Miranda – Page 7 – DoGoodSoft's Official Blog

“Petya” ransomware encryption cracked

Utility generates unscrambling key.

Users whose data has been held to ransom by the Petya malware now have an option to decrypt the information, thanks to a new tool that generates an unscrambling key.

Petya appeared around March this year. Once executed with Windows administrator privileges, Petya rewrites the master boot record on the computer’s hard drive, crashes the operating system and on restart, scrambles the data on the disk while masquerading as the CHKDSK file consistency utility.

The Petya attackers then demand approximately A$555 in ransom, payable in BItcoin, to provide a decryption key for the locked system.

An anonymous security researcher using the Twitter handle leo_and_stone has now cracked the encryption Petya uses, the Salsa10 function created by DJ Bernstein in 2004.

Decrypting hard disks scrambled with Petya using the tool is a relatively complex operation. The tool requires data from an eight-byte nonce (random, use-once number) file and a 512-byte sector from the hard disk to be input into a website to generate the the decryption key.

This means the Petya-infected hard drive has to be removed from the victim computer, and the small amount of data needed for the decryptor read and copied with low-level system utilities.

Once that is done, the scrambled hard drive has to be reinserted into a computer to bring up the Petya ransom demand screen, at which stage the decryption key can be entered.

Tech support site Bleeping Computer, run by computer forensics specialist Lawrence Abrams, reported success with Leo Stone’s Petya decryptor, with keys being generated in just seconds.

A Windows tool to make it easier to extract the verification data and nonce was also created by researcher Fabian Wosar from security vendor Emsisoft.

WhatsApp’s encryption services are legal for now, but maybe not for long

WhatsApp introduced end-to-end encryption for all its services today. This means that all user calls, texts, video, images and other files sent can only be viewed by the intended recipient, and no one, not even WhatsApp itself, can access this data. This guarantee of user privacy creates new concerns for the government.

WhatsApp will now find it impossible to comply with government requests for data, since WhatsApp itself will not have the decryption key. In effect, WhatsApp is doing exactly what Apple did in the Apple vs FBI battle; it’s preventing government access to data, but on a much larger scale. While Apple restricted access to users of iPhones only, now practically every user of WhatsApp on any device is protected. 51% of all users of internet messaging services in India use WhatsApp, with a total number of over 70 million users (Source: TRAI’s OTT Consultation Paper, dated March 2015). WhatsApp has now prevented government access to the messages and calls of at least 70 million Indian users.

No encryption requirements are applicable on OTTs like WhatsApp

Telecom service providers and internet service providers, like Airtel and Vodafone, have to obtain a license from the Department of Telecommunications in order to be able to provide such services in India. This license includes several restrictions, including license fees, ensuring emergency services, confidentiality of customer information and requirements for lawful interception, monitoring and the security of the network. These include encryption requirements.

For example, the ‘License Agreement for Provision of Internet Service (Including Internet Telephony)’ for internet service providers (like Reliance and Airtel), permits the usage of up to 40-bit encryption. To employ a higher encryption standard, permission will have to be acquired and a decryption key deposited with the Telecom Authority.

Apps like WhatsApp, Skype and Viber are, however, neither telecom service providers nor internet service providers. These are known as ‘Over-The-Top Services’, or OTTs. Currently, OTTs are not regulated and as such, there are no encryption requirements, nor are there any other requirements in the name of security which these have to comply with.

The Telecom Regulatory Authority of India came out with an OTT Consultation Paper in 2015. Discussions on the paper are closed, but TRAI is yet to issue regulations on the matter. In the absence of any regulations at present, it’s clear that WhatsApp’s new end-to-end encryption policy is perfectly legal, even though it presents a new dilemma for the government.

Impact of end-to-end encryption on proposed regulatory system

Other countries have adopted various approaches to resolve the issue of OTT services. For example, in France, Skype was made to register as a telecom operator. In Germany, Voice-Over-IP is subject to the same requirements as other telecom services because of the technology neutral approach of its Telecommunications Act. In China, VOIP calls have a separate regulatory system under the head of ‘voice based calls’. These systems will make voice-over-IP subject to the same security requirements as telecom providers. For the most part however, OTT services are unregulated abroad as well.

