Slashdot Mirror
Popular Android Package Uses Just XOR -- and That's Not the Worst Part
siddesu writes A popular "encryption" package for Android that even charges a yearly subscription fee of $8 actually does nothing more than give a false sense of security to its users. Not only is the app using a worthless encryption method, it also uses weak keys and "encrypts" only a small portion of the files. One wonders how much snake oil flows through the app stores, from "battery savers" to "antivirus." What is the most worthless app purchase you made? Did you ask for a refund?
CTIA - "The Best App of CTIA by the Techlicious 2012 Best of CTIA Awards"
PC Magazine - "PC Magazine Best Apps"
TRUSTe - Received "TRUSTe Privacy Seal"
Global Mobile Internet Conference App Space - "A top 50 app"
Thanks, I will take a note to never trust these web site reviews.
Was Windows.
Unless it's used with ROT13.
Get free satoshi (Bitcoin) and Dogecoins
is that it doesn't matter how weak your keys are!
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
I hardly expect high standards, adherence to even basic good practice, or other non-awfulness from most of the wretched 'app' morass; but I'm a bit surprised that whoever made this one found it easier to build a hilariously worthless system from scratch, rather than misuse, and probably violate the license of, some existing encryption library or command line application(or, y'know, go crazy and use the Android Cryptography API)...
There's still plenty of room for error when using someone else's tools, so I wouldn't necessarily expect the results to be bulletproof; but "actually uses an encryption algorithm; pity it fucks up key management." would at least be doable.
I mentioned to the subscription that Microsoft used Rot13 to "encrypt" some registry entries in version W2K (I think was the version)
After reading bout XOR, ROT13 would be just about as good.
Not familiar with ROT13? = Abg snzvyvne jvgu EBG13?
What is the most worthless app purchase you made? Did you ask for a refund? 1. several were worthless. 2. no. only cost $0.99. bottom line: gave up on the smartphone in 2013. have a dumb phone now. ignorance is bliss.
There's nothing wrong with XOR for encryption as long as your key size is >= plain text size. In fact it's uncrackable!
Windows ME, never got a refund ( -__-)
So you can recover your data using a basic circuit a high schooler could build!
Can you provide a better link? The one in the summary shows nothing in my browser. I think the website is rendering entirely in javascript (I have javascript disabled, and no, I won't enable it for you.)
I didn't RTFA or investigate The F... Product, but if the encryption is as bad as implied, AND if the product is marketed as having encryption where the implication is that the encryption is by and large useful to the readers of the ad, it may run afoul of false advertising laws.
Well, this has nothing to do with linux or android so that slashdotter may still be right. It is about an add on app that you use to encrypt and obfuscate stuff. It can just as easily be written for the Iphone or windows or even mac as it has nothing to do with the underlying platform except running on it.
Except that the app isn't open source. If it was someone probably would have spotted this sooner. So if anything this highlights the danger of using closed source anything crypto related. Sure OSS stuff might have problems, very very clever people might be able to insert back doors and weaken algorithms in ways others might not see, and any software can have subtle bugs, but at least very basic FRAUD as in it does not even attempt to do what it claims would get spotted.
That and the authors probably never would have published the code because lets face it; in 2015 if you know what a bitwise operation is and how to use XOR you know while it might be useful in the act encrypting plain texts it does not itself provide encryption if you just use some static byte over and over again. Shame is a powerful tool, really all of society rests on shame and seeking to avoid it at some level.
The second lesson here is that the app store tramp stamp does not mean you are dealing with quality software, anymore than the old winlogo program ever did. At most it means some basic user interface level QA testing happened. Probably not much better than "we ran the app it appeared upon cursor inspection to have done something that could be similar to what is claimed, it did not crash, and did not display a goatse.cx page." They don't dig into the detail. If something says it encrypts documents, and they don't open when "encrypted" and do open when "decrypted" that is all it takes to pass this level of testing.
Just because you paid for it and got it from an app store does not make trust worthy.
Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
I think Slashdot should take down this article. Under the DMCA it's illegal to bypass flimsy methods intended to enforce security.
So encryption. What are you protecting? Many Many passwords to your banking, health care, etc. ?
So the question re:
You can build a sophisticated cypher that does not require polynomials, massive primes or any of the stuff that RSA uses in an afternoon with a little imagination that will stifle pretty much anyone except for the most ardent code breakers. So the questions need to be answered.
