entries working right, even though it was supposed to be able to let you override the DNS stuff and explicitly declare hosts and ports in the clients.

I guess running your own chat server is a bit of overkill if you’ve got OTR protecting the message contents, but it still was fun to set up. Here’s the setup:

  • Prosody as the server to which our IM clients connect
  • Pidgin with an OTR plugin on Linux (though presumably that would work just fine on Windows and Mac OS X as well)
  • Adium on our Macs (supports OTR out-of-the-box, no plugin necessary)
  • ChatSecure on iOS, and presumably also on Android

Yeah, OK, Geek Fun, What’s the Big Deal, Anyway?

Even before the Google-warrant-WikiLeaks news broke yesterday, I’d seen this WSJ article. The heads of the USA and the UK both want to be able to decrypt anything you have if they think it’s linked to a terrorist plot. Do you really trust them to keep their eyes off your non-terrorist, non-illegal, quite mundane stuff? Ask the WikiLeaks employees.

And if the government can get to your stuff, you can be sure that someone with impure motives, like an identity thief or a corporation whose revenue model depends on selling your details can, too.

It would seem that the writing is on the wall for electronic information that really only you control. Secure your stuff while you can.

  1. in the criminal sense. But I do try to make software do what I want it to do where I am allowed to, so I guess I am a hacker in that sense. []
  2. Threema reports that a desktop version of their software is on the roadmap, but I’m not holding my breath. []
  3. Threema on the desktop would meet all my requirements: secure and cross-platform (mobile and desktop alike), and wouldn’t even require me to run any server. []
  4. Next thought: why is GPG-style email such a PITA on mobile devices? I’d love something as slick as GPGMail for Apple Mail but on an iPhone or Android phone. There are programs that nominally do this, but they are painful to use beyond the decryption of plain text messages. Anything formatted with HTML in the message body, or an embedded MIME attachment just has to wait until I get back to a desktop, where I can read it properly. []

10 thoughts on “More thoughts on consumer privacy and electronic communication”

  1. papascott

    I’ve been having similar thoughts, except for files. Is Dropbox or Google Drive, both of which we use extensively, the best and most secure place to keep your documents? Probably not. I’ve been looking at own-server solutions, like OwnCloud or Seafile, or even a full document management system. I’m trying out EcoDMS, which is not in itself particularly secure except that it’s my basement and not in anyone’s cloud.

    1. cliff1976

      I like ownCloud a lot, but up til now at least, there’s a serious flaw in the concept: the client doesn’t support conecting to more than one ownCloud server instance. So, got an ownCloud for your business, another one for your Schützenverein, and another one for your family? You need three completely separate ownCloud clients per computer!

      Maybe GPG’d backups on Dropbox/Google Drive/etc. are an OK compromise. But that means you have to encrypt for all possible future recipients, or maybe use a certain keypair just for backups and pass the corresponding private key and passphrase around among your backup operators. Hmmm.

  2. Craig

    Telegram https://telegram.org/ is a decent messenger from both a security and cross-platform standpoint. They have apps for all major platforms as well as a web-based client for everything else.

    Sync.com and SpiderOak are just two of the many “zero knowledge” Dropbox competitors. You hold the encryption keys and they can’t tell what you’re storing.

    And you could run all of this through a VPN so no one can tell what you’re doing online (messaging traffic is indistinguishable from web browsing, file syncing, email, etc).

    1. cliff1976

      Hey, thanks Craig! Checking out Telegram right now. I like the looks of it from the FAQ, anyways: seems like it would meet my needs. It also did well on the EFF’s scorecard (when you consider their secret chats). I’m curious to see whether they get a recent code audit under their belts; that could result in a perfect score.

      1. cliff1976

        Telegram got my hopes up. You know what dashed them? The fact that anyone who has your mobile phone number and is a Telegram user gets notified that you are now using Telegram. This is default behavior on Threema, too, but you can disable that if you like. From back when I was using WhatsApp, I think that was default behavior there too — but I’m not sure if you can turn it off there or not. From the Telegram FAQ it sure looks like you can’t turn off that behavior: https://telegram.org/faq#q-who-can-i-write-to

        Q: Who can I write to?
        You can write to people, who are in your phone contacts and have Telegram.

        This means they can write to me just by virtue of having my phone number in their phone’s contact list.

        For the particularly paranoid: this also means someone malicious could register themselves on Telegram using a phone number I don’t know, and start messaging me.

        Sure, I could block anyone I don’t want to receive messages from, and I could give only a vague indicator of my most recent Telegram usage, but I’d much rather send no signal of my presence at all.

        So, until Threema goes multi-platform, it’s back to running our own XMPP server and various clunky clients on various OSs for us.

  3. shoreacres

    This is so far above my pay grade it’s laughable. But, I did hear a good bit of muttering recently about Dropbox, and suggestions they weren’t as secure as had been advertised. I can’t remember if it was a hack, or what. But there you have it — my contribution!

  4. shoreacres

    Oh. Except for this. I follow these guys on Twitter and on their blog, and have found a lot of understandable information there, as well as first notice of problems on the web. PrivaSecTech

    1. cliff1976

      Thanks, shoreacres! I subscribed to their feed; looks like my kind of blog.

  5. papascott

    I just remembered something I read about a couple of weeks ago… Peerio (Wired article http://www.wired.com/2015/01/peerio-free-encryption-app/) is trying to make encryption easy to use, is open source, and doesn’t save any keys. It isn’t quite ready to use yet, though.

    And my favorite source of security news on Twitter is InfoSec Taylor Swift @swiftonsecurity :-)

  6. […] have been waiting and hoping for this for quite some time. I think it is very close to replacing PGP-/GPG-encrypted email as the […]

What's your take on it?