Crypto Phone Flaws Cause Post-PRISM Concern

Since the revelations surrounding mass surveillance by US and UK intelligence agencies, many have flocked to communications services offering end-to-end encryption, but flaws affecting such crypto phones have been uncovered that could allow further snooping.

Depending on the device run by a user, the crypto phone vulnerabilities could be used to gain remote access to users’ devices, Azimuth Security has warned. Effectively, the protocol used by these phones provides opportunities for attack by spies.

One of the affected pieces of software is Silent Circle, which TechWeekEurope recently profiled, noting the privacy benefits it offered over Skype and other VoIP products. The company has already turned around fixes for the flaws, with updates available via Google and Apple’s respective stores.

Other affected products include CSipSimple, LinPhone and Twinkle. Fixes for these products can be found on Github too.

Hacking crypto phones

The problems lay in the ZRTP protocol, which was originally designed by PGP creator and Silent Circle founder Phil Zimmerman. The protocol is designed to negotiate encryption keys to set up a secure channel over an RTP [Real-time Transport Protocol] connection for VoIP communications.

Amongst the three vulnerabilities affecting the protocol were two overflow flaws. The final one could be exploited by sending malformed ZRTP ping packets, which could force leaks of pieces of metadata.

“Using this vulnerability allows the attacker to discover useful pointers and heap state, and could be used in conjunction with the aforementioned heap overflow to gain reliable code execution,” a blog post from Azimuth Security read.

“In addition, it could possibly be used to leak sensitive crypto-related data, although the extent of how useful this is has not been investigated.”

Mark Dowd, CEO of Azimuth, told TechWeekEurope users who want decent privacy should still use crypto phones like Silent Circle, but they should keep abreast of the latest attack methods used against such products.

“While it is possible that nation states have the ability to compromise some of these applications, I would say it definitely makes sense to use them, as it raises the bar for gaining access to your communications,” Dowd told TechWeek.

“In addition, you would have to be specifically targeted with a hack to gain access to your data, as opposed to the passive collection of your data that is available when not using products such as these.

“I have just scratched the surface in this regard, and think that once more of the security community gets involved, we will see a lot of potentially dangerous flaws being closed in a short space of time.”

What do you know about Internet security? Find out with our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago