As of July 2022, only 55% of sites have secure SSL implementations (configuration errors and renegotiation vulnerabilities seem to drive the 45% who are insecure). - SSL Pulse, Qualys SSL Labs - a monthly scan of security issues in SSL implementations across the top 150k Alexa sites (https://www.ssllabs.com/ssl-pulse/). Methodology (https://github.com/ssllabs/research/wiki/SSL-Server-Rating-G...).
This is really cool stuff. Does anyone have a good comparison between Privacy Pass and Anon-Pass (https://eprint.iacr.org/2013/317.pdf)? Is one better for subscriptions than the other?
Circle also does monthly attestations - independent, signed reviews by third party accountants - on USDC holdings. Those are available here: https://www.circle.com/en/usdc#transparency
I looked and the April '22 attestation seemed fine.
Even the FT article seems to walk back its claims about changes in the attestations as worrying, seems like their source actually is more concerned about digital currencies in general:
> “The problem to me isn’t the specifics of any one attestation, it’s the fundamental workings of these kinds of systems,” said Grey.
This is in addition to a managed database offering (mlab) for availability purposes, to reduce customer site downtime in the event of a hardware failure (keeps multiple follower copies replicated).
These look like messages being re-sent from the service to the client.
This is not surprising - when you ask someone else to route messages for you, even encrypted messages, you are giving them the (encrpyted) payload and asking them to route it for you.
If you have a large network with billions of users, it's reasonable that some of the users' phones may be offline some of the time.
Should the service just drop messages on the floor when that happens, or buffer them in some queue (recall, they're E2EE) that gets emptied every so often?
Now assume all your infra has a hiccup (outage) and goes offline, and then comes online again.
Probably the retry logic didn't synch correctly and attempted to retransmit encrypted messages that had already been delivered.
I'm not sure if that explains why deleted messages from months ago are being resurrected. That would imply that there is a persistence framework that has multi-month readback capability.
The oldest message from the twitter screenshot looks ~8 days old.
In the second tweet the user says "3 chats before the outage and now 15+ or more chats which I deleted before the week or two."
Two weeks (and in screenshots, only 8 days shown) does not seem surprising. Especially given the increasing rate of internet shutdowns across the globe [1].
E2EE is too important to play fast and loose with.
[1] "In 2020, Access Now and the #KeepItOn coalition documented at least 155 internet shutdowns in 29 countries." (https://www.accessnow.org/keepiton/)
1. Backups are opt-in - just as they have always been.
2. The E2EE backups do not rely on HSM's - they rely on a client-side only key derived by the WhatsApp client, on the user's phone.
3. The client-side key backup does not rely solely on HSM's - naturally, the client-side key must be backed up in case the user loses their phone. This key is itself encrypted and stored remotely (whether this is on third-party cloud or on WA servers is unclear from the report). However, decrypting it requires a user passphrase, known only to the user.
4. The design uses HSM's additively, not as the only support - via an OPAQUE exchange the user can combine their passphrase with a per-user secret stored in the HSM to derive, client-side, the key that unwraps the backup key. OPAQUE ensures WA cannot learn the user key material required to derive the key that unwraps the backup key.
This is all on page 6 of the published NCC report.
Additionally, you can also elect to store the raw key yourself (in the form of a 64-digit number). In which case the HSM thing doesn't apply. The caveat is that they can't help you recover it, but in my opinion that's a feature, not a bug. Consider the mud puddle test.
Of course we still have to take their word from it that the app doesn't secretly store this key somewhere. But I suppose this audit will validate that. I have to do a deep dive into it. The problem remains of course that this app can be modified at any time through the update mechanism.
Last time I looked at it, WhatsApp backup key was simply stored server side. Also, backup encryption key never changes, basically. I tell you this because I needed to extract an old backup that I did on Android years ago to recover some messages: well it was as simple as extracting the key from another phone where I was signed into (need root privileges, but of course you can just access the account from an emulator, insert the SMS code, recover the key and sign in again on the main phone), then the backup is easily decrypted. And no passphrase needed (and even if it is, how it would be difficult to brute force? Considering that users use the same password everywhere...)
This for local backups, but I assume that the encryption schema is the same for a backup on Google Drive (just the file that would be stored locally is uploaded into Google Drive in a non user accessible location).
