back to article Inside Confide, the chat app 'secretly used by Trump aides': OpenPGP, OpenSSL, and more

Rumors that President Donald Trump's aides are using an encrypted messaging app called Confide has landed the software firmly in the spotlight – and under the security microscope. The Washington Post on Monday mentioned that Confide, built by a startup in New York City, is used by some White House staffers to gossip in private …

  1. MNGrrrl

    "Hate my life"

    I wouldn't hate my life as CIO of the current administration. Trump is every level one tech support employee's bread and butter. His cabinet is too. They're tech-illiterate, blame everyone but themselves when things break, and expect failure as the norm rather than the exception. The only way the job could get any more basic would be if we found a coffee cup sitting in the "cup holder" tray on the computer.

    How, exactly, is that a challenge? This is IT at its most painfully basic level. Anyone could do the job. And think of how much you're getting paid. And face it, you work in IT. Everyone outside the field hates you anyway.

    1. leon clarke

      Re: "Hate my life"

      The challenge is simple to express:

      He needs to say 'Mr President, you need to give me your Android phone, which I'm going to put in this metal box. You'll get it back after the 46th president is inaugurated, whenever that might be. Here's your new phone, which only has secure apps on. You'll note that these exclude twitter'.

      Assuming Trump says 'no', and I assume there is someone in the White House competent enough to have made that demand, so I know Trump did say 'no', you can assume the president is carrying a bug around with him. In which case, the CIO has failed in the most important aspect of their job.

      1. AndyS

        Re: "Hate my life"

        You know what, being CIO for Trump's White House has two aspects to the job. The first, the actual tech bit, would perhaps be pretty easy.

        Then there's the second bit, having to interact with Trump and his group of delinquent idiots.

        I can see why any sane person would hate their life if they had to do that on a daily basis.

        1. MNGrrrl

          Re: "Hate my life"

          > I can see why any sane person would hate their life if they had to do that on a daily basis.

          You're doing tech support. You're already both (a) not sane and (b) hating your life. This is like adding a bucket of water to the ocean. Who's going to notice?

      2. MNGrrrl

        Re: "Hate my life"

        > In which case, the CIO has failed in the most important aspect of their job.

        False. The CIO has discharged his responsibilities to the organization, which is to provide safe and reliable infrastructure. You handed him a secure phone, which I assume is functional. You are now done. You have produced the tools as requested, and given instruction on their proper use as well as an offer of support to ensure they continue to meet necessary specifications.

        If you didn't receive the resources to discharge your responsibilities, or you are ignored, you are not responsible for any problems that arise. Either way, you've done your job. Sit back, make some popcorn, and enjoy the show. Oh, and make sure you keep an iron-clad paper trail describing in great detail exactly what you did and said, with many witnesses... and then store that evidence in about twenty different secured and triply-redundant systems, so that there is no way to erase ALL the copies.

    2. phuzz Silver badge

      Re: "Hate my life"

      Well, the "Chief Information Security Officer" for the White House (I don't know if that's the same as CIO, I don't speak corporate) was 'asked to leave' a week or so ago. So now there's no one in charge of communications security in there. What could possibly go wrong?

      1. AndyS

        @phuzz

        Oh good grief.

    3. William 3 Bronze badge

      Re: "Hate my life"

      The fact you hate your life is most likely the reg pushes clickbait shit like this on you.

      If you loved it, you wouldn't respond to bullshit stories that are based on "rumours"

  2. Gene Cash Silver badge

    Can ya vague that up a little for me?

    Kenn White, a security researcher and OpenSSL auditor, simply described the software as: "Awful."

    Well, he's a complete waste of oxygen then, isn't he? He can't give any worse criticism than that?

    Wait, what's your auditor's opinion of OpenSSL? "It sucks!" Thank you for the constructive remarks!

    1. Stoneshop
      FAIL

      Re: Can ya vague that up a little for me?

      Please engage brain while reading.

      The "awful" classification is regarding Confide, not OpenSSL

  3. allthecoolshortnamesweretaken

    Hm. This certainly warrants further research and a couple of follow-ups. What are the odds that the full logs will appear on, say, Wikileaks in a couple of months?

    (And if it does, please don't call it Confidegate.)

