The message was sent privately. After reading about Snapchat security at https://courses.csail.mit.edu/6.857/2016/files/11.pdf, it's clear that even in the absence of E2E encryption, all message are sent to the Snapchat API using TLS and even if using a public airport Wifi, this message should not have been easy to intercept.
This leaves only a few options about what is happening here:
Option 1: Big Intel has totally broken TLS and can see all TLS traffic in the clear in real-time
Likelihood: very unlikely, I don't think this would stay secret for long.
Option 2: Big Intel got itself a certificate for the Snapchat domains and use it to MITM Snapchat traffic.
Likelihood: very possible but unlikely to be the source as I don't think they would use it too openly on random users as it's too easy to get noticed if used widely.
Option 3: Snapchat is actually monitoring all messages and reported the message to authorities themselves. Alternatively, Big Intel is in bed with Snapchat and all message get processed by an intelligence system.
Likelihood: I think this is the only explanation that makes sense.
Since it would not be very good PR for Snapchat to admit that they are monitoring all messages, the authorities must have invented that airport wifi monitoring story. Who even use an airport wifi in their home country anyway... Pretty sure he had 4G and no need to use the crappy airport wifi.
Anyway, that's the only way I can make sense of that story.
Option 4: there is zero privacy and security on devices, as many vital parts of their OS are closed source, from firmware to apps through the OS. It takes only one rogue closed program with the right permissions to render insecure a 99.9% open phone and read data before it is being encrypted or after it is decrypted, then send it somewhere.
Likelihood: Certainly possible (and out in the wild, see Triangulation and Pegasus), but it seems brazen to waste 0-days and PR issues on the low chance someone might text a bomb threat.
> Option 1: Big Intel has totally broken TLS and can see all TLS traffic in the clear in real-time
> Likelihood: very unlikely, I don't think this would stay secret for long.
Also, I doubt they would let the fact they have a technical capability like that leak out for something as stupid as this. If they totally broke TLS (and can do it near real-time), it would be a very, very tightly held secret. Probably the kind they'd let a plane blow up to protect.
It's Option 3. The Gatling Wi-Fi is most likely a red-herring to prevent a Snapchat PR nightmare, that somehow even Reddit and Hackernews have fallen for. I imagine a layperson would be none the wiser.
> Option 1: Big Intel has totally broken TLS and can see all TLS traffic in the clear in real-time
> Likelihood: very unlikely, I don't think this would stay secret for long.
People smart enough to break TLS at scale wouldn't be dumb enough to reveal their cards on a false alarm, that would be a massive blunder. Yes it wouldn't stay secret for long, which is why you must use it with impeccable deliberation.
That's an interesting point. That's sound at least plausible that mobile notifications could be monitored by intelligence.
Still, the point would be the same: they are likely inventing a story around the airport wifi, and someone/something is watching messages directly on the provider side.
The message was sent privately. After reading about Snapchat security at https://courses.csail.mit.edu/6.857/2016/files/11.pdf, it's clear that even in the absence of E2E encryption, all message are sent to the Snapchat API using TLS and even if using a public airport Wifi, this message should not have been easy to intercept.
This leaves only a few options about what is happening here:
Option 1: Big Intel has totally broken TLS and can see all TLS traffic in the clear in real-time
Likelihood: very unlikely, I don't think this would stay secret for long.
Option 2: Big Intel got itself a certificate for the Snapchat domains and use it to MITM Snapchat traffic.
Likelihood: very possible but unlikely to be the source as I don't think they would use it too openly on random users as it's too easy to get noticed if used widely.
Option 3: Snapchat is actually monitoring all messages and reported the message to authorities themselves. Alternatively, Big Intel is in bed with Snapchat and all message get processed by an intelligence system.
Likelihood: I think this is the only explanation that makes sense.
Since it would not be very good PR for Snapchat to admit that they are monitoring all messages, the authorities must have invented that airport wifi monitoring story. Who even use an airport wifi in their home country anyway... Pretty sure he had 4G and no need to use the crappy airport wifi.
Anyway, that's the only way I can make sense of that story.