Darknetlive

FBI Doc Highlights the Benefits of End-to-End Encryption

A document from the Federal Bureau of Investigation reveals the data the Bureau can (and can’t) access from messaging applications, including iMessage, Signal, Telegram, Wickr, WhatsApp, and others.

Property of the People obtained the document through a FOIA request in November 2021. The FBI’s Science and Technology Branch and Operational Technology Division created the document in January 2021. The document, which serves as an internal guide for Bureau employees, outlines the information available to the FBI during an investigation. The document lists iMessage, Line, Signal, Telegram, Threema, Viber, WeChat, WhatsApp, and Wickr. The document validates the information already known to people interested in private messaging services.

A picture of The information is not groundbreaking but it is impossible to read without zooming in.

The information is not groundbreaking but it is impossible to read without zooming in.

The picture is difficult to read. The PDF version (here) is slightly easier.

The FBI is able to access a significant amount of subscriber information for users of WhatsApp and iMessage, as expected. Likewise, Signal and Telegram seem to provide the least information to law enforcement agencies. The document illustrates information already known, such as the limits of end-to-end encryption. Such encryption prevents those who glow from accessing the contents of a message but not the metadata, such as subject lines, recipients, etc. Metadata is potentially as valuable to law enforcement as the actual contents of a message. From Signal, the FBI can only access a user’s registration date and last access date. Wickr, on the other hand, yields the following information:

  • Date and time account created.
  • Type of device(s) app installed on.
  • Date of last use.
  • The number of messages.
  • The number of external IDs (email addresses and phone numbers) connected to the account, bot not to plaintext external IDs themselves.
  • Avatar image.
  • Limited records of recent changes to account settings such as adding or suspending a device (does not include message content or routing and delivery information).
  • Wickr version number.

Wickr, though, is closely linked to In-Q-Tel as well as other parties associated with the intelligence community. Signal, although a clear winner for the general population and a current darling of the media, will become less friendly to users who want to separate themselves from an oppressive regime. As reported in April, Signal is working on cryptocurrency integration using MobileCoin. MobileCoin’s CTO is Moxie Marlinspike, the creator of Signal. And MobileCoin wants the government all up in your transactions. “At MobileCoin, we believe governments have a legitimate interest in regulating the economic lives of their citizens,” the MobileCoin website openly states. To quote someone who comments on this site, “should have used Monero.” (DIFBR)

People who use WhatsApp or iMessage for sensitive conversations are not serious people. The same, obviously, is true for people who SMS or most popular messaging services for the same purpose. The graphic speaks for itself. But since the graphic is difficult to read, Catalin Cimpanu (who is someone worth following) reformatted the content in a legible way:

Apple iMessage

  • Message content limited.
  • Subpoena: can render basic subscriber information.
  • 18 USC §2703(d): can render 25 days of iMessage lookups and from a target number.
  • Pen Register: no capability.
  • Search Warrant: can render backups of a target device; if target uses iCloud backup, the encryption keys should also be provided with content return can also acquire iMessages from iCloud returns if target has enabled Messages in iCloud.

Line

  • Message content limited.
  • Suspect’s and/or victim’s registered information (profile image, display name, email address, phone number, LINE ID, date of registration, etc.)
  • Information on usage.
  • Maximum of seven days worth of specified users’ text chats (Only when E2EE has not been elected and applied and only when receiving an effective warrant; however, video, picture, files, location, phone call audio and other such data will not be disclosed).

Signal

  • No message content.
  • Date and time a user registered.
  • Last date of a user’s connectivity to the service.

Telegram

  • No message content.
  • No contact information provided for law enforcement to pursue a court order. As per Telegram’s privacy statement, for confirmed terrorist investigations, Telegram may disclose IP and phone number to relevant authorities.

Threema

  • No message content.
  • Hash of phone number and email address, if provided by user.
  • Push Token, if push service is used.
  • Public Key
  • Date (no time) of Threema ID creation.
  • Date (no time) of last login.

Viber

  • No message content.
  • Provides account (i.e. phone number)) registration data and IP address at time of creation.
  • Message history: time, date, source number, and destination number.

WeChat

  • No message content.
  • Accepts account preservation letters and subpoenas, but cannot provide records for accounts created in China.
  • For non-China accounts, they can provide basic information (name, phone number, email, IP address), which is retained for as long as the account is active.

WhatsApp

  • Message content limited.
  • Subpoena: can render basic subscriber records.
  • Court order: Subpoena return as well as information like blocked users.
  • Search warrant: Provides address book contacts and WhatsApp users who have the target in their address book contacts.
  • Pen register: Sent every 15 minutes, provides source and destination for each message.
  • If target is using an iPhone and iCloud backups enabled, iCloud returns may contain WhatsApp data, to include message content.

Wickr

  • No message content.
  • Date and time account created.
  • Type of device(s) app installed on.
  • Date of last use.
  • Number of messages.
  • Number of external IDs (email addresses and phone numbers) connected to the account, bot not to plaintext external IDs themselves.
  • Avatar image.
  • Limited records of recent changes to account setting such as adding or suspending a device (does not include message content or routing and delivery information).
  • Wickr version number.
Comments
Do you really want to comment here? not rules
da2e0b07
2316c7e0 Wed, Dec 1, 2021

the reformatted content is missing Telegram. Great article though. Thanks.

1fea07d0
0659faa0 Wed, Dec 1, 2021

Thank you. Fixed.

a2ea66db
b5908020 Wed, Dec 1, 2021

If glowies are having a hard time with normie niggerphone apps then tools like Linux, Tor, Whonix, XMPP + OMEMO with proper opsec can make you literally untraceable.

8a7ffcfa
7232dc50 Wed, Dec 1, 2021

I do recall a while back our adversaries were having problems in their hiring due to most the skilled talent they wanted couldn’t get passed the drug screening. Congratulations once again drugs, for winning the war on drugs lol.

086bef8b
22b308c0 Wed, Dec 1, 2021

this could be false information put out by the FBI

1fea07d0
0659faa0 Wed, Dec 1, 2021

It crossed my mind but seems awfully clever for the FBI.

0a8ead1b
8df1b5c0 Thu, Dec 2, 2021

you can literally cross verify this for majority of apps that has been subpoenaed

745248c7
f53196c0 Sat, Dec 4, 2021

I read an article the other day where the police have obtained messaage content of Wickr messages with full conversations layed out. That article could be bullshitting. Never trust the fucking mainstream media.

31c01f15
2e14a070 Wed, Dec 1, 2021

We just got to a point of critical mass getting the normies on Signal, and then they pull this MobileCoin BS on us. sigh Whats the move now guise? Get everyone onto a Signal fork?

b57f3b58
7a168c40 Thu, Dec 2, 2021

There is a Signal fork called Session (https://getsession.org). It has it’s own issues, being the devs stupidly incorporated in the encryption graveyard called Australia.

There is another called Molly.im.

6385a80f
83ff9820 Thu, Dec 2, 2021

Awww look at the cute little signal column…

29988d7f
c74f87a0 Thu, Dec 2, 2021

Wickr is not to be trusted or used by anyone serious. Duh.

There is an end-to-end encrypted messaging app called Wire which is also very good, like Threema but it’s free. Signup requires an email address.

8ce7442d
3e049d00 Fri, Dec 3, 2021

yo they are liers wickr is the safest one

99cb5cc9
ec075330 Sat, Dec 4, 2021

It says “legally” so what they can do illegally or without disclosure is of higher concern.

ac4b4159
e44d65b0 Sun, Dec 5, 2021

Wickr is the goat doesnt require phone number unlike others, has burn messages and encrypt. still would avoid posting own private data without encryption. Idk why would u use app that ever needs any of ur social privacy (in this case phone number to register) thats a big burn. Wickr you only need nickname and password no bs. Bless for that app.

ae4b0b66
53eda5b0 Tue, Dec 7, 2021

Broham, it’s like you can’t read good.

Wickr, on the other hand, yields the following information:

Date and time account created.
Type of device(s) app installed on.
Date of last use.
The number of messages.
The number of external IDs (email addresses and phone numbers) connected to the account, bot not to plaintext external IDs themselves.
Avatar image.
Limited records of recent changes to account settings such as adding or suspending a device (does not include message content or routing and delivery information).
Wickr version number.

Wickr, though, is closely linked to In-Q-Tel as well as other parties associated with the intelligence community.

93d3486e
bf16f380 Thu, Dec 9, 2021

Surprised Telegram giving out your registered phone number as you need a phone number i guess the market for fake numbers just growing.

11a78e14
e7c3d090 Fri, Dec 10, 2021

how to get a fake number to register on telegram?

9954b61e
9fb11230 Sun, Dec 12, 2021

Whats about Snapchat?

New comments are disabled after ten days in an attempt to limit spam.