Tag: encryption

Trump shooter Thomas Crooks had encrypted messaging accounts in Belgium, Germany, New Zealand

Trump rally gunman Thomas Matthew Crooks used encrypted messaging accounts on various platforms located in Belgium, New Zealand and Germany, according to a member of a congressional task force investigating his assassination attempt against former President Donald Trump.

Rep. Michael Waltz (R-Fla.), one of 13 lawmakers tapped to serve on the House bipartisan task force, told reporters at a Wednesday press conference at the Trump Hotel Chicago that the “overseas accounts” piqued his suspicion immediately regarding the shooter’s motives.”

“Why does a 19-year-old kid who is a health care aid need encrypted platforms not even based in the United States, but based abroad – where most terrorist organizations know it is harder for our law enforcement to get into?” asked Waltz.

“That’s a question I’ve had since day one,” the Republican panel member said, before pivoting to bash the US Secret Service and FBI for declining to release the full findings of their investigation into the July 13 shooting at a Trump rally.

“They need to be releasing information as they come across it, because this wasn’t an isolated incident. The threats are continual,” Waltz claimed, citing the alleged “sophisticated plot” by an Pakistani national who paid off purported hitmen to assassinate Trump and other US officials.

Keep reading

FBI Director Wray Uses Trump Assassination Attempt To Criticize Private Messaging

FBI Director Christopher Wray has used a congressional hearing organized after the assassination attempt on Donald Trump to launch another attack against encryption and use that as justification for the state of the investigation.

Appearing before the House Judiciary Committee this week, Wray was supposed to speak about the FBI’s investigation into this extremely serious incident, as well as about what the committee said is “the ongoing politicization” of the agency under his and Attorney-General Merrick Garland’s direction.

But Wray turned it into blaming encrypted apps and services for the pace of the investigation. Quite extraordinarily for a person who is supposed to be highly knowledgeable about security, the FBI chief came across as oblivious to how essential encryption is for people’s online security – from their bank transactions to their communications.

Instead, he complained that it is difficult to break into accounts on encrypted platforms, that is, to break encryption – a situation that the FBI head said has “unfortunately become very commonplace.”

He went on to claim that law enforcement at all levels, federal, state, and local finds it “a real challenge.”

Reports say that the FBI had “early success” in breaking into the phone of the shooter, Thomas Matthew Crooks, using tools provided by Cellebrite. This is an Israeli company that oddly advertises its wares as “accelerating justice.”

Wray did not reveal which platforms host the accounts belonging to Crooks that the FBI says it has trouble accessing but noted that “legal process returns” are awaited to accomplish that goal.

Keep reading

EU Agencies Propose Encryption Backdoors and Cryptocurrency Surveillance

The EU is attacking encryption again, this time in a report put together by several agencies, including EU law enforcement Europol, and the European Council’s Counter-Terrorism Coordinator.

This EU’s site says that this “first report on encryption” – by what the bloc calls its Innovation Hub for Internal Security, is looking for ways to “uphold citizens’ privacy while enabling criminal investigation and prosecution.”

“The main challenge is to design solutions that would allow at the same time a lawful and targeted access to communications and that guarantees that a high level of cybersecurity, data protection and privacy,” says the report.

The objective answer to the supposed conundrum of how to achieve both goals is always the same: you can’t.

Yet the EU, various governments, and international organizations continue to push to undermine online encryption and keep framing their initiatives the same way – as both their supposed care for privacy (and importantly, security), and making law enforcement’s job much easier (saying that the goal is to “enable” that, suggests there’s no other way to investigate, which is not true.)

And, how on Earth the EU intends to “safeguard fundamental rights” (of citizens) while at the same time proposing what it does in this document, is anybody’s guess. But EU bureaucrats are “safe” from being asked these questions – at least not by legacy, corporate media.

The report’s proposals include a number of ways to break encryption, mention encryption backdoors (the sneaky euphemism is, “lawful access” to communications and data), as well as password cracking and cryptocurrency and other forms of surveillance.

The not-so-subtle abuse of language and tone continues while discrediting encryption, as services like Meta’s Messenger, Apple Private Relay, and Rich Communication Systems (RCS) protocol are dubbed, “warrant-proof encryption technologies.”

