Are YOU being snooped on if you use airport WiFi? Cyber security experts warn authorities could be monitoring your internet use at major transport hubs after chess prodigy sparked terror alert when he joked with friends on Snapchat about bombing a plane
by nimobo
14 comments
Snapchat is encrypted end to end so how is anyone going to look at the content of the messages even if they are able to monitor the network traffic?
More like someone reported it.
Given that the police use Stingray phoney mobile phone masts for surveillance, the suggestion that this happens in airports doesn’t surprise me at all. Always use a VPN for any public wifi or when you’re out and about.
I would 100% expect airport WiFi to be snooped on, I consider any public WiFi insecure for that matter.
OTOH it doesn’t feel good to be snooped on.
On the other, I wouldn’t be such an idiot as to mention Taliban, bombing and so on in – or connected with – an airport, that results in fighter jets being scrambled over the security concern.
When it’s proven to be some kid being a muppet, it’s an outrage. When it’s proven to stop someone trying to bomb something legitimate (or indeed if we *don’t* catch such people and they manage it) it’s horrific that we didn’t do more to stop them.
It’s always easy to say which in hindsight.
Maybe, just maybe don’t alert security services by talking about bombs and terrorism at the airport.
This absolutely *isn’t* how it works.
I deploy TLS interception appliances in the enterprise space for a living, *and* I have deployed firewalls at an international airport for the public WiFi. The firewalls very specifically *don’t* do TLS inspection because it’s not technically feasible unless you have installed a CA cert into the devices trust store, and even then certificate pinning in apps (such as Dropbox) breaks this.
Can public WiFi be snooped upon, yes, could the entire airport WiFi system be compromised by GCQH et al, sure. But if you are using TLS in the form of HTTPS, which every single app is, then they cannot see *what* you are sending, only *where* you are sending it to (i.e. snapchats servers). They can see destination IP and ports, they can sniff DNS requests (assuming you’re not using DNS over HTTPS) and they can see certificate DNs in a TLS handshake.
The whole thing about E2EE has no bearing when it comes to network transport monitoring.
What it does mean is that without E2EE, Snapchat themselves get visibility of the contents. E2EE just prevent that form happening.
At all times E2EE or not, everything is still going to be transport encrypted, and TLS is, as far as we know, not broken and is mathematically intact so short of brute forcing it, which isn’t possible in real time anyway.
If GCHQ and the like have the ability to decrypt TLS using modern ciphers with forward secrecy then the entire internet can be deemed broken.
Plus, there’s not a snowballs chance in hell that if the security service do have the ability to transparently MiTM TLS that they would expose that knowledge to the outside world for something as relatively inconsequential as this.
I would bet my house on the fact that the information about this message came from within Snapchats own infrastructure and they have an automated thing that is scanning messages for certain content and keywords and forwarding those to the security services via an already existing channel for further review.
But what’s damn sure is that they aren’t plucking these messages off of WiFi unless the entire idea of TLS and CA trust chains is irrevocably broken.
The only place those messages came from were either compromised handsets^* or snapchats servers, not from the public WiFi.
* Though I will concede if the handset was compromised then it could be made to ignore MiTM attacks and at that point the TLS connection could be transparently proxied and sniffed on public WiFi, that’s a very big if though.
Why are people surprised? You’re using public wifi. They ofc will monitor and log what and who you do. They made it law a while back that ISPs should log what you do for a year.
If someone tries using public wifi to access questionable content, then naturally will flag it up.
It’s not secure, and anyone technically minded enough can set up packet sniffing to snoop on what data is being sent and received. Especially if its unencrypted.
Don’t access banking apps on public wifi, don’t do anything with sensitive information on it.
Snapchat pictures may be end-to-end encrypted, but I’m not sure their text is, and given everything anyway on trying to get platforms to monitor themselves for any potential crime stuff, chances are there’s some keyword analysis or something going on that would flag a message for review.
One issue text chats have is to someone else reading, context isn’t there. To his friend, it might be an obvious joke. To someone working at Snapchat who saw that message come in and knows nothing about who sent it or who’s receiving it, took it seriously.
I operate very close to the line, but even I know better than this, ffs.
And yet we will never now the answer, because no one has read the terms and conditions
I have a feeling that if the government could tell that you were thinking the word bomb by facial analysis and thats how they targted this guy, there would be loads of redditors nodding sagely about how we need to be safe and how the kid should have been more careful with his facial expressions or that maybe instead they ‘got’ him with mind reading psionics.
Just as we’ve apparently accepted its totally fine for governments and/or corparations to snoop on private conversations without prior motive in order to dispatch fighter jets. Nome of this is normal, the kid did nothing wrong, the government should back off..
Anyone who uses public WiFi without a VPN is asking for trouble. It’s like sleeping around without using condoms.
Proton VPN has a free version that’s actually decent.
“Cyber-security expert Professor Anthony Glees of the University of Buckingham” is in fact a Professor of Politics and has zero qualifications in cybersecurity.
https://www.buckingham.ac.uk/directory/professor-anthony-glees/
Hence the complete inaccuracy of his statements
I think this has been done to death, the UK security services had foreknowledge of this message because they have something which can peer in to Snapchat and pull the data with the agreement of Snapchat. They did not compromise the secure system HTTPS, SSL, etc. Snapchat shared it.
And your last 3 words have got you on a list now, too….