    1. oldcoder

      So call it "Congage". As both sides are con artists.

  4. Anonymous Coward
    Anonymous Coward

    If it is being used, everyone using it is violating the law

    The presidential records act was amended in 2014 to include instant messages among the protected classes of documents that must be preserved. I hope all republicans wanting to put Hillary in jail for using a private email server will feel the same about administration officials using an instant message app with the defining feature that it leaves no paper trail.

    But somehow I bet they'll believe it if Pence says he's been assured that no classified information or official business is being conducted using Confide....I'm sure they're only using it to decide where to order lunch :P

    1. Tom 64
      Pint

      Some flaws for sure

      So, confide's servers get compromised or subpoenaed, your messages can be read.

      If your messages touch flash disk on your phone, even in self destruct mode, they can be read.

      Keep using it Donnie, I'm breaking out the popcorn =)

      1. Anonymous Coward
        Anonymous Coward

        Re: Some flaws for sure

        Why do you think that if the messages hit flash they can be read? When you erase flash the contents are gone, you can't recover it.

        I think the possibility of exploits against Confide's servers is a much bigger problem. Maybe Russia doesn't need to bother since they already own Trump, but China would want to read it and they have access all kinds of 0-day exploits and ability to take advantage of weaknesses in how encryption is programmed, plus more than enough money to buy off a critical employee or two if they are somehow secure enough that they need the help.

        1. oldcoder

          Re: Some flaws for sure

          Yes you can.

          At least until the block itself gets overwritten. Deletes in flash don't actually delete - it just puts the block in a queue to be erased, and allows operations to continue. Depending on the size of the device, the length of the queue - it can be quite a while before it actually is overwritten/erased.

          1. Anonymous Coward
            Anonymous Coward

            Re: Some flaws for sure

            Most modern filesystems on flash use TRIM, which erases the blocks as they're deleted, instead of allowing the FTL to manage it and erase them on an as needed basis.

  5. Anonymous Coward
    Anonymous Coward

    OpenSSL FIPS

    Although in its default form OpenSSL doesn't have FIPS certification, they do have a FIPS validated crypto module and source code available. Obviously, you can't change the code of it and still claim that it meets the standard...

    See https://www.openssl.org/docs/fips.html

    Everyone like to dump on OpenSSL because it is an old (archaic?) codebase, but it is the most actively audited TLS implementation that I'm aware of. I doubt that other TLS libraries are any better when it comes to security, although they may use more recent C coding styles.

  6. John Smith 19 Gold badge
    Unhappy

    With crypto the devils always in the details.

    And there are a lot of details.

    AIUI this uses PKA between users initially to get 1 time AES key then the 2 people use for the rest of the session. Obvious issues would be.

    1)Key lengths. PKA needs longer keys to ensure security for an adequate length of time (Quantum computer architectures are saying they can factor 248 bits in 110days but who's built one?) AES should also be long. Security drops through the floor with short enough key lengths, which Confide don't specify. IIRC AES recommendation is currently 150-200bits.

    2)I doubt they built their own crypto. So they inherit any bugs in the libraries they used. More likely I'd look at botched interface code where they stitch the bought in code with their UI.

    3))Set up nano cell to spoof the cell tower, giving hardware MinM attack. A bit elaborate, unless you have a bunch of users in a small location providing potential high value information. Wall street?

    4) This thing says it does not store stuff. Literally erase after reading. Does it? Does it cache data? Does it actually write zeros or just delete the file.

    Which are the obvious routes into and around the app. If any of these work it's a waste of money.

    But the big one. It's not FIPS compliant. It should not be used for USG business. Note the specific issue with Clinton was classified document store on her email server. It could be argued that since this system is designed not to store that's not an issue, but does it?

    1. Anonymous Coward
      Anonymous Coward

      Re: With crypto the devils always in the details.

      It seems to me that the current Administration is very much in the mode of

      Do what I tell you to do

      and not

      Do what I do.

      In other words, they don't seem to care as long as Hillary is put in Jail by fair means or foul, that wall is built and ... well you know the rest.

      Naturally the Donald will issue a decree that the rules put in by Obama are illegal and don't apply to his team. He will give the excuse that they are using this App in order to keep their conversations away from the Muslim Terrorists. His electorate will buy it and life will continue and to heck with the law and constitution.

