Tuesday, March 28, 2017

Get set for @WhatsApp vs. @AmberRudd_MP

So let's catch up. First, we'll note that WhatsApp touts its security:

WhatsApp's end-to-end encryption is available when you and the people you message use the latest versions of our app. Many messaging apps only encrypt messages between you and them, but WhatsApp's end-to-end encryption ensures only you and the person you're communicating with can read what is sent, and nobody in between, not even WhatsApp. This is because your messages are secured with a lock, and only the recipient and you have the special key needed to unlock and read them. For added protection, every message you send has its own unique lock and key. All of this happens automatically: no need to turn on settings or set up special secret chats to secure your messages.

So you can imagine how WhatsApp felt in January when the Guardian said that WhatsApp WASN'T secure:

A security vulnerability that can be used to allow Facebook and others to intercept and read encrypted messages has been found within its WhatsApp messaging service.

Facebook claims that no one can intercept WhatsApp messages, not even the company and its staff, ensuring privacy for its billion-plus users. But new research shows that the company could in fact read some messages due to the way WhatsApp has implemented its end-to-end encryption protocol.

Privacy campaigners said the vulnerability is a “huge threat to freedom of speech” and warned it could be used by government agencies as a backdoor to snoop on users who believe their messages to be secure.

WhatsApp took the article seriously, and Brian Acton wrote a piece on Reddit that included the following:

The Guardian’s story on an alleged “backdoor” in WhatsApp is false.

WhatsApp does not give governments a “backdoor” into its systems.

WhatsApp would fight any government request to create a backdoor.

In passing, it should be noted that a number of security experts, including Bruce Schneier, agreed that that so-called backdoor wasn't a backdoor.

Now, after Khalid Masood used WhatsApp mere minutes before his deadly Westminster assault, British Home Secretary Amber Rudd is demanding that WhatsApp...give the British government a backdoor.

Ms Rudd also argued the use of encrypted messaging services by terrorists was "completely unacceptable".

She said: "I support end-to-end encryption; it has its role to play."

But she added: "We also need a system whereby when the police have an investigation, where the security services have put forward a warrant signed by the Home Secretary, we can get that information when a terrorist is involved.

"It is absurd to have a situation where terrorists are talking to each other on formal platform and it can't be accessed. I need to find a solution with [the social media companies] for that."

When Mashable contacted WhatsApp regarding Secretary Rudd's statements, and asked whether WhatsApp would build a British app to comply with Rudd's backdoor request, the WhatsApp spokesperson simply referred to the previous Reddit statement.

As far as I know, Rudd has not addressed how she would feel if the Chinese government demanded a backdoor to WhatsApp, and British "criminals" - such as people who like democracy and stuff like that - had their messages exposed by WhatsApp.

If this were the American West, it would be a showdown at the corral. But since this is in the United Kingdom, I guess it will be a disagreement over tea. (Despite what Matt Johnson said years ago.)
blog comments powered by Disqus