Zoom recently announced that they were going to make end-to-end encryption available to all of their users–not just customers.
https://twitter.com/zoom_us/status/1320760108343652352
This is a good move, especially for people living in countries with inept leadership that failed to address the COVID-19 pandemic and therefore need to conduct their work and schooling remotely through software like Zoom. I enthusiastically applaud them for making this change.
End-to-end encryption, on by default, is a huge win for everyone who uses Zoom. (Art by Khia.)
The end-to-end encryption capability arrives on the heels of their acquisition of Keybase in earlier this year. Hiring a team of security experts and cryptography engineers seems like a good move overall.
Upon hearing this news, I decided to be a good neighbor and take a look at their source code, with the reasoning, “If so many people’s privacy is going to be dependent on Zoom’s security, I might as well make sure they’re not doing something ridiculously bad.”
Except I couldn’t find their source code anywhere online. But they did publish a white paper on Github…
(Art by Khia.)
Disclaimers
What follows is the opinion of some guy on the Internet with a fursona–so whether or not you choose to take it seriously should be informed by this context. It is not the opinion of anyone’s employer, nor is it endorsed by Zoom, etc. Tell your lawyers to calm their nips.
More importantly, I’m not here to hate on Zoom for doing a good thing, nor on the security experts that worked hard on making Zoom better for their users. The responsibility of security professionals is to the users, after all.
Also, these aren’t zero-days, so don’t try to lecture me about “responsible” disclosure. (That term is also problematic, by the way.)
Got it? Good. Let’s move on.
(Art by Swizz.)
Bizarre Design Choices in Version 2.3 of Zoom’s E2E White Paper
Note: I’ve altered the screenshots to be white text on a black background, since my blog’s color scheme is darker than a typical academic PDF. You can find the source here.
Cryptographic Algorithms
It’s a little weird that they’re calculating a signature over SHA256(Context) || SHA256(M), considering Ed25519 uses SHA512 internally.
It would make just as much sense to sign Context || M directly–or, if pre-hashing large streams is needed, SHA512(Context || M).
At the top of this section, it says it uses libsodium’s crypto_box
interface. But then they go onto… not actually use it.
Instead, they wrote their own protocol using HKDF, two SHA256 hashes, and XChaCha20-Poly1305.
While secure, this isn’t really using the crypto_box interface.
The only part of the libsodium interface that’s being used is [url=https://github.com/jedisct1/libsodium/blob/927dfe8e2eaa86160d3ba12a7e3258fbc322909c/src/libsodium/crypto_box/curve25519xsalsa20poly1305/box_curve25519xsalsa20poly1305.c#L35-L46]crypto_box_beforenm()[/url]
, which could easily have been a call to crypto_scalarmult()
instead (since they’re passing the output of the scalar multiplication to HKDF anyway).
(Art by Riley.)
Also, the SHA256(a) || SHA256(b) pattern returns. Zoom’s engineers must love SHA256 for some reason.
This time, it’s in the additional associated data for the XChaCha20-Poly1305.
Binding the ciphertext and the signature to the same context string is a sensible thing to do, it’s just the concatenation of SHA256 hashes is a bit weird when SHA512 exists.
Meeting Leader Security Code
Here we see Zoom using the a SHA256 of a constant string (“Zoombase-1-ClientOnly-MAC-SecurityCode
“) in a construction that tries but fails to be HMAC.
And then they concatenate it with the SHA256 hash of the public key (which is already a 256-bit value), and then they hash the whole thing again.
It’s redundant SHA256 all the way down. The redundancy of “MAC” and “SecurityCode” in their constant string is, at least, consistent with the rest of their design philosophy.
It would be a real shame if double-hashing carried the risk of invalidating security proofs, or if the security proof for HMAC required a high Hamming distance of padding constants and this design decision also later saved HMAC from related-key attacks.
Hiding Personal Details
Wait, you’re telling me Zoom was aware of HMAC’s existence this whole time?
I give up!
Enough Pointless Dunking, What’s the Takeaway?
None of the design decisions Zoom made that I’ve criticized here are security vulnerabilities, but they do demonstrate an early lack of cryptography expertise in their product design.
After all, the weirdness is almost entirely contained in section 3 of their white paper, which describes the “Phase I” of their rollout. So what I’ve pointed out here appears to be mostly legacy cruft that wasn’t risky enough to bother changing in their final design.
The rest of their paper is pretty straightforward and pleasant to read. Their design makes sense in general, and each phase includes an “Areas to Improve” section.