Create a two dimensional array each dimension being 64K in size of 64 bit integers. Use the key to seed the random number generator, then fill both dimensions with random 64 bit numbers. As always the larger and more complex the key, the better, but use each element of the key to indicate which dimension you will pick the substitution value from. So given the key of 1234567890 you will 1 value from dim1, the next value from dim2 etc.
Each 8 or 16 bit char will be replaced by a 64bit number, that was generated by the entire key value and then selected by the key[n]. If you exhaust the length of the key simply wrap it around.
Hey KID! Yeah you, get the fuck off my lawn!
Thought it would unlock the java/android lessons. Turns out they needed a subscription for that.
Any of you younglings remember the XOR patent?
This tells me everything about Fandroids.
That's a beatiful story, really far from reality though
https://play.google.com/store/apps/details?id=uk.co.dmdrummond.crapalert&referrer=utm_source%3Dgoogle%26utm_medium%3Dorganic%26utm_term%3Dcrap+alert+android&pcampaignid=APPU_1_T-0hVbPEEs33oASC2wE
Google them. They're a publicly traded company. NQ Mobile
Viable Slashdot alternatives: https://pipedot.org/ and http://soylentnews.org/
It could have used XAND or YNOR or even XNOT or YNOT.
I make it a rule to never pay for an app to provide what should be basic OS functionality. Whole device encryption is pretty well handled in Android. There are lots of areas where I make do with available tools, like TRWP for point in time / image backups. If I find a specific, basic feature missing, I'm not terribly above obtaining decent software through alternate channels (root / administrative access browsers, configuration changing applications).
It's silly that Windows XP from 2001 still has a better list of basic OS functionality, bundled applications, and diagnostic tools than either Android or iOS can claim today. I'd gladly pay for a phone OS separate from my phone if I could get solid functionality covered.
Android also falls way short of iOS and Windows Phone for device to device migration. Settings and preferences from apps only migrate if they are Google first party or if the app developer stores your settings on their server and uses a Google (or similar) sign in. Setting up a new device, or even ROM is nowadays a longer process (~4 hours) than on a PC to get everything operational, and that is with using tools like Titanium Backup and similar.
Comment removed based on user account deletion
For a much longer plaintext, you'd be correct. Starting with a long plaintext and reducing the entropy by using it's hash would be bad. That's actually recommended practice for hashing PASSWORDS. Yes, it increases the risk of of collisions but given the length of passwords, that's not very significant. More significant is that it then takes an attacker 2048 times as long to check a password in an offline attack.
After trying many out they all must be scams.. well back to my TV dinner and solo anime marathon.
As others have pointed out, xor is actually very strong - unbreakable in fact, IF the key is long enough. A key may be made long enough by any of many key-stretching algorithms. Also, the same portion of the identically stretched key shouldn't be reused.
In practice, that means that plain xor by itself is limited to either a) short plaintexts such as passwords or other keys or b) highly secure one time pad based systems, which require that key books be shared ahead of time. XOR can also be used as an essential component of a strong algorithm which is more, complicated. Basically, xor as the actual encryption on the data plus some method to extend the key securely.
Better still make the key random noise AND BIGGER THAN THE SUM OF THE ALL THE DATA, and you never re-use a portion of the key again.
i.e. a one time pad.
I once did that for stock trading data from a satellite brokerage. Their data is a few MBs so 20-30 years worth of keys could fit on a flash key.
Yes its old fashioned to use one time pad, but if we can no longer trust the encryption if you're going to be sending data between sites and you control both ends, then why not use a one-time-pad encryption scheme? At least *you* can understand it and don't have to rely on others to prove its unbreakable. And you know the quality of the key data (which is important).
You could at least have some minimal accuracy in the stories. XOR is not a problem and perfectly secure if used with a secure key-stream, like is done in modern stream ciphers. The problem here is that this is a "Vigenère cipher", where a very short, repeating key-stream is used. It was designed in 1553 and a general break was published in 1863.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Even the cheap color lcd phones of 2002-2007 I needed smart features in.
I would hack a home made google maps, using JPEG map images.
I would copy dozens of .txt docs that were useful, like windows serial #s.
And dude, google translate is so cool when outside USA.
Liberty freedom are no1, not dicks in suits.
So the single byte key is derived in some undiscovered manner from the password. Given how weak the encryption is known to be already, I wonder if one out of 256 encryption keys turn out to be a zero byte. In such a case, the encryption would leave the file unchanged. (Could be patched with "key=key?key:1;")
RC4 biases paper (PDF) would like to hear more about your secure key streams...
