查看: 26|回复: 0
打印 上一主题 下一主题

Slack, WhatsApp, Snapchat And Ghost Protocol All Security Risks, Says Wickr CTO








Jade Star LV4

sign star1sign star2sign star3post star1post star2sign star4

发表于 2019-06-04 13:48:55 来自手机 | 只看该作者 |只看大图 回帖奖励 |倒序浏览 |阅读模式
[br] [br][br][br]“I believe the future of communication, “Facebook CEO Mark Zuckerberg wrote in March, “will shift to private, encrypted services where people can be confident what they say to each other stays secure and messages and content won’t stick around forever.”[br][br][br]Such encrypted messaging was headline news last week, with an open response from a coalition of technology companies, privacy experts and human rights groups to a discussion document from U.K. spy agency GCHQ that suggested the idea of a ghost protocol to enable “an extra end” in end-to-end encrypted messaging, allowing governments (when required) to listen in.[br][br]The response from the likes of Apple, Microsoft, Google and WhatsApp has been blunt: “It would undermine the authentication process… introduce potential unintentional vulnerabilities, increase risks that communications systems could be abused or misused… It will not matter that conversations are protected by encryption. Communications will not be secure.”[br][br][br]Chris Howell has played both sides of the fence. A decade in cybercrime with New Jersey’s Division of Criminal Justice, followed by cyber stints in the private sector. And from there he co-founded Wickr, where he is now CTO. “We strive to build the most trusted communication platform in the world,” the company says of itself. And some of the most secure enterprises in the world – including government agencies – agree, entrusting Wickr to keep secret the most secret of messages.[br][br]“Our view on messaging apps,” Chris tells me, “is that in order to be secure, it needs to be secure from us as well.” It’s Wickr’s fundamental philosophy, he explains. “We don’t ask for a lot from users, we treat all their information as toxic. If we need to keep it, it can be stolen from us.” With true end-to-end encryption, “with no holes or backdoors,” there is nothing for an attacker to leverage. “There’s no point hacking our server or infrastructure if a message can’t be decrypted anywhere but your phone.”[br][br][br]Also making headlines last week was the fallout from allegations (denied by parent Snap) that Snapchat employees had abused internal tools, including one designed to comply with law enforcement requests, to access user data. Chris cites this as his perfect illustration as to why data cannot be kept securely, despite the best efforts of an organization.[br][br]“We may physically have the message, to route it from User A to User B,” he says, “but we have no means of opening it when it’s in our control.” None of which is new or complicated. WhatsApp, in particular, has widened access to end-to-end encryption. “We don’t have the keys to view it,” Chris says of Wickr. “But for messaging apps like Slack and Snapchat, that’s their Achilles heel. Once it hits their back end service they’re able to see it.”[br][br]This clearly mixes a number of technology platforms, targeting different user groups and applications. Slack and Snapchat could not have more different user bases. A data breach exposure on Slack carries more corporate than personal risk. The exact opposite of Snapchat, Facebook, Instagram, WhatsApp.[br][br]“WhatsApp doesn’t have the fundamental flaw that it’s not encrypted,” Chris acknowledges, and if Facebook is taken at face value, then its security approach could extend across to Facebook Messenger and Instagram as well. “Its flaw for a business is that those applications are where Wickr was five years ago. A shadow IT application, not controllable by the organization itself which needs encryption but also compliance tools. This led us to our enterprise platform.”[br][br][br]And this is where Wickr differs from Signal. The two applications are often grouped together, used to highlight “what good looks like” when it comes to secure messaging. Where Signal primarily targets consumers, Wickr is now chasing down the enterprise market. Here, it’s not enough to simply encrypt messages. There need to be facilities for archiving, regulatory compliance, user enrolment and permissions.[br][br]“With enterprise platforms like Slack,” Chris says, “there could be encryption involved somewhere in those protocols, but the fundamental mistake from a privacy and security perspective is [organizations] assuming the service itself can be trusted. Once a message gets onto the server, it’s wide open for anybody to see. When it comes to messaging, it is absolutely not necessary for the messaging service itself to see the content. And so you should not assume the service itself can be trusted.”