Whatsapp last week announced it would roll out end-to-end encryption for its users to better protect their privacy, but the move could make the service more attractive to spammers, too.
While encryption can safeguard information from data thieves, it also can block data protectors from detecting malicious activity on their networks.
"WhatsApp's encryption policy is a win for privacy advocates, but it will not stop the growth of spam on the platform and could make the problem worse," said Simeon Coney, chief strategy officer forAdaptiveMobile.
"WhatsApp has always had limited spam control in place," he told TechNewsWorld, "and encryption will make detecting spam and malicious links with malware that much more difficult."
Spam Magnet
Over the last three to four years, mobile carriers have made it harder for spammers to deliver their junk messages, Coney noted. That's prodded them to look for greener pastures.
"We've seen spammers move from services like SMS, MMS and RCS to services like WhatsApp," he said.
Not only does it cost spammers less to spew their rubbish on WhatsApp, but it's easier to find targets there.
"WhatsApp is a very friendly service to spammers because it allows them to validate phone numbers to see if they have a WhatsApp account," Coney explained, "so they can upload large number ranges to test who has a WhatsApp account and just send bulk messages to them."
Because end-to-end encryption prevents protection systems from seeing what's in a spam message, they can't guard against malicious activity like phishing, account hijacking, spam and malware.
"It's simple economics," Coney said. "As certain channels get closed off to these spammers, they're finding other ways to reach their targets. They only make money if they get their messages through and they get a reasonable conversion rate."
Making Sense of Mossack Fonseca Data
If you're a journalist and someone drops 2.6 TB of hot data in your lap, where do you begin to make sense of it?
For the International Consortium of Investigative Journalists, the answer was Nuix.
Nuix provides services for turning large pots of data into searchable pools of information.
With its software, which the company donated to the ICIJ and the German newspaper Süddeutsche Zeitung, the investigative journalists were able to process, index and analyze the Panama Papers, 11.5 million documents taken from the Panama offices of Mossack Fonseca, an international law firm and a major player in the offshore asset industry.
Much of the data in the dump was scanned documents, which were turned into searchable information with Nuix's optical character recognition software. Other Nuix analytical tools helped identify and cross-reference Mossack Fonseca clients throughout the document cache.
1,500 Data Types
Nuix's search technology was developed in 2000 at the request of the Australian government. "They had a huge cache of Lotus Notes emails, and they didn't have a way to tag them, format them and make them easily searchable," said Keith Lowry, Nuix's senior vice president of threat intelligence and a former chief of staff at the U.S. Department of Defense.
"Over the years, we have been able to absorb a lot more types of information," he told TechNewsWorld. "It has grown to the point where we can natively ingest over 1,500 different file types and flatten the data and make it presentable to whomever is analyzing the data."
Although 2.6 TB of data is immense by journalistic standards, it's only a medium-sized data set compared to some Nuix has been enlisted to massage in its e-discovery and regulatory investigative work. "On any given day, our software is sorting through petabytes of data," Lowry said.
Nuix gave the ICIJ and Süddeutsche Zeitungtechnical assistance in processing the data stolen from Mossack Fonseca, but no employees ever handled the data, the company said.
"We didn't participate in the collection of the data," Lowry said. "We just processed it for them."
iPhone's Secure Enclave
Maybe the FBI just wanted to impress legislators of the urgency for action on the Going Dark issue or maybe it just wanted to thumb its nose at Apple, but last week it began demonstrating to lawmakers how it cracked the security on the iPhone 5c of San Bernardino, California, gunman Syed Rizwan Farook.
The first legislator on the agency's demo list was Sen. Dianne Feinstein, D-Calif., who, with colleague Richard Burr, R-N.C., is drafting legislation to compel companies like Apple to extract data from their products or provide technical assistance to government authorities to extract the data when ordered to do so by a judge.
Feinstein and Burr's bill is a response to a recent tussle between the FBI and Apple. The FBI wanted Apple to write code that the agency could use to brute force the lock code on Farook's phone. Apple refused to do so, saying such code could be used to undermine the security of all iPhones.
Eventually the FBI found a way to access the data on the phone, but it's believed the method won't work with newer model iPhones. That's because Apple added another chip -- called the "Secure Enclave" -- to the latest models of its mobiles.
"What it does is lock up all the encryption keys," said Matthew Green, a professor specializing in cryptography at Johns Hopkins University.
"Even if you can hack the phone itself -- which is what the FBI did -- the encryption keys will still be locked up," he told TechNewsWorld.
Panic Room in a Phone
The secure enclave -- where high security functions, including login, are handled -- is a separate environment from the iPhone as a whole, noted Georgia Weidman, founder and CTO of Shevirah.
"If someone, be it a security researcher, the FBI or a malicious attacker, discovers an exploitable vulnerability that allows them to attack the latest iOS release, they will need another, likely more sophisticated exploit to take that access to the next level to also exploit the secure enclave," she told TechNewsWorld.
"Think of it like a panic room at a celebrity's home," Weidman continued. "There are walls, security guards, and all other manner of industry standards of home security on the house. A very skilled burglar may bypass them, but they will have to work even harder, basically starting again, to get into the panic room."
It was bad form for the FBI to show legislators how it compromised Farook's iPhone while keeping Apple in the dark about it, she added.
"As security researchers, when we find security issues we practice something called 'responsible disclosure.' We inform the vendor of the issue we found so it can be fixed," Weidman said.
"By refusing to share the technique they used with Apple so it can be fixed," she continued, "the FBI is moving into the territory of black hat hackers, or hackers for evil, keeping the vulnerability open so they can use it again as it suits them in other cases as they arise."