Popular Android Package Uses Just XOR -- and That's Not the Worst Part

siddesu writes A popular "encryption" package for Android that even charges a yearly subscription fee of $8 actually does nothing more than give a false sense of security to its users. Not only is the app using a worthless encryption method, it also uses weak keys and "encrypts" only a small portion of the files. One wonders how much snake oil flows through the app stores, from "battery savers" to "antivirus." What is the most worthless app purchase you made? Did you ask for a refund?

Web sites

[danbob999]

CTIA - "The Best App of CTIA by the Techlicious 2012 Best of CTIA Awards"
PC Magazine - "PC Magazine Best Apps"
TRUSTe - Received "TRUSTe Privacy Seal"
Global Mobile Internet Conference App Space - "A top 50 app"

Thanks, I will take a note to never trust these web site reviews.

Re:Web sites

[Snotnose]

Yeah, before downloading any app I google it to see what the reviewers say. No or few reviewers? I don't take the chance.

Re:Web sites

[Darinbob]

People will gladly give good reviews to things they haven't even tried out yet. And even if they tried it they probably have no clue how to validate its effectiveness. It's the yelp effect, let someone give a review and they'll jump on board and proclaim "best broccoli beef ever".

Re:Web sites

[ShanghaiBill]

People will gladly give good reviews to things they haven't even tried out yet.

Tornado App has good reviews.

Re:Web sites

[binarybum]

it was pretty good broccoli beef, you have to admit.

Re:Web sites

[pushing-robot]

http://www.techlicious.com/gui...

http://gmic2012.greatwallclub.... (I imagine NQ Mobile's Vault is the 'Vault' listed, NQ published a press release about it)

I can't find a free copy of PC Magazine's 2012 best apps, but given the others I have little reason to doubt it. The average reviewer has nary a clue about cryptography, and from an end user standpoint, the app seems well made and has several clever features. It would be easy to assume the app lives up to its claims.

Mind you, it still seems a useful app just for its ability to hide content from casual snoops (the app can even hide its presence on the device), though it is quite overpriced and likely to disappear after this entirely deserved PR disaster.

Re:Web sites

[macklin01]

Here's the TRUSTe info:

http://privacy.truste.com/privacy-seal/NQ-Mobile-US-Inc-/validation?rid=e0f97027-af9a-4b8a-91b5-2a33c58a520a

It only seems to cover security/privacy of their ecommerce site. So, their shopping cart may be secure, but it says nothing about app security as they seem to imply in their press releases, etc.

Re:Web sites

[galaad2]

looks like the company has quite a few such "protection" apps deployed on the play store and they even use their stock ticker symbol in the developer name, lol.
https://play.google.com/store/...

NYSE:NQ feeling slashdotted in 3..2..1... now... https://finance.google.com/?q=...

Re:Web sites

[AmiMoJo]

Maybe they read the actual description of the app. The only thing it claims to encrypt is text messages, which TFA doesn't bother to check. The description doesn't claim to encrypt files, so unless it has been changed since the article was written it seems to be making stuff up to complain about.

The app hides files on your device. It does that by using a simple XOR cypher to encrypt the header of files and make them invisible to apps like the Gallery that look for files with valid JPEG/PNG/GIF headers. It works perfectly, the XOR cypher has the desired effect. Obviously it won't stop forensic examination from finding and decrypting the files, but it doesn't claim to. It's an app designed to hide your nude selfies and dick pics, not stops the NSA/GCHQ dataraping your phone.

Re:Web sites

[p.g.king]

http://www.nq.com/vault- scroll down a bit under "NQ Mobile Vault Features." subsection "Photos & Videos" - "They’ll be encrypted..."

I'd say that was a claim that it'll encrypt them.

Re:Web sites

Good info, thanks. What caught my eye was the criticism of using XOR for encryption. That makes no sense. In fact, given suitably secured random bit strings, and xor'ing them with the input, will give you a very secure form of encryption. Of course you need to be able to recreate the random bit string without saving in plain text somewhere etc but the point is that criticizing xor is like complaining that computers only use binary arithmetic.