All in all, if you’re worried about the security of Zoom’s E2EE feature, the only thing they can really do better is to publish the source code (and link to it from the whitepaper repository for ease-of-discovery) for this feature so independent experts can publicly review it.
However, they seem to be getting a lot of mileage out of the experts on their payroll, so I wouldn’t count on that happening.
https://soatok.blog/2020/10/28/bizarre-design-choices-in-zooms-end-to-end-encryption/
#encryption #endToEndEncryption #zoom
As America prepares for record-breaking infection statistics on a daily basis, many of us are looking at other countries safely reopening and wondering, “Why can’t we have nice things?”What you see if you type “COVID-19 statistics” into a search engine. Data sourced from Wikipedia.
Of course, everyone has their favorite target to blame for this catastrophe. Democrats blame Republicans. Republicans blame Democrats.
I’m not interested in blame. Regardless of who takes the blame in the end, the responsibility for fixing this problem is shared among everyone. Instead, I’m more interested in answering the “Why?” question.
Why Did Things Get This Bad?
Art by circuitslime.There are a lot of popular theories–many of them politically useful–about why the COVID-19 crisis is particularly bad in the United States.
A Failure of Trump’s Leadership?
Let’s get this one out of the way:Was the current hellscape we found ourselves in a direct consequence of Donald J Trump’s failure to ethically and responsibly use his power as President of the United States in the best interest of the people?
https://www.youtube.com/embed/svrxYLvJYto?feature=oembed
“It’ll miraculously go away in April!” – Morons
It’s certain that Trump has totally failed at leadership, but I don’t think that’s a satisfactory explanation for the current crisis.https://www.youtube.com/embed/s9vzT-0hchw?feature=oembed
That is not to say that Trump is without fault! Just that the problem is bigger than one idiot in a three piece suit.
Challenges Due to Scale?
A lot of the countries that performed better at responding to COVID-19 had smaller populations and occupied smaller land masses than the United States. Is that a reasonable explanation for why the USA suffers?Per-capita analyses and samples from other countries with similar populations and occupied surface area would be consistent with the USA if that was the reason. This problem is mostly uniquely American.
Are the Protesters at Fault?
COVID-19 has an incubation period of up to two weeks.The first signs of an uptick in COVID-19 infections was visible early into the nationwide Black Lives Matter protests, which implicates an earlier cause. The most likely one was the Memorial Day weekend celebrations that took place before George Floyd’s murder sparked widespread outrage.
Indeed, a further analysis did not show an uptick of COVID-19 infections even 4 weeks into the nationwide protests (which is two incubation periods).
Instead, the sharp spike in COVID-19 infections–factoring in the incubation period–coincided with states reopening their bars and restaurants. (Especially Florida.)
Why Things Are So Bad Today
The problem that America faces is the same one we’ve been faced with for many decades: Rampant Anti-Intellectualism.https://www.youtube.com/embed/bZnBL2dFgyI?feature=oembed
American anti-intellectualism is the juxtaposition of proud ignorance and conspiracy theories.
Let me ask all you female mask wearing ASSHOLES… are you ready to put a burka on next?That mask is NOT about your safety…. it's about MIND CONTROL
The only reason I know masks are worthless is because Andrew Cuomo keeps telling EVERYONE to wear one
Stick it up your ass!
— 🇺🇸🍺TRUMP WON🍺🇺🇸 (@PISDI94_96) June 30, 2020
Tweet is also archived in case it gets deleted.
Anti-intellectualism takes many forms:Every single time y'all tell me you're not ready to submit a talk on a subject you've been researching for months, I want you to think about "I don't actually ride in Ubers" internet-commentator guy. pic.twitter.com/aK2LAcFtzb— Lesley Carhart (@hacks4pancakes) July 1, 2020
People are so willing to die on the hill of their ignorance that even literally dying doesn’t deter them from campaigning for self-destruction.
RIGHT NOW: Dozens are marching in Sanford chanting “My body. My choice.” They are protesting after a mask order went into place in Seminole County today. pic.twitter.com/kMT7EebDKN— Stephanie Buffamonte (@StephBuffamonte) July 1, 2020
The reason that things are so bad in the United States of America boils down to the following:
- Too many Americans are proud to be ignorant, and in many cases, argue in support of “my ignorance is just as good as your facts”.
- Too many Americans are susceptible to bullshit conspiracy theories.
- Too many Americans are so selfish and short-sighted that they’d rather go to bars and waste money they don’t have on alcohol and shallow conversation than save the lives of the people they profess to love and care about.