By the way I don't care that much of backup secrecy, in fact I use mainly Telegram even if everything is on the server clear text. WhatsApp tries to give users a false sense of security in my opinion.
I believe you are mistaken, and the NCC group analysis makes it quite clear that the locally-stored backup key is not the same as the "export key": the export key is the encrypted version of the local backup key. WhatsApp servers only have access to the export key, not the local backup key. The fact that you could extract the local backup key with physical access to your device and root privileges does not mean that the key is stored remotely in plaintext.
The HSM is a server-side HSM. I believe it helps prevent brute-forcing weak passwords/PINs by non-WhatsApp attackers, in case non-WhatsApp attackers gain access to the encrypted backup keys.
I was surprised to read that OPAQUE. uses/generates deterministic asymmetric keypairs based on a secret seed. I'd posit the HSM stores this seed so that it can use various derivations to verify whether a given key asserted by a client was generated by that seed. (https://www.ietf.org/id/draft-irtf-cfrg-opaque-07.html)
I have only used key derivation in symmetric protocols, so tbh I don't know how you do deterministic asymmetric key generation, or even which primitive uses it.
It can effectively be the same. Consider ECDH as key agreement, passed into a KDF such as a hashing algorithm, potentially with additional input, then using that value as the private key — the security assumptions then become the Square Computational Diffie-Hellman and whatever assumption(s) are in the hashing algorithm, the former is proven to be equivalent difficulty to the general CDH assumption.
This is super cool work, congrats! I've been looking for a good low/no-code tool to build a static website to sell some assets I've developed, wondering if TypeDream can fit the bill.
How easy is it to:
+ A/B test pages (e.g. for conversions)
+ Measure user interaction to understand incoming referral, bounce rate, time on page, user journey, etc.
+ Integrate with other automation tools like n8n.io
I'm new to this so apologies if some of this is better served by other tools (suggestions welcome!).
For example, in addition to the stuff above, i'd like to:
+ send transactional emails to customers who buy a product
+ send update emails to customers when the product gets an update
+ add orders to Airtable/Google Sheets to track sales
(these could be handled with some automation integrations like n8n)
On the site itself, is it possible to:
+ allow comments (simple way to do this might be to include a twitter post with the article URL, displaying the twitter replies as comments on the TypeDream website)
- A/B testing: not supported yet, although we are thinking on building this. Would love to learn more from your use case!
- Incoming referral, bounce rate, time on page are available through our built-in analytics. If you're familiar with Plausible https://plausible.io, we're using their self-hosted version to offer the analytics feature, so you should get everything they offer.
- Not familiar with n8n.io, looks like it's similar to Zapier. We don't have any integration like this yet, but most functional components that you can add to your Typedream site (like forms, waitlist, etc) can be done using HTML embeds. For example, to add a form, you can embed an Airtable form in your Typedream site. This means that any automation supported by those tools can be used.
With that said, interactions such as allowing customer to buy a product, sending emails, and adding orders to Airtable/Google Sheets can be done by using a third party service, like Stripe Payment Links to allow users to buy a product, then use Stripe's functionality or Zapier/n8n.io integrations to send emails or add orders to Airtable/Google Sheets. This is also the case with comments, for example you can embed https://commentbox.io/ into your Typedream site to enable comments.
thanks for the reply! will have to check out Stripe's email/orderflow integrations, didn't know about those :)
does TypeDream support custom email domains? (example: myemail@mysite.com)
re: A/B testing - my use-case is pretty simple. i have some assets i'd like to sell and want to A/B test what landing page converts the best (could also be useful to A/B test what landing page converts to the highest price/longest subscription if someone's selling subs).
alternative use-case -- A/B test what article titles lead to the most search engine (or other inbound referral) traffic. let's say i have a set of content i've created, i'd like to have test same blog post with different article titles to know which one performs the best
For email domains, we don't handle your emails. You could use any email provider that you want, like MailChimp, Sendgrid, etc. Since connecting custom domains doesn't require you to point your nameservers to Typedream, you can add MX records, etc. that is usually required for you to set up your email provider.
Thanks for your explanation on A/B testing, that makes sense and we have had a couple of similar requests as well! This is definitely something we're looking to add as a feature.
Disclaimer: I'm exploring an open source, community VPN called OpenRelay here: https://github.com/triumphantomato/openrelay