In a detailed discussion on the issue in TRAI’s OTT Consultation Paper, TRAI notes that OTT services circumvent all regulatory requirements by providing services which are otherwise available only through a license. It has suggested the classification of OTT services either as a communication service provider or an application service provider, and to impose similar regulatory requirements as on telecom service providers.

The proposed licensing requirements include enabling ‘lawful interception’. It can be assumed that the provisions will be along the lines of those imposed on telecom regulatory requirements. Given that a 40-bit encryption system is a much lower standard than that used by WhatsApp and also considering that WhatsApp doesn’t even possess the decryption key for deposition with the relevant authority, it remains to be seen how the government will gain access to WhatsApp messages.

Liability of WhatsApp to comply with decryption directions under IT Act

WhatsApp, being an intermediary, is expected to comply with directions to intercept, monitor and decrypt information issued under Section 69 of the Information Technology Act, 2000. Complying with such a direction will now be impossible for WhatsApp in view of its end-to-end encryption. Even before the introduction of this, since WhatsApp is not a company based in India, it may have been able to refuse to comply with such directions. In fact, compliance by such companies in regard to data requests from the Indian government has been reported to be very low.

India’s now withdrawn draft encryption policy took the first step towards overcoming these problems and obtaining access. It required service providers, from both India and abroad, which are using encryption technology, to enter into agreements with India in order to be able to provide such services. One essential requirement of these agreements was to comply with data requests as and when they’re made by the government. This will include any interception, monitoring and decryption requests made under Section 69 of the IT Act. Though it was later clarified that WhatsApp is not within the purview of this policy, this indicates the route that may be taken by the government to obtain access. If WhatsApp refuses to comply with such a regime, that would make WhatsApp illegal in India.

End-to-end encryption is not without its drawbacks. The high, unbreachable level of security and privacy available is in favour of users and against governments. It will make such systems the favorite for illegal activities as well. For example, tracing voice calls made by terrorists using Voice-Over-IP is extremely difficult because of its routing over fake networks. The issue raised in the Apple vs FBI case was also the same, whether an individual user’s privacy can be compromised in favour of the larger public interest. A balance between the two is needed, maintaining user privacy and allowing interception for lawful purposes is required.

Brooklyn case takes front seat in Apple encryption fight

The Justice Department said Friday it will continue trying to force Apple to reveal an iPhone’s data in a New York drug case, putting the Brooklyn case at the center of a fight over whether a 227-year-old law gives officials wide authority to force a technology company to help in criminal probes.

The government told U.S. District Judge Margo K. Brodie in Brooklyn that it still wants an order requiring Apple’s cooperation in the drug case even though it recently dropped its fight to compel Apple to help it break into an iPhone used by a gunman in a December attack in San Bernardino that killed 14 people.

“The government’s application is not moot and the government continues to require Apple’s assistance in accessing the data that it is authorized to search by warrant,” the Justice Department said in a one-paragraph letter to Brodie.

Apple expressed disappointment, saying its lawyers will press the question of whether the FBI has tried any other means to get into the phone in Brooklyn.

Apple had sought to delay the Brooklyn case, saying that the same technique the FBI was using to get information from the phone in California might work with the drug case phone, eliminating the need for additional litigation.

Federal prosecutors told Brodie on Friday that it would not modify their March request for her to overturn a February ruling concluding that the centuries-old All Writs Act could not be used to force Apple to help the government extract information from iPhones.

Magistrate Judge James Orenstein made the ruling after inviting Apple to challenge the 1789 law, saying he wanted to know if the government requests had created a burden for the Cupertino, California-based company.

Since then, lawyers say Apple has opposed requests to help extract information from over a dozen iPhones in California, Illinois, Massachusetts and New York.

