Thoughts on MySudo during this turbulent time.

Comments

3 comments

  • Avatar
    Susan Donim

    It's a good question. Frankly, when you're using MySudo over a cellphone connection as you would during a protest, it connects through cell towers. With Police Stingray technology, your personal cellphone will connect your phone to their towers, and they collect your phone's data. They can't read your messages, but they now know who you are, and there is now evidence of police tracking down protesters once they've gone home using this method. So ultimately, it doesn't matter if your messages are encrypted if they can track you based upon the information your phone leaks to their stingray.

    To mitigate that, you could keep your phone on airplane mode the whole time, but that doesn't do you much good in the fray aside from taking photos/videos (make sure you scrub any photos/videos of their metadata before sending anywhere!).

    The other method is if MySudo developed a forward-secrecy-based encrypted mesh communication model based upon bluetooth or wifi like Briar, which is what protesters in Hong Kong are using (That doesn't seem to be the threat model addressed by MySudo, so hopefully they're okay with me posting that here).

    MySudo is great at what it does, but when you're talking about adding in any government agency into your threat model, there is a lot more you need to consider. That goes beyond the scope of what most people need/use MySudo for.

     

    Disclaimer: I don't work for MySudo. I'm just a fan wanting to see them grow and mature their products.

    0
    Comment actions Permalink
  • Avatar
    Norman

    @Susan I agree, my OpSec is multi-tiered, one application would never be enough to combat an agency, they have unlimited funds and resources. My point was more so, the other messenger cornered the market off of the protesting. It is becoming known for its “no logs” and open sourcing convinces people to use it (even though we cannot confirm that code is used in production). Or even companies mentioning they are not 5/14 eyes etc., almost every country has cooperation agreements. MySudo need to be in the business of hardening the encryption and data protection.

    Follow up, I do not believe a stingray would apply to Sudo to Sudo calls, only Sudo to non-Sudo calls the RSA 2048/AES implementation still might be good enough- maybe...

     

    PS finally someone to talk OpSec with- woot!

    0
    Comment actions Permalink
  • Avatar
    Susan Donim

    Wait, you don't compile your own phone apps from the source you downloaded? (I'm kidding, although I've been known to do just that)

    Sudo-to-Sudo is still connecting through the cell-network when you aren't at home, and as long as your phone is connecting through the cell network, data WILL be collected from it. The CONTENT of Sudo-to-sudo communication would not be available, but they'd know your phone connected to that tower, so they have your phone number, and a quick CNAM will give the device owner's name unless you bought and provisioned it with cash under a false name.

    Even if you DID buy and provision it anonymously, if you turned on your cellphone at home, it's not difficult for law enforcement to obtain cellphone records and triangulate position: thus tying your privately-purchased phone to your real-life locations (home, office, etc.). Again for the protester away-from-home scenario, the best bet is to put it in Airplane mode both before you arrive at the protest location, and keep it in airplane mode until you're far away from that location (and again, remember to scrub any metadata from photos/videos).

    It is my personal belief that personal privacy will have a revolution in the near future, and MySudo is well poised to be a part of that conversation. For most civilians, MySudo is more than sufficient to help them in their process of separating the many hats they wear: Work, Personal, Social, Shopping, Financial, etc. I think in the transition time (now), they'd do well to start de-platforming their own software (quit relying on giant data-mining companies like Google and Apple), and writing some transition integration (i.e., Group text messaging/MMS over SIP [admittedly challenging to implement] if the recipient doesn't have a better messenger, but encrypted messaging if they do). That way it would be a much more real-life friendly application. I have to rely on group text-messages in many scenarios, and doing so through one of my MySudo `nyms would be great, but as I understand it, group messaging is Sudo-user only, yes?

    0
    Comment actions Permalink

Please sign in to leave a comment.