Re:Web sites

[nukenerd]

Indeed. As my wife doesn't know what an xor gate is, it's good enough for me.

Re:Web sites

[turbidostato]

"The average reviewer has nary a clue about cryptography"

The average user's review is of no value anywhere.

Just go Amazon and check the reviews of any item at hand, say, a french skillet. They are "physical" items, the kind of things people have been using for ages and still, half of the reviews will be more or less like "the item arrived this morning; I haven't used it yet, it's still in its package so I didn't even see it, but I'll give it five stars because, hey, I'm happy".

XOR is useless

[ArcadeMan]

Unless it's used with ROT13.

Re:XOR is useless

[eric31415927]

XOR is much much faster than your run-of-the-mill encryption algorithm.

Re:XOR is useless

[ArhcAngel]

Wait!? They just released the remastered version. When did Rise Of the Triad 13 come out?

Re:XOR is useless

[Alex+Vulpes]

Funnily enough, XOR is used in a number of encryption schemes, but for it to work you've gotta make a bitstream to XOR the plaintext with. Like, encrypt a random value, then re-encrypt the result, repeat over and over, then line them all up and use that as an XOR pad.

Re:XOR is useless

[Jane+Q.+Public]

XOR is much much faster than your run-of-the-mill encryption algorithm.

OP and TFA are very misleading. XOR is not a "worthless" encryption method in itself... it all depends on how it is used.

For example, if used with a good quality key in a one-time pad, it is one of the few encryption methods that is even theoretically unbreakable.

But it does require a well-constructed key, and as with any one-time-pad scheme, key management is everything.

Re:XOR is useless

[TapeCutter]

Must be good, it has ubiquitous hardware support. ;)

Re:XOR is useless

[_Shad0w_]

It's a component of pretty much all encryption algorithms, afaik.

The big advantage of XOR

[hey!]

is that it doesn't matter how weak your keys are!

Re:The big advantage of XOR

[MichaelSmith]

Also its implemented directly in the CPU, so both encryption and decryption are very fast.

Re:The big advantage of XOR

[hcs_$reboot]

If the key is as long as the message, XOR is not that weak.

Re:The big advantage of XOR

[ShakaUVM]

In fact, it's unbreakable if you do it right. (http://en.wikipedia.org/wiki/One-time_pad)

I'm disappointed that the person who submitted the story said "Just XOR".

Re:The big advantage of XOR

[Grishnakh]

Not in a single CPU instruction it can't.

Re:The big advantage of XOR

[swillden]

If the key is as long as the message, XOR is not that weak.

As long as the key is as long as the message, and all of the key is unpredictable, and is never reused, then you have a provably unbreakable encryption system called a one-time pad. However, if you ever reuse the key someone can XOR the two ciphertexts together and the result will be the XOR of the two plaintexts, which can often be disentangled. Also, if the key is somewhat predictable, plaintext can be recovered. The US actually managed to decrypt some texts encrypted with a Russian one-time pad system, because the keys were produced by humans pounding "randomly" on typewriters... except humans aren't very good at generating random keystreams.

Re:The big advantage of XOR

[Beryllium+Sphere(tm)]

And what data structure do you have lying around at encryption time that's as long as the plaintext?

That's right, the plaintext. Use that as your one time pad. It saves you the headache of generating high-quality randomness if you just XOR the plaintext with itself.

The resulting ciphertext is not only theoretically unbreakable without the key, it is also highly compressible for economical transmission.

Re:The big advantage of XOR

[The+Snowman]

I might be missing something, but if you encrypt the plaintext by XOR ing it with itself, wouldn't you get an easily decryptable to letter frequency attack cypertext?

You get a string as long as the plaintext consisting of NUL characters (0x00).

Re:The big advantage of XOR

[swillden]

Not in a single CPU instruction it can't.

