The Retroscope At Play
Marcus Ranum June 17, 2018
https://freethoughtblogs.com/stderr/2018/06/17/the-retroscope-at-play/
By now, the establishment ought to be painfully aware that the FBI/NSA retro-scope is aimed at them, as well. Sometime in the next couple of years I expect a legislative backlash, especially if it keeps being used to take down friends of the high and mighty.
What’s interesting is that the FBI has stopped playing coy about how they are accessing the material, and what sort of material they are accessing:
In a letter to the presiding judge in the case against Michael Cohen, President Donald Trump’s long-time personal attorney, the US Attorney’s Office for the Southern District of New York revealed today that it had obtained additional evidence for review—including a trove of messages and call logs from WhatsApp and Signal on one of two BlackBerry phones belonging to Cohen. The messages and call logs together constitute 731 pages of potential evidence. The FBI also recovered 16 pages of documents that had been shredded, but it has not yet been able to complete the extraction of data from the second phone. [ars]
I did a google image search for “retroscope” and look at this beauty!
Remember, you’re supposed to believe that WhatsApp and Signal are “secure” and that the FBI has trouble accessing data off of them. For that matter, you’re supposed to believe that Blackberries are “secure” too. I’m sure that’s why Michael Cohen used one – certainly nobody would use a Blackberry because it’s a good phone. Blackberries were designed to implement a variation of the New York Reach-Around [stderr] – since their server communications were up to Canada, it was “international” and therefore NSA was spared the trouble of having to pretend FISA courts mattered. Blackberry’s whole “security” game fell apart when other countries – most notably India and Saudi Arabia – realized what was happening and started asking Blackberry to give them the keys to the crypto, too. [guard]
[Here’s a simple test for how you can decide if an app has encryption that doesn’t have backdoors for the local cops: if it’s allowed, it does. [phys] And you should assume that any messaging system where the messages are going through a cloud service (that’s all of them) the servers have mandated backdoors. Otherwise they would not be allowed to work. [fr] Apple fans do not rejoice: Apple is just cagier than Facebook about how they answer those questions.]
</snip>