- Conservative politics and media is a death cult that literally turned “wearing a mask to stop COVID-19” into a culture war issue.
- The people I’ve described in points 1-4 vote in every election, to make sure someone representing their bullshit has a seat at the political table.
It’s far too tempting to scapegoat the sitting President–especially when they’re as terrible as Donald J Trump. But if you do that, you’re ignoring the reason that he’s in the oval office to begin with.
Willful Ignorance Kills
I’ve talked about this before, when I used to write on Medium:
- https://medium.com/@soatok/american-ignorance-in-2020-c72c78d11dbb
- https://medium.com/@soatok/dear-furries-bullshit-and-misinformation-will-hurt-you-4a6f531d62bd
The sole cause for the situation we’re in is the same anti-intellectualism that Isaac Asimov complained about back in 1980.
Even if you want to solely blame Donald Trump, about 40% of Americans currently approve of his presidency (archive).
How to Escape This Hellscape
Art by Swizz.The only way to get out of the mess we’re in today is to stop tolerating ignorance and bullshit in your daily life. (Yes, this means you too, furry fandom! It’s not “all fun and games” anymore.)
That means, at a minimum:
- Not spreading the Myers-Brigg personality test bullshit
- Not giving the anti-LGBTQIA+ bigots at Chick-Fil-A any money
- Listening to experts (this means: SCIENTISTS, not talk show hosts or politicians)
- Being willing to admit “I don’t know” and then being curious enough to seek the truth
- Stop reading or financially supporting biased news media
Even if we manage to get out of the current COVID-19 hellscape without addressing these flaws, the next catastrophe will hit us just as hard.
Can People’s Minds Be Changed?
No. I don’t think most of the willfully ignorant assholes currently living in America that favor Trump’s presidency today are willing and capable of redemption.There will be exceptions, and we should remain open to the possibility of some people coming around, but in general most of these jerks will dig their heels in when pressured.
Instead, we’re going to have to wait for them to die off naturally.
What we can do in the meantime is promote better education for the American kids.
https://www.youtube.com/embed/ILQepXUhJ98?feature=oembed
A nation of enlightened free-thinkers fully capable of critical thought would be a good thing (even if Carlin thinks it will never happen). And we can get there, eventually.
All it takes is everyone deciding to be humble and actually verify what other people tell them (n.b. by referencing reputable sources).
It might not make a difference today, but in 10 or 20 years, a consistent effort to enable younger Americans to become smarter, wiser, and more empathetic than their parents and grandparents will change the political landscape of our country–and maybe even the world–for the better.
Art by Khia
Of course, the Powers That Be know that, which is why we see bullshit like this keep happening during a pandemic:
With a stroke of his veto pen, Gov. Ron DeSantis wiped out the entire $29.4 million budget for a suite of online education services that have become critical to students and faculty during the Covid-19 outbreak https://t.co/6PMop4SIPv— POLITICO (@politico) June 30, 2020
Remember, DeSantis is the governor of the state whose COVID-19 infections-per-day graph looks like this:
You can see a clear data pattern with Florida's COVID-19 with a lull each Sunday. I've computed the baseline for this week (Sunday's numbers) and the last two weeks' increase relative to Sunday. We're easily on track to hit 10,000 new cases Friday-ish, maybe even higher. pic.twitter.com/8pnXF5uEwR— 💙💛 "Dog Boy" Nex' 💙💛 (@NexJql) July 1, 2020
It won’t be easy. Bullshit is everywhere. But it’s doable.
Addendum: A Carnival of Stupid
In case you still had any doubt about the potent lethality of American anti-intellectualism, look no further than this story:Florida teen dies after conspiracy theorist mom takes her to church ‘COVID party’ and tries to treat her with Trump-approved drug: report – https://t.co/Bw3SMVitxx— Jeffrey Levin 🇺🇦 (@jilevin) July 6, 2020
We have to demand better of ourselves before we can demand better of others. But damn if the bar isn’t really, really low to begin with.
I believe someday we'll open up textbooks and find this screenshot under the definition of "cognitive dissonance". pic.twitter.com/n535Obq6SB— 🦊 Ennex is trying this again! 🦊 (@EnnexTheFox) July 7, 2020
The White House Press Secretary on Trump's push to reopen schools: "The science should not stand in the way of this."
— Jim Acosta (@Acosta) July 16, 2020
https://soatok.blog/2020/07/02/how-and-why-america-was-hit-so-hard-by-covid-19/