In challenging Orenstein’s ruling, the government said the jurist had overstepped his powers, creating “an unprecedented limitation on” judicial authority.

It said it did not have adequate alternatives to obtaining Apple’s assistance in the Brooklyn case, which involves a phone with a different version of operating system than the phone at issue in the California case.

In a statement Friday, Justice Department spokeswoman Emily Pierce said the mechanism used to gain access in the San Bernardino case can only be used on a narrow category of phones.

“In this case, we still need Apple’s help in accessing the data, which they have done with little effort in at least 70 other cases when presented with court orders for comparable phones running iOS 7 or earlier operating systems,” she said.

Apple is due to file a response in the case by Thursday.

How to encrypt iPhone and Android, and why you should do it now

Apple’s fight with the FBI may be over for the time being, but this high-profile fight about user privacy and state security may have puzzled some smartphone users. When is an iPhone or Android device encrypted? And how does one go about securing the data on them?

iPhone

It’s pretty simple actually: as long as you set up a password or PIN for the iPhone or iPad’s lockscreen, the device is encrypted. Without knowing the access code, nobody can unlock it, which means your personal data including photos, messages, mail, calendar, contacts, and data from other apps, is secured. Sure the FBI can crack some iPhones, but only if they’re included in criminal investigations, and only if the recent hacks work on all iPhones out there.

If you don’t use a lockscreen password, you should do it right away. Go to Settings, Touch ID & Passcode, tap on Turn Passcode On and enter a strong passcode or password.

Android

As CNET points out, things are a bit more complicated on Android.

The newer the device, the easier it is to get it done. In this category, we have Nexus devices, the Galaxy S7 series, and other new handsets that ship with Android 6.0 preloaded. Just like with the iPhone, go to the Settings app to enable a security lock for the screen, and the phone is encrypted.

With older devices, the encryption procedure is a bit more complex, as you’ll also have to encrypt the handset manually. You’ll even have to do it with newer devices, including the Galaxy S6 and Moto X Pure. Go to Settings, then Security then Encrypt phone. While you’re at it, you may want to encrypt your microSD card as well, so data on it can be read on other devices – do it from the Security menu, then Encrypt external SD card. Once that’s done, you will still need to use a password for the lockscreen.

CNET says there are reasons you should consider not encrypting your Android device, like the fact that a device might take a performance hit when encrypted. The performance drop may be barely noticeable on new devices, but older models and low-end handsets could suffer.

Forget iPhone encryption, the FBI can’t legally touch the software ISIS uses

The FBI insists that encrypted products like the iPhone and encrypted online services will put people in harm’s way, especially in light of the ISIS-connected San Bernardino shooting late last year. That’s why the Bureau has been arguing for encryption backdoors that would be available to law enforcement agencies, and why it looked to coerce Apple to add a backdoor to iOS.

However, extensive reports that show the preparations ISIS made before hitting Paris and Brussels revealed the kind of encrypted products ISIS radicals used to stay in touch with central command. Unsurprisingly, these products are out of the FBI’s jurisdiction, and one in particular was one of the safest encrypted communication products you can find online. In fact,its original developers are suspected to have ties to the criminal underworld.

Telling the inside story of the Paris and Brussels attacks, CNN explains that ISIS cell members used a chat program called Telegram to talk to one another in the moments ahead of the attacks. Using data obtained from official investigations,CNN learned that just hours before the Bataclan theater was hit, one of the attackers had downloaded Telegram on a Samsung smartphone.

Police never recovered communications from the messaging app. Not only is Telegram encrypted end-to-end, but it also has a self destruct setting.

Forget iPhone encryption, the FBI can’t legally touch the software ISIS uses

Conceived by Russian developers, the app is out of the FBI’s jurisdiction. But Telegram is the least problematic encrypted service for intelligence agencies looking to collect data and connect suspects. CNN also mentions a far more powerful app, one that hasn’t yet been cracked by law enforcement.

TrueCrypt is the app in question. One of the ISIS radicals who was captured by French police in the months leading to the mid-November Paris attacks revealed details about this program.