Sure it can. There's no practical upper bound on the amount of functionality that can be packed into a single instruction. CISC instruction sets with incredibly powerful instructions have been developed and used. The VAX instruction set is perhaps the best example. It enabled an assembler language that was darned near a high-level language, with single instructions that took up to a half dozen arguments and implemented sophisticated looping and searching operations in single instructions. Some of my favorite were the linked list management instructions. A common introductory programming assignment is to write a function to insert an element into a linked list. When writing in VAX assembler there's no need for such a function because there's an instruction that does it.

A more modern -- and highly relevant to this article -- example is the AES-NI instructions, which exist on essentially all modern desktop and laptop CPUs, and many of the newest mobile CPUs as well. They implement a full round of AES encryption or decryption in a single instruction.

Re:The big advantage of XOR

[hankwang]

example is the AES-NI instructions, which exist on essentially all modern desktop and laptop CPUs, and many of the newest mobile CPUs as well.

What's the difference between "mobile CPU" and "laptop CPU"? In any case, most 4th generation i3 mobile/laptop CPUs don't support AES-NI, nor do the current Intel Celeron CPUs. Many of those have been released as recently as 2014, so I would count them as "modern".

I'm honestly somewhat surprised...

[fuzzyfuzzyfungus]

I hardly expect high standards, adherence to even basic good practice, or other non-awfulness from most of the wretched 'app' morass; but I'm a bit surprised that whoever made this one found it easier to build a hilariously worthless system from scratch, rather than misuse, and probably violate the license of, some existing encryption library or command line application(or, y'know, go crazy and use the Android Cryptography API)...

There's still plenty of room for error when using someone else's tools, so I wouldn't necessarily expect the results to be bulletproof; but "actually uses an encryption algorithm; pity it fucks up key management." would at least be doable.

ROT13

[Trax3001BBS]

I mentioned to the subscription that Microsoft used Rot13 to "encrypt" some registry entries in version W2K (I think was the version)

After reading bout XOR, ROT13 would be just about as good.

Not familiar with ROT13? = Abg snzvyvne jvgu EBG13?

Re:ROT13

[DMUTPeregrine]

No, if you want an easy and unbreakable encryption system for your text just use EBCDIC. No programmer has stayed sane long enough to implement it.

questions answered below

[turkeydance]

What is the most worthless app purchase you made? Did you ask for a refund? 1. several were worthless. 2. no. only cost $0.99. bottom line: gave up on the smartphone in 2013. have a dumb phone now. ignorance is bliss.

Re:questions answered below

[Jack+Griffin]

I've thought about it, and while agree most of the smartphone universe is pointless, I do like Google Maps, Shazam and my mobile banking. Apart from that and maybe a few things like large hi-res screen, email and camera, the rest of the smartphone world can go jump.

Re:questions answered below

[zippthorne]

What's the deal with that? How can they justify converting a paid app into an ad-supported one?

Surely there will have been some legal cases by now for the times that has happened. I mean, I personally just delete the app and never* buy from that publisher again, but surely some class action lawyers have been able to get a lot of money for themselves and a small coupon for the many many victims of this practice over the years.

Re:questions answered below

[x0ra]

I don't know, I never bought a single app...

Re:questions answered below

[Shakrai]

I experimented with my old flip phone for a few days just to see if I could really go back and discovered that I found myself missing basic smartphone functionality, like threaded SMS conversations. It took all of five minutes for that to annoy the piss out of me. Then there's the smartphone functionality that has become a key part of my daily routine, like my exercise diary, the Wegmans app, my food diary, Google Maps, weather, and so forth. These are all apps that have value for productivity and/or health, not time sinks like Facebook or Angry Birds. They're worth the $30/mo premium, IMHO anyway.

Re:questions answered below

[nadaou]

F-Droid is a true friend. And that's a rare thing in these circles.

Re:questions answered below

[camperdave]

I never had a flip phone, but I always thought having one that played a Star Trek communicator chirp when opened would be cool.

Re:questions answered below

[squiggleslash]

Same here, kinda. I ended up sticking with the flip phone because I just found the issues I had with using Android devices as telephones bad enough for me to stick with it, but yeah, there's a lot of basic stuff you miss, that you kinda wonder why no efforts have been to update flip phones to have at least some of the functionality of their power-sucking overloaded not-quite-optimal-for-phone-calls-UI-encumbered cousins.

