Something different…Apps to protect privacy

March 17, 2014 |

Apps as a bread tend to be sinkholes of data leakage and privacy breaches.  App developers are often not caught by the operations of the Privacy Act and they tend to focus on data collection as a priority over the establishing systems to store and protect the data being collected.  In itnews The 10 apps you need to keep prying eyes away from your mobile messages and data the article focuses on those apps which provide privacy protections.  A very interesting and practical guide.

The article, in slide format, provides:

Wickr is often compared to Snapchat, but has made security and privacy its key feature.

Wickr, which just landed $9m in funding, claims to uses military grade encryption, perfect forward secrecy and, for self-destructing messages, forensic shredding.

Unlike many social apps, Wickr claims in its privacy policy that it doesn’t collect any user location data; and besides lawful government requests, the only data it shares with a third party is the user’s phone number with the company which sends confirmation SMS for Wickr’s ID Connect, the feature that allows users to be found by their friends.

One of the challenges around privacy for social apps is that ‘find friends’ features can often undermine it. It’s usually done by sucking up a device’s contact list to the company’s servers where it can be cross-referenced against other users on the service. How it’s sent and stored can impact user privacy.

According to Wickr: “if you use Find Friends, the Wickr App will send a disguised representation of your contacts phone number and email address to our servers, at which point our server will check that representation against our database to see whether that contact has an associated Wickr ID.”

Wickr is available free for iOS and Android. The company plans on monetising the app by charging its top three percent of users for premium features.

Text Secure by Open Whisper Systems (OWS) is the messaging sibling of OWS’ encrypted voice app RedPhone, and offers encrypted SMS, MMS and instant messaging.

Until recently, Text Secure was purely for encrypted SMS and MMS, but OWC recently introduced new features that bring it up to par with IM apps that communicate over data networks. Users can create private chat groups with the same end to end encryption previously offered with TextSecure SMS chats.

OWS compares it to an encrypted version of Apple’s iMessage. TextSecure is a normal SMS/MMS app when communicating with non-TextSecure users, but sends messages encrypted over a data network when both are TextSecure users.

The app is not available for Windows but it’s coming soon to iOS. OWS’ chief engineer Moxie Marlinspike recent worked with the CyanogenMod team to bring it to the popular custom ROM, which means that Android and soon iOS users can connect securely with friends running it.

As a social app, Text Secure faces the usual privacy challenges in building a social network through find friend features.

“The simplest way to calculate the intersection of registered users and device contacts is to upload all the contacts in the address book to the service, index them, reverse index them, send the client the intersection, and subsequently notify the client when any of those contacts later register,” Marlinspike noted in a recent post on the find friend conundrum.

‘Encrypted bloom filters’ could allow that process to happen privately on the end-user’s device, but the file would be impractically large for TextSecure’s user base of 10 million, according to Marlinspike.

Meanwhile, the finite possible mobile numbers meant hashes of them could be easily guessed.

“For RedPhone, our user base is still manageable enough (for now) to use the bloom filter technique. For TextSecure, however, we’ve grown beyond the size where that remains practical, so the only thing we can do is write the server such that it doesn’t store the transmitted contact information, inform the user, and give them the choice of opting out,” Marlinspike noted.

BoxCryptor, a German company, has Android and iOS apps that help the user encrypt files on the fly before uploading to a cloud. The app supports sending encrypted files to Dropbox, Google Drive, Microsoft OneDrive Box, and others using WebDAV.

The free app offers encryption and support for one provider. The paid and enterprise versions support multiple providers.

BoxCryptor plans to release encryption its app for Windows Phone, Windows RT, and Blackberry 10 by the end of this quarter.

On the spectrum of privacy apps, Telegram sits somewhere between TextSecure and Snapchat and apparently has benefited big-time from Facebook’s acquisition of WhatsApp.