TrueCrypt resides on a thumb drive and is used to encrypt messages. French citizen and IT expert Reda Hame was instructed to upload the encrypted message to a Turkish file-sharing site. “An English-speaking expert on clandestine communications I met over there had the same password,” Hame told interrogators. “It operated like a dead letter drop.”

Forget iPhone encryption, the FBI can’t legally touch the software ISIS uses

According to The New York Times, Hame was told not to send the message via email, so as to not generate any metadata that would help intelligence agencies connect him to other terrorists.

The ISIS technician also instructed Hame to transfer TrueCrypt from the USB key to a second unit once he reached Europe. “He told me to copy what was on the key and then throw it away,” Hame explained. “That’s what I did when I reached Prague.”

Hame made a long journey home from Turkey, making it look like he was a tourist visiting various cities in Europe. Whenever he reached a new place, he was to call a special number belonging to one of the masterminds behind the attacks, and he used a local SIM card to mark his location.

Forget iPhone encryption, the FBI can’t legally touch the software ISIS uses

The Times also mentions a secondary program that was installed on flash drives. Called CCleaner, the program can be used to erase a user’s online history on any computer.

If that’s not enough to show the level of sophistication of these bloody ISIS attacks on Europe and other targets, a story from The New Yorker sheds more light on TrueCrypt, a program whose creators can’t be forced to assist the FBI.

According to the publication, TrueCrypt was launched in 2004 to replace a program called Encryption for the Masses (E4M) developed long before the iPhone existed. Interestingly, the programmer who made it is Paul Le Roux, who also happens to be a dangerous crime lord, having built a global drug, arms and money-laundering cartel out of a base in the Philippines.

E4M is open-source, and so is TrueCrypt, meaning that their creators aren’t companies motivated by a financial interest to keep their security intact.

“TrueCrypt was written by anonymous folks; it could have been Paul Le Roux writing under an assumed name, or it could have been someone completely different,” Johns Hopkins Information Security Institute computer-science professor Matthew Green told The New Yorker.

The developers stopped updating it in 2014 for fear that Le Roux’s decision to cooperate with the DEA might cripple its security. Le Roux was arrested in Liberia on drug-trafficking charges in September 2012. But Green concluded in 2015 that TrueCrypt is still backdoor-free, which explains why ISIS agents still use it.

How the FBI Cracked the iPhone Encryption and Averted a Legal Showdown With Apple

An urgent meeting inside FBI headquarters little more than a week ago is what convinced federal law enforcement officials that they may be able to abandon a brewing legal fight with tech giant Apple, sources told ABC News today.

In the days after the December 2015 massacre in San Bernardino, California, which killed 14 people and wounded 22 others, the iPhone left behind by one of the shooters, Syed Farook, was secretly flown to the FBI’s laboratory in Quantico, Virginia, sources said.

The FBI had been unable to review the phone’s contents due to a security feature that — after 10 failed attempts to enter the 4-digit access code — would render the phone’s files forever inaccessible.

By last month, the FBI was at an impasse with Apple, which fought a court order telling the company to help authorities bypass the security feature. Apple maintained the U.S. government was asking it to create a “backdoor” into its devices that would endanger the privacy of hundreds of millions of iPhone users around the world.

“It is in our view the software equivalent of cancer,” Apple CEO Tim Cook recently told “World News Tonight” anchor David Muir.

But the FBI insisted it had a responsibility to access any data potentially relevant to the deadly terror attack in San Bernardino.

“I don’t know whether there is evidence of the identity of another terrorist on the phone, or nothing at all. But we ought to be fired in the FBI if we didn’t pursue that lead,” FBI Director James Comey told a House panel in February.

As the legal battle played out, the FBI appealed to cyber experts around the world for help.

“We’ve talked to anybody who will talk with us about it, and I welcome additional suggestions,” Comey said during a House hearing four weeks ago.

In response, countless companies and hackers — including what one source familiar with matter called many “whackadoodles” — came forward claiming to have a way into Farook’s phone, sources said.

