7 March 2017
As you've probably read, WikiLeaks has released a trove of purported CIA documents describing their hacking tools. There's a lot more that will be learned, as people work their way through the documents. For now, though, I want to focus on something that's being misreported, possibly because of deliberately misleading text by WikiLeaks itself.
Here's the text from WikiLeaks:
These techniques permit the CIA to bypass the encryption of WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman by hacking the "smart" phones that they run on and collecting audio and message traffic before encryption is applied.Here's what the New York Times said:
The Wall Street Journal was much the same:
Both uncritically accepted the premise: that there's something wrong with these encryption apps. Nothing could be farther from the truth. Rather, the existence of these hacking tools is a testimonial to the strength of the encryption. It's hard or impossible to break, so the CIA is resorting to expensive, targeted attacks.
The Washington Post got it right.
As far as is publicly known, the encryption is strong. Even if it it somewhat weak, modern cryptosystems don't fall in an instant; it takes a fair amount of computation to crack each instance. The CIA is hacking because that's what's left.
Hacking the endpoints—something I and my colleagues have advocated for years—is the right way to get around encryption. It's much better than putting in back doors, since those can lead to serious weaknesses. And it's not going to stop. As I've previous observed, spying will stop some time after a sustained outbreak of world peace. Spies, in other words, will always do whatever they need to do to gather information.
(What is the real story here? The big news is that this trove of files has been taken from the CIA, only a few months after a large collection of NSA files was stolen. Some counterintelligence officers have a lot of 36 hour days ahead of them.)