Telegram has the usual self-destruct option for messages, and has promised no ads, no subscription fees, and no outside investment — except for a generous donation that helped kick it off.

The cloud service hopes its combination of ‘normal’ chats and ‘secret’ chats bridge the knowledge gap among most users about security.

Telegram claimed to have gained five million new users on the day Facebook announced its WhatsApp acquisition.

The company’s privacy policy states that ordinary chats are stored encrypted on Telegram’s servers and claims neither physical intruders or local engineers can get access to the data.

Secret chats use end-to-end encryption and are not stored on Telegram’s servers and can only be accessed from the devices they were sent to or from.

Telegram was bankrolled by VKontact founders and brothers Pavel and Nikolao Duroy, however it says it’s a Berlin headquartered company with no connections to Russia.

Nikolao developed a custom, open protocol called the MTProto Mobile Protocol and Pavel in December offered $200,000 in Bitcoin to any hacker who could break it. The competition closed on March 1 without a winner and it’s planning on launching a new competition soon.

Telegram for iPhone was launched on August 14 last year. The alpha version of Telegram for Android was launched on October 20 that year.

Silent Phone is the next product of PGP creator Phil Zimmerman. The app allows encrypted peer-to-peer calls on 3G, 4G and wi-fi networks using the ZRTP — Zimmerman’s key exchange program for VoIP — and TLS to encrypt data packets.

According to Silent Circle, only Silent Phone users exchange keys for each peer-to-peer call. The keys are not held on a server, meaning that governments can’t request the service provider to hand over the keys.

The Silent Text IM app allows encrypted messaging between devices with the app installed. Silent Text uses Silent Circle’s own IM protocol with encryption keys staying on the device and not on the company’s servers.

“Each message receives a new key that is only used once and then destroyed. Only you and the person that you are texting can decrypt and read the information. The Secure Authentication String or SAS is unique to each text and used only once. As a result, the threat of retroactive compromise is eliminated,” according to Silent Circle.

Silent Text’s version of a self-destructing message is a Burn Notice. Users can set the message to delete from both the sending and the receiving device between one minute and 23 hours 59 minutes.

The Silent Circle mobile bundle, which includes Text and Phone, is available for $99.95 a year.

CryptoCat has faced its fair share of criticism over security flaws — but, according to cryptography experts, its code is maturing.

CryptoCat’s desktop encrypted IM service is implemented in the browser and was designed to make using encryption easier.

After an initial rejection, last week CryptoCat’s founder Nadim Kobeissi succeeded in getting Apple’s approval to distribute its new iOS app on the App Store.

Kobeissi explains: “Users enter a conversation using a one-time nickname. There are no buddy lists or account activity or account history to link back to the user. This way, CryptoCat offers a unique ephemerality that makes setting up encrypted conversations immediate and without any lasting history that can be traced back to users.

“CryptoCat for iPhone uses the [Off-the-record] OTR protocol for private conversations, and our solidly maturing multi-party protocol for group conversations. With our current research into mpOTR, we hope to soon offer an upgraded global standard that brings CryptoCat’s encryption system to other platforms as well.”

According to encryption experts, OTR is a well-studied protocol for one-to-one communications, but question marks still hang over the multi-party variant. An Android app is on the way.

The Onion Browser promises access to the dark net from your mobile phone and tunnels web traffic through The Onion Router (TOR) encrypted network.

The Onion Browser is only for iOS devices and has been developed independently of the Tor Project, which maintains its own Tor browser for desktops.

However, the Onion Browser offers similar benefits, such as masking the user’s IP address and web browsing activities. It also allows users to access hidden services at .onion addresses and a one-click option to clear browser cookies.

Anyone concerned about their privacy should probably read the disclaimer by the app’s developer, Mike Tigas, who notes that regardless of the app, iOS devices may still leak traffic from other services and apps on the device to network providers. Also, the Onion Browser also won’t conceal who you are if you log into a service outside of the Tor network.