Yes, XOR can be used as a component of perfectly secure cipher (and is, indeed, used in one part or another of many real-world ciphers) but in practice the most popular stream cipher in the world is broken.
There's no place I could be, since I've found Serenity...
Except that the app isn't open source. If it was someone probably would have spotted this sooner.
Why wouldn't anyone spot the very not-random "encrypted" data that would result from XORing the same byte over and over, like runs of consecutive bytes, just eyeballing it.
Shouldn't there have been at least as many eyes on the output as the source? Nobody tried compressing one of these files and wondered why it got such a good ratio?
If the source was available, why would that be any more likely to be checked than the above? Source is cool and all, it just doesn't mean people automatically look at or understand the implications. A program's own behavior it more likely to give it away, because that has a ton more eyeballs.
After reading just the title I thought that they were bragging - other people have figured out how to use just NAND gates to build their computers (theoretically) - WE USE ONLY XOR!!!!! :)
(Thankfully, the summary cleared it right up for me)
char
EncryptChar(char x)
{
return 0;
}
The "app" Start Scratch is a scam, in my opinion. My daughter (9) is quite keen on programming using Hopscotch on the iPad, but it is very limited at the moment. At school, she's been introduced to Scratch which can do a lot more, so I figured that it would be good to get Scratch for the iPad so she can use it at home. So I do a search on the iOS App Store and find Start Scratch, which appeared to be the Scratch environment as an iOS app. So I bought and paid the $1.49 - admittedly not a lot. But after some time trying to use it, it dawned on us that it is merely a welcome mat for the Scratch website, and not an actual programming environment at all. It's not even a good front end for the website! And it turns out that Scratch requires Flash, so it can not actually be used with the iPad or any iOS device at all. Totally and completely useless.
I didn't complain because I felt it was as much my own fault for assuming that the app did something useful, since Scratch is otherwise a trustworthy name. Fool me once...
I fucking hate sites that require javascript just to display a post. here's the raw post stored on github
https://github.com/ninjadoge24/ninjadoge24.github.io/blob/master/posts/002-how-i-cracked-nq-vaults-encryption.md
You know, the app description doesn't actually say anything about encrypting your files.
It specifically says on the app description that it only HIDES. It says so several times in the app description, in the screen shots, in the app description.
I don't get what the fuss is about. Never did it say it was encrypting your files.
I tested a dozen encryption/vault applications last year and discovered that most of them moved or renamed the plaintext file. Most of those 'security by obscurity' applications demanded a fee beyond the trial period. I found 'SuperVault' to be good although I doubt it encrypts the whole file. So an application that enciphers the plaintext is something of an improvement.
The other bugbear was most encryption/vault applications used the built-in memory only. This means the encrypted files cannot be be physically removed from the device and securely locked. Given the amount of research into recovering deleted flash memory, this lack of access control is disturbing.
Duh.
There has been shoddy software for years that just doesn't do what it claims, the fact that such software now exists on phones is nothing new.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Nowhere in the app's description could I see where it claim to encrypt files. It does say that it encrypts SMS and message alerts but aside from that the term used is "camouflage" (which this does to some extent by moving files and obfuscating magic numbers and other file headers so they take some small effort to open). Maybe they've changed the app description since this was announced but otherwise ninjadoge24 is essentially complaining that this software doesn't live up to his/her assumptions.
And behold, a command prompt and he who sat upon it, his name was shutdown and -h 3:11 followed with him
"wow, writing the whole program as a sequence of XORs is actually pretty impressive" :D
Too many of the apps I see just seem....pointless to spend money on.
RC4 biases paper (PDF) would like to hear more about your secure key streams...
Yes, XOR can be used as a component of perfectly secure cipher (and is, indeed, used in one part or another of many real-world ciphers) but in practice the most popular stream cipher in the world is broken.
RC4 was designed in 1987. It's several years older than Linux and Taylor Swift. The poster clearly referred to modern stream ciphers, such as ChaCha20, and didn't mention popularity...
Garmin Viago is the most worthless software I have ever purchased for Android. It has literally never worked when I wanted to use it. Not once. It doesn't have offline POIs, so it's pretty useless as an offline navigation package, which is how it is sold.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
A Vigenère cipher is when you use a repeating key-stream to move the letters forward mod 26. When it's an XOR operation it's not a Vigenère cipher.
