CHAPTER FOUR

If You Don’t Encrypt, You’re Unequipped

If someone were to pick up your unlocked cell phone right now, that person could gain access to your e-mail, your Facebook account, and perhaps even your Amazon account. On our mobile devices, we no longer log in individually to services, as we do on our laptops and desktops; we have mobile apps, and, once we’re logged in, they remain open. Besides your photos and your music, there are other unique features on your cell phone, such as SMS text messages. These, too, become exposed if someone gains physical access to your unlocked mobile device.

Consider this: in 2009 Daniel Lee of Longview, Washington, was arrested on suspicion of selling drugs.¹ While he was in custody the police went through his non-password-protected cell phone and immediately discovered several drug-related text messages. One such thread was from an individual called Z-Jon.

It read, “I’ve got a hundred and thirty for the one-sixty I owe you from last night.” According to court testimony, the Longview police didn’t just read Z-Jon’s messages to Lee, they also actively responded, arranging their own drug deal. Posing as Lee, the police sent Z-Jon a text message in reply, asking him if he “needed more.” Z-Jon responded, “Yeah, that would be cool.” When Z-Jon (whose real name is Jonathan Roden) showed up for that meeting, the Longview police arrested him for attempted heroin possession.

The police also noticed another thread of text messages on Lee’s phone and arrested Shawn Daniel Hinton under similar circumstances.2

Both men appealed, and in 2014, with the help of the American Civil Liberties Union, the Washington State Supreme Court overturned Roden’s and Hinton’s convictions by a lower court, asserting that the police had violated the defendants’ expectation of privacy.

The Washington State justices said that had Lee seen the messages from Roden and Hinton first or instructed the police officers to respond by saying “Daniel’s not here,” that would have changed the fundamentals in both cases. “Text messages can encompass the same intimate subjects as phone calls, sealed letters and other traditional forms of communication that have historically been strongly protected under Washington law,” Justice Steven Gonzalez wrote in Hinton’s case.³

The justices ruled that the expectation of privacy should extend from the paper-letter era into the digital age. In the United States, law enforcement is not permitted to open a physically sealed letter without the recipient’s permission. The expectation of privacy is a legal test. It is used to determine whether the privacy protections within the Fourth Amendment to the United States Constitution apply. It remains to be seen how the courts decide future cases and whether they include this legal test.

Text technology—also known as short message service, or SMS—has been around since 1992. Cell phones, even feature phones (i.e., non-smartphones), allow for sending brief text messages. Text messages are not necessarily point-to-point: in other words, the messages do not literally travel from phone to phone. Like an e-mail, the message you type out on your phone is sent unencrypted, in the clear, to a short message service center (SMSC), part of the mobile network designed to store, forward, and deliver the SMS—sometimes hours later.

Native mobile text messages—those initiated from your phone and not an app—pass through an SMSC at the carrier, where they may or may not be not stored. The carriers state they retain texts for only a few days. After that time has expired, the carriers insist that your text messages are stored only on the phones that send and receive them, and the number of messages stored varies by the phone model. Despite these claims, I think all mobile operators in the United States retain text messages regardless of what they tell the public.4

There is some doubt surrounding this claim by the carriers. Documents exposed by Edward Snowden suggest a tight relationship between the NSA and at least one of the carriers, AT&T. According to Wired, beginning in 2002—shortly after 9/11—the NSA approached AT&T and asked them to begin building secret rooms in some of the carrier’s facilities. One was to be located in Bridgeton, Missouri, and another on Folsom Street in downtown San Francisco. Eventually other cities were added, including Seattle, San Jose, Los Angeles, and San Diego. The purpose of these secret rooms was to channel all the Internet, e-mail, and phone traffic through a special filter that would look for keywords. It is unclear whether text messages were included, although it seems reasonable to think they were. It is also unclear whether this practice still exists at AT&T or any other carrier post-Snowden.⁵

One clue suggests that this practice does not continue.

In the 2015 AFC championship game, leading up to Super Bowl XLIX, the New England Patriots ignited controversy with their victory over the Indianapolis Colts, 45–7. At the heart of the controversy was whether the New England team had knowingly underinflated their footballs. The National Football League has strict rules around the proper inflation of its footballs, and after that playoff game it was determined that the balls contributed by the New England team did not meet the criteria. Central to the investigation were text messages sent by the Patriots’ star quarterback, Tom Brady.

Publicly Brady denied involvement. Showing investigators the text messages he sent and received before and during the game would have perhaps confirmed this. Unfortunately, the day he met with key investigators, Brady abruptly switched cell phones, discarding the one he had used between November 2014 and approximately March 6, 2015, to a brand-new phone. Brady later told the committee that he had destroyed his original phone and all the data on it, including his stored text messages. As a result Brady received a four-game suspension from the NFL, which was later lifted by court order.6

“During the four months that the cell phone was in use, Brady had exchanged nearly 10,000 text messages, none of which can now be retrieved from that device,” the league said. “Following the appeal hearing, Mr. Brady’s representatives provided a letter from his cellphone carrier confirming that the text messages sent from or received by the destroyed cellphone could no longer be recovered.”⁷

So if Tom Brady had a note from his carrier saying that his text messages were all destroyed, and the carriers themselves say they don’t retain them, the only way to prolong the life of a text is to back up your mobile device to the cloud. If you use a service from your carrier, or even from Google or Apple, those companies may have access to your text messages. Apparently Tom Brady didn’t have time to back up the contents of his old phone to the cloud before his emergency upgrade.

