[seanieb]

Trevor Perrin, who co-designed the Signal Protocol, made the point that most people don’t have to do this. If a few people do, an adversary won’t know if the target is verified or not. If they MITM they might be discovered instantly. Which gives the entire herd protection.

- https://www.youtube.com/watch?t=2001&v=7WnwSovjYMs

[notpushkin]

Not a great argument IMO. If only 0.1% people check the keys, the attacker may be just okay with the 0.1% chance of being discovered – especially if there's no consequences for them.

[viktorcode]

Only for mass attacks. A targeted attack will encounter the risk of the attacker being exposed.

Think journalists, politicians, public figures

[p-e-w]

> A targeted attack will encounter the risk of the attacker being exposed.

What "risk" is there? I'm not aware of illegal spying by intelligence or law enforcement agencies having ever had any adverse consequences for them, in any country, at any point in history.

[acdha]

Risk of revealing their attack and losing whatever exploit made it possible, if nothing else. The stuff Citizen Lab has published is also making problems for some of the companies selling spyware

[godelski]

I don't mean to be snippy, but this is kinda what the whole Cold War was about. There were constant consequences for the spying. For domestic I think we can point to Watergate, Contra Affair, Snowden Leaks. I have some more recent examples but I think mentioning them will result in arguing and move from the topic at hand. You may not agree that the consequences were severe enough, but there were consequences. I think there's also a strong bias in that consequences take place after (often months or years) and there's less attention given to them so we often aren't even aware. But if consequences do happen, it does mean the rage machine was effective even if far from optimal. Worth noting that there is a danger in lack of attention to consequences, since it can lead to apathy and thus actually enable consequent-less actions in a self-fulfilling prophecy.

[p-e-w]

What consequences did the Snowden Leaks have?

I mean for the intelligence agencies – not for Edward Snowden. I'm of course aware his life has been destroyed. But what consequences were there for the people and institutions responsible?

[godelski]

This contains a decent summary, including some laws: https://www.eff.org/deeplinks/2023/05/10-years-after-snowden...

I'd mention there are two big but abstract consequences.

1) The leaks significantly harmed international relationships and the result of this game much more ammunition to political adversaries like China and Russia. People argue that this is a consequence of Snowden's leak but that's like arguing that a mass shooting was only problematic because the news informed everyone. In a way yes, but it's not like those people would be alive if the news didn't report... It's not the real problem even if you wanted to argue over-sensationalism.

2) It seriously galvanized the battle for encryption and laid the pathway for the subsequent rapid rise in usage of tools like Signal and more funding and energy for building tools like Matrix and many others. Google's Project Zero certainly was influenced by this event.

While I get that these are more abstract, they are certainly consequences and certainly nothing to be scoffed at. This is another problem with the perception of consequences, is that often they are more subtle or abstract. But subtle or abstract doesn't mean any less impactful, just more difficult to trace. More opaque. We don't have a counterfactual to prove that these things wouldn't have happened without the leaks, but I'm certain the timing and degree would have been different. Do you think the world would be different had he not released them? I don't think this is an easy question to answer because it requires being exceptionally detailed and paying very close attention to a lot of events.

[viktorcode]

There were several instances when a person of interest suspected something's wrong with their phone and knowing they can be a target of a government surveillance they promptly submitted their devices to security companies. That's how some zero-days were uncovered by Apple.

[kahnclusions]

It might still be an acceptable risk. Most governments around the world probably don’t care that much if it’s discovered they are surveiling a journalist or lawyer.

In most of the world everyone knows that journalists and lawyers are being monitored.

[xoa]

I think you and notpushkin are perhaps missing some of the "economic" angles on this. It's not just about the what, it's about the how. High value targets are highly likely to be following decent practices and at least staying up to date on software. Which implies that cracking iMessage would require use of a 0-day, of which there are not an infinite number at any given time, and which Apple will immediately eliminate forever if they discover it. Part of the point of highly targeted careful attacks is to stretch those out, it's not just about keeping the target from knowing (though that's not irrelevant), it's also about future targets.

So as with a lot of matters in intelligence work it's subject to cost benefit calcs. If using it against a given target means they are incredibly unlikely to notice and it can then be used again and again, it doesn't take much target value for a government to deploy it which pushes towards more mass use. On the opposite end if using it means it will immediately become useless ever again, then the expected target value has to at least exceed the market cost (which itself will rise more quickly if 0-days are being consumed more quickly vs production), every time. In between is a spectrum of less or more use. Apple wants it as far towards "use it and lose it" as possible, but Trevor Perrin's argument makes sense here: even a relatively small increase in percentage of "use it and lose it" amongst the population could significantly change the mean weighted cost for threat actors.

