Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nokia Extorted For Millions Over Stolen Encryption Keys

Posted by Soulskill on from the good-showing-all-around dept.

jppiiroinen writes: At the end of 2007, when Nokia still had huge market share with Symbian devices, they failed to disclose that somebody had stolen their encryption keys and extorted them for millions of Euros. The Finnish National Bureau of Investigation has not been able to figure out who did it. "The blackmailer had gotten hold of the Symbian encryption key used for signing. The code is a few kilobytes in size. Had the key been leaked, Nokia would not have been able to ensure that the phones accept only applications approved by the company."

45 of 89 comments (clear)

  1. I wonder if motorcycles were involved by Anonymous Coward · · Score: 1

    all good ransom getaways seem to involve motocycles

  2. Needs more Spy Thrilling by psyclone · · Score: 3, Insightful

    The money was left in a bag at a parking lot nearby Särkänniemi amusement park. Then things went wrong. The blackmailer took the bag. Police, however, lost track of the blackmailer and the money was gone.

    What, no GPS transmitter in the filament of each paper Euro? Amateurs.

    1. Re: Needs more Spy Thrilling by Anonymous Coward · · Score: 1

      The euro banknotes are pure cotton fibre

    2. Re:Needs more Spy Thrilling by Anonymous Coward · · Score: 1

      What, no GPS transmitter in the filament of each paper Euro? Amateurs.

      Actually, the 1 and 2 unit currencies here on this side of the lake are not bills but coins. And while I wouldn't be surprised if our information hungry governmental overlords have tried putting GPS electronics in there, luckily the all-metal outside should keep us safe from any such spying activities.

    3. Re:Needs more Spy Thrilling by NotInHere · · Score: 1

      What, no GPS transmitter in the filament of each paper Euro? Amateurs.

      They have planned to add RFID. However AFAIK this has never been realized (yet).

  3. Feature or bug? by ron_ivi · · Score: 2, Insightful

    Nokia would not have been able to ensure that the phones accept only applications approved by the company.

    Sounds more like a feature than a bug. Do device "owners" really want phones that "accept only applications approved by the company".

    1. Re:Feature or bug? by The+MAZZTer · · Score: 1

      The problem is that any applications signed by the key would look like they were officially approved by the company, even if they were not. There would be no way to differentiate them... that's the purpose of the key!

    2. Re:Feature or bug? by jeffmflanagan · · Score: 4, Insightful

      >Do device "owners" really want phones that "accept only applications approved by the company".

      Of course they do. You may not have heard of it, but there's a device called an iPhone that's tremendously popular, and this feature is one of the reasons.

      Locked down devices are not for me, but one would have to really have their head in the sand to not notice that safer to use devices are popular with many, many people.

    3. Re:Feature or bug? by BasilBrush · · Score: 1

      Sounds more like a feature than a bug. Do device "owners" really want phones that "accept only applications approved by the company".

      On phones, yes. Phone users don't want their data compromised, or to end up being scammed for money. The thought that they are limited to one store doesn't even register as an issue. In fact they mostly like the idea of a single store where they can find every app.

      The Slashdot user's ideas of free software come from a RMS. Ordinary people have never heard of him let alone care what he thinks.

    4. Re:Feature or bug? by BasilBrush · · Score: 1

      And most ordinary users that use Android are doing so because they are cheap, or they are the phone that the salesman at the store pushed at them. They aren't doing it because they think they have access to multiple app stores. Of the Android minority that ever download an app, most of them will never go outside Google Play.

    5. Re:Feature or bug? by sjames · · Score: 2

      Also, the Tooth Fairy insisted. We don't know why.

    6. Re:Feature or bug? by sjames · · Score: 2

      And we know the key would never be used because the blackmailer pinkie swore.

    7. Re:Feature or bug? by ericloewe · · Score: 2

      The story is badly told. Symbian never restricted apps. I believe it did check their signatures on install, informing users (kinda like UAC in Windows).

