Lucky
Essential
- Joined
- 14.09.20
- Messages
- 97
- Reaction score
- 464
- Points
- 33
Synchronization of the messenger with contacts from the address book (contact discovery) is a very convenient function. When a new person installs the application, a large list of contacts is automatically added to it, and if someone first installed the messenger, then a notification about this comes to all his friends. Unfortunately, this feature can be used by government agencies and other attackers to track people down. The existing methods of protection are not yet very effective.
Although Telegram has very tight limits on the number of API requests, it is also not completely secure.
The intersection of closed sets of protocols
to search for contacts without disclosure are cryptographic protocols intersection of closed sets (private set intersection). This technique computes the intersection of the input set of one side ("client") with the input set of the second side ("server"), so that the client knows only the set of intersections, and the server knows only the size of the input set of the client.
However, these protocols are currentlyare not effective enough for mobile applications with billions of users. In addition, PSI still does not solve absolutely all privacy issues, since it cannot prevent brute-force attacks.
Social graph Leak
At last year's conference on computer security USENIX Security 2019 was presented the reportwith proof that many mobile messengers (including WhatsApp) facilitate contact discovery by uploading all contacts from the user's address book to the server and subsequently storing them on the server, even if no match is found. Thanks to this, the service can notify the user about new registered contacts, as well as build a complete social graph for each person. These columns are supplemented with information from other sources. The main privacy issue is that contact information can be leaked to the public and used for fraud, discrimination, blackmail, damage to reputation, or police investigations. The server can also be compromised, which leads to the disclosure of confidential information, even if the developers of the messenger themselves did not sell the accumulated base.
To protect against this threat, some mobile apps (including Signal) hash contacts. Unfortunately, the low entropy of phone numbers makes it easy to reverse (decrypt) hashes , so this protection is ineffective.
Crawling
But the main method of collecting contact information is crawling . Since the services usually have no restrictions on the registration of new users, you can register any number of fake accounts with a random set of contacts in the address book. Thus, you check the presence of each phone number in the database - and collect available information on their owners.
Services are not able to completely block such an attack, since users must be able to request information about contacts from the server. The only defense method is to limit the number of requests (see the table below in the section describing the attack).
With the help of crawling, a user base is collected. In addition to the phone number, this database may include other information that the user has indicated about himself and opened for everyone to see. What information will be included in the database depends on the privacy settings. Since the vast majority of users do not change the default settings, this aspect is also under the control of the messenger developers.
Previous scientific work has shown that by tracking user metadata in messengers (time of online appearance), you canbuild accurate models of behavior .
Comparison of this information with other social networks and publicly available data sources allows third parties to build even more detailed profiles .
In commerce, such knowledge is used for targeted advertising or fraud, from a personal point of view - for blackmail or planning a crime, and from the point of view of the state - to prosecute citizens . This is how the Hong Kong authorities calculated users who are members of the Telegram protest groups. The data of several thousand users of the Telegram channel were published in Russia in 2019 (as the investigation showed, the source of the data is the Ministry of Internal Affairs).
It is known that the Insider Telegram de-anonymization program works for crawling Russian users. The developers say that the enumeration of numbers allowed to compile a database of more than 10 million users. The service allegedly shows which phone number corresponds to the Telegram account.
Insider Telegram works as part of the Laplace Demon system (only for legal entities and government agencies), there are rumors about a similar Cryptoscan system and other developments.
There is evidence that the power structures of Belarus are also beginning to use similar crawling techniques as in Russia, since Telegram has now become the main communication tool for citizens.
German researchers have demonstrated two types of attacks on instant messengers in their scientific work:
For crawling, the researchers used modest resources:
Communication with Telegram was carried out through the official TDLib library , which is released for many languages and platforms. Any application can be passed off as a Telegram client if you integrate the TDLib library and receive an authentication token, which is done with minimal effort.
WhatsApp and Telegram transmit contact information in clear text (over encrypted channels). WhatsApp stores the numbers of registered users on servers in clear text, and hashes the numbers of unregistered users in MD5.
Signal does not store contacts from users' address books on the server. Instead, each client periodically sends hashes of all their contacts to the server to check against the database of registered users. But these hashes are easy to decipher.
Conclusions
Now 50% of WhatsApp users have a photo of their account posted in the public domain, and 90% have their "About me" information open. Interestingly, 40% of users of the secure and private Messenger Signal have fully open WhatsApp profiles.
Prior to the publication of this work, the results were sent to WhatsApp, Signal and Telegram. Signal has acknowledged the problem, reduced request limits and promised to implement other anti-crawling methods. Facebook paid researchers a bounty for the vulnerabilities found and deployed improved protection for syncing WhatsApp contacts. Finally, Telegram has developed additional countermeasures against data scraping within the established limits. Now the system is trying to determine crawling of the base of numbers based on specific characteristics - and blocks it after 20-100 matches instead of 5000.
Today Telegram is the best messenger to fight against users crawling. Following the 2019 Hong Kong protests with personal data leaks of protest group usersTelegram has tight limits and timeouts that make crawling a very difficult technical task.
According to the authors, currently the most effective measure of protection for users is to revise their privacy settings. It is highly undesirable to leave the default values. For maximum security in conditions of government surveillance, it is better to register an account in the messenger with a fake number.