But nothing appeared viable. That is, until a company that the FBI has yet to identify came forward about two weeks ago. After initial contacts with the FBI, company officials flew to Washington to lay out their solution, sources told ABC News.

On Sunday, March 20, in a meeting at FBI headquarters, company officials demonstrated their technology on another iPhone. Convinced it would work, the FBI greenlighted applying it to Farook’s phone, sources said.

This past weekend — just days ago — the attempt was made, and “the FBI has now successfully retrieved the data stored on” the phone, according to the Justice Department.

Forensic examiners are now attempting to exploit potential evidence from the phone. It’s unclear if anything of investigative value has been found yet.

The FBI has refused to identify the company that offered the solution, with one source citing a “mutual agreement.” Nevertheless, Apple did not play a part in finding the solution, company officials said.

As for whether the solution might be shared with Apple, it’s a decision that will be made through consultation with multiple federal agencies, sources said.

One federal law enforcement source said it’s important to emphasize that the ultimate solution identified in this case was not found despite the lawsuit filed against Apple, but because of it.

The solution was “generated as a result of the media attention,” the source said.

At the same time, the source said federal authorities believe the end to the current litigation should not end the national discussion about balancing the interests of security and privacy.

“Our need for public safety and our need for privacy are crashing into each other, and we have to sort that out as a people,” Comey said recently. “This world some people imagine where nobody can look at your stuff is a world that will have public safety costs.”

FBI Hacks iPhone, Ending Apple Encryption Challenge

The Department of Justice said in a federal court filing Monday that it had bypassed encryption on the iPhone 5c used by a terrorist in a mass shooting last year in California and requested the court vacate its order compelling Apple to assist it in accessing the device.

The filing effectively ends a contentious legal battle between the federal government and Apple over the phone used by Syed Rizwan Farook. Farook was fatally shot by authorities along with his wife, Tashfeen Malik, after they killed 14 people in San Bernardino, California, in December.

“The government has now successfully accessed the data stored on Farook’s iPhone and therefore no longer requires the assistance from Apple Inc. mandated by Court’s Order Compelling Apple Inc. to Assist Agents in Search dated February 16, 2016,” government lawyers said in their filing in U.S. District Court for the Central District of California.

The two-page filing contains no information about the methods the government used to bypass the phone’s encryption.

A scheduled March 22 hearing was canceled last week after government lawyers said an “outside party” had proposed a possible way to unlock the phone that would not require Apple’s help. The tech giant had vowed to oppose the order in court, stating that helping the government access an encrypted iPhone would set a precedent for undermining privacy and cybersecurity.

“Our decision to conclude the litigation was based solely on the fact that, with the recent assistance of a third party, we are now able to unlock that iPhone without compromising any information on the phone,” prosecutors said in a statement.

“We sought an order compelling Apple to help unlock the phone to fulfill a solemn commitment to the victims of the San Bernardino shooting – that we will not rest until we have fully pursued every investigative lead related to the vicious attack,” the statement said. “Although this step in the investigation is now complete, we will continue to explore every lead, and seek any appropriate legal process, to ensure our investigation collects all of the evidence related to this terrorist attack. The San Bernardino victims deserve nothing less.”

Why few hackers are lining up to help FBI crack iPhone encryption

When the FBI said it couldn’t unlock the iPhone at the center of the San Bernardino shooting investigation without the help of Apple, the hackers at DriveSavers Data Recovery took it as a challenge.

Almost 200 man hours and one destroyed iPhone later, the Bay Area company has yet to prove the FBI wrong. But an Israeli digital forensics firm reportedly has, and the FBI is testing the method.

Finding a solution to such a high-profile problem would be a major feat — with publicity, job offers and a big payday on the line. But, in fact, the specialists at DriveSavers are among only a few U.S. hackers trying to solve it. Wary of the stigma of working with the FBI, many established hackers, who can be paid handsomely by tech firms for identifying flaws, say assisting the investigation would violate their industry’s core principles.