    8. Re:Feature or bug? by mr_jrt · · Score: 2

      Yeah it did - my N95 (Symbian OS v9.2, S60 3rd Edition) was unable to play OGGs via the stock media player as the codecs weren't signed. Previous versions were able to fine, apparently.

      --
      Boo.
    9. Re:Feature or bug? by DarwinSurvivor · · Score: 2

      That's just it. The summary says "Had the keys been leaked..." when in reality it is very obvious that they were leaked, Nokia just paid somebody and hoped they wouldn't use it. Encryption keys aren't something you can just give back, and a giant certificate revocation would have been noticed by a lot of security researchers.

      Basically, this story boils down to the fact that Nokia is out millions of dollars and their infrastructure is STILL compromised. Pinky swear indeed...

    10. Re: Feature or bug? by shitzu · · Score: 1

      Also - "Had the key been leaked Nokia would not have been able to ensure that the phones accept only applications approved by the company."
      This choice of words implies that the money somehow miraculously prevented the key from leaking. The key already HAD LEAKED. All nokia got for the money was a promise that the leaked key won't be misused.

    11. Re: Feature or bug? by shitzu · · Score: 1

      What does a fleshlight app do? How does it... um... work?

    12. Re:Feature or bug? by marcello_dl · · Score: 1

      In the alternate universe where nokia execs say "Fuck you, disseminate the key" we have nokia with a hacker friendly smartphone platform OR an instantly obsoleted platform thanks to evil hackers. I guess they would be better off than this nokia.
      "Being broken" was the business model of microsoft windows and they became number one with it.

      --
      ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
    13. Re:Feature or bug? by Anne+Thwacks · · Score: 1
      Do device "owners" really want phones that "accept only applications approved by the company".

      No, and if this feature were dropped, a lot of us would want Symbian phones even now. This is the "feature" that killed Symbian. However, it was mandated by the carriers. It took Google to kill it, and Android gets stick daily for not having this "feature".

      --
      Sent from my ASR33 using ASCII
    14. Re:Feature or bug? by ericloewe · · Score: 1

      I believe my N97 had an option to allow unsigned apps (which were blocked by default, for obvious reasons).

      The stock media player not accepting new codecs is also different from the OS not accepting new apps that are unsigned.

    15. Re:Feature or bug? by queBurro · · Score: 1

      where be my moderator points?

      --
      sag
    16. Re:Feature or bug? by hobarrera · · Score: 1

      Nokia would not have been able to ensure that the phones accept only applications approved by the company.

      Sounds more like a feature than a bug. Do device "owners" really want phones that "accept only applications approved by the company".

      The dive can run any code, the signing key makes it look "officially approved" by Nokia.

  4. Why no key revocation strategy? by Anonymous Coward · · Score: 1

    Keys get compromised, expire, etc. They should have had a process for updating keys, and then it would have cost nothing but a little egg on the face for letting someone steal it.

    1. Re:Why no key revocation strategy? by Anonymous Coward · · Score: 1

      There should have been a scenario test where keys were released, or perhaps RSA or ECC itself gets cracked.

      Perhaps the best solution would be devices having both a symmetric key for the individual device, and a symmetric key for that model. That way, if all public keys were blown, there could be a mechanism for updates that would essentially use symmetric encryption to "sign" code [1].

      Of course, if the symmetric key database is compromised, it is a bad thing, but a company as big as Nokia can easily keep a database air-gapped with this info.

      [1]: Create a cryptographic hash, encrypt the hash with the key hidden in some armored ASIC. Then to validate the signature, check the update's hash by calculating the update and decrypting it.

  5. Load of BS by Anonymous Coward · · Score: 1

    I don't get why they actually paid people for this. Even if they received the key _back_ the attacker could have still used them.

    "nokia would not have been able to ensure that the phones accept only applications approved by the company"

    is complete BS, they could not verify that at the point they realized they screwed up key security.