It’s available for 99 cents from the Apple App Store.

SeeCrypt’s current app for Android and iOS supports encrypted voice calls and text messages over mobile networks and wi-fi. Like other apps, it only allows encrypted communications between devices installed with the app.

The South African company says its app uses “double layer, end-to-end, military-grade encryption software”.

To establish trust between two users who wish to start an encrypted data transfer, SeeCrypt relies the exchange of public keys between devices. “Two different public-key systems (RSA and ECDSA/ECDH) are used for the key negotiation and authentication, and two different stream ciphers (AES in counter mode and RC4) are used for the data encryption,” it explains.

The ‘double layer’ refers the two stream ciphers it employs, which is meant to keep data protected in the event that of the above mentioned algorithms is broken.

SeeCrypt plans on releasing a new version of the app called SC3, which will support group messaging and Outlook Calendar synchronisation.

The app is free to install, but costs $3 a month to use. The company plans on releasing a BB10 and Windows Phone version later this year.

SafeSlinger is the product of research at Carnegie Mellon’s CyLab.

According to the university, it provides the same level of messaging security as PGP, only it makes the key exchange process for encrypted communications simpler.

“When exchanging keys, you only need to compare one number and one three-word phrase with other users. When doing this comparison, you must be able to either see the other user’s phone screen or hear the number and phrases spoken so you can verify the physical presence of the other user,” SafeSlinger explains on its FAQ page. In other words, the way to remotely exchange keys is by making a phone call.

SafeSlinger’s server is implemented on Google’s App Engine, where it exchanges encrypted contact and message data.

SafeSlinger hasn’t quite got all the features of a current social IM application. At the moment, there’s no group messaging and users can only add one attachment to a message at a time.

SpiderOak offers a cloud storage and backup that lets users encrypt their files on the fly before storing them in its cloud.

SpiderOak is available for free with 2GB storage, or for $10 a month for 100GB space.

The company’s product Hive, which is included in the SpiderOak installation, provides a drop folder for files the user wants synced across mobile and desktop devices. Like Dropbox, it offers document versioning and users can share files with friends via a link from Hive.

SpiderOak claims to offer a “zero knowledge” environment that differs from other cloud providers that only encrypt data during transmission, but not while at rest on their servers. In contrast, files stored on SpiderOak’s servers are encrypted, which should mean its staff can’t read them even with physical access to the system.

The company also doesn’t have access to the user’s password, which means there’s no password reset option. There is however a password hint that the user can set.

According to SpiderOak, it uses AES256 in CFB mode and HMAC-SHA256 encryption.

“SpiderOak uses a nested series of key scopes: a new key for each folder, version of a file, and the individual data blocks that versions of files are composed from. Having keys with such limited scope allows for selective sharing of chosen portions of your data while keeping the remainder private.

“Most importantly, however, the keys are never stored plaintext on the SpiderOak server. They are encrypted with 256-bit AES, using a key created from your password by the key derivation/strengthening algorithm PBKDF2 (using sha256), with a minimum of 16384 rounds, and 32 bytes of random data (“salt”).

“This approach prevents brute force and pre-computation or database attacks against the key. This means that a user who knows her password can generate the outer level encryption key using PBKDF2 and the salt, then decipher the outer level keys, and be on the way to decrypting her data. Without knowledge of the password, however, the data is unreadable.”

Silent Circle privacy apps will soon start shipping on the Black Phone unveiled last month.

One Response to “Something different…Apps to protect privacy”

  1. How to refine your social media strategy?

    With the Federal Trade Commission calling them out this week for their claims of messages and photos being deleted forever,
    it could be that Snapchat’s main marketing message has just
    een obliterated. However for in app purchases users will be charged accordingly.
    As a security feature — remember that Snapchat allows users to set a time
    limit for how long recipients can view a photos (up to 10 seconds), after which the images will “vanish” from the recipient’s device.

Leave a Reply