Most active commenters
  • giancarlostoro(3)

←back to thread

Should We Chat, Too? Security Analysis of WeChat's Mmtls Encryption Protocol

(citizenlab.ca)
157 points lladnar | 33 comments | 16 Oct 24 20:06 UTC | HN request time: 0.203s | source | bottom
1. dtquad ◴[16 Oct 24 20:54 UTC] No.41863765[source]
The Chinese government has direct access to the WeChat backend so it's unlikely that these weaknesses were government mandated. Probably just the result of overworked 996 developers:

>The name 996.ICU refers to "Work by '996', sick in ICU", an ironic saying among Chinese developers, which means that by following the "996" work schedule, you are risking yourself getting into the ICU (Intensive Care Unit)

https://github.com/996icu/996.ICU

replies(8): >>41863871 #>>41863929 #>>41866186 #>>41866291 #>>41867063 #>>41867793 #>>41869162 #>>41869396 #
2. ◴[16 Oct 24 21:07 UTC] No.41863871[source]
3. daghamm ◴[16 Oct 24 21:16 UTC] No.41863929[source]
WeChat is basically one of the tools the communist party uses to control the population. If something is on there it is most likely by design.

Off topic (or is it?): While back a western journalist in China reported that her wechat account was banned 10 minutes after changing her password to "fuckCCP"...

replies(5): >>41863953 #>>41864287 #>>41865365 #>>41865635 #>>41866132 #
4. tptacek ◴[16 Oct 24 21:20 UTC] No.41863953[source]
The point being made in the preceding comment is that the threat model for WeChat already overtly includes its operators being able to puncture its confidentiality. It doesn't make a lot of operational sense to introduce complicated cryptographic backdoors (such as the IV construction, which the authors say could potentially introduce an AES-GCM key/IV brute forcing attack) when you control the keys for all the connections in the first place.
replies(2): >>41864500 #>>41867645 #
5. homebrewer ◴[16 Oct 24 22:02 UTC] No.41864287[source]
I had my account banned for absolutely no reason (I didn't even use it to talk to anyone and was simply learning the interface myself to explain it later to a friend who was traveling to China). You can't infer anything from that story. Their "security" automation is even more paranoid than Google's, that's probably all there's to it.
6. throwaway48476 ◴[16 Oct 24 22:29 UTC] No.41864500{3}[source]
Not only control keys, but control the software update mechanism (backdoor a la xz).
7. olalonde ◴[17 Oct 24 00:47 UTC] No.41865365[source]
The issue of accounts being banned after a password change is quite common, especially outside of China. This isn't related to the content of the new password.

Additionally, it's unlikely that the protocol has government-mandated vulnerabilities, as such weaknesses could potentially allow foreign governments to spy on WeChat users that are abroad. The Chinese government doesn't need such weaknesses, as they have access to the servers.

replies(1): >>41868445 #
8. mmooss ◴[17 Oct 24 01:40 UTC] No.41865635[source]
> If something is on there it is most likely by design.

It's a common mistake to overestimate the 'bad guy'. The Chinese government, like all other large human institutions, certainly does plenty of dumb stuff.

replies(1): >>41867344 #
9. lucw ◴[17 Oct 24 03:21 UTC] No.41866132[source]
The server-side store a full plain text archive with government access is by design. the weak encryption is NOT by design. It's due to incompetent programmers.
10. notpushkin ◴[17 Oct 24 03:32 UTC] No.41866186[source]
Most likely, yeah. This also reminds me of the issues with KakaoTalk:

https://stulle123.github.io/posts/kakaotalk/secret-chat/

https://stulle123.github.io/posts/kakaotalk-account-takeover..., https://news.ycombinator.com/item?id=40776880

Wondering if Line is next up!

11. firen777 ◴[17 Oct 24 03:59 UTC] No.41866291[source]
> The Chinese government has direct access to the WeChat backend

Oh dear, I need to rant about this.

Everyone and their grandma know in their guts that the ccp keep every single thing you ever send. So why on earth do wechat not back up your convo (a bog standard feature that is available to even e2ee messengers) when you need to switch to a new phone? Yes, I know you can transfer data locally (with unintuitive process since wechat does not support simultaneous login on multiple devices) but what happens if your old phone outright died? I already relinquish all my privacy to the overlord so can they at least give us back some usability instead of this archaic pos?

Just need to vent my recent painful experience.

replies(1): >>41870299 #
12. chvid ◴[17 Oct 24 06:52 UTC] No.41867063[source]
Yes. The Chinese government likely have "front door" access rather than having to rely on capturing network traffic and exploit some hidden weakness in a protocol.

But why are Chinese companies making their own security protocol / libraries rather adopting "cryptographic best practices"? Do they actually think that common crypto libraries are flawed? Or is this a part of China's deep tech / self-sufficient efforts?

replies(3): >>41867621 #>>41869526 #>>41874721 #
13. shiroiushi ◴[17 Oct 24 07:46 UTC] No.41867344{3}[source]
Hanlon's Razor: never ascribe to malice that which can be adequately explained by incompetence or stupidity.
14. randomNumber7 ◴[17 Oct 24 08:45 UTC] No.41867621[source]
Probably they think more control is still better.
15. randomNumber7 ◴[17 Oct 24 08:49 UTC] No.41867645{3}[source]
And the argument is pretty weak. It doesnt cost them much to introduce cryptographic backdoors. Once they have done this they have even more control. It is then also less effort, because you don't have to deal with a company (like WeChat) directly to spy on their customers.
replies(1): >>41871976 #
16. lloyds_barclays ◴[17 Oct 24 09:15 UTC] No.41867793[source]
Just my personal experience.

