AstonJ
Circumventing encrypted messages
This article got me thinking about encrypted chat:
Europol said that French police had discovered some of EncroChat’s servers were located in the country, and that it was possible to put a “technical device” in place to access the messages.
Wonder what this ‘technical device’ was/did - any ideas?
Most Liked
cmkarlsson
They put a “technical device” on some servers to be able to access the messages. Assuming it really was end-to-end encryption they must either have had access to the keys (through a cracked device?) so that they could decrypt the messages or the crypto implementation had some sort of weakness they could exploit such as being open to padding oracle or timing attacks or mitm attacks.
Unfortunately I doubt they will release any details about how they cracked it. It would be interesting to know for sure.
OvermindDL1
Never heard of EncroChat, so let’s see what google says…
Hmm, so it claimed E2E however it was never audited and they didn’t use one of the well known good E2E styles, in addition they sold phones without secure enclave chips nor was any of that audited as well, so yeah I don’t see how it is trustworthy for such communications.
There’s so many ways that such systems can be weakened so it’s not surprising.
OvermindDL1
That passed through my mind, lol.
Popular General Dev topics
Other popular topics
Sponsor Spotlight
Develop your skills with books, videos, and courses.
Categories:
Sub Categories:
- All
- In The News (10084)
- Dev Chat (200)
- Questions
- Resources (118)
- Blogs/Talks (26)
- Jobs (3)
- Events (15)
- Code Editors (58)
- Hardware (57)
- Reviews (4)
- Sales (15)
- Design & UX (4)
- Marketing & SEO (1)
- Industry & Culture (14)
- Ethics & Privacy (19)
- Business (4)
- Learning Methods (4)
- Content Creators (7)
- DevOps & Hosting (9)
Popular Portals
- /elixir
- /rust
- /ruby
- /wasm
- /erlang
- /phoenix
- /keyboards
- /rails
- /js
- /python
- /security
- /go
- /swift
- /vim
- /clojure
- /emacs
- /java
- /haskell
- /onivim
- /svelte
- /typescript
- /crystal
- /c-plus-plus
- /kotlin
- /tailwind
- /gleam
- /react
- /ocaml
- /flutter
- /elm
- /vscode
- /ash
- /opensuse
- /centos
- /php
- /deepseek
- /html
- /zig
- /scala
- /sublime-text
- /textmate
- /debian
- /nixos
- /lisp
- /agda
- /react-native
- /kubuntu
- /arch-linux
- /ubuntu
- /revery
- /spring
- /manjaro
- /django
- /diversity
- /nodejs
- /lua
- /slackware
- /julia
- /c
- /markdown
Devtalk Sponsors
Practical resources that improve the lives of professional developers.
We build trusted fault-tolerant systems that scale to billions of users.
Real-time error tracking, performance insights, and observability for devs.
Develop your skills with books, videos, and courses.
Catch errors, track performance, monitor hosts and more.
Enabling companies to succeed by building software people love.
Courses that'll move you from confusion to "Aha, now I get it!"