Good to know

FBI document shows what data can be obtained from encrypted messaging apps:

App Legal process & additional
details
Apple
iMessage
*Message content
limited.

*Subpoena: can render basic
subscriber information.
*18
USC §2703(d):
can render 25 days of iMessage lookups and from a
target number.
*Pen
Register:
no capability.
*Search
Warrant:
can render backups of a target device; if target uses
iCloud backup, the encryption keys should also be provided with content return
can also acquire iMessages from iCloud returns if target has enabled Messages in
iCloud.
Line *Message content
limited.

*Suspect’s
and/or victim’s registered information (profile image, display name, email
address, phone number, LINE ID, date of registration, etc.)
*Information
on usage.
*Maximum of seven days worth of
specified users’ text chats (Only when E2EE has not been elected and applied and
only when receiving an effective warrant; however, video, picture, files,
location, phone call audio and other such data will not be
disclosed).
Signal *No message
content.

*Date
and time a user registered.
*Last date of a
user’s connectivity to the service.
Telegram *No message
content.

*No

contact information provided for law enforcement to pursue a court order. As per
Telegram’s privacy statement, for confirmed terrorist investigations, Telegram
may disclose IP and phone number to relevant authorities.

Threema *No message
content.

*Hash
of phone number and email address, if provided by user.
*Push
Token, if push service is used.
*Public
Key
*Date (no time) of Threema ID
creation.
Date (no time) of last
login.
Viber *No message
content.

*Provides
account (i.e. phone number)) registration data and IP address at time of
creation.
*Message history: time, date,
source number, and destination number.

WeChat *No message
content.

*Accepts
account preservation letters and subpoenas, but cannot provide records for
accounts created in China.
*For non-China
accounts, they can provide basic information (name, phone number, email, IP
address), which is retained for as long as the account is
active.
WhatsApp *Message content
limited.

*Subpoena: can render
basic subscriber records.
*Court
order: 
Subpoena return as well as information like
blocked users.
*Search
warrant:
 Provides address book contacts and WhatsApp
users who have the target in their address book contacts.
*Pen register: Sent
every 15 minutes, provides source and destination for each message.
*If
target is using an iPhone and iCloud backups enabled, iCloud returns may contain
WhatsApp data, to include message content.
Wickr *No message
content.

*Date
and time account created.
*Type of device(s)
app installed on.
*Date of last use.
*Number of messages.
*Number
of external IDs (email addresses and phone numbers) connected to the account,
bot not to plaintext external IDs themselves.
*Avatar image.
*Limited
records of recent changes to account setting such as adding or suspending a
device (does not include message content or routing and delivery
information).
*Wickr version
number.

Prepare appropriately.

Share

7 thoughts on “Good to know

    • It would also be good to know where those companies operate from. Some are Chinese, I believe. Telegram is Russian? So switching may make you safe from the FBI but expose you to the tender mercies of the KGB or the CCP.

      • Signal was coded by some guys from DEFCON that deliberately architected it so they wouldn’t have anything in their servers that could be recovered even if they were physically seized and the admins subjected to rubber-hose cryptography.

  1. There is NO public messaging app that cannot be hacked given enough incentive by someone or some group. NONE! There is in reality only ONE totally secure method of communication and that is using One Time Pad encryption. And with quantum computing starting to come on line it may be possible that that method loses its security. Most digital communication methods vary in how tough it is for someone to hack but it’s simply a matter of time, will and resources.

      • Properly done, one-time-pad encryption is unbreakable because it could decrypt to _any_ message of the same length – you can find anything you expected to find, and its opposite…. (Also, good encryption includes padding – dummy characters added so the code-breakers can’t know even the real message length.) The issue with OTP is that usually it’s done poorly. Either the pads aren’t the result of a truly random process (computers _don’t_ generate random numbers, but rather pseudo-random sequences that might be duplicated), or else they aren’t used just one time. Either way, you don’t need quantum computing to break it.

        E.g., in WWII and for some years after, the Soviets used OTP generated by drawing numbered balls (like a Bingo or Lotto machine), and typing the numbers into the pad with one carbon paper, to give them two copies (for sender and recipient). That was sufficiently random, but it was too slow, so they slipped more carbon paper into the typewriter and made two identical sets. When both messages sent from identical pads were intercepted, it eventually became possible to decrypt many of them. These decrypts were code-named “Venona” and gave quite a lot of insight into the Soviet spying and infiltration of the US.

        There were two problems with that: The messages were several years old when they were finally decrypted, so usually the damage was already done. (More powerful computers might have helped with that.) And they could not be used in court or in any other way that would tip the Soviets off so they changed their methods. And so we apparently had someone with Venona access tipping Joe McCarthy off that they had long lists of Communist agents in government offices, but generally couldn’t give out the names, let alone the proof. The end result was something only Commie infiltrators could love… If the leakers were actually anticommunist, I wonder how many Senators and prominent Congressman they tried before they found one fool enough to go public with so little real information and no proof? (OTOH, Tailgunner Joe might have been the obvious idiot to use as the conduit for a disinformation campaign by actual Commie infiltrators.)

Comments are closed.