Must be an implementation problem, wasn't crypto supposedly still secure as per Mr. Snowden?
Or they got to the private keys.
Claims by the Netherlands Forensic Institute (NFI) that it has successfully decrypted emails stored on BlackBerry smartphones have caused bafflement at the Canadian firm. Documents seen by Dutch blog Crime News show the NFI claiming to have decrypted 275 out of 325 emails encrypted with PGP from a handset in their possession. …
It might have something to do with using keys that are too short. There have been notifications that the older 32 bit key ids are no longer secure and that users should be using longer ones.
There are also reports around that something like 95% of Blackberry users use short passwords which can be brute-forced in practical periods of time.
Both of the above are related to the fact that passwords or keys that might have provided reasonable security 10 or 15 years ago are no longer adequate because of the availability of cheap computing power.
Of course a third possibility is that they are simply going around the encryption in a poorly implemented third party app. If the app is keeping plain text draft, display, cached copies, or fragments of text from deleted memory, then the Dutch don't need to actually crack the encryption in order to get at least some of the messages.
There are also reports that people have been removing (de-soldering) memory chips from the Blackberry PC boards, or using the JTAG port to get a copy of the password hash, and then brute forcing it.
The thing which suggests that it is something to do with one of the above, or something similar, is that the Dutch were able to crack some messages but not others.
Cellebrite says their UFED analyser will: "Recover a greater amount of deleted data from unallocated space in the device's flash memory ... Rich set of data: Apps data, passwords, emails, call history, SMS, contacts, calendar, media files, location information etc. ... Decoding of JTAG physical extractions of a rich set of data from Windows Phone 8, BlackBerry 10, Android devices and more ... Recover deleted image files and fragments when only remnants are available"
If you download and read their supported devices list, they "support" a long list of Blackberry phones (and pretty much everyone else as well). I suspect the Dutch used a Cellebrite analyser to get actual data, and then applied some techniques of their own to brute force weak passwords including passwords which were re-used for multiple purposes. If the owner used the same passwords over and over again for different purposes (as many people tend to do), the Dutch only needed to find one app that had a weak point in order to get access to the rest.
"Damages. If I wrote software and you started selling hacks for that software, that would damage my business."
As of yet, one company making a product that causes another company to lose sales is of itself not a crime. Otherwise typewrite companies could sue the living shit out of Silicon Valley.
"So given all of the above and IF the Dutch police or the company supplying them have actually managed to pull this off, here is an interesting question: Could Blackberry sue?"
Not bloody likely. The NFI is Mandated, strictly controlled, and closely tied to our national intelligence service. Good luck on sueing a nation that's followed its own Due Process.
Snowden was a long time ago now, the world changes. He may not have had access to everything and he only worked one place. He may also have been a plant, give us stuff that was going to leak eventually to hide the bigger secrets.
All very unlikely, but an argument that runs "Snowden said it was safe" is not particularly reliable.
Before I read the article, just from the headline, I *knew* I would find a line like:
It well may be that the handset in question was crackable not because of a Blackberry flaw but an incorrect implementation of PGP itself
The best encryption technology in the universe may be compromised by lack of understanding.
I notice is was "encrypted emails" that were cracked. Bear in mind, in it's native form, an "email" will have the underlying RFC-822 layout. So if you know what that looks like, and you have 200+ of the buggers all encrypted with the same key(s) you have a head start.
I am not an expert on this, but I was under the impression that PGP only encrypted the message body, and maybe the subject - for exactly the risk you highlight. Also, if you encrypted the whole bloody thing then you couldn't deliver the message. So if you get 200 emails you get a load of plaintext headers, and some blobs of data. 200 is not a lot if you're looking to crack the key by brute force.
Usually it's business + government vs. us the customers / people. This and the Microsoft Dublin case and recent submissions from big business to US and UK governments explaining exactly why mandatory backdoors are stupid... It's kind of nice to see. A company wants money. It doesn't care about right or wrong for the most part - just selling product. It's a testament to how wrong much government policy / action has been that opposing it has become a selling point for corporations.
I actually have a fair bit of respect for Blackberry. They've turned down some very lucrative opportunities for the sake of serving their core market. It's a smart company that is able to compare mutually exclusive options and recognize that they are. Most big companies greed gets the better of strategy and they end up sacrificing existing customer trust for the sake of some other market they think they can bag.
If someone was able to crack well-implemented PGP, there is no possible way that they would let this capability become publicly known. It would destroy most of the use of the crack.
An extreme example, Churchill allowed some convoys to sail where he knew there were enemy submarines, because the losses would be far greater if the enemy realised he could read their communications.
Indeed. Spreading this 'news' might the effect of making the criminals or whoever wary of using their existing communication techniques, if only for a short while. There might then be knock-on effects that the police can take advantage of, such as more face-to-face meetings between criminals.
The reason the messages were able to be de-crypted was due to extremely negligent PGP hosting policies. They were storing all the private encryption keys on their servers along with a record of all the messages. These are two EXTREMELY bad things to do when hosting PGP Encryption.
This wasn’t a case of anything being hacked, this would be equivalent to saying your PC got hacked when you left a Post-It note on your monitor with your password on it.
Reputable PGP Service providers do not store their users messages, or more importantly their private keys on their servers.
This was a case of neglect, not a case of anyone being hacked.