Some American security experts say they would never help the FBI, others waver in their willingness to do so. And not all of those who would consider helping want their involvement publicized for risk of being labeled the hacker who unhinged a backdoor to millions of iPhones.

“The FBI has done such a horrible job of managing this process that anybody in the hacking community, the security community or the general public who would openly work with them would be viewed as helping the bad guys,” said Adriel Desautels, chief executive of cybersecurity testing company Netragard. “It would very likely be a serious PR nightmare.”

Much of the security industry’s frustration with the FBI stems from the agency’s insistence that Apple compromise its own security. The fact that the FBI is now leaning on outside help bolsters the security industry’s belief that, given enough time and funding, investigators could find a workaround — suggesting the agency’s legal tactics had more to do with setting a precedent than cracking the iPhone 5c owned by gunman Syed Rizwan Farook.

Some like Mike Cobb, the director of engineering at DriveSavers in Novato, Calif., wanted to be the first to find a way in. Doing so could bring rewards, including new contracts and, if desired, free marketing.

“The bragging rights, the technical prowess, are going to be considerable and enhanced by the fact that it’s a very powerful case in the press,” said Shane McGee, chief privacy officer for cybersecurity software maker FireEye Inc.

Altruism could motivate others. Helping the FBI could further an inquiry into how a husband-and-wife couple managed to gun down 14 people, wound many others and briefly get away.

Another positive, McGee said, is that legal liability is low: While unauthorized tampering with gadgets has led to prison time, it’s legal as long as people meddle with iPhones they own — and the court order helps too.

But top security experts doubt the benefits are worth the risk of being seen as a black sheep within their community.

Hackers have said they don’t want to touch the San Bernardino case “with a 10-foot pole because the FBI doesn’t look the like good guy and frankly isn’t in the right asking Apple to put a back door into their program,” Desautels said. The assisting party, if ever identified, could face backlash from privacy advocates and civil liberties activists.

“They’d be tainted,” Desautels said.

The unease in the hacker community can be seen through Nicholas Allegra, a well-known iPhone hacker who most recently worked for Citrix.

Concerned an FBI victory in its legal fight with Apple would embolden authorities to force more companies to develop software at the government’s behest, Allegra had dabbled in finding a crack in iPhone 5c security. If successful, he hoped his findings would lead the FBI to drop the Apple dispute.

But he has left the project on the back burner, concerned that if he found a solution, law enforcement would use it beyond the San Bernardino case.

“I put in some work. I could have put more in,” he said. But “I wasn’t sure if I even wanted to.”

Companies including Microsoft, United Airlines and Uber encourage researchers and even hackers to target them and report problems by dangling cash rewards.

HackerOne, an intermediary for many of the companies, has collectively paid $6 million to more than 2,300 people since 2013. Boutique firms and freelancers can earn a living between such bounties and occasionally selling newly discovered hacking tools to governments or malicious hackers.

But Apple doesn’t have a bounty program, removing another incentive for tinkering with the iPhone 5c.

Still, Israeli firm Cellebrite is said to have attempted and succeeded at defeating the device’s security measures.

The company, whose technology is heavily used by law enforcement agencies worldwide to extract and analyze data from phones, declined to comment. The FBI has said only that an “outside party” presented a new idea Sunday night that will take about two weeks to verify. Apple officials said they aren’t aware of the details.

Going to the FBI before going to the company would violate standard practice in the hacking community. Security researchers almost always warn manufacturers about problems in their products and services before sharing details with anyone else. It provides time for a issuing a fix before a malicious party can exploit it.

“We’ve never disclosed something to the government ahead of the company that distributed the hardware or software,” McGee said. “There could be far-reaching consequences.”

Another drawback is that an iPhone 5c vulnerability isn’t considered a hot commodity in the minds of many hackers, who seek to one-up each other by attacking newer, more widely used products. The 5c model went on sale in 2013 and lacks a fingerprint sensor. Newer iPhones are more powerful and have different security built into them. Only if the hack could be applied to contemporary iPhones would it be worth a rare $1-million bounty, experts say.