If they could know for sure whether a given counter measure was deployed that'd reduce the cost again, but if they can't there is indeed a population benefit. It's like a mine field, there don't have to be that many mines scattered around to really hurt people's willingness to cross it!

[p-e-w]

> High value targets are highly likely to be following decent practices and at least staying up to date on software.

Not even close. The vast majority of journalists, lawyers, activists, even public figures, don't have the knowledge to secure their digital lives, don't have access to an expert to do it for them, and in many cases aren't even fully aware of the nature of the threat (beyond some vague idea along the lines of "I'm probably being monitored").

On top of that, it has been my experience that people who don't understand threat mechanics on a deeper level (such as active MITM attacks) quickly stop following whatever best practices they have been trained to adhere to (in this case, peer key verification), because those practices have no observable effect to them and without actually understanding what's going on, it's hard for them to see what the point is.

[xoa]

>Not even close. The vast majority of journalists, lawyers, activists, even public figures, don't have the knowledge to secure their digital lives, don't have access to an expert to do it for them, and in many cases aren't even fully aware of the nature of the threat (beyond some vague idea along the lines of "I'm probably being monitored").

Citation needed. Because everything I have ever seen is that iOS users almost all leave on autoupdate and the move to the latest version is the overwhelming majority, very rapidly. Seriously, look at adoption each time over the last 5 years on a site like statista [0] or wherever, or various ones aimed at developers. If you want to claim that people at higher risk aren't part of the 60-85% I'd honestly be curious to see your numbers. Note I said "decent" not "best" practices. Whatever its flaws, mixed incentives, and issues (which are real), Apple has expended significant effort in making the normal default paths provide an ok baseline security for regular people and discouraging leaving them. Which isn't even something a lot of HNers like! If anything, I'd be unsurprised if HN types to lag in some respects because we want more control and to do things outside the well trod path. I've jailbroken a lot, is that something most people do? No.

In this specific case, the minimum needed to avoid a zero-day exploit is (by definition) merely to always have the OS updated and all security patches applied while staying firmly within the walled garden. Which it's objectively clear the super majority of regular people do. If you just go with the default and let Apple update your device whenever Apple wants, then it's a truism that anything you get hit by is something Apple hasn't yet patched. And in turn anything that raises the population probability that the 0-day actually gets noticed and potentially reported raises the risk of using the 0-day. The whole point of this feature is that it'd let a normal person who doesn't necessarily understand threat mechanics go "huh, that's funny" and then maybe say so on their social media/blog/wherever, at which point if even one person who follows them (and we're talking journalists or other types with enough influence to get targeted by major threat actors right?) recognizes what's going on and says "quick call Apple/security researcher/tell HN" now it's out there.

>because those practices have no observable effect to them

Literally the entire point of this new feature is to create an observable effect of tampering. Kind of a weird statement in context.

----

0: https://www.statista.com/statistics/565270/apple-devices-ios...

[matheusmoreira]

Has warrantless mass surveillance really become so normalized that such gross violation of people's rights is just casually brushed aside like some unsurprising everyday occurrence, so common it can't be helped? Lawyers and journalists are people too, they're citizens, human beings with rights and they don't deserve to be "monitored" by anyone. If "everyone knows" they're being monitored, why is nobody doing a thing about it?

All these three letter agencies operate in the darkness and away from the public eye. That's where they belong, because what they do to their own citizens is supposed to be unconstitutional. If they've really gotten so brazen as to operate openly instead of clandestinely and are still enjoying complete impunity then there really is no hope left.

[londons_explore]

WhatsApp has this scheme. And to my knowledge, never had there been a report of verification failing.

If an adversary was discovered 0.1% of the time. There would be at least one person on a support forum with the text of the error that occurs when it fails...

[vinay_ys]

I get the warning "your contact key has changed.." all the time with various contacts on WhatsApp. What am I supposed to do? there's no clear next steps to debug / report of suspicious activity. In such cases, users get trained to become complacent of such warnings.

[londons_explore]

You're supposed to meet up with that contact and verify the new key.

If even 0.1% of users did that, it would be 2 million verifications. And yet nobody has ever announced they have found a non-matching key.

[godelski]

The argument is context dependent, as is essentially anything related to security. Key verification isn't for most people and can even create more noise as normal people frequently change phones. But the average threat environment isn't the only threat environment. In higher risk settings (politicians, journalists, etc) verification rates are expected to be higher than 0.1% because these people frequently are also more knowledgeable of security practices and/or have better advisors than the general public. While the context isn't explicitly stated I think it is fair to assume that most can infer this and that if not someone can explain it. Often things that appear ridiculous but are common practice aren't if context is considered (doesn't mean good thing but just less absurd and it can be understood why the ridiculous thing is done).

[alwillis]

Apple’s installed base is so large (around 2 billion devices) that if 0.1% of them verified their keys, that’s still a useful deterrent.