Ghostbusting: Detectability of Invisible Users in Encrypted Chats
Seth Schoen is a Senior Staff Technologist at the Electronic Frontier Foundation in San Francisco, where he has worked for over 17 years. As the first Staff Technologist at EFF, Seth has helped attorneys and the public understand technology as it relates to litigation and public policy. He has published research on computer forensics, exposed Internet service provider misbehavior, and developed privacy software. He has testified before three Federal regulatory agencies and in several courts, trained judges in Latin America, and spoken in more than 10 countries. Seth has been a speaker at several previous editions of LinuxFest Northwest.
With the political conflict over encryption back in full swing, governments of several countries are pushing the idea that developers of communications apps should have to modify them, on government request, to include backdoors or various ways of getting around encryption. This poses a disturbing challenge for free software developers.
One recent suggestion from the British government calls for making developers support a "ghost user" who can join your encrypted conversations invisibly. While proponents argued that this would require only the most minimal of software changes, we were skeptical of how undetectable the ghost would really be. We've been exploring this question with a few reverse engineering tools and we think that the likeliest answer is that the most straightforward forms of the ghost concept may be quite detectable indeed.
I'll discuss the history and status of this issue, and a few ways that we think reverse engineering tools undermine the governments' suggestions.