[br][br]It’s not that simple, of course. Corporate data is held securely by Slack, encrypted at all times. The point Chris is making is that the data exists, it is physically held. And the challenge with a storage platform versus a straight messaging platform is that it provides a data repository, it cannot be just a transport mechanism. If the information is there, it can (in theory) be accessed. Chris uses “the Equifax breach with millions of records” as his example of exactly that.[br][br]The discussion returns to messaging. To WhatsApp’s plans for monetization. To that ghost protocol idea.[br][br]WhatsApp doesn’t get a privacy pass from Chris. “There are going to be ads apparently in WhatsApp,” he says. “Businesses don’t want their employees using a product for day-to-day business use and sorting through ads. That’s not the same kind of experience were shooting for with a business-ready application.”[br][br][br]I ask his views on the likely metadata algorithms that will monetize WhatsApp without accessing messages. ”There are shades of grey,” he says. “It’s the same story we get with voice assistants. It seems they’re not going too far, but every couple of months we get a revelation that a line has been crossed, that they’re collecting too much. It comes down to trust.”[br][br]We talk more about the security implications in metadata monitoring, in advertising based on who I message, when, how often. What’s known about the sender and receiver, even without breaking into the message container itself.[br][br]“It’s one more process you have to trust,” Chris tells me. “[WhatsApp] says their algorithms are sound and won’t put any of the actual communications in jeopardy, but I look at is as ‘we’ll see’. With a secure messenger app, you need to be very careful doing that kind of thing, processing data in any way, even if it’s not the actual content, just metadata on the content. That leaks some information about the content of the message.”[br][br]What’s the risk, I ask. “It may seem harmless,” he tells me, “but once you go down that road you need to be very careful as to how that functionality is leveraged, that decisions are not made for monetization, but in the users’ best interests, and you do not have them losing content or metadata about their content.”[br][br][br]And so we’re back to encryption, to trust, to taking no risks.[br][br]The ghost protocol undermines everything. “I think it’s a terrible thing to try to do technologically,” he tells me. “What’s hard to do right now is keep the bad guys out, and this just gives them a leverage point to get into those communications. The protocol is a good write up technically. But it would be abused, leveraged for bad guys to do bad things. The overwhelming consensus from technologists is that it can’t happen. It would not be a net zero risk. It would risk communications being breached.”[br][br]A back door is a back door, and Chris is adamant that where the force of government is asking people to accept “additional communication risks for the greater good,” the answer must be no. “With an additional key, a master key, the only thing that’s protecting the product is the knowledge of that key, whoever has it and their ability to keep it a secret. So who do we trust with that key? You’re making it very difficult for the platform to protect against an attacker doing that, the system isn’t designed to not accept keys the user didn’t ask for. The dominoes will start to fall.”[br][br]The discussion has covered a lot of ground, jumping from enterprise applications to consumer messaging apps to government spyware. I get the messaging message, so to speak. The need to encrypt the pipe and prevent the platform from opening the message container, even if it wants to. For WhatsApp and the rest of the Facebook family, the issue will come when the company complicates its platforms to add commercial exploitation. Can that be done without introducing risk? Chris is skeptical. And on the enterprise front, where the platform does more than messaging, where it stores and retrieves, there are different issues to deal with. That data clearly sits somewhere.[br][br]That Chris Howell, Wickr co-founder and CTO, has some disparaging views on other messaging apps will come as no surprise. The other apps compete, and in the main have not been built ground up from a security perspective. It’s because Wickr has been, that his views carry weight. He occupies an extreme end of the spectrum, but as security becomes more of a mainstream issue, we’re all heading in his direction.[br]
what you see now is just a preview

使用道具 举报

B Color Link Quote Code Smilies |上传


Infinix Official Website|Infinix official mall|infinix Note 4|XCLUB-COOL STUFF AROUND YOU

GMT+8, 2025-03-03 14:33 , Processed in 0.037349 second(s), 23 queries .

Powered by Discuz! X3.4

© 2001-2017 Comsenz Inc.

快速回复 返回顶部 返回列表