This article glosses over a few important details.<p>The reason that end to end encryption exists is precisely because man in the middle attacks are possible, and always will be. This kind of attack is devastating for Telegram, because by default they don't use end to end encryption, and instead store the entire plaintext history of every message you've ever sent or received, all of which an attacker instantly gets access to.<p>For WhatsApp, everything is end to end encrypted by default, so the attacker doesn't get any message history. All of the contacts for the MITM'd user also get a notice that their contact's security code changed, and a comparison will fail to match. This is exactly what E2E was built to protect against.
Is there a translation of how they got into SS7? Google rejects the PDF as too large to translate.[1]<p>[1] <a href="http://www.ptsecurity.ru/download/PT_SS7_security_2014_rus.pdf" rel="nofollow">http://www.ptsecurity.ru/download/PT_SS7_security_2014_rus.p...</a>
SMS verification really sucks. It's hugely helpful because it is an 'open social graph' to use a Zuckerbergism. However, it's not at all designed to do this. It's like the problem with SSL verifying ownership via email - ok at first sight, but then say you run a webmail service and you can register webmaster@, game over without any crypto bother. Or just trojan the webmaster@ mailbox and get control over the guy that runs it and issue a valid cert. Insta-MITM.<p>Mobile numbers are easy to spoof and easy to port away from people. In most countries telco regulators look at how easy it is to port cell numbers as a badge of honour on how efficient their mobile regulation is. Just like everything, attackers will rush to the easiest point of failure. In this it's SMS and using phone numbers as a trusted identifier.<p>In the UK you need to get a "PAC code" to change provider, but it's not hard to social engineer that if you went through someones trash and grabbed an old cell bill. The number will be ported in a day or less and even worse, there's no way for you to port it back quickly since you'll have no idea who it's got to. And with it your WhatsApp, etc will all be gone security wise.<p>All this talk of "oh just enable these super warnings and scan QR codes" is nonsense. People port phone numbers and move phones all the time, these warnings can't be this strong otherwise half your phonebook would false positive.
SS7 is broken beyond repair, infact it being a walled garden is the only security it ever had.<p>This ccc talk is a good intro - <a href="https://media.ccc.de/v/31c3_-_6122_-_en_-_saal_1_-_201412271830_-_mobile_self-defense_-_karsten_nohl" rel="nofollow">https://media.ccc.de/v/31c3_-_6122_-_en_-_saal_1_-_201412271...</a>
The real problem is not Telegram or WhatsApp, it's the banks that insist on using SMS as a secure authentication channel for authorizing transactions.
>...encrypted apps use SMS authentication to identify and authenticate users participating in encrypted conversations<p>Is this true? Because it's common knowledge that SMS is insecure. So I don't understand how why anyone would want to use it for secure authentication - especially in the case of Whatsapp.
I realize every new outlet on the internet is regurgitating this story but if I call you via whats app and are both using wifi does the communication even transit an SS7 gateway at all? Why would it? Also SS7 is generally a closed system, not anyone can connect to an SS7 gateway. To signal to a carrier's SS7 gateway you have to either be a subscriber or carrier that has agreement with the owner of a SS7 gateway to terminate traffic, since this is how calls are billed. For an external carrier to connect to another carriers SS7 gateway they need to know your "code points"(kind of like an IP address for SS7.) in advance. There wasn't a lot to go on in the google translated doc.
All the more reason to find an alternative to SMS based authentication.<p>It is somewhat comforting to know that message history cannot be retrieved from WhatsApp or other E2E apps like Threema.
To mitigate this issue on WhatsApp, enable security notifications in settings and verify your contacts QR code.<p>If you go to a contact there is a QR code you can scan to verify a contact. If the code of a contact changes, WhatsApp will tell you.
i can't say much for telegram as their encryption has been broken, and is not an openned, but whatsapp's new signal protocol designed by moxy marlinspike doesn't use sms to authenticate. It doesn't by default require authentication, but rather has it as an option and the option generates a long 80 character passcode or QR code, to be communicated in person or via some out of band communication channel, similar to threma. Maybe they are talking about old whatsapp?
So trust on first use -style system can be attacked by intercepting the initial handshake? Yay... I suppose next the researchers will show how to MITM SSH with free wifi hotspot.
> "The researchers, using their Linux laptop..."<p>My eye twitched a little when I read that. Is the author trying to suggest that Linux is some hackers-only operating system?