Although Telegram has very tight limits on the number of API requests, it is also not completely secure.
The intersection of closed sets of protocols
to search for contacts without disclosure are cryptographic protocols intersection of closed sets (private set intersection). This technique computes the intersection of the input set of one side ("client") with the input set of the second side ("server"), so that the client knows only the set of intersections, and the server knows only the size of the input set of the client.
However, these protocols are currentlyare not effective enough for mobile applications with billions of users. In addition, PSI still does not solve absolutely all privacy issues, since it cannot prevent brute-force attacks.
Social graph Leak
At last year's conference on computer security USENIX Security 2019 was presented the reportwith proof that many mobile messengers (including WhatsApp) facilitate contact discovery by uploading all contacts from the user's address book to the server and subsequently storing them on the server, even if no match is found. Thanks to this, the service can notify the user about new registered contacts, as well as build a complete social graph for each person. These columns are supplemented with information from other sources. The main privacy issue is that contact information can be leaked to the public and used for fraud, discrimination, blackmail, damage to reputation, or police investigations. The server can also be compromised, which leads to the disclosure of confidential information, even if the developers of the messenger themselves did not sell the accumulated base.
To protect against this threat, some mobile apps (including Signal) hash contacts. Unfortunately, the low entropy of phone numbers makes it easy to reverse (decrypt) hashes , so this protection is ineffective.
Crawling
But the main method of collecting contact information is crawling . Since the services usually have no restrictions on the registration of new users, you can register any number of fake accounts with a random set of contacts in the address book. Thus, you check the presence of each phone number in the database - and collect available information on their owners.
Services are not able to completely block such an attack, since users must be able to request information about contacts from the server. The only defense method is to limit the number of requests (see the table below in the section describing the attack).
With the help of crawling, a user base is collected. In addition to the phone number, this database may include other information that the user has indicated about himself and opened for everyone to see. What information will be included in the database depends on the privacy settings. Since the vast majority of users do not change the default settings, this aspect is also under the control of the messenger developers.
Previous scientific work has shown that by tracking user metadata in messengers (time of online appearance), you canbuild accurate models of behavior .
Comparison of this information with other social networks and publicly available data sources allows third parties to build even more detailed profiles .
In commerce, such knowledge is used for targeted advertising or fraud, from a personal point of view - for blackmail or planning a crime, and from the point of view of the state - to prosecute citizens . This is how the Hong Kong authorities calculated users who are members of the Telegram protest groups. The data of several thousand users of the Telegram channel were published in Russia in 2019 (as the investigation showed, the source of the data is the Ministry of Internal Affairs).
It is known that the Insider Telegram de-anonymization program works for crawling Russian users. The developers say that the enumeration of numbers allowed to compile a database of more than 10 million users. The service allegedly shows which phone number corresponds to the Telegram account.
Insider Telegram works as part of the Laplace Demon system (only for legal entities and government agencies), there are rumors about a similar Cryptoscan system and other developments.
There is evidence that the power structures of Belarus are also beginning to use similar crawling techniques as in Russia, since Telegram has now become the main communication tool for citizens.
German researchers have demonstrated two types of attacks on instant messengers in their scientific work:
- hash reversal: creation of large dictionaries with all possible hash values for all phone numbers in the world, brute force in hashcat, rainbow tables of a new design.
- Crawling: Within a few weeks, researchers were able to check 10% of all US mobile phone numbers on WhatsApp and 100% on Signal. The results are shown in the table below
For crawling, the researchers used modest resources:
- free application Hushed for registering customers with new phone numbers;
- VPN subscription for changing IP addresses;
- one laptop with emulators of several Android devices.
Communication with Telegram was carried out through the official TDLib library , which is released for many languages and platforms. Any application can be passed off as a Telegram client if you integrate the TDLib library and receive an authentication token, which is done with minimal effort.
WhatsApp and Telegram transmit contact information in clear text (over encrypted channels). WhatsApp stores the numbers of registered users on servers in clear text, and hashes the numbers of unregistered users in MD5.
Signal does not store contacts from users' address books on the server. Instead, each client periodically sends hashes of all their contacts to the server to check against the database of registered users. But these hashes are easy to decipher.
Conclusions
Now 50% of WhatsApp users have a photo of their account posted in the public domain, and 90% have their "About me" information open. Interestingly, 40% of users of the secure and private Messenger Signal have fully open WhatsApp profiles.
Prior to the publication of this work, the results were sent to WhatsApp, Signal and Telegram. Signal has acknowledged the problem, reduced request limits and promised to implement other anti-crawling methods. Facebook paid researchers a bounty for the vulnerabilities found and deployed improved protection for syncing WhatsApp contacts. Finally, Telegram has developed additional countermeasures against data scraping within the established limits. Now the system is trying to determine crawling of the base of numbers based on specific characteristics - and blocks it after 20-100 matches instead of 5000.
Today Telegram is the best messenger to fight against users crawling. Following the 2019 Hong Kong protests with personal data leaks of protest group usersTelegram has tight limits and timeouts that make crawling a very difficult technical task.
According to the authors, currently the most effective measure of protection for users is to revise their privacy settings. It is highly undesirable to leave the default values. For maximum security in conditions of government surveillance, it is better to register an account in the messenger with a fake number.