One wonders how much snake oil flows through the app stores
If you've ever looked at an app store, you won't wonder.
> A relatively easy way to get all those samples is to inject a script into somebody's HTTP response - say, for http://slashdot.org/ - which constantly does nothing but request the same HTTPS URL
Not with a https url you're not going to do that. You're going to need to attack a protocol in which bytes from the master key are reused in each transaction. WEP was such a protocol, TLS isn't one. TLS rc4 hashes a nonce with the key each time, so the bits used as the rc4 key are different each time, making probabilistic attacks useless.
That's the "bits can't be reused in the xor" part of my post.
I've noticed a pattern with you. You're reasonably well informed regarding cryptography, and understand the concepts well (though you sometimes read too fast and miss the details). You therefore decide that ONLY you are informed and everyone else are idiots. Here's the thing. You've read a lot, but forget that everything you've read was written by someone other than you. You HEARD about an attack on a cipher. Great, so did everybody else. Somebody actually developed that attack. Somebody who is in the set "not you, therefore an idiot" developed the attack. You'd do well to actually read what others have to say rather than skipping what they said said because after all, anyone other than you is an idiot. (No, some of us actually created what you study).
Still, that's pretty good for it's time. It took over 300 years for the general break to be published. Look at how quickly todays security is cracked and published, one ofter the other. I tell ya, they just don't make cryprographers like they used to.
Damn it I hate these headlines. WHAT? WHAT IS THE WORST PART? GOD LORD I HAVE TO KNOW! This is how I feel when I read these kinds of titles. It pisses me off because it works and then 9 times out of 10 the article is crap. At least Slashdot doesn't have the eye catching, almost offensive, completely unrelated thumbnail. There goes my karma. Oh well.
Without a cell phone, how do you call for roadside assistance (if you drive) or for a ride home after the city buses have stopped running for the night or weekend (if you do not)? If you're visiting someone's apartment, how do you call the person you're visiting to let him or her know that you have arrived so that he or she can unlock the front door?
It's kind of hard to put even a small tablet into an armband and take it out for a run.
Even Apple's 4 inch "iPod touch" tablet?
RC4 may be popular, but it isn't modern or secure. It was designed in 1987.
Computing power has increased exponentially in the last 28 years, making RC4 ineffective. A rough estimate of exponential increase in computing power from 1987-2015 is approximately 2^18. In practical terms, that means that a 2015 computer can crack a given RC4-encrypted stream in 1/262144th of the amount of time it would take a 1987 computer. And that's just if you use the CPU and don't bolster the 2015 computer's efforts with GPU compute capabilities.
Far more progress was likely made in encryption (and cracking thereof) between 1987 and 2015 than was made between 1553 and 1987.
XOR used with a 1 time pad is unbreakable, so the claims that XOR is worthless is uninformed.
Granted the app doesn't use a one time pad the size of the item to encrypt, which is the actual flaw.
Do not look at laser with remaining good eye.
....If only they had known about ROT13.
All I have to add to the subject line is: "Why?"
Free, as in your money being freed from the confines of your account.
Umm thanks for playing but you lose. You haven't said shit. You just threw out a blanket statement with nothing to back it up. Nice job troll.
the cameras were almost useless. The photos they produced looked like something you'd see on an 8-bit NES.
Photos on an NES would have had 2 bits per pixel, looking roughly like these. Even a JPEG at quarter VGA res (320x240) is N64 quality, and I think a lot of these old phones' cameras did VGA res (640x480) which is GameCube quality. You must be confusing pre-2007 phones' cameras with the Game Boy Camera.
They were crappy games because the screens were too small and had terrible resolution.
And smartphones have crappy games because the only input device is a flat sheet of glass. I tried playing the free version of Pixeline and the Jungle Treasure on an Android device, and I ended up missing the on-screen buttons with my thumbs because I couldn't see them clearly while I was looking at the action in the middle of the screen. It was fine after I paired a Bluetooth keyboard though.
There was no keyboard. Typing messages on a 0-9 keypad is shit.
Plenty of feature phones had slide-out QWERTY keyboards.
They didn't have any real storage capacity or enough CPU power to decode MP3s.
SD card and dedicated MP3 decoder chip. That's why a lot of them could play MP3 but not Vorbis.
I guess he never travels?
Likely.
He never needs to talk to his wife when he's at the grocery store or something?
A dumbphone is enough for that, and the carrier won't cram a data plan onto your bill.