Would it really be a problem adding Wifi support, with things like the ability to sync contacts and other PIM stuff add that much to the costs of devices?

Many things you mention are better done by a dedicated tablet device, but it's a shame that I have to make the choice between a shitty phone that's integrated with the rest of the world, and a good useful phone that I have to manually copy phone numbers to and from or else find awkward Bluetooth applications that never quite work correctly to update.

Re:questions answered below

[Grishnakh]

Have fun living in the past.

Here's the reasons my smartphone is extremely valuable to me:
1) Mobile internet access / WiFi hotspot: I can use my phone to give my laptop internet access anywhere there's cellular data service available.
2) Camera: it's not as good as a dedicated camera, but it's better than no camera at all, and is really handy for taking quick photos of things if image quality isn't paramount. Also can take reasonably good videos. You never know when you'll need to film the cops beating someone.
3) Email access: While definitely not as powerful as reading it and typing on my laptop, it's handy to be able to check my email on-the-go.
4) Voice mail: With Google Voice, I can see a transcript of people's rambling voicemail messages. I can read them in seconds, instead of having to waste time listening to them drone on and on.
5) Games: I like doing crosswords when I'm stuck somewhere and bored and have nothing better to do. The "Shortyz" app is brilliant for this.
6) Weather: My phone tells me what the temperature in my zipcode is, and can easily bring up further weather info. It's nice knowing what the high and low will be without having to watch the weather report on TV like in the bad old days, or having to get to a computer to look on a weather website.
7) Google Maps: I use this for navigation all the time. I really don't know how I ever got along without it; oh yeah, I do know, it was horrible, as I had to mess around with paper maps, stopping and asking for directions, making wrong turns, getting lost, etc. Maybe if you never leave your little town or go anywhere new, you won't see the point of this, but for those of us who travel a lot and move frequently it's a godsend. It's also amazingly useful for finding businesses, looking up their phone numbers, seeing their hours at a glance, etc.
8) Texting: For close friends this is pretty handy for staying in touch at times, though I don't use it that much. Smartphones make this better with an actual (on-screen) keyboard, instead of the shitty dumbphone method of using the 0-9 keypad to try to type messages.
9) Playing music (like a "walkman" if you remember those): I can store my entire music collection in my phone and play anything I want through headphones, like when I'm at the gym. No need for a separate iPod. You can also use internet music services like Pandora.
10) Alarm clock: I not only don't need a separate alarm clock, I can set multiple alarms for all kinds of different events. It also has a stopwatch and a countdown timer.
11) Calculator: With the "RealCalc" app, I have an on-screen calculator and looks and works a lot like my old HP-48G RPN calculator.
12) Flashlight: It's handy to have a flashlight on hand sometimes.
13) Uber/Lyft: With these apps, you can call up a ride easily, see where the car is, and pay for it all with your phone and without having to mess around with calling for a cab and talking to people.

If you don't see the need for a smartphone, you probably live an extremely simple life consisting mostly of sitting in a rocking chair on your porch and watching the world go by all day long. For those of us who aren't retired and idle, it's an enormous convenience.

Re:questions answered below

[Jack+Griffin]

There is a discipline to not letting it control your life. I see people who are slaves to their devices and make a conscious effort to not fall into that trap. No silly games or FB, I very rarely even answer it unless I'm expecting a call. Let calls go to voicemail and listen when I feel like it. But having the technology available for when you want it is handy (ie maps or transport schedules when traveling).

Re:questions answered below

[serviscope_minor]

You're talking about "feature phones" by the sounds of it. The old Nokia ones were not bad at all. They were excellent for calls and the UI, especially for calls, texts and the address book was far better than any Android phone I've ever used.

They also had a J2ME interpreter and ran some apps like a basic email client and so on. I could even thether through mine using a cable and some old style modem calls.

Re:questions answered below

[CronoCloud]

CBS has an app that would do the chirp when you did the "communicator flip"

https://play.google.com/store/...

XOR encyption is uncrackable as long as...