The limited scope of this case is why many hackers were taken back by a court order asking for what they consider broadly applicable software to switch off several security measures. Instead, experts wanted the FBI to invest in going after the gunman’s specific phone with more creativity. In other words, attack the problem with technology, not the courts.

“If you have access to the hardware and you have the ability to dismantle the phone, the methodology doesn’t seem like it would be all that complex,” Desautels said.

Two years ago, his team tried to extract data from an iPad at the request of a financial services company that wanted to test the security of the tablets before offering them to employees. Netragard’s researcher failed after almost a month; he accidentally triggered a date change within the software that rendered the iPad unusable. But Desautels said cracking the iPad would have been “possible and trivial” for someone with more time and a dozen iPads to mess with.

The same, he imagines, would be true for an iPhone. The FBI, though, has said it had exhausted all known possibilities.

Taking Apple to court generated attention about the problem and “stimulated creative people around the world to see what they might be able to do,” FBI Director James Comey said in a letter to the Wall Street Journal editorial board Wednesday. Not “all technical creativity” resides within government, he said.

The plea worked, grabbing the interest of companies like DriveSavers, which gets about 2,000 gigs a month to retrieve photos, videos and notes from phones that are damaged or belong to someone who died. But despite all of the enticements in the San Bernardino case, they’ve worked to unlock an iPhone 5c only intermittently.

They’ve made progress. Cobb’s team can spot the encrypted data on an iPhone 5c memory chip They’re exploring how to either alter that data or copy it to another chip. Both scenarios would allow them to reset software that tracks invalid password entries. Otherwise, 10 successive misfires would render the encrypted data permanently inaccessible.

Swapping chips requires soldering, which the iPhone isn’t built to undergo multiple times. They have an adapter that solves the issue, and about 300 old iPhones in their stockpile in case, as one already has, the device gets ruined.

Had they been first to devise a proposed solution, DriveSavers “absolutely” would have told the FBI because their method doesn’t present extraordinary security risks, Cobb said.

But whether it would want to be publicly known as the code cracker in the case, Cobb said that would be “a much bigger, wider conversation” to ponder.

Apple-FBI fight may be first salvo in encryption war

The Apple-FBI fight may just be the opening salvo in a broader war over encryption, as technology companies continue to lock up their users’ messages, photos and other data to shield them from thieves and spies — and, incidentally, criminal investigators.

WhatsApp, the globally popular messaging system owned by Facebook, has already run into trouble on this front in Brazil. WhatsApp encrypts all user messages in “end to end” fashion, meaning no one but the sender and recipient can read them. Brazilian authorities arrested a Facebook executive this month after the company said it couldn’t unscramble encrypted messages sought by police.

U.S. officials are debating how to enforce a similar wiretap order for WhatsApp communications in a U.S. criminal case, the New York Times reported. WhatsApp started as a way to exchange written messages over the Internet, but it has added services like photo-sharing and voice calling, while gradually building encryption into all those formats.

Spokesmen for WhatsApp and the Justice Department declined comment on the Times report, which said the wiretap order had been sealed to keep details secret. The Brazilian case is pending, although the Facebook executive was released from jail after a day.

For now, U.S. authorities and the tech industry are watching for the outcome of Apple’s legal battle with the FBI, which wants to force the company to help unlock an encrypted iPhone used by one of the San Bernardino mass shooters. But as more companies explore adding encryption, further confrontations are likely.

“I think we can say, without a doubt, there’s going to be more pressure on app-makers now,” said Nate Cardozo, staff attorney at the Electronic Frontier Foundation.

Cardozo said he’s aware of other recent cases in which U.S. authorities have approached individual companies (he wouldn’t name them) that use encryption and warned them that criminals or terrorists are using their services. Cardozo said authorities have urged those companies to redesign their apps or provide other technical solutions that would let agents read the encrypted messages.

