back to article Five Eyes nations plus Japan, India call for Big Tech to bake backdoors into everything

The nations of the Five Eyes security alliance – Australia, Canada, New Zealand, the USA and the UK – plus Japan and India, have called on technology companies to design their products so they offer access to encrypted messages and content. A joint “International Statement” issued on Sunday frames the issue as a matter of …

      1. Anonymous Coward
        Anonymous Coward

        Re: A thought

        So you don't like Kyle Rittenhouse ? Why, because he defended himself against at least 3 grown men who were also armed with items designed to hurt him or others? Go back and watch the video. Yes, he shouldn't have been there, but then again the police were there and NOT doing their job of stopping the rioters (and assaulters, etc.)

  1. amanfromMars 1 Silver badge

    All for one, one for all ....... if you have nothing to hide?

    Some opinions and calls for prosecution in some instances which are secured against wilful and wanton persecution and thought reasonably safe against crazy misinterpretation may be clearly demented, and the result of a debilitating neurological disease, rather than simply flirting around in the company of evil. To imagine there being no backdoor access to all encrypted systems, both elite and common, politically correct and incorrect, in favour of a remotely decided subjective limited access to a select few which are threatening just a relatively small number of status quo stabilities, is always going to struggle to be thought wise and perfectly acceptable rather than exposed as being liable and immediately an object subjected to rampant abuse and self-serving criminal and ethical misuse. ...... for such is the obscene nature of the beast concocting the scene.

    And such prosecutions and persecutions with demented solutions are not confined to encrypted services. Plain common free speech in the questions one asks, and in the answers in replies from others way beyond one's command and control, are also targets for pernicious attack in a mad manic and panic endemic world, and here be a current, present 0day sub-prime example of that particular abomination? ........ Lord Advocate Launches War on Twitter

    All your thoughts belong to us ‽ ...... In your wet dreams maybe, but in any real world situation, no way, Jose. Capiche, Kemo Sabe?

    1. IGotOut Silver badge

      Re: All for one, one for all ....... if you have nothing to hide?

      I need more drugs...or less...or I don't know..

      But a man from Mars post almost made sense.

      1. My-Handle Silver badge

        Re: All for one, one for all ....... if you have nothing to hide?

        The bot's been reading El Reg comments for training material, stands to reason it would make more sense over time.

        To us, at least.

    2. Maelstorm Bronze badge

      Re: All for one, one for all ....... if you have nothing to hide?

      So this is the infamous bot that everyone has been talking about. Not as funny as the one about Harry Potter and the portrait of what looks like a pile of ash.

  2. rjed

    To use raw power is to make yourself infinitely vulnerable to greater powers -Frank Herbert

    Government through legislation can at best mandate open social media platforms to share their private keys for all users.

    But terrorists do not hangout on WhatsApp, Facebook, WeChat to discuss their world domination plans. If they do, they have already proved their idiocy and they may not be as big a threat.

    An avg IT dev (myself) may take less than a week to write a private app which can ensure end to end encryption and this is what any terrorist (who has any wits) will do. Sure the keys have to be shared across the two ends but there are n number of ways to do that out of band (without necessarily using Internet).

    So the biggest purpose this legislation solves is to ensure that public dissent is caught early on. People make use of social media platform to connect to fellow citizens to whom they are not directly connected to voice opinions, raise dissents and governments will ensure that such dissent is caught early on and suppressed. Such legislation will become a tool for dictators.

    Such legislation will make evil-minds think more about having a cyber-security cell within their outfits. In short, <read the title>.

    1. amanfromMars 1 Silver badge

      Re: To use raw power is to make yourself infinitely vulnerable to greater powers -Frank Herbert

      Such legislation will make evil-minds think more about having a cyber-security cell within their outfits. In short, <read the title>. ..... rjed

      Quite so, rjed, have an upvote for that informative post ...... however, nevertheless, such legislation will make greater powered minds think about having evil cyber-security cells within their outfits. In order to both attract and short circuit such dodgy virtual operations. It is only natural and therefore fully to be expected and accepted.

      And the fact that so many may call such a situation, absolute nonsense, simply and clearly confirms the title premise and the notion that all are infinitely vulnerable to a greater power with greater powers ‽ .

      1. Lyndon Hills 1

        Re: To use raw power is to make yourself infinitely vulnerable to greater powers -Frank Herbert

        I've always assumed amanfromMars was a bot. It never ocurred to me that it might also up/down vote.

        1. DS999
          Trollface

          Re: To use raw power is to make yourself infinitely vulnerable to greater powers -Frank Herbert

          The amanfromMars AI is being improved, now it makes sense and hands out upvotes. A few years from now The Register's parent company will hire it to write articles and lay off their writers. Judging by the articles I see elsewhere, some other sites may have already done so!

          1. rnturn

            Re: some other sites may have already done so

            dice.com, for example.

    2. TimMaher Bronze badge
      Thumb Up

      Re: To use raw power is to make yourself infinitely vulnerable to greater powers -Frank Herbert

      Good comment @rjed and, it should be pointed out that in full E2E only the public keys get shared.

      If you wanted to make it really secure you would password or PIN protect the app in such a way that credential failure would wipe the message store and alert the rest of the crew that you have been compromised.

      Just sayin, theoretically.

      1. Anonymous Coward
        Anonymous Coward

        Re: To use raw power is to make yourself infinitely vulnerable to greater powers -Frank Herbert

        """If you wanted to make it really secure you would password or PIN protect the app in such a way that credential failure would wipe the message store and alert the rest of the crew that you have been compromised."""