      The next question is, who is using this App here in the UK?

    2. Doctor Syntax Silver badge

      Re: With crypto the devils always in the details.

      "But the big one. It's not FIPS compliant."

      Bearing in mind that FIPS has previously approved a broken by design NSA-promoted algorithm I'm not sure whether this is automatically a bad thing de facto, just de jure.

      (Why did I initially type FIBS? Is my sub-conscious trying to tell me something?)

    3. Steve the Cynic

      Re: With crypto the devils always in the details.

      "And there are a lot of details."

      Crypto consists *entirely* of details, in a way that less ... demanding ... code does not. (Just look at some of the key-revealing attacks on RSA encryption, for example.)

      1. John Smith 19 Gold badge
        Unhappy

        "Crypto consists *entirely* of details, in a way that less ... demanding ... "

        It'd tend to agree.

        Steve Connell in "Code Complete" described how he wrote a DES encryption routine to do real time code coding on an original (4MHz) PC to drive a serial line and how he re-wrote it about 20 times to get the necessary speedup.

        Implementing a high security encryption / decryption may be some of the smallest but most demanding software anyone can be asked to write.

  7. Mystic Megabyte
    FAIL

    Dense

    SCROTUS's team are so stupid they will write down the self-deleting message so that they don't forget what it said :(

  8. leon clarke

    I guess this app is being run on a stock android phone

    It won't be on an officially hardened one as officially hardened phones don't let you install apps whose security hasn't been approved by the NSA. And their first tickbox is 'is the crypto FIPS140-1'.

    So attacking the phones is the other attack vector for this stuff.

    I'd be interested to read what mobile games are popular amongst trump staffers. And so would many other people.

    1. John Smith 19 Gold badge
      Unhappy

      So attacking the phones is the other attack vector for this stuff.

      Well if you can stick some your own app on their phone and it's Android that should open up the field quite a lot.

      TBH should you expect that when a company whose core business is collecting information about it's users to sell to advertisers releases a Linux build safeguarding your privacy will be a high priority for them?

      1. Mr Flibble
        Boffin

        Re: So attacking the phones is the other attack vector for this stuff.

        In the absence of hardened phones, I'd use ones which get regular security updates. My understanding is that this limits it to Google Nexus/Pixel and Apple. (I could well be wrong here, but somehow I doubt it.)

        I should think that most of us only see the free services provided by Google (I have no experience of Apple in this respect, so I won't comment on that). I've not seen Google's business offerings; but since they cost actual money, I would expect a corresponding lack of information gathering for advertising etc.

        I should mention that, for advertising, it's not the information which is sold (that would have huge ethical, not to mention legal, problems); what they sell is a service: matching up adverts to users and actually serving the adverts to those users. But keep thinking that they sell the actual info if it helps.

  9. Anonymous Coward
    Anonymous Coward

    Donald Trump

    Donald Trump Donald Trump encrypting through the webs.

    Donald Trump Donald Trump and his band of crypto plebs.

    Confide on their phones, pastebin gets a dump.

    Donald Trump

    Donald Trump

    What a chump.

    1. kmac499

      Re: Donald Trump

      You couldn't make it up could you...

      All Hail El Douché (that's Donald BTW)

  10. Peter2 Silver badge

    aides, fearful of being accused of leaking to the press, turned to Confide in an attempt to cover their tracks and stay off the radar.

    Am I the only person to read this as "aides who have been leaking records of dear donalds telephone conversations etc have started using Confide to cover their tracks"?

    1. Hollerithevo

      Is a strong dollar or a weak dollar better for the economy?

      I'd love to know which aide leaked the fact that Trump asked Flynn (before Flynn did the decent thing) whether a strong or weak dollar was better for the economy. He or she must have struggled to type without screaming, or screaming with laughter.

      1. tiggity Silver badge

        Re: Is a strong dollar or a weak dollar better for the economy?