Tech companies say they don’t want to interfere with legitimate criminal investigations or national security matters. Instead, they argue they’re concerned about hacking, privacy invasion and violations of civil rights.

“It’s the government’s job to protect public safety,” said Denelle Dixon-Thayer, chief legal and business officer at Mozilla, which makes the Firefox Web browser. “Our job in the tech sector is to support that goal by providing the best data security.”

While law enforcement authorities have chafed at tech companies’ use of encryption, national security officials have warned against weakening encryption. “We’re foursquare behind strong data security and encryption,” Defense Secretary Ash Carter told a tech audience this month.

Debate over tech tools’encryption

Before the San Bernardino terror attack, Syed Rizawan Farook’s iPhone was just one fancy Apple device among hundreds of millions worldwide.

But since the California government worker and his wife shot and killed 14 people on December 2, apparently inspired by extremist group IS, his iPhone 5c has become a key witness – and the government wants Apple to make it talk.

The iPhone, WhatsApp, even social media – government authorities say some of tech fans’ favourite playthings are also some of the most powerful, and problematic, weapons in the arsenals of violent extremists.

Now, in a series of quiet negotiations and noisy legal battles, they’re trying to disarm them, as tech companies and civil liberties groups fight back.

The public debate started with a court order that Apple hack a standard encryption protocol to get at data on Farook’s iPhone, but its repercussions are being felt beyond the tech and law enforcement worlds.

“This is one of the harder questions that we will ever have to deal with,” said Albert Gidari, director of privacy at Stanford Law School’s Centre for Internet and Society.

“How far are we going to go? Where does the government power end to collect all evidence that might exist, and whether it infringes on basic rights? There’s no simple answer,” he told DPA.

It’s not new that terrorists and criminals use mainstream technology to plan and co-ordinate, or that law enforcement breaks into it to catch them. Think of criminals planning a robbery by phone, foiled by police listening in.

But as encryption technology and other next-generation data security move conversations beyond the reach of a conventional wiretap or physical search, law enforcement has demanded the industry provide “back-door” technology to access it too.

At the centre of the fray are otherwise mainstream gadgets and platforms that make private, secure and even anonymous data storage and communication commonplace.

Hundreds of millions of iPhones running iOS 8 or higher are programmed with the same auto-encryption protocol that has stymied investigators in the San Bernardino attack and elsewhere.

US authorities are struggling with how to execute a wiretap order on Facebook-owned WhatsApp’s encrypted messaging platform, used by 1 billion people, the New York Times reported.

In a similar case earlier this month, Brazilian authorities arrested a company executive for not providing WhatsApp data the company said it itself could not access.

Belgium’s interior minister Jan Jambon said in November he believed terrorists were using Sony’s PlayStation 4 gaming network to communicate, Politico reported, although media reports dispute his assertions.

In a world where much of social interaction has moved online, it’s only natural that violent extremism has made the move too.

ISIS, in particular, has integrated its real-world operations with the virtual world, using social media like Twitter and YouTube for recruitment and propaganda and end-to-end encryption for secure communication, authorities say.

Law enforcement authorities and government-aligned terror experts call it the “digital jihad”.

Under pressure from governments, social media providers have cracked down on accounts linked to extremists. Twitter reported it had closed 125,000 ISIS-linked accounts since mid-2015.

Most in the industry have drawn the line at any compromise on encryption, however, saying the benefits of secure data outweigh the costs of its abuse by criminals – leaving authorities wringing their hands.

“Something like San Bernardino” or the November 13 terror attack in Paris “can occur with virtually no indications it was about to happen,” retired general and former Obama anti-terror envoy John Allen warned an audience of techies at the South by Southwest digital conference.

Just a day before, US President Barack Obama had made an unprecedented appearance there, calling for compromise in the showdown between government and tech.

Citing examples of child pornographers, airline security and Swiss bank accounts, Obama said authorities must have the ability to search mobile devices, encrypted or not.

But Gidari called it a “Pandora’s box” too dangerous to open.