Keep reading

JUST IN: Trump Would-Be Assassin Thomas Matthew Crooks Had Two Cell Phones and 3 Encrypted Accounts Overseas

Trump’s would-be assassin Thomas Matthew Crooks had two cell phones and used three encrypted accounts overseas to communicate.

The FBI found Crooks’ second cell phone at his home with only 27 contacts, The Daily Mail reported.

Congressman Mike Waltz told Fox News host Jesse Watters that according to an FBI briefing, Crooks had multiple encrypted accounts and said more will come out Monday.

Rep. Waltz said the Trump shooter had the overseas accounts at the same time we heard about the Iranian assassination plot against Trump.

Jesse Watters asked if the two are connected (they aren’t).

The Intel agencies leaked an Iranian assassination plot story to CNN to throw chaos in the camp and distract from Saturday’s Secret Service failures.

Keep reading

Europol Seeks to Break Mobile Roaming Encryption

EU’s law enforcement agency Europol is another major entity that is setting its sights on breaking encryption.

This time, it’s about home routing and mobile encryption, and the justification is a well-known one: encryption supposedly stands in the way of the ability of law enforcement to investigate.

The overall rationale is that police and other agencies face serious challenges in doing their job (an argument repeatedly proven as false) and that destroying the internet’s currently best available security feature for all users – encryption – is the way to solve the problem.

Europol’s recent paper treats home routing not as a useful security feature, but, as “a serious challenge for lawful interception.” Home routing works by encrypting data from a phone through the home network while roaming.

We obtained a copy of the paper for you here.

Keep reading

Ottawa’s Hidden Agenda: Bill C-26 Aims for Secret Surveillance Backdoors

Canada’s Bill C-26, currently making its way through the country’s parliament, includes “secretive” provisions that can be used to break encryption, researchers are warning.

As far as its sponsors are concerned, Bill C-26 is cyber security legislation intended to amend the Telecommunications Act and other related acts.

But the way the Telecommunications Act will be amended is by allowing the government to force companies operating in that industry to include backdoors in networks protected by encryption, a pair of University of Toronto’s Citizen Lab researchers suggest.

In case the government decides its surveillance needs require altering “the 5G encryption standards that protect mobile communications” – then this can also be done, should C-26 become law.

This raises several important questions, such as whether the bill’s purpose might be precisely to undermine encryption, considering that the government decided not to include amendments in the text that would prevent this.

Another worrying aspect is that given the already lacking level of security in the telecommunications space, the government would be expected to try to fix the existing problems, rather than create new ones, the researchers note.

The amendment that could have rectified this situation was proposed last year by the Citizen Lab, while civil society and industry leaders and experts also participated in parliamentary hearings concerning C-26 to recommend restricting what are said to be the draft’s broad powers to prevent “technical changes from being used to compromise the ‘confidentiality, integrity, or availability’ of telecommunication services.”

However, these warnings fell on deaf ears, with the bill now progressing through parliament without the recommended changes, and despite MPs stating that facilitating and broadening mass surveillance in Canada was not the motive behind C-26.

Keep reading

New Spectre-Style ‘Pathfinder’ Attack Targets Intel CPU, Leak Encryption Keys and Data

Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard (AES) algorithm.

The techniques have been collectively dubbed Pathfinder by a group of academics from the University of California San Diego, Purdue University, UNC Chapel Hill, Georgia Institute of Technology, and Google.

“Pathfinder allows attackers to read and manipulate key components of the branch predictor, enabling two main types of attacks: reconstructing program control flow history and launching high-resolution Spectre attacks,” Hosein Yavarzadeh, the lead author of the paper, said in a statement shared with The Hacker News.

“This includes extracting secret images from libraries like libjpeg and recovering encryption keys from AES through intermediate value extraction.”

Spectre is the name given to a class of side-channel attacks that exploit branch prediction and speculative execution on modern CPUs to read privileged data in the memory in a manner that sidesteps isolation protections between applications.

The latest attack approach targets a feature in the branch predictor called the Path History Register (PHR) – which keeps a record of the last taken branches — to induce branch mispredictions and cause a victim program to execute unintended code paths, thereby inadvertently exposing its confidential data.

