Hello all: I'm Joel Reardon, a professor at the University of Calgary, who researches privacy in the mobile space. Earlier this year, collaborators and I uncovered and disclosed a spyware SDK embedded in apps that were invasively tracking users [1]. The SDK was banned from the Play Store and apps that included this SDK were told to remove it or they would be removed from the Play Store. The SDK was from a Panamanian company [2] called Measurement Systems [3]. Their website's WHOIS information listed Vostrom Holdings [4] as their owner when I had started the investigation; it is now anonymized for privacy, but historical information is available [5]. Along with investigative journalists at the Wall Street Journal, we discovered that Vostrom Holdings is doing business as Packet Forensics [6], a company that sells lawful-intercept products [7]. The Measurement Systems company was also registered in Virginia [8] by "Raymond Alan Saulino", which was then made inactive when Google took action against the SDK [9]. "Raymond A Saulino" is also an officer for Packet Forensics International LLC [10], and despite the middle name not being an exact match, they both list the same residential address [11, 12]. So now let's get to why I'm talking about this here on this forum. After we found that the SDK domainss were registered by Vostrom, we looked to see what else was also registered [13]. One of the domains stood out: trustcor.co, which redirected at the time to the TrustCor CA's website. The NS records continue to point to nsX.msgsafe.io [14], the same as trustcor.com itself [15]. Msgsafe is a TrustCor encrypted email product [16]. Like Measurement Systems, Trustcor is also registered in Panama [17]. They were registered a month apart and they share an identical set of corporate officers (cf. [1]). It is my understanding that these officers only are involved in three companies, so it does not appear that they register, e.g., many companies in Panama. One of these officers is Frigate Bay Holding LLC [18]. Shortly after the WSJ article was printed, a "Raymond Saulino" filed paperwork for Frigate Bay Holdings LLC listed as its manager [19]. Raymond Saulino has also spoken to press publicly on behalf of Packet Forensics in the context of a Wired article about subverting SSL [20]. Trustcor also talks about their "geo-jurisdiction advantage" on an entire page [21] where they state that "TrustCor is a Panamanian registered company, with technical operations based in CuraƧao---one of the most secure, privacy oriented jurisdictions in the world." Despite that, they have job openings for PKI Engineer and Systems Engineering in Phoenix, AZ [22, 23], the latter stating that the applicant "MUST be located near the Phoenix, AZ area - job is remote with occasional trips to data center facilities". Their own audit reports state that they are Canadian, with their data centres in Phoenix, AZ [24]. I am not particularly troubled by where they have their technical operations, but I think that it is strange to omit that the data centres are in Arizona on the lengthy descriptions of the "geo-jurisdiction advantage". Certificate authorities are about trust. I have also tested the Msgsafe encrypted email product in the browser, while saving the resulting traffic using Firefox and Chrome's "save to HAR" file option. I am not convinced there is E2E encryption or that Msgsafe cannot read users' emails. I see that email contents and attachments are sent plaintext (over TLS) to api.msgsafe.io, even when sending to other Msgsafe users or when using PGP or SMIME to send to non-Msgsafe users. The SMIME cert is sent inbound from the server, and there is no outbound traffic that embodies the public key to be signed. The password is sent plaintext to the server (over TLS) and thus any key derived from that password would also be known by the server. Hanlon's razor tells me I should not attribute these errors to malice; it could just be a developmental failure [25]. Nevertheless, I think it is reasonable expectation that a root certificate authority can get the crypto right, and so I'm concern regardless of the reason why. Another strange thing is that whois information lists Wylie Swanson as the registrant for a number of domains that closely mimic other encrypted email products [26]. This includes hushemail.net, protonmails.com, and tutanoto.com, which shadow competing services, and which redirect users who visit them to msgsafe.io. Wylie Swanson is the co-founder of Trustcor [27]. In my opinion, it looks like typo squatting and I would not expect that a root certificate authority to be engaged in this