Careless Whisper: Exploiting Stealthy End-to-End Leakage in Mobile Instant Messengers

• URL: http://arxiv.org/abs/2411.11194v2
• Date: Tue, 19 Nov 2024 11:26:29 GMT
• Title: Careless Whisper: Exploiting Stealthy End-to-End Leakage in Mobile Instant Messengers
• Authors: Gabriel K. Gegenhuber, Maximilian Günther, Markus Maier, Aljosha Judmayer, Florian Holzbauer, Philipp É. Frenzel, Johanna Ullrich,
• Abstract summary: This paper highlights that delivery receipts can pose significant privacy risks to users. We use specifically crafted messages that trigger delivery receipts allowing any user to be pinged without their knowledge or consent. We argue for a design change to address this issue.
• Score: 1.5496023883771977
• License:
• Abstract: With over 3 billion users globally, mobile instant messaging apps have become indispensable for both personal and professional communication. Besides plain messaging, many services implement additional features such as delivery and read receipts informing a user when a message has successfully reached its target. This paper highlights that delivery receipts can pose significant privacy risks to users. We use specifically crafted messages that trigger delivery receipts allowing any user to be pinged without their knowledge or consent. By using this technique at high frequency, we demonstrate how an attacker could extract private information such as the online and activity status of a victim, e.g., screen on/off. Moreover, we can infer the number of currently active user devices and their operating system, as well as launch resource exhaustion attacks, such as draining a user's battery or data allowance, all without generating any notification on the target side. Due to the widespread adoption of vulnerable messengers (WhatsApp and Signal) and the fact that any user can be targeted simply by knowing their phone number, we argue for a design change to address this issue.

Related papers

• Remote Timing Attacks on Efficient Language Model Inference [63.79839291641793]
  We show it is possible to exploit timing differences to mount a timing attack. We show how it is possible to learn the topic of a user's conversation with 90%+ precision. An adversary can leverage a boosting attack to recover PII placed in messages for open source systems.
  arXiv  Detail & Related papers  (2024-10-22T16:51:36Z)
• The Medium is the Message: How Secure Messaging Apps Leak Sensitive Data to Push Notification Services [9.547428690220618]
  This study investigated secure messaging apps' usage of Google's Cloud Messaging (FCM) service to send push notifications to Android devices. We analyzed 21 popular secure messaging apps from the Google Play Store to determine what personal information these apps leak in the payload of push notifications sent via FCM. None of the data we observed being leaked to FCM was specifically disclosed in those apps' privacy disclosures.
  arXiv  Detail & Related papers  (2024-07-15T10:13:30Z)
• Poisoning Federated Recommender Systems with Fake Users [48.70867241987739]
  Federated recommendation is a prominent use case within federated learning, yet it remains susceptible to various attacks. We introduce a novel fake user based poisoning attack named PoisonFRS to promote the attacker-chosen targeted item. Experiments on multiple real-world datasets demonstrate that PoisonFRS can effectively promote the attacker-chosen item to a large portion of genuine users.
  arXiv  Detail & Related papers  (2024-02-18T16:34:12Z)
• A State Transition Model for Mobile Notifications via Survival Analysis [10.638942431625381]
  We propose a state transition framework to quantitatively evaluate the effectiveness of notifications. We develop a survival model for badging notifications assuming a log-linear structure and a Weibull distribution. Our results show that this model achieves more flexibility for applications and superior prediction accuracy than a logistic regression model.
  arXiv  Detail & Related papers  (2022-07-07T05:38:39Z)
• Speaker De-identification System using Autoencoders and Adversarial Training [58.720142291102135]
  We propose a speaker de-identification system based on adversarial training and autoencoders. Experimental results show that combining adversarial learning and autoencoders increase the equal error rate of a speaker verification system.
  arXiv  Detail & Related papers  (2020-11-09T19:22:05Z)
• Privacy-accuracy trade-offs in noisy digital exposure notifications [3.04585143845864]
  There is interest in using the power of mobile phones to automate the contact-tracing process. The rough idea is simple: use Bluetooth or other data-exchange technologies to record contacts between users, enable users to report positive diagnoses, and alert users who have been exposed to sick users. Although designing practical protocols is of crucial importance, it is essential to realize that notifying users about exposure events may itself leak confidential information.
  arXiv  Detail & Related papers  (2020-11-08T15:00:38Z)
• Backdoor Attack against Speaker Verification [86.43395230456339]
  We show that it is possible to inject the hidden backdoor for infecting speaker verification models by poisoning the training data. We also demonstrate that existing backdoor attacks cannot be directly adopted in attacking speaker verification.
  arXiv  Detail & Related papers  (2020-10-22T11:10:08Z)
• Mind the GAP: Security & Privacy Risks of Contact Tracing Apps [75.7995398006171]
  Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy. We demonstrate that in real-world scenarios the GAP design is vulnerable to (i) profiling and possibly de-anonymizing persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts.
  arXiv  Detail & Related papers  (2020-06-10T16:05:05Z)
• Decentralized Privacy-Preserving Proximity Tracing [50.27258414960402]
  DP3T provides a technological foundation to help slow the spread of SARS-CoV-2. System aims to minimise privacy and security risks for individuals and communities.
  arXiv  Detail & Related papers  (2020-05-25T12:32:02Z)
• Privacy Guidelines for Contact Tracing Applications [19.094312133714023]
  We discuss the scenarios which a contact tracing application should be able to handle. We describe the various threat actors who can disrupt its working, or misuse end user's data. We present privacy guidelines for contact tracing applications from different stakeholder's perspective.
  arXiv  Detail & Related papers  (2020-04-28T06:44:14Z)
• A Snooze-less User-Aware Notification System for Proactive Conversational Agents [6.4378876455245235]
  We propose an alert and notification framework that intelligently issues, suppresses and aggregates notifications. Our framework can be deployed as a backend service, but is better suited to be integrated into proactive conversational agents.
  arXiv  Detail & Related papers  (2020-03-04T14:31:21Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.