Congress has not addressed the issue of data retention in general and mobile phones in particular. In fact, Congress has debated in recent years whether to require all mobile carriers to archive text messages for up to two years. Australia decided to do this in 2015, so it remains to be seen if this works there.

So how can you keep your text messages private? First of all, don’t use the native text messaging service that goes through your wireless carrier. Instead use a third-party app. But which one?

To mask our online identities—to enjoy the Internet anonymously—we will need to trust some software and software services. That trust is hard to verify. In general, open-source and nonprofit organizations provide perhaps the most secure software and services because there are literally thousands of eyes poring over the code and flagging anything that looks suspicious or vulnerable. When you use proprietary software, you more or less have to take the vendor’s word.

Software reviews, by their nature, can only tell you so much—such as how a particular interface feature works. The reviewers spend a few days with the software and write their impressions. They don’t actually use the software, nor can they report on what happens over the long term. They only record their initial impressions.

In addition, reviewers do not tell you whether you can trust the software. They don’t vet the security and privacy aspects of the product. And just because a product comes from a well-known brand name doesn’t mean it is secure. In fact we should be wary of popular brand names because they may lure us into a false sense of security. You shouldn’t take the vendor at its word.

Back in the 1990s, when I needed to encrypt my Windows 95 laptop, I chose a now discontinued utility product from Norton called Norton Diskreet. Peter Norton is a genius. His first computer utility automated the process of undeleting a file. He went on to create a lot of great system utilities back in the 1980s, at a time when few people could understand a command prompt. But then he sold the company to Symantec, and someone else started writing the software in his name.

At the time I acquired Diskreet, a product that is no longer available, 56-bit DES encryption (DES stands for “data encryption standard”) was a big deal. It was the strongest encryption you could hope for. To give you some context, today we use AES 256-bit encryption (AES stands for “advanced encryption standard”). Each added bit of encryption adds exponentially more encryption keys and therefore more security. DES 56-bit encryption was considered state-of-the-art secure until it was cracked in 1998.8

Anyway, I wanted to see whether the Diskreet program was robust enough to hide my data. I also wanted to challenge the FBI if they ever seized my computer. After purchasing the program I hacked into Symantec and located the program’s source code.⁹ After I analyzed what it did and how it did it, I discovered that Diskreet only used thirty bits of the 56-bit key—the rest was just padding with zeros.¹⁰ That’s even less secure than the forty bits that was allowed to be exported outside the United States.

What that meant in practical terms was that someone—the NSA, law enforcement, or an enemy with a very fast computer—could crack the Diskreet product much more easily than advertised, since it didn’t really use 56-bit encryption at all. Yet the company was marketing the product as having 56-bit encryption. I decided to use something else instead.

How would the public know this? They wouldn’t.

Although social networks such as Facebook, Snapchat, and Instagram rank at the top when it comes to popularity among teens, text messaging reigns supreme overall, according to data supplied by Niche.com.¹¹ A recent study found that 87 percent of teenagers text daily, compared to the 61 percent who say they use Facebook, the next most popular choice. Girls send, on average, about 3,952 text messages per month, and boys send closer to 2,815 text messages per month, according to the study.12

The good news is that today all the popular messaging apps provide some form of encryption when sending and receiving your texts—that is, they protect what’s called “data in motion.” The bad news is that not all the encryption being used is strong. In 2014, researcher Paul Jauregui of the security firm Praetorian found that it was possible to circumvent the encryption used by WhatsApp and engage in a man-in-the-middle (MitM) attack, in which the attacker intercepts messages between the victim and his recipient and is able to see every message. “This is the kind of stuff the NSA would love,” Jauregui observed.¹³ As of this writing, the encryption used in WhatsApp has been updated and uses end-to-end encryption on both iOS and Android devices. And the parent company for WhatsApp, Facebook, has added encryption to its 900 million Messenger users, although it is an opt-in, meaning you have to configure “Secret Conversations” to work.¹⁴

The worse news is what happens to data that’s archived, or “data at rest.” Most mobile text apps do not encrypt archived data, either on your device or on a third-party system. Apps such as AIM, BlackBerry Messenger, and Skype all store your messages without encrypting them. That means the service provider can read the content (if it’s stored in the cloud) and use it for advertising. It also means that if law enforcement—or criminal hackers—were to gain access to the physical device, they could also read those messages.