        Strong / weak dollar best is not that stupid a question - effects are complex - it depends which areas of the economy you are most bothered bothered about, e.g. on very simplistic level, one example is imports may be more expensive, exports may appear cheaper (though depends how much is of exported product is built from imports)

        Back in the day Mr Worstall did spout some dross amidst the occasional good point but if he was still here I'm sure he would be happy reel out huge lists of areas where plummeting dollar was good & conversely areas where it was a bad thing (& assumptions made, e.g. what currency debts are in etc)

    2. This post has been deleted by its author

    3. Anonymous Coward
      Anonymous Coward

      Am I the only person that read that and thought "he doesnt just have aides, he is AIDS".

  11. allthecoolshortnamesweretaken

    Anyone want to guess what PLA Unit 61398's homework for this week is?

  12. Anonymous Coward
    Stop

    Traffic analysis?

    aides, fearful of being accused of leaking to the press, turned to Confide in an attempt to cover their tracks and stay off the radar.

    Does Confide have any countermeasures to traffic analysis? If the all-seeing NSA eye spots that aide X has been talking to journo Y, then it would be hard for aide X to prove that the leak didn't come from him even if the traffic can't be read.

    1. Anonymous Coward
      Anonymous Coward

      Re: Traffic analysis?

      The conversation would be more along the lines of:

      NSA: Mr President, we can see your chat traffic on the insecure mobile app your staff is using. All of it, sir. Here's a report of the data that we picked up being intercepted at peering points, here, and here, and...

      Don: Don't give me that crap! You can't see it, I was looking right at the phone, I'm doing it now, and you can't see any of the messages after we delete them, WHAT ARE YOU TALKING ABOUT?!?! Do you know who you're talking to? I'm the fucking leader of the free world and I erased my shit, so shut up you idiot! And the D-mails, we call them that, it's cute, they travel to the other staff member's smart phones, you know they're really very smart these phones, they are, well they travel over the airwaves, or something, and you can't even see those at all!!! So, again, what the crap are you trying to pull here, guy?

      NSA: Just trying to give you a head's up before the media start printing them out and asking your sweaty press secretary about the content, and...

      Don: Hey! I've got lobsters getting cold in the fucking oval office, you moron. Some other time, okay? Thanks.

  13. John Smith 19 Gold badge
    Unhappy

    Still as long there are no more phone calls to the Russian ambassador all should be well.

    Remember though if the D goes you get VP Pence giving the orders.

    Those who know more of his antics than I should ponder if the cure is worse than the disease.

  14. William 3 Bronze badge

    Why do you fools fall for clickbait fake news that start with "rumours are"

    Is it because it provides justification for you're own hatred & bigotry?

    Who started the "rumours", some journalist down near the watercooler saying "you'll never guess what I heard".

    No matter what side of the political fence you sit on, we should ALL be vigilant of fake bullshit stories like this that base their entire foundations of some "rumour"

    It might be you they start spreading rumours about next.

  15. GrapeBunch

    Screen crapture

    I don't know about androids, but on an iPod 2g, you can record what's on the screen by pressing the two buttons at the same time. The screen capture then appears in your "Photos". That may open another attack vector. If the attack works, it gets only a subset of the messages, but perhaps the "most important" ones. Such as the answer to "what's the password for ....?", or "where do you go for rapture?"

  16. GrapeBunch
    Joke

    So funny they couldn't be making it up, yet they do.

    Canadians have decades of loving satire news, parody news, and yea, even fake news. This one is all three, and even doubly fake because what they call a security breach is actually, well, you be the judge:

    https://www.thebeaverton.com/2017/02/major-security-breach-donald-trumps-personal-phone-outdated-fisher-price-model/

  17. Anonymous Coward
    Anonymous Coward

    Wear your mushroom with pride

    The President's brain is missing. Could it possibly get any worse?

    https://www.youtube.com/watch?v=0FaH7ATXkWg

    Hell yeah, it could get worse. It already did. And there's more.

    https://en.wikipedia.org/wiki/Whoops_Apocalypse (sorry, no readily available clips I could find).

  18. John Smith 19 Gold badge
    Mushroom

    "The President's brain is missing. Could it possibly get any worse?"

    But that was satire.

    This is real life.

    1. Anonymous Coward
      Anonymous Coward

      Re: "The President's brain is missing. Could it possibly get any worse?"

      "But that was satire.

      This is real life."

      And 1984 was fiction, not an instruction book for the Home Office (hello Charles Farr and friends).

      Wtf happened?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like