kind of behaviour. To be clear, I have found no evidence of Trustcor issuing a bad certificate or otherwise abusing the authority they have in code signing, SMIME, and domain validation. I have only checked the public certificate transparency logs because I am unaware of comparable public auditing for code signing and SMIME. Perhaps Vostrom registered a similar-sounding domain for Trustcor and redirected it as an act of service. Perhaps the identical ownership of Trustcor and Measurement Systems is a coincidence. Perhaps the Raymond Saulino of Frigate Bay holdings is a different Raymond Saulino than the one representing Packet Forensics. I'm not familiar with the full policy side of how CA membership works, so I don't know if there is an expectation of candor regarding a CA's foreign ownership or connection to lawful intercept companies. Perhaps what I'm reporting is already known and not a concern, or perhaps there is a totally reasonable explanation for all these coincidences. Nevertheless, I feel I should disclose my findings just in case it ends up being useful, because I think that it is reasonable for a root certificate authority to assuage my concerns. A final coincidence: one of Msgsafe's email domains is decoymail.com, which Msgsafe users can request and which redirects to msgsafe.io [28]. In 2014 it was registered to VOSTROM Holdings, Inc., while in 2015 it was registered to TRUSTCOR SYSTEMS S. DE R.L. [29]. DecoyMail was a company created by Rodney Joffe [30], who is the person who also filed the original registration of Packet Forensics [31] and was still an authorized agent for Packet Forensics in a 2019 filing [32] and a Manager for Packet Forensics in a 2021 filing [33]. The email rjoffe@centergate.com is linked to the domains rodneyjoffe.com, packetforensics.com, and decoymail.net [34]. Decoymail.net currently redirects to msgsafe.io. Just to restate: I have no evidence that Trustcor has done anything wrong, and I have no evidence that Trustcor has been anything other than a diligent competent certificate authority. Were Trustcor simply an email service that misrepresented their claims of E2E encryption and had some connections to lawful intercept defense contractors, I would not raise a concern in this venue. But because it is a root certificate authority on billions of devices---including mine---I feel it is reasonable to have an explanation. [1] https://archive.ph/AuNOy (archive of WSJ article) [2] https://opencorporates.com/companies/pa/2337L [3] https://measurementsys.com/ [4] https://vostrom.com/about.opp [5] https://www.whoxy.com/measurementsys.com [6] https://cis.scc.virginia.gov/CommonHelper/DocumentStorageLocalFileget?DocumentId=1542553&sourceType=1 [7] https://www.packetforensics.com/products.safe [8] https://cis.scc.virginia.gov/CommonHelper/DocumentStorageLocalFileget?DocumentId=3476851&sourceType=1 [9] https://cis.scc.virginia.gov/CommonHelper/DocumentStorageLocalFileget?DocumentId=12188858&sourceType=1 [10] https://opencorporates.com/companies/us_nv/E0518742015-4 [11] https://opencorporates.com/officers/429641126 [12] https://opencorporates.com/officers/168691865 [13] https://www.whoxy.com/company/20189182 [14] https://www.whoxy.com/trustcor.co [15] https://www.whoxy.com/trustcor.com [16] https://trustcor.com/news/12012016.php [17] https://opencorporates.com/companies/pa/2326L [18] https://opencorporates.com/companies/us_wy/2020-000946985 [19] https://wyobiz.wyo.gov/Business/FilingDetails.aspx?eFNum=230084239221021253238165142128171020141144245186 (click on history, then address update pdf) [20] https://www.wired.com/2010/03/packet-forensics/ [21] https://trustcor.com/curacao [22] https://careers.jobscore.com/careers/trustcor/jobs/pki-security-engineer-cGlJUDydTp67nWF6LOxNC0?ref=rss&sid=68 [23] https://careers.jobscore.com/careers/trustcor/jobs/systems-engineer-aNkuyi0pKr6R6NaKlhlxBf?ref=rss&sid=68 [24] https://www.cpacanada.ca/generichandlers/CPACHandler.ashx?attachmentid=c4f0e7c6-b310-4f5c-9907-8ecfad68366e [25] https://en.wikipedia.org/wiki/Hanlon%27s_razor [26] https://www.whoxy.com/email/28298508 [27] https://trustcor.com/leadership [28] https://decoymail.com [29] https://securitytrails.com/domain/decoymail.com/history/a (need to create account) [30] https://ecorp.azcc.gov/CommonHelper/GetFilingDocuments?barcode=00396622 [31] https://ecorp.azcc.gov/CommonHelper/GetFilingDocuments?barcode=02780271 [32] https://ecorp.azcc.gov/CommonHelper/GetFilingDocuments?barcode=19121111449561 [33] https://bizfileonline.sos.ca.gov/api/report/GetImageByNum/190229140180179177132144027172122051178173016008 [34] https://www.whoxy.com/email/23160817