[pcritter]

There's nothing wrong with XOR for encryption as long as your key size is >= plain text size. In fact it's uncrackable!

Re:XOR encyption is uncrackable as long as...

And you NEVER reuse that key.

Re:XOR encyption is uncrackable as long as...

[meloneg]

And it's generated from a quality source of entropy.

Re:XOR encyption is uncrackable as long as...

[gman003]

And the key remains private.

Re:But Android is Linux!

[DarkOx]

Except that the app isn't open source. If it was someone probably would have spotted this sooner. So if anything this highlights the danger of using closed source anything crypto related. Sure OSS stuff might have problems, very very clever people might be able to insert back doors and weaken algorithms in ways others might not see, and any software can have subtle bugs, but at least very basic FRAUD as in it does not even attempt to do what it claims would get spotted.

That and the authors probably never would have published the code because lets face it; in 2015 if you know what a bitwise operation is and how to use XOR you know while it might be useful in the act encrypting plain texts it does not itself provide encryption if you just use some static byte over and over again. Shame is a powerful tool, really all of society rests on shame and seeking to avoid it at some level.

The second lesson here is that the app store tramp stamp does not mean you are dealing with quality software, anymore than the old winlogo program ever did. At most it means some basic user interface level QA testing happened. Probably not much better than "we ran the app it appeared upon cursor inspection to have done something that could be similar to what is claimed, it did not crash, and did not display a goatse.cx page." They don't dig into the detail. If something says it encrypts documents, and they don't open when "encrypted" and do open when "decrypted" that is all it takes to pass this level of testing.

Just because you paid for it and got it from an app store does not make trust worthy.

 

DMCA

[martin-boundary]

I think Slashdot should take down this article. Under the DMCA it's illegal to bypass flimsy methods intended to enforce security.

Re:DMCA

you are modded funny, but the sad thing is your post is actually informative.

Re:DMCA

[swillden]

I think Slashdot should take down this article. Under the DMCA it's illegal to bypass flimsy methods intended to enforce security.

To be precise, it's illegal to bypass flimsy methods intended to enforce copyright. Since this tool isn't marketed as a DRM system, the DMCA doesn't apply.

Basic OS Functionality

[aaronb1138]

I make it a rule to never pay for an app to provide what should be basic OS functionality. Whole device encryption is pretty well handled in Android. There are lots of areas where I make do with available tools, like TRWP for point in time / image backups. If I find a specific, basic feature missing, I'm not terribly above obtaining decent software through alternate channels (root / administrative access browsers, configuration changing applications).

It's silly that Windows XP from 2001 still has a better list of basic OS functionality, bundled applications, and diagnostic tools than either Android or iOS can claim today. I'd gladly pay for a phone OS separate from my phone if I could get solid functionality covered.

Android also falls way short of iOS and Windows Phone for device to device migration. Settings and preferences from apps only migrate if they are Google first party or if the app developer stores your settings on their server and uses a Google (or similar) sign in. Setting up a new device, or even ROM is nowadays a longer process (~4 hours) than on a PC to get everything operational, and that is with using tools like Titanium Backup and similar.

Comment removed

[account_deleted]

Comment removed based on user account deletion

"XOR"? WTF? This thing is a "Vigenère cipher"

[gweihir]

You could at least have some minimal accuracy in the stories. XOR is not a problem and perfectly secure if used with a secure key-stream, like is done in modern stream ciphers. The problem here is that this is a "Vigenère cipher", where a very short, repeating key-stream is used. It was designed in 1553 and a general break was published in 1863.

Re:never saw the need???? are u insane

[Jack+Griffin]

And dude, google translate is so cool when outside USA.

Like when you go to the UK and have to learn how to speak English properly?

Re:"XOR"? WTF? This thing is a "Vigenère ciph

[cbhacking]

secure key-stream, like is done in modern stream ciphers.

RC4 biases paper (PDF) would like to hear more about your secure key streams...

Yes, XOR can be used as a component of perfectly secure cipher (and is, indeed, used in one part or another of many real-world ciphers) but in practice the most popular stream cipher in the world is broken.