Comment by nomel

1 day ago

My assumption is that Google has keys to everything in its kingdom [1].

[1] https://qz.com/1145669/googles-true-origin-partly-lies-in-ci...

75 comments

nomel

Reply
marcprux  1 day ago

> My assumption is that Google has keys to everything in its kingdom

If that were true, then their claims to support E2E encrypted backups are simply false, and they would have been subject to warrants to unlock backups, just like Apple had been until they implemented their "Advanced Data Protection" in 2022.

Wouldn't there have been be some evidence of that in the past 7 years, either through security research, or through convictions that hinged on information that was gotten from a supposedly E2E-protected backup?

  • scripturial  1 day ago

    It is possible to set up end to end encryption where two different keys unlock your data. Your key, and a government key. I assume google does this.

    1. encrypt data with special key 2. encrypt special key with users key, and 3. encrypt special key with government key

    Anyone with the special key can read the data.the user key or the government key can be used to get special key.

    This two step process can be done for good or bad purposes. A user can have their key on their device, and a second backup key could be in a usb stick locked in a safe, so if you loose your phone you can get your data back using the second key.

    • hilbert42  13 hours ago

      "…two different keys…. Your key, and a government key. I assume google does this."

      With the present state of politics—lack of both government and corporate ethics, deception, availability of much fake news, etc.—there's no guarantee that you could be certain of the accuracy of any information about this no matter what its source or apparent authenticity.

      I'd thus suggest it'd be foolhardy to assume that total privacy is assured on any of these services.

      BTW, I don't have need of these E2E services and don't use them, nor would I ever use them intentionally to send encrypted information. That said, occasionally, I'll send a PDF or such to say a relative containing some personal info and to minimize it being skimmed off by all-and-sundry—data brokers, etc. I'll encrypt it, but I always do so on the assumption that government can read it (that's if it's bothered to do so).

      Only fools ought to think otherwise. Clearly, those in the know who actually require unbreakable encryption use other systems that are able to be better audited. If I were ever in their position, then I'd still be suspicious and only out of sheer necessity/desperation would I send an absolute minimum of information.

      7 replies →

    • barsonme  1 day ago

      E2EE means only your intended recipients can access the plaintext. Unless you intend to give the government access to your plaintext, what you described isn’t E2EE.

      26 replies →

    • DarkmSparks  13 hours ago

      I expect this is what they are all doing tbh, although isnt google open source? should be checkable, if the binaries the distribute match the source... oh...

      "a special key" afaik is where instead of using 2 large primes for a public key, it uses 1 large prime and the other is a factor of 2 biggish primes, where 1 of the biggish is known, knowing one of the factors lets you factor any public key with a not insignificant but still more compute than most people have access to.

      UK has also invested in some serious compute that would appear dedicated to exactly this task.

      basically if you dont have full control over the key generation mechansim and enc/dec mechansim it is relatively trivial for states to backdoor anything they want.

  • reshlo  1 day ago

    Is the source code for every binary blob present on an Android device available for inspection, and is the code running on every Android device verifiable as having been built from that source?

    > or through convictions

    If they wanted to use this evidence for a normal criminal case, they would just do parallel construction.

  • ajb  9 hours ago

    It's worth noting that what the security services don't have access to is as secret as what they do have access to. According to the late Ross Anderson, for many years the police were unable to trace calls (or was it internet access?) on one of the major UK mobile networks, because it had been designed without that and in such a way that it was hard to retrofit. This was considered highly confidential, lest all the drug dealers etc switch to that network.

  • dylan604  1 day ago

    Would it be possible that they feel that the revelation of this backdoor would be too big of a loss so that any of these theoretical cases of the past 7 years have used parallel construction to avoid revealing the encrypted data was viewed?

    • catlifeonmars  17 hours ago

      That’s a big and brittle conspiracy. You have to have little to no defectors. It’s not a stable equilibrium

  • autoexec  21 hours ago

    > Wouldn't there have been be some evidence of that in the past 7 years, either through security research, or through convictions that hinged on information that was gotten from a supposedly E2E-protected backup?

    I wouldn't count on it. The main way we'd know about it would be a whistleblower at Google, and whistleblowers are extremely rare. Evidence and court records that might expose a secret backdoor or that the government was getting data from Google that was supposed to be private could easily be kept hidden from the public by sealing it all away for "national security reasons" or by obscuring it though parallel construction.

  • menacingly  1 day ago

    I don't know the particulars, but in general, silence around a massive tech company on warrants does not mean "they said no and the feds decided to leave them alone"

  • jiggawatts  1 day ago

    A trivial method for circumventing code review is to simply push a targeted update of the firmware to devices subject to a government search order.

    There are no practical end-user protections against this vector.

    PS: I strongly suspect that at least a few public package distribution services are run by security agencies to enable this kind of attack. They can distribute clean packages 99.999% of the time, except for a handful of targeted servers in countries being spied upon. A good example is Chocolatey, which popped up out of nowhere, had no visible source of funding, no mention of their ownership structure anywhere, and was incorporated along with hundreds of other companies in a small building in the middle of nowhere. It just screams of being a CIA front, but obviously that's hard to prove.

    • brookst  15 hours ago

      The end user protection is to sign updates and publish the fingerprints. It should not be possible for one device to get a different binary than everyone else.

    • jen20  1 day ago

      > Chocolatey, which popped up out of nowhere

      Chocolatey assuredly did not "pop up out of nowhere" - it was a labour of love from Rob Reynolds to make Windows even barely usable. It likely existed for years before you ever heard of it.

      > had no visible source of funding

      Rob was employed by Puppet Labs to develop it until he started the commercial entity which now backs it.

      > a small building in the middle of nowhere.

      As I recall, Rob lives in Topeka, Kansas. It follows that his business would be incorporated there, no?

      1 reply →

tim333  9 hours ago

I doubt it. Much to my annoyance they moved Google Maps Timeline from their database to an encrypted copy on my phone specifically so if law enforcement asks for the records of where you were at a given time and place they can say dunno, can't tell. If they had the keys it would wreck their legal strategy not to get hassled every time law enforcement are trying to track someone.

skybrian  11 hours ago

The linked article makes a lot of assumptions about the "Massive Digital Data Systems Program". It seems this program existed. For example, here is a 1996 paper [1] about research funded by the "Massive Digital Data Systems (MDDS) Program, through the Department of Defense."

But it's not clear that funding for early research into data warehousing (back when a terabyte was a lot of data) has anything to do with whether or not Google uses end-to-end encryption? Lots of research got funded through the Department of Defense.

Without having relevant evidence, this is just "let's assume X is true, therefore X is true."

[1] https://papers.rgrossman.com/proc-047.htm

GeekyBear  15 hours ago

Google didn't announce that they could no longer process geofence warrants because they no longer stored a copy of user location data on their servers until last October.

How much good does an encrypted device backup do when harvesting user data and storing it on your servers (to make ad sales more profitable) is your entire business model?

yellow_lead  21 hours ago

This would mean no independent security researcher has ever taken a look at Google Drive's E2EE on Android. Or those that did missed the part where the key is uploaded.

It's possible to decrypt this network traffic and see if the key is sent. It may be obfuscated though.