Feedback & Followups
- Another defeat for the NSO group: 🇺🇸 U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp — thehackernews.com/…
- 🇺🇸 Microsoft have finally followed through on their promise to the US government that government Office365 tenancies will get double the retention time on audit logs for free (90 days → 180 days) — www.bleepingcomputer.com/…
- 🇺🇸 The Federal Trade Commission are continuing to crack down on scammy tax apps in the run-up to tax season: FTC sues H&R Block over deceptive ‘free’ online filing ads — www.bleepingcomputer.com/…
- There was some dramatic action in the fight against Ransomware in the last two weeks, with authorities around the world cooperating in Operation Cronos to try the down LockBit, the biggest ransomware gang of 2023 by far:
- Police arrest LockBit ransomware members, release decryptor in global crackdown — www.bleepingcomputer.com/…
- 🇺🇸 US offers $15 million bounty for info on LockBit ransomware gang — www.bleepingcomputer.com/…
- LockBit ransomware secretly building next-gen encryptor before takedown — www.bleepingcomputer.com/…
- LockBit ransomware gang has over $110 million in unspent bitcoin — www.bleepingcomputer.com/…
- LockBit ransomware returns to attacks with new encryptors, servers — www.bleepingcomputer.com/…
- 🇪🇺 as the DMA’s go-live dates approach, there are more developments around Apple’s compliance plans:
- There was a brief kerfuffle around the rarely used Progressive Web Apps feature in the EU — TL;DR: Apple said they couldn’t make it both secure and cross-browser so they removed it, some developers and some EU politicians got cranky, Apple said they would not remove it after all, but would keep it webkit-only instead — arstechnica.com/…
- Spotify, Epic complain again that Apple won’t be in compliance with the DMA — appleinsider.com/… (in an open letter)
- Apple released a white paper detailing how their plans protect Apple users in the EU as much as they can, explaining why EU users will none-the-less be less secure than other users, and in the process, giving the most detailed information I’ve yet seen about exactly what Apple do as part of App Review (32 pages, but well worth a skim at least) — appleinsider.com/…
- The White Paper: Complying with the Digital Markets Act — developer.apple.com/… (PDF)
- The white paper includes quite a few emails to Tim Cook from concerned Europeans — appleinsider.com/…
-
This is really happening: Setapp announces beta of iOS app store for the EU — appleinsider.com/…
Deep Dive — Apple’s Post-Quantum iMessage Encryption
Apple have had end-to-end encryption by default for a long time now, and it’s based on the best in class public-key cryptography certified for use today by standards bodies like the US National Institute for Standards and Technology (NIST). Today, that cryptography is extremely robust, but, it’s based on math we know would become crackable should anyone invent a practical quantum computer. That’s very unlikely in the next 5 years, but quite plausible in the five or ten after that, so the cybersecurity world is busy preparing for that likely future now.
It takes a long time to develop robust new cryptographic algorithms, so this work has already been underway for years. We now have a selection of candidate quantum-resistant algorithms in the final stages of review by NIST, so tech companies are starting to roll out their initial implementations.
If you’re wondering why roll out changes now to address a problem that’s probably a decade out, it’s because of the so-called ’Harvest Now, Decrypt Later’ attack. Large well resourced organisations like governments can hoover up encrypted messages from important or interesting people now, save them in big data farms, and then crack them in five or ten years.
Apple is by no means the first to move on this, but they do seem to have leap-frogged the rest of the pack with their announcement of changes that are coming into effect pretty much immediately!
Apple have named their solution PQ3 which they refer to as ‘level 3’ post-quantum encryption. This is not a level on some kind of standard or generally accepted scale, but a term of Apple’s own invention. It’s their way of saying “We are first to offer this comprehensive solution”.
Level 0 is no encryption at all, at least not by default, and you might expect that category to be empty in 2024, but alas not, that’s where you find Skype, QQ, Telegram & WeChat. Level 1 is end-to-end encryption that’s not quantum-safe, so where Messages is before PQ3 rolls out in a few weeks. Other apps Apple class as level 1 include Line, Viber & WhatsApp. Level 2 apps use new quantum-safe crypto algorithms, but don’t add the extra layer Apple have in PQ3, Apple put Signal at level 2.
So, what does Apple do beyond where the open source world has gotten to? They have added periodic key rotation, so even if a key were to be leaked or stolen (more likely than one being cracked), the damage would be limited to just a few messages, while the leak of a Signal private key would expose the entire conversation that key secured.
Apple’s blog post announcing PQ3 goes into an impressive amount of detail and answers all the obvious questions like which of the NIST candidate algorithms it uses (Kyber with ML-KEM). The opening few sections in particular are well worth a read, and the more detailed later sections are well worth a skim. One thing that caught my eye was Apple’s clever solution to the obvious problem that these new algorithms have not yet been subjected to decades of concerted theoretical and practical attacks like our current algorithms have been (for the obvious reason that they’re new!). Apple are chaining the new algorithms with the current ones, so an attacker needs to break both the current and the new algorithms to break into messages. The blog post also describes the mathematical proofs of their algorithm conducted by leading academics in world-class universities and research institutes.
