back to article How a glitch in the Matrix led to apps potentially exposing encrypted chats

The Matrix.org Foundation, which oversees the Matrix decentralized communication protocol, said on Monday multiple Matrix clients and libraries contain a vulnerability that can potentially be abused to expose encrypted messages. The organization said a blunder in an implementation of the Matrix key sharing scheme – designed to …

  1. Anonymous Coward
    Anonymous Coward

    The primary motivation of crypto experts is to make a plausible encryption that only they, but not their opponents, can read. The primary employer of crypto experts is the secret police, who want to bypass encryption.

    Backdoored crap is a billion dollar industry. Lots of companies competing to be 'plausible' and yet 'backdoored' at the same time.

    In every electronic conversation, imagine a secret-policeman in a hi-viz jacket looking to 'make-his-name' and 'advance-his-career' at your expense. And be careful with your words.

    (this comment self censored).

  2. Anonymous Coward
    Anonymous Coward

    "Unfortunately, the implementation did not sufficiently verify the identity of the device requesting the keyshare ..."

    So the keys are protected by ad hoc security, not cryptography. And it sounds like he's saying the "ad hoc" wasn't good enough.

    1. TeeCee Gold badge

      Always the way since cryptography was invented. At some point, as the authorised recipient, you will need to acquire the key to decrypt. By definition, since you have no key at that point, that exchange cannot be encrypted in any meaningful way[1] and is often vulnerable.

      Asymmetric key protocols help, but there's still the matter of how you store and retrieve your private key[2].

      [1] You need a key to decrypt the key and to get that key you need.......oops.

      [2] If you have memorised your 4096 bit key congratulations and get a life.

    2. Denis Kasak

      The keys are definitely protected with cryptography, both in transit and when deciding whether the message key should be shared with a requesting device.

      This latter check is performed by ensuring the identity key of the key-requesting device is the same as the one written down at the point the message key was originally shared with the participant. Unfortunately, it turned out that this check could be fooled with some trickery -- but this is a logic bug and an honest mistake, which is now patched.

      1. Pseudonymous Cowherd
        Big Brother

        You're missing a trick - if a logic bug *could* do this, various governments will request and require that the logic bug be re-added.

        If you want end-to-end encryption, this isn't it.

        1. Denis Kasak

          I suppose they could try, but now we have tests for this and many people will be on their toes about it (myself included). I don't see this as being a viable tactic for someone looking to compromise E2EE.

  3. Grunchy

    Glitch in the matrix!

    You can build your own matrix for $20.

    https://youtu.be/dDPAVFGF7NI

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021