U.S. government funding encryption apps used by the Islamic State

Despite all the FBI talk against encryption software, public records show that Radio Free Asia, a broadcaster funded by the United States Congress to help advance their foreign policy in East Asia, in 2012 created the Open Technology Fund, which in turn gave over a million dollars to Open Whisper Systems, the company responsible for developing the iOS and Android encryption apps Signal, Redphone and TextSecure, apps recommended in Twitter by various Islamic State members.

It is very bizarre that American taxpayers are financing development of the same encryption software that American officials say are helping terrorists evade surveillance and supposedly threatening intelligence services of “going dark“.

Some cybersecurity experts suggest that the NSA could be behind the funding to try to stay one step ahead of the game, presumably by influencing the development of the apps or gaining internal knowledge.

Open Technology Fund diagram

Open Technology Fund diagram

Just because the USA government is funding a privacy project it doesn’t automatically mean that the technology is not safe, it is also the US taxpayer who is footing the bill for developing Tor. A network used by drug dealers, terrorists and Chinese dissidents alike, and so far, the only arrests in Tor have been the result of zero day browser vulnerabilities, FBI identity theft in forums, Bitcoin tracing or other user related mistake, like, using the same nickname in the open Internet and the darknet.

There isn’t any known arrest due to the Tor network being broken in the same way that Freenet has been infiltrated by law enforcement.

Email for the security paranoid

If you don’t wish the NSA and GCHQ to illegally read your communications, the method below should allow you to bypass Internet wiretapping from intelligence services:

  1. Open an account with an email provider that has encrypted servers (Tutanota,ProtonMail,Countermail).
  2. Share the password of that account with your contact.
  3. Write an email and don’t send it, save it in the drafts folder.
  4. Your contact reads the draft email, erases it and replies writing another email that is never sent, only saved in the drafts folder.

Method Weaknesses

  1. Email provider you have chosen is not as secure as they claim to be. Fix: Encrypt the message with a second layer using PGP or 7zip.
  2. ISP middle in the man attack, breaks SSL connection to the email account and sees anything you upload Fix: Same as above, apply second encryption layer.
  3. ISP sees metadata, sites you visit. Fix: Use Tor or a no logs VPN to connect to the email account.
Islamic State member Twitter account

Islamic State member Twitter account

The downside of the method above is that it is only be useful to communicate with somebody you already know.

For an open chat where you can post your address in public, you can open a Tor Email account and access it in your smartphone using Orbot or any other mobile app that allows you to connect to the Tor network, or as advised by the Islamic State Twitter account above, ChatSecure is the best form of anonymous communication using a smartphone.

The country where these Islamic terrorists are based, Syria, doesn’t have wide Internet access, it makes sense that a smartphone app is their preferred method of communication.

Open Whisper Systems financial details:

https://www.opentech.fund/project/open-whisper-systems

Leave a Reply