- Support for TrustCor was dropped by Google, Android, and Mozilla after security concerns were brought to light by a professor from the University of Calgary in a Google Groups post.
- Many coincidences were found by said professor and The Washington Post which implied the existence of security problems and caused distrust for TrustCor.
- The Google Groups discussion gained lots of traction and multiple tech giants were seen replying to it such as Mozilla, Google, Apple, and Trustcor itself.
According to the research of a professor from the University of Calgary and the joint effort of The Washington Post investigative journalists, a spyware Software Development Kit (SDK) was found embedded in apps that were invasively tracking users.
Many unfortunate coincidences were found
The professor uncovered that the SDK was from a Panamanian company called Measurement Systems. Upon further research, he also uncovered that one of the registered domains was trustcor.co, which redirected at the time to TrustCor CA’s website. The NS records continue to point to nsX.msgsafe.io. MsgSafe is a TrustCor encrypted email product.
The professor adds:
« I have also tested the Msgsafe encrypted email product in the browser, while saving the resulting traffic using Firefox and Chrome’s “save to HAR” file option. I am not convinced there is E2E encryption or that Msgsafe cannot read users’ emails. I see that email contents and attachments are sent plaintext (over TLS) to api.msgsafe.io, even when sending to other Msgsafe users or when using PGP or SMIME to send to non-Msgsafe users. The SMIME cert is sent inbound from the server, and there is no outbound traffic that embodies the public key to be signed. The password is sent plaintext to the server (over TLS) and thus any key derived from that password would also be known by the server. Hanlon’s razor tells me I should not attribute these errors to malice; it could just be a developmental failure. Nevertheless, I think it is reasonable expectation that a root certificate authority can get the crypto right, and so I’m concern regardless of the reason why. »
While the professor found many coincidences that suggest TrustCor might be untrustworthy, he also acknowledged that his research was not in-depth.
« To be clear, I have found no evidence of TrustCor issuing a bad certificate or otherwise abusing the authority they have in code signing, SMIME, and domain validation. I have only checked the public certificate transparency logs because I am unaware of comparable public auditing for code signing and SMIME. Perhaps Vostrom registered a similar-sounding domain for TrustCor and redirected it as an act of service. Perhaps the identical ownership of TrustCor and Measurement Systems is a coincidence. Perhaps the Raymond Saulino of Frigate Bay holdings is a different Raymond Saulino than the one representing Packet Forensics. »
From the Google Groups discussion, it was gathered that:
- Measurement Systems distributed an SDK containing spyware to Android users.
-
There is substantial evidence that Measurement Systems and TrustCor are closely related:
-
Both had their domains registered by Vostrom Holdings. (as illustrated in this post by AppCensus)
-
They have identical corporate officers: Measurement Systems, and Trustcor Systems.
-
TrustCor operates the mail encryption product MsgSafe and a beta version of MsgSafe contained the only known unobfuscated version of the spyware SDK. (Beta APK, inspected by Joel and signed by Google)
-
The MsgSafe product relies in part on SMIME certificates issued by TrustCor (MsgSafe Website).
-
-
There was no evidence found of the CA mis-issuing certificates.
The change is set to take effect with the rollout of Chrome 111, which is set to land on March 7, 2023, following a beta release around one month before. Previous versions of Chrome capable of receiving component updates will also be included in the change. It is uncertain how long we’ll have to wait for the transition to make its way to Android devices. Unlike Chrome for desktop, which can be tweaked by itself, Android’s root certificate is updated as part of the entire operating system, which is likely to cause a delay.