    1. Re:Load of BS by Copid · · Score: 1

      That does sound really fishy. I guess if you're going to do that, you need to set the ransom low enough that the company will pay it for a "maybe he'll hold up his end of the bargain" level of assurance rather than a "problem is solved forever" level of assurance. If I said, "Give me a dollar or I'll expose your keys," it's probably worth a dollar to reduce the 100% probability of key exposure to anything marginally less than 100%. If I said, "Give me a hundred million dollars for an unkown but nonzero reduction in the probability that I'll expose your keys," that sounds like less of a good deal.

      The best part of this is that the blackmailer could also sell your keys to somebody who might use them without you ever knowing. Not only did they not know beforehand whether the keys were going to be kept secret, there's no way to be 100% sure even now that the keys were left unused.

      --
      An interesting anagram of "BANACH TARSKI" is "BANACH TARSKI BANACH TARSKI"
    2. Re:Load of BS by Anonymous Coward · · Score: 1

      How do you know ? They probably got an email signed with their own key, containing the ransom letter.

  6. No funny business by TsuruchiBrian · · Score: 1

    From a strategic point of view this is a clusterfuck. Why did Nokia put real money in the bag if they were planning to arrest the person that came to pick it up? If the police had succeeded then it wouldn't matter if the money was real. If the blackmailer gets away, then maybe, if you are lucky, he might keep his promise if he thinks you acted in good faith. But now I am reading a story on slashdot about how they tried to catch this guy and botched the plan, so now the blackmailer knows that Nokia was not acting in good faith. Now the blackmailer has no reason not to leak the keys, unless he plans to try to extort more money.

    1. Re:No funny business by Jumunquo · · Score: 1

      Too many potential points of failure - you could be quickly restrained or knocked out (like by a taser). They could cell jam you or otherwise intercept your data. Or they could have already hacked your phone in the time you picked up the bag and took it somewhere to check its contents. Better would be to set up some servers to send out the code at a certain time. If anything happens to you, then there's no one to disable that system.

      I agree that the blackmailer, once the money is in hand, is incentivized to keep his/her end of the bargain. Sending out the code would just leave a potentially traceable digital trail and just having the code on-hand is incriminating evidence. And in this case, where Nokia keeps dishonestly quiet, all you have on your tail are a few police officers that can't even follow a bag.

    2. Re:No funny business by Jumunquo · · Score: 1

      Regarding keeping the code, you'd have to hide it really well such that only you can retrieve it. You should encrypt or otherwise scramble it for starters. It's not that hard. Criminals are usually caught because they're either stupid, or because easy money is addictive, so they keep doing it, and eventually, something happens outside their calculations (and they tend to get more careless over time too).

  7. Trust... by Bert64 · · Score: 1

    So how do you trust a company? Profit is their primary goal, and if they feel that hiding a breach like this will be more profitable than disclosing it that's exactly what happens... Meanwhile, you now potentially have to also trust some criminals who have already demonstrated their willingness to commit blackmail.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!
  8. And now for the news... by msauve · · Score: 1

    Blackmailer blackmails blackmailer. More at 11.

    --
    "National Security is the chief cause of national insecurity." - Celine's First Law
  9. Unimaginable horror by WaffleMonster · · Score: 2

    Damn you just have to feel sorry for Nokia...

    I couldn't imagine the pain and suffering must be associated with selling devices and then losing the ability to control what software can be installed on them.

  10. Sherlock vs Moriarty by bswarm · · Score: 1

    Moriarty Calls every Nokia phone and broadcasts the image of himself laughing.

  11. Extort the extorer? by Kaz+Kylheku · · Score: 4, Funny

    Pay me, or you don't get to extort your users with your locking scheme! :)

  12. Carriers that hide the Unknown sources checkbox by tepples · · Score: 1

    Symbian had a toggle in the settings to disable signed app requirement.

    So does Android. But that doesn't stop carriers from forcing that signature requirement toggle on, just as AT&T did for the first several months that it sold Android phones (Motorola Backflip, HTC Aria, Samsung Galaxy S "Captivate"). And the vast majority of phones sold in the U.S. market during the Symbian era had carrier branding on them.