Specifically, it introduces new primitives that make it possible to manipulate PHR as well as the prediction history tables (PHTs) within the conditional branch predictor (CBR) to leak historical execution data and ultimately trigger a Spectre-style exploit.

Keep reading

Privacy Under Siege: Europol and the UK Crime Agency Target Encryption, Call For Backdoors

What is best known as the “politicization of institutions” in authoritarian societies is these days making a creeping but steady progress in some countries/blocs one would not have suspected of such things until relatively recently.

Here we have Europol (EU’s law enforcement agency) and the supposedly “divested” from the EU shenanigans via Brexit UK – but is it really? – and that country’s National Crime Agency (NCA), teaming up to attack Meta for dozens and dozens of reasonable reasons, but for the one thing the company is apparently trying to do right.

Read the joint declaration here.

And that’s implementing in its products end-to-end encryption (E2EE), the very, necessary, irreplaceable software backbone of a safe and secure internet for everybody. Yet that is what many governments, and here we see the EU via Europol, and the UK, keep attempting to damage.

But mass surveillance is a hard sell, so the established pitch is to link the global and overall internet problem, to that of the safety of children online, and justify it that way.

The Europol executive director, Catherine De Bolle, compared E2EE to “sending your child into a room full of strangers and locking the door.”

And yet, the technological truth and reality of the situation is that undermining E2EE is akin to giving the key to your front door and access to everybody in it, children included, to somebody you “trust” (say, governments and organizations who like you to take their trustworthiness for granted).

Keep reading

Unpatchable vulnerability in Apple chip leaks secret encryption keys

A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday.

The flaw—a side channel allowing end-to-end key extractions when Apple chips run implementations of widely used cryptographic protocols—can’t be patched directly because it stems from the microarchitectural design of the silicon itself. Instead, it can only be mitigated by building defenses into third-party cryptographic software that could drastically degrade M-series performance when executing cryptographic operations, particularly on the earlier M1 and M2 generations. The vulnerability can be exploited when the targeted cryptographic operation and the malicious application with normal user system privileges run on the same CPU cluster.

Beware of hardware optimizations

The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s actually needed, the DMP, as the feature is abbreviated, reduces latency between the main memory and the CPU, a common bottleneck in modern computing. DMPs are a relatively new phenomenon found only in M-series chips and Intel’s 13th-generation Raptor Lake microarchitecture, although older forms of prefetchers have been common for years.

Security experts have long known that classical prefetchers open a side channel that malicious processes can probe to obtain secret key material from cryptographic operations. This vulnerability is the result of the prefetchers making predictions based on previous access patterns, which can create changes in state that attackers can exploit to leak information. In response, cryptographic engineers have devised constant-time programming, an approach that ensures that all operations take the same amount of time to complete, regardless of their operands. It does this by keeping code free of secret-dependent memory accesses or structures.

The breakthrough of the new research is that it exposes a previously overlooked behavior of DMPs in Apple silicon: Sometimes they confuse memory content, such as key material, with the pointer value that is used to load other data. As a result, the DMP often reads the data and attempts to treat it as an address to perform memory access. This “dereferencing” of “pointers”—meaning the reading of data and leaking it through a side channel—is a flagrant violation of the constant-time paradigm.

Keep reading

Hackers can read private AI assistant chats even though they’re encrypted

AI assistants have been widely available for a little more than a year, and they already have access to our most private thoughts and business secrets. People ask them about becoming pregnant or terminating or preventing pregnancy, consult them when considering a divorce, seek information about drug addiction, or ask for edits in emails containing proprietary trade secrets. The providers of these AI-powered chat services are keenly aware of the sensitivity of these discussions and take active steps—mainly in the form of encrypting them—to prevent potential snoops from reading other people’s interactions.

But now, researchers have devised an attack that deciphers AI assistant responses with surprising accuracy. The technique exploits a side channel present in all of the major AI assistants, with the exception of Google Gemini. It then refines the fairly raw results through large language models specially trained for the task. The result: Someone with a passive adversary-in-the-middle position—meaning an adversary who can monitor the data packets passing between an AI assistant and the user—can infer the specific topic of 55 percent of all captured responses, usually with high word accuracy. The attack can deduce responses with perfect word accuracy 29 percent of the time.

Keep reading