AstonJ

AstonJ

Circumventing encrypted messages

This article got me thinking about encrypted chat:

Europol said that French police had discovered some of EncroChat’s servers were located in the country, and that it was possible to put a “technical device” in place to access the messages.

Wonder what this ‘technical device’ was/did - any ideas?

Most Liked

cmkarlsson

cmkarlsson

They put a “technical device” on some servers to be able to access the messages. Assuming it really was end-to-end encryption they must either have had access to the keys (through a cracked device?) so that they could decrypt the messages or the crypto implementation had some sort of weakness they could exploit such as being open to padding oracle or timing attacks or mitm attacks.

Unfortunately I doubt they will release any details about how they cracked it. It would be interesting to know for sure.

OvermindDL1

OvermindDL1

Never heard of EncroChat, so let’s see what google says…

Hmm, so it claimed E2E however it was never audited and they didn’t use one of the well known good E2E styles, in addition they sold phones without secure enclave chips nor was any of that audited as well, so yeah I don’t see how it is trustworthy for such communications.

There’s so many ways that such systems can be weakened so it’s not surprising.

OvermindDL1

OvermindDL1

That passed through my mind, lol.

Where Next?

Popular General Dev topics Top

Jase
Any opinions on the best platform for dev-friendly blogging?
New
New
Kurisu
You can go directly to the last paragraph of this post to read about my concern. I was trying Git submodules then found the above po...
New
AstonJ
I really like our #general-developer-forum:in-the-news section and am wondering whether we could automate some of the cross-posting of th...
New
finner
Hello devtalk ! Heroku are closing their free tier (dynos) later this month and I was wondering if you guys could recommend any alternat...
New
DevotionGeo
I have always used antique keyboards like Cherry MX 1800 or Cherry MX 8100 and almost always have modified the switches in some way, like...
New
jaeyson
Is Rust still good to learn? Last time (ages ago) I heard there was changes made by the foundation. If not, is Go suitable for api and w...
New
harwind
I’m working on a SQL query for a database containing records of customer transactions. Each transaction has a transaction_id, customer_id...
New
harwind
Given an array of integers, find the length of the longest increasing subsequence. A subsequence is a sequence that can be derived from a...
New
GTX
Hello everyone! I am not a developer, just wanna know if it’s possible for someone with no skills to learn how to reverse hack my hackers.
New

Other popular topics Top

AstonJ
A thread that every forum needs! Simply post a link to a track on YouTube (or SoundCloud or Vimeo amongst others!) on a separate line an...
New
PragmaticBookshelf
Design and develop sophisticated 2D games that are as much fun to make as they are to play. From particle effects and pathfinding to soci...
New
AstonJ
Inspired by this post from @Carter, which languages, frameworks or other tech or tools do you think is killing it right now? :upside_down...
New
PragmaticBookshelf
Build highly interactive applications without ever leaving Elixir, the way the experts do. Let LiveView take care of performance, scalabi...
New
New
foxtrottwist
A few weeks ago I started using Warp a terminal written in rust. Though in it’s current state of development there are a few caveats (tab...
New
AstonJ
If you want a quick and easy way to block any website on your Mac using Little Snitch simply… File > New Rule: And select Deny, O...
New
PragmaticBookshelf
Author Spotlight: Sophie DeBenedetto @SophieDeBenedetto The days of the traditional request-response web application are long gone, b...
New
New
PragmaticBookshelf
Develop, deploy, and debug BEAM applications using BEAMOps: a new paradigm that focuses on scalability, fault tolerance, and owning each ...
New