  13. Delegation of vetting by tepples · · Score: 1

    Do device "owners" really want phones that "accept only applications approved by the company".

    Yes.

    As BasilBrush and CronoCloud have explained here several times, the majority of people are not geeks and don't want to have to spend time doing their own vetting of safety, usefulness, and battery efficiency of apps. Instead, they choose to delegate this vetting to Nokia, Apple, Microsoft, Sony, Nintendo, etc. I've summarized the purported advantages of closed platforms.

    1. Re:Delegation of vetting by Somebody+Is+Using+My · · Score: 2

      I disagree. I do not think this is a major consideration for most users. The idea of multiple software stores, some of which may or may not be trustworthy, is not high on the list when comparing phones.

      Issues they do care about in general order of importance:
      * Cost of the phone
      * Provider support (e.g., will I be able to use this phone with my carrier)
      * Features of the phone (does it have a keyboard, or a camera, and what does it look like)
      * App support (can I download apps I am interested in?)

      The fact is, most people have a rudimentary understanding of how the apps work and what risks they are taking when they download software from the internet. Nor are they aware of how powerful and versatile these pocket-computers really are. So long as they get their email, facebook, music, mapping, a few choice games, and perhaps the usual word-processing apps, most people are satisfied with the selection they get from the app store (there may be more to that list, but for the vast bulk of people, everything they need or want can be had from the official app stores). It doesn't occur to them that they are "locked-in" because they already get everything they need so they don't go looking for more. However, when they do feel the restrictions - when they discover that FlappyBirds or whatever fad-app isn't available on the app store, they are more than willing to visit alternative sites to get their software fix, regardless of the risk this to which this puts their data.

      In other words, it is true that users usually do not care about being locked in to one application provider. But they also don't care that the official app-stores vet the software either and when push comes to shove they will readily accept software from any source. Once made aware of the issue, the multiple sources of apps is a selling point for Android, because it gives the users more selection. That it comes with significant risk to their privacy and data is rarely a consideration. When the garden wall gets in their way, they dislike it as much as power users without understanding the benefits it might bring.

  14. The benefit of freedom is flexibility by tepples · · Score: 1

    The Slashdot user's ideas of free software come from a RMS.

    Where you see "freedom" in arguments for free software, read "flexibility". The iPhone is less flexible in some ways than some other platforms. For example, there's no app for helping contribute to an access point database because Apple refuses to make the needed APIs public.

  15. When there's no app for that by tepples · · Score: 1

    People give a care when they find that they'll never be able to get an app for a particular task on their phone or tablet. Where's WiFi-Where for iOS? Where's a web browser for iOS capable of viewing a WebGL visualization of the brain? And where's a web browser that supports uploading documents created in an app, other than pictures and videos, to a web form?

  16. Re:Sigh by Jumunquo · · Score: 1

    Actually, paying the ransom was the best bet to protect the user. However, they also should have let everyone know they had been compromised, and that's the part where they put corporate greed before their customers.

  17. Re:Nice to trust the criminals by GameboyRMH · · Score: 1

    Execs can trust criminals for the same reason that sharks don't eat lawyers...professional respect ;-)

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  18. Re:Sigh by GameboyRMH · · Score: 1

    Corporations commonly pay ransoms to blackhats, it just doesn't get reported. I heard of a CEO once paying a 100kUS ransom to prevent his customer database from being released - with no evidence!

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  19. they should have encouraged the hacker by 0xdeaddead · · Score: 1

    since nobody wrote or used symbian in the android era anyways.

  20. Sounds like the Keystone Cops by Zontar_Thing_From_Ve · · Score: 1

    For those who don't understand the reference, the Keystone Cops were incompetent policemen in a series of American silent movies. I read the article linked to in the article and basically Nokia dropped the money off in a paper bag in a parking lot and the police watched the pickup and then completely lost the blackmailer. To this day they have no idea at all who got the money and it seems that Nokia has only the word of the blackmailer that they wouldn't use the keys for nefarious purposes.