One of my family members who lived in China was involved in a Ponzi fraud couple years ago. They told me that when they entered the interrogation room, officers had already printed out their WeChat chatting history, even before they handed out their phone.

replies(1): >>41868745 #
17. Spooky23 ◴[17 Oct 24 11:12 UTC] No.41868445{3}[source]
“The government” isn’t a single entity. Agents within the bureaucracy have to within rules and policies. And the front door access methods have things like audit trails to prevent internal abuse.

There are many scenarios where the existence of an official investigation as evidenced by said audit logs is undesirable for a variety of reasons.

replies(1): >>41869691 #
18. okasaki ◴[17 Oct 24 11:50 UTC] No.41868745[source]
Well there's (at least) two people involved in a chat. They could have just gotten it from the other person.
replies(1): >>41870286 #
19. nhggfu ◴[17 Oct 24 12:47 UTC] No.41869162[source]
meanwhile, the US gov + their buddies have access to global skype chats.
replies(1): >>41870166 #
20. CorrectHorseBat ◴[17 Oct 24 13:17 UTC] No.41869396[source]
I've heard even banks can get access to your WeChat history
21. ganyu ◴[17 Oct 24 13:33 UTC] No.41869526[source]
Most of those devs back in 2011 were rookies, and many still are now. It would've been lucky enough for them to have even heard of the word 'asymmetric encryption'. And you can still find many public APIs in the WeChat docs (in 2022) that uses hand-written AES stuff that, unfortunately, uses ECB.

Back in those days where the CN internet infrastructure as we see today was laid down, devs and PMs literally didn't know for sure what were they doing, but they still worked overnight because it the new features must be shipped before next weekend.

And since the services worked pretty well until today it's kinda better to keep the s__tpile there and don't change it. Also there's a lot of unmaintained 'PWA's in the wild that relies on legacy APIs that you dare not to break.

replies(1): >>41869920 #
22. mschuster91 ◴[17 Oct 24 13:53 UTC] No.41869691{4}[source]
> Agents within the bureaucracy have to within rules and policies. And the front door access methods have things like audit trails to prevent internal abuse.

In Western countries, yes - but even there, abuse and evasion of audit trails is quite common. The most infamous scandal here in Germany was around a cop station that more than not resembled a pig sty when it comes to procedures [1] - after the address of a lawyer representing the victims of the far-right NSU terror crew got leaked to another far-right terror cell, the audit trail led to a precinct in Frankfurt but went cold there as supposedly, the cops there all used a shared account of one of them. IMHO, every single one of these cops should have faced a year or two in jail for that stunt.

[1] https://taz.de/Ermittlungen-zu-NSU-20-eingestellt/!5989941/

23. chvid ◴[17 Oct 24 14:19 UTC] No.41869920{3}[source]
So they are just stupid, overworked and stuck with their own spaghetti?
replies(1): >>41879437 #
24. talldayo ◴[17 Oct 24 14:45 UTC] No.41870166[source]
America ensures access to a whole lot more than just Skype: https://www.malwarebytes.com/blog/news/2021/12/heres-what-da...
25. giancarlostoro ◴[17 Oct 24 14:58 UTC] No.41870286{3}[source]
I read it as their entire chat history.
26. giancarlostoro ◴[17 Oct 24 14:59 UTC] No.41870299[source]
...why do you use it if there's a million superior services that do not do that and transfer your history correctly?
replies(3): >>41870353 #>>41870768 #>>41876062 #
27. mrWiz ◴[17 Oct 24 15:47 UTC] No.41870768{3}[source]
I'm going to guess that at least some of the people firen777 wants to message don't use those services.
replies(2): >>41875747 #>>41876255 #
28. tptacek ◴[17 Oct 24 17:58 UTC] No.41871976{4}[source]
Look at the weaknesses in this blog post; can you tell me which ones are suggestive of a broadly-useful backdoor that would be deployed to avoid having to deal directly with Tencent, which is already controlled by the CCP?
29. heinternets ◴[17 Oct 24 23:08 UTC] No.41874721[source]
China have their own crypto standard OSCCA, which uses the SM4 cipher, SM3 hash function etc instead of using the AES, ECDH, RSA algorithms everyone else does. The OSCCA standard are only approved for use in China.
30. tailspin2019 ◴[18 Oct 24 02:03 UTC] No.41875747{4}[source]
Likely *can’t use those services
31. firen777 ◴[18 Oct 24 03:14 UTC] No.41876062{3}[source]
Network Effect is a bitch.
32. giancarlostoro ◴[18 Oct 24 04:06 UTC] No.41876255{4}[source]
Fair enough... Unfortunately...
33. ganyu ◴[18 Oct 24 13:46 UTC] No.41879437{4}[source]
i'd prefer the term 'less experienced' but yes.