You're not just reducing entropy when you do that. When you iteratively feed back the same hash over and over you increase the odds that you'll fall into an internal cycle in the hash, and the number of inputs in the cycle can be much much rarer than the number of inputs in the path to the cycle. Though more modern hash functions tend to be designed to reduce the impact of that.
Someone had to do it.
Mandatory Xkcd reference The problem with average ratings.
Which has absolutely _nothing_ to do with the XOR used.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
other people have figured out how to use just NAND gates to build their computers (theoretically)
Theoretically? Kevin Horton's NANDputer is made of discrete NAND gates.
It's kind of hard to put even a small tablet into an armband and take it out for a run.
Even something like the Archos 43 Internet Tablet or Samsung Galaxy Player?
Did people never leave home before cell phones?
Before cell phones, pay phones were maintained rather than being removed from service.
If I need a ride home after city buses have stopped, I can call a cab
How do you use a space-where-the-pay-phone-used-to-be to call a cab?
Why not use the buzzer or knock on the door?
To enter the apartment, one would have to pass through the front door of the building, climb the stairs or use the elevator, and then pass through the door of the apartment itself. The person whose apartment is being visited cannot hear the knocking.
1) Mobile internet access / WiFi hotspot:
Feature phones as old as the Ericsson T39 (note the absence of "Sony" this old piece predates the merger) were already able back then to work as GRPS modems over infrared, bluetooth, or USB (but the USB cable was expensive and rare, so bluetooth then).
And this antique only has a couple of text lines on screen.
Camera: it's not as good as a dedicated camera, but it's better than no camera at all, and is really handy for taking quick photos of things if image quality isn't paramount.
Note that feature phone used to have cameras too. Feature phone introduced camera before even smartphone where started.
Same goes for a lot of other things you mention (email, games, alarm clock, calculator, etc.)
I think games and alarm are the two first features built into phones.
8) Texting: For close friends this is pretty handy for staying in touch at times, though I don't use it that much. Smartphones make this better with an actual (on-screen) keyboard, instead of the shitty dumbphone method of using the 0-9 keypad to try to type messages.
Partially solved by several techniques. For example, one available backthen on the a fore mentionned Ericsson (still available on all subsequent Sony-Ericsson feature phone) - volume rocker works as a kind of "shift" key. Using combination of volume + number gives you directly the letter you want instead of repeatedly pressing a letter. Gets a bit time to get used to it, then works as fast a typing on a keyboard.
Some provided external keypads (again Ericsson had a "chat board": full qwerty keyboard), if your finger arent's too fat, it's fast than a virtual keyboard.
9) Playing music (like a "walkman" if you remember those): I can store my entire music collection in my phone and play anything I want through headphones, like when I'm at the gym.
The whole MP3 craze began much earlier before Apple re-invented it with their brand of players. As soon as MP3 player stared being popular, phone started offering the function, some phone even had a dedicated separate physical interface for that. Close the clam shell: you have buttons and a small monochrome screen to handle playing your music. Open the clam shell: feature phone with color screen.
Flashlight: It's handy to have a flashlight on hand sometimes.
Can you actually think of a phone that DOESN'T have a lit up screen? People have been using it as improvised sources of light for as long as I can remember.
The only thing brought by modern smartphones is *white* light (as they can abuse their flash for that, where as old monochrome phone screen tended to have blue, green, orange, etc. backlight color).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
My "portable online life" has been an Ericsson T39 (that outlast it's intended time by decade)
combined with successive models of PDAs from Palm.
Add in foldable keyboard for the PDAs and you get a small laptop replacement.
Only started using smartphone when switched to WebOS powered smartphone by Palm.
The combo has a few advantages:
- better life battery
(phone is very efficient as it doesn't to much beyond being a phone. It's as simple as you can get, and can last a week on a charge.
PDA isn't constantly online and thus is also low energy requirement. specially the older one could last a long time between charges)
- separate PDA used to be more offline oriented (think google maps over 3G/4G vs. dedicated map application with locally stored maps. very useful when you travel abroad).
- redundancy (typically, one would sync contacts over bluetooth or irda between the 2 devices. If one dies or gets stolen, the other is till working).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Think there might be a market for an app the DOUBLES the amount of RAM?
When the copyright term is "forever minus a day", live every day like it's the last.
Nonsense. It is a trivial generalization that does not deserve a new name. Just use addition a different group or make it a sequence of substitution tables.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.