Another issue is data retention, which we mentioned above—how long does data at rest stay at rest? If apps such as AIM and Skype archive your messages without encryption, how long do they keep them? Microsoft, which owns Skype, has said that “Skype uses automated scanning within Instant Messages and SMS to (a) identify suspected spam and/or (b) identify URLs that have been previously flagged as spam, fraud, or phishing links.” So far this sounds like the anti-malware scanning activity that companies perform on our e-mails. However, the privacy policy goes on to say: “Skype will retain your information for as long as is necessary to: (1) fulfill any of the Purposes (as defined in article 2 of this Privacy Policy) or (2) comply with applicable legislation, regulatory requests and relevant orders from competent courts.”15

That doesn’t sound so good. How long is “as long as is necessary”?

AOL Instant Messenger (AIM) may have been the first instant message service that any of us used. It’s been around a long while. Designed for desktop or traditional PCs, AIM originally took the form of a little pop-up window that appeared in the lower right-hand corner of the desktop. Today it is available as a mobile app as well. But in terms of privacy, AIM raises some red flags. First, AIM keeps an archive of all messages sent through its service. And, like Skype, it also scans the contents of those messages. A third concern is that AOL keeps records of the messages in the cloud in case you ever want to access a chat history from any terminal or device different from the one where you had your last session.¹⁶

Since your AOL chat data is not encrypted and is available from any terminal because it lives in the cloud, it is easy for law enforcement and criminal hackers to get a copy. For example, my AOL account was hacked by a script kiddie whose online handle is Virus—his real name is Michael Nieves.¹⁷ He was able to social-engineer (in other words, get on the phone and sweet-talk) AOL and gain access to their internal customer-database system, called Merlin, which allowed him to change my e-mail address to one associated with a separate account under his control. Once he did that he was able to reset my password and gain access to all my past messages. In 2007 Nieves was charged with four felonies and a misdemeanor for, according to the complaint, hacking into “internal AOL computer networks and databases, including customer billing records, addresses and credit card information.”

As the Electronic Frontier Foundation has said, “no logs are good logs.” AOL has logs.

Non-native text apps may say they have encryption, but it might not be good or strong encryption. What should you look for? A text app that provides end-to-end encryption, meaning that no third-party has access to the keys. The keys should exist on each device only. Note, too, if either device is compromised with malware, then using any type of encryption is worthless.

There are three basic “flavors” of text apps:

Those that provide no encryption at all—meaning that anyone can read your text messages.

Those that provide encryption, but not from end to end—meaning that the communication can be intercepted by third parties such as the service provider, which has knowledge of the encryption keys.

Those that provide encryption from end to end—meaning that the communication can’t be read by third parties because the keys are stored on the individual devices.

Unfortunately the most popular text-messaging apps—like AIM—are not very private. Even Whisper and Secret may not be totally private. Whisper is used by millions and markets itself as anonymous, but researchers have poked holes in these claims. Whisper tracks its users, while the identities of Secret users are sometimes revealed.

Telegram is another messaging app that offers encryption, and it is considered a popular alternative to WhatsApp. It runs on Android, iOS, and Windows devices. Researchers have, however, found an adversary can compromise Telegram servers and get access to critical data.18 And researchers have found it easy to retrieve encrypted Telegram messages, even after they have been deleted from the device.¹⁹

So now that we’ve eliminated some popular choices, what remains?

Plenty. When you’re on the app store or Google Play, look for apps that use something called off-the-record messaging, or OTR. It is a higher-standard end-to-end encryption protocol used for text messages, and it can be found in a number of products.20

Your ideal text message app should also include perfect forward secrecy (PFS). Remember that this employs a randomly generated session key that is designed to be resilient in the future. That means if one key is compromised, it can’t be used to read your future text messages.

There are several apps that use both OTR and PFS.

ChatSecure is a secure text-messaging app that works on both Android and iPhones.²¹ It also provides something called certificate pinning. That means it includes a proof-of-identity certificate, which is stored on the device. Upon each contact with the servers at ChatSecure, the certificate within the app on your device is compared with the certificate at the mother ship. If the stored certificate does not match, the session does not continue. Another nice touch is that ChatSecure also encrypts the conversation logs stored on the device—the data at rest.²²

Perhaps the best open-source option is Signal from Open Whisper Systems, which works on both iOS and Android (see here).

Another text-messaging app to consider is Cryptocat. It is available for iPhone and most major browsers on your traditional PC. It is not, however, available for Android.²³

And, at the time of this writing, the Tor project, which maintains the Tor browser (see here), has just released Tor Messenger. Like the Tor browser, the app anonymizes your IP address, which means that messages are difficult to trace (however, please note that, like with the Tor browser, exit nodes are not by default under your control; see here). Instant messages are encrypted using end-to-end encryption. Like Tor, the app is a little difficult for the first-time user, but eventually it should work to provide truly private text messages.²⁴

There are also commercial apps that provide end-to-end encryption. The only caveat is that their software is proprietary, and without independent review their security and integrity cannot be confirmed. Silent Phone offers end-to-end encryption text messaging. It does, however, log some data, but only to improve its services. The encryption keys are stored on the device. Having the keys on the device means that the government or law enforcement can’t compel Silent Circle, its manufacturer, to release the encryption keys for any of its subscribers.

I’ve discussed encrypting data in motion and data at rest as well as using end-to-end encryption, PFS, and OTR to do so. What about non-app-based services, such as Web mail? What about passwords?