It was also nice to see Apple repeatedly give due credit to competitors for their innovations, including in the opening line of the conclusion:
“End-to-end encrypted messaging has seen a tremendous amount of innovation in recent years, including significant advances in post-quantum cryptography from Signal’s PQXDH protocol and in key transparency from WhatsApp’s Auditable Key Directory”
From a practical POV, Apple are following Signal’s lead and phasing in PQ3 support in parallel with continued support for the current algorithms — until PQ3 is fully bedded in and until all clients have upgraded, there will be a mix of the new and the old encryption schemes in use. Given the closed nature of their system, it looks like Apple will be first to commit fully to post-quantum algorithms, with a commitment to complete the transition ‘by the end of 2024’. It seems reasonable to expect an ‘upgrade of get cut off’ warning and a final end date for support of the current system this autumn.
PQ3 support will start with the release of iOS 17.4, iPadOS 17.4, macOS 14.4 & watchOS 10.4 any day now.
Links
- Apple’s blog post announcing the changes: iMessage with PQ3: The new state of the art in quantum-secure messaging at scale — security.apple.com/…
- Apple is hardening iMessage encryption now to protect it from a threat that doesn’t exist yet — appleinsider.com/…
- Apple Unveils PQ3 Protocol – Post-Quantum Encryption for iMessage — thehackernews.com/…
❗ Action Alerts
- Linux Desktop users and Android users (those who can anyway) need to update their OSes ASAP to get a fix for part of the WiFi stack (
wpa_supplicant) that has a bug that allows attackers to trick devices into connecting to rogue access points and leaking the passwords to known WiFi networks — thehackernews.com/… (or apply the cumbersome workaround of manually configuring the CA cert for all work/school WiFi networks they use)
Worthy Warnings
- European Android Users are being successfully targeted with the Anatsa banking trojan via the Google Play Store — www.bleepingcomputer.com/… (150K downloads!)
- related: A timely reminder that while the Apple App Store is safer than the Play Store, it’s not perfect, so you still need to be careful, especially with anything involving cryptocurrencies: Apple distributed fake crypto finance apps in App Store, leading to $100K losses — www.intego.com/…
- Another major security gaff by Wyze: Wyze camera glitch gave 13,000 users a peek into other homes — www.bleepingcomputer.com/…
- 20 million Cutout.Pro user records leaked on data breach forum — www.bleepingcomputer.com/… (users have not been notified, and contains passwords, they are salted and hashed, but at least some with the obsolete MD5 hashing algorithm)
- Critical vulnerabilities in two heavily used WordPress Plugins:
- Anycubic 3D printers hacked worldwide to expose security flaw — www.bleepingcomputer.com/…
Notable News
- Another new way sloppy IT practices in major companies facilitate spam: Hijacked subdomains of major brands used in massive spam campaign — www.bleepingcomputer.com/… (named SubdoMailing)
- Signal rolls out usernames that let you hide your phone number — www.bleepingcomputer.com/… (Beta users only ATM)
- Bitwarden’s new auto-fill option adds phishing resistance — www.bleepingcomputer.com/…
-
GitHub move to block a common source of data breaches: GitHub enables push protection by default to stop secrets leak — www.bleepingcomputer.com/… (Has existed as an opt-in feature for some time, and they have been fine-tuning their algorithm before this global rollout)
- Related: Developers need to bear in mind that they are being actively targeted by attackers these days:
- Malicious AI models on Hugging Face backdoor users’ machines — www.bleepingcomputer.com/…
- Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems — thehackernews.com/… (🇰🇵 North Korea state hackers)
- 🇺🇸 FTC to ban Avast from selling browsing data for advertising purposes — www.bleepingcomputer.com/… (Federal Trade Commission)
- 🇺🇸 New executive order bans mass sale of personal data to China, Russia — www.bleepingcomputer.com/…
Just Because it’s Cool 😎
- Not practical attacks, but very cool (or hot 😉) security research:
Palate Cleansers
- From Allison: (via Allister Jenks on Slack) Funny conversation on Mastodon using all abandoned Google names — wetdry.world/…
- From Bart:
- 🎧 The fascinating history of how we got to a calendar with leap days: History Daily: The Leap Year — overcast.fm/…
- 🎦 The full video of the BBC Horizon documentary consisting almost entirely of a conversation with Feynman repeatedly excerpted in the Podcast miniseries on Feynman I recommend recently: Feynman: The Pleasure of Finding Things Out (1981) — vimeo.com/…
Legend
When the textual description of a link is part of the link it is the title of the page being linked to, when the text describing a link is not part of the link it is a description written by Bart.
| Emoji | Meaning |
|---|---|
| 🎧 | A link to audio content, probably a podcast. |
| ❗ | A call to action. |
| flag | The story is particularly relevant to people living in a specific country, or, the organisation the story is about is affiliated with the government of a specific country. |
| 📊 | A link to graphical content, probably a chart, graph, or diagram. |
| 🧯 | A story that has been over-hyped in the media, or, “no need to light your hair on fire” 🙂 |
| 💵 | A link to an article behind a paywall. |
| 📌 | A pinned story, i.e. one to keep an eye on that’s likely to develop into something significant in the future. |
| 🎩 | A tip of the hat to thank a member of the community for bringing the story to our attention. |