Backdoors in encryption products

padlock-security-protection-hacking-540x334After the recent terrorist attacks the governments are again pushing for more surveillance and the old debate on the necessity of the backdoors in encryption software raises its ugly head again. Leaving the surveillance question aside, let’s see, what does it mean to introduce backdoors to programs and how they can be harmful, especially when we are talking security and encryption?

Generally, a backdoor is an additional interface to a program that is not documented, its existence is kept secret and used for purposes other than the main function of the program. Quite often, a backdoor is simply a testing interface that the developers use to run special commands and perform tasks that normal users would not need to. Such testing backdoors are also often left in the production code, sometimes completely unprotected, sometimes protected with a fixed password stored in the code of the program where it is easy to find, i.e. also unprotected. Testing backdoors may or may not be useful to an attacker depending on the kind of functionality they provide.

Sometimes the backdoors are introduced with an explicit task of gaining access to the program surreptitiously. These are often very powerful tools that allow full access to all functionality of the program and sometimes add other functions that are not even available at the regular user interface. When talking about security and encryption products, such backdoors could allow unauthorized access, impersonation of other users, man-in-the-middle attacks, collection of keys, passwords and other useful information among other things.

The idea of the proponents of introducing backdoors into security and encryption software is that we could introduce such backdoors to the encryption and other tools used by general public. Then, the access to those backdoors would only be available to the police, justice department, secret services, immigration control and drug enforcement agencies… did I miss any? Maybe a few more agencies would be on the list but they are all well behaved, properly computer security trained and completely legal users. And that access would allow them to spy on the people using the tools in case those people turn out to be terrorists or something. Then the backdoors would come in really handy to collect the evidence against the bad guys and perhaps even prevent an explosion or two.

2015-07-19-image-5The problem with this reasoning is that it assumes too much. The assumptions include:

  1. The existence and the access to the backdoors will not be known to the “bad guys”. As the practice shows, the general public and the criminal society contain highly skilled people who can find those backdoors and publish (or sell) them for others to use. Throughout the computer history every single backdoor was eventually found and publicized. Why would it be different this time?
  2. The “bad guys” will actually use the software containing the backdoors. That’s a big assumption, isn’t it? If those guys are clever enough to use encryption and other security software, why would they use something suspicious? They would go for tools that are well known to contain no such loopholes, wouldn’t they?
  3. The surveillance of everyone is acceptable as long as sometimes one of the people under surveillance is correctly determined to be a criminal. This whole preceding sentence is by itself the subject of many a fiction story and movie, “Minority Report” as an example comes to mind. The book “Tactical Crime Analysis: Research and Investigation” might be a good discussion of problems of predicting crime in repeat offenders, now try applying that to first-time offenders – you get literally random results. Couple that with the potential for abuse of collected surveillance data… I don’t really even want to think about it.

So we would en up, among other things, with systems that can be abused by the very “bad guys” that we are trying to catch while they use other, trustworthy, software and the surveillance results on the general population are wide open to abuse as well. I hope this is sufficiently clear now.

Whenever you think of “backdoors”, your knee-jerk reaction should be “remove them”. Even for testing, they are too dangerous. If you introduce them in the software on purpose… pity the fool.

Nokia is gone. So is mobile security.

The recent acquisition of Nokia by Microsoft stirred up investors and Nokia fans. But, the question goes, what does it have to do with security? (Not) Surprisingly, a lot.

Working in security makes people slightly paranoid over time, that is a fact. On the one hand, without being suspicious of everything and checking all strangeness you would not get far, so that makes you extra attentive to possible security issues. On the other hand, witnessing how everything around us turns from impenetrable walls into a Swiss cheese variety when poked makes you doubt every security statement on the planet. Looking at Microsoft buying Nokia, I cannot resist putting my security hat on.

So what does the acquisition of Nokia by Microsoft bring us on a large scale of things? You remember, of course, that some governments, and in particular USA, listen to all our conversations on the Internet and collect all possible information about us, right? Okay, for those who forgot, I will remind that Microsoft, Google and Apple are on the list of companies sharing information with NSA. Just keep in mind it is likely not limited to NSA and USA, other governments are not likely to refuse the temptation.

lock-nokia-transpNokia was not on the list. And I will hazard a guess that the Finnish company refused cooperation with NSA. That means people who have the good old Nokia phones are probably more safe from surveillance compared to people with those Microsoft, Google and Apple phones. We can probably assume that it was not exciting for NSA and the like to know that (5 years ago) half of the people with mobile phones will not be under surveillance. I can imagine they were rather disappointed. I would not be surprised if they lent a hand to Microsoft in the plan to acquire Nokia or even orchestrated the whole thing.

Now, Nokia is Microsoft. What does it mean? There is no phone any longer that is not under surveillance. Think of any mobile phone, it is going to be Microsoft, Google or Apple, committed to collaborating with NSA on surveillance. There is no alternative.

We still can use our good old mobile phones, of course (and I do). Telephone networks change though, new protocols come into play, old ones are phased out. In time, the good old phones will simply stop working. And this process can be accelerated if desired. There will be no choice.

I really wonder about Blackberry now …