        Thats another great idea - much like SSL cert revocation - before SSL was compromised.

    3. Anonymous Coward
      Anonymous Coward

      Re: To use raw power is to make yourself infinitely vulnerable to greater powers -Frank Herbert

      @rjed

      Quote: "....terrorists do not hangout on WhatsApp, Facebook...."

      *

      But even if they do, they can still use private ciphers. Even if they use the comments area in El Reg to pass messages, the spooks have the same problem. Namely, anyone using a private cipher BEFORE the message enters the channel gets real-time messaging. The spooks on the other hand may have to wait a while, maybe a long while, maybe never to find out what is being said. (See Beale Papers for an example of two message secure for over a century.)

      *

      So here's the procedure:

      A) Encrypt message with private cipher

      B) Avoid locations using CCTV

      C) If using a burner phone, make sure that your "honest citizen" phone is switched off or located far away

      D) Send the message using a hijacked WiFi access point (or an internet cafe, or a VPN, or a burner phone, or El Reg)

      *

      Result: Spooks using the legally mandated backdoor in an end-to-end encrypted public service get:

      E) To examine the private cipher message.....

      F) ....which came from an IP address which has either no personal identity, or the identity of the wrong person or business

      *

      051k0UC319e4083J17r90Nhb0U$80WZ40pps0UTd

      1dsJ0ygw0zty0=T40PzU1VhF00$q0rEr0ALd0Ove

      0y7W1m6n19ny0IIS0PCp0DLz18ab1g5q0pRY1L$W

      0yo$0zsE08GH1cUw1Wvr11I50UIv1mfp0o0g0kho

      0bCa18aW0ChM1mjC01oi1cSo0c=80UGR1LR$1j3o

      0j=u1LBl1N7p1U5d1XUL16HF1Hrv0WwK0UgB0EYW

      0W0u1KnM1hTL0E6l0wIe0DYm0StQ1Uvv1l4e1SbG

      1WYO0$rb0Baw1mBH0inR0qIA0XS80Q1t1EL=005b

      1dqs09Qp04J70lqC1RYt0A7u0mmv1Uan0z3d1c9E

      0oG70TZH133g0L8l1kYt0kAz121305RG0oY015Om

      1L2l0P3E112d1W$30yOr1f8l0ZEU0jPt1HGg0naI

      0mWi0JN816X50kvp13lr1Kno11Uq0cKW031Z0nHQ

      11$D0J6e0SON0=Rj1kmJ05Qu1Y$70tW30dk90SN6

      1EoC1KNJ1PPH1ARc02gL

      *

      P.S. Like the Beale Papers example, this is a book cipher example. I know, I know....book ciphers are crap. But they might just be good enough to get the job done!

      1. Anonymous Coward
        Anonymous Coward

        Re: To use raw power is to make yourself infinitely vulnerable to greater powers -Frank Herbert

        Principles like these are already appearing in some products I thought ?

      2. roytrubshaw
        Headmaster

        Re: To use raw power is to make yourself infinitely vulnerable to greater powers -Frank Herbert

        I know this is old hat but you don't really need to share a key, private or otherwise:

        1) Alice encrypts her message and sends it to Bob.

        2) Bob encrypts Alices's encrypted message and sends it back to Alice.

        3) Alice decrypts the doubly-encrypted message and sends it back to Bob.

        4) Bob decrypts the message to retrieve the plaintext.

        Obviously you would need to involve Charlie and Diane (and possibly Edward and Felicity) to avoid the to obvious back-and-forth between Alice and Bob, but no keys have been exchanged.

        Just sayin'

  3. Anonymous Coward
    Anonymous Coward

    Committee of Public Safety

    And who shall play the role of Madame Defarge, Tricoteuse extraordinaire?

    1. amanfromMars 1 Silver badge

      Re: Committee of Public Safety

      And who shall play the role of Madame Defarge, Tricoteuse extraordinaire? .... Anonymous Coward

      Are DC [Washington and No 10 Chief Advisor Wizard] in the frame and in the running for that dubious honour, AC? :-) Who else do you think would contemplate and deserve such a booby prize and do it justice?

  4. redpawn Silver badge

    Why Stop at a Back Door?

    How about porch lights to aid the dark web and a welcome mat for friends such as your local retailers?

  5. Anonymous Coward
    Anonymous Coward

    DOJ = Bill Barr

    That's from US DOJ, aka Bill Barr's office. He's compromised already. It's no real surprise he's pushing to compromise allied security too. I assume you're smart enough not to do something so fucking stupid as to backdoor all your tech! Even if you have to sign on to that stupidity publicly?

    I see Trump is withdrawing troops from Afghanistan, as predicted. Putin gets control of the TAPI pipeline. You'll see Trump drop US sanction against Russia soon too. Regardless of laws, both he and them will act as if the sanctions don't exist and Barr will stop enforcing them as if an executive order is law, same as they did with the Russian nuke treaty.

    Look over at Africa's oil reserves, those will be the next targets. "Petro-Ruble" is the obvious end game here. Control enough of the worlds oil reserves that prices can be negotiated in Rubles rather than dollars. Putin's already got an army in Libya while you were distracted by his Orange puppet, and I expect if Trump wins, he'll withdraw US troops from African bases as Putin allies are ready to take over each base. Starting with Libya.

    https://edition.cnn.com/2020/06/09/world/russia-libya-military-intervention-intl/index.html

    Watch for early "Libya" mentions in Trump's rhetoric, signalling the game.

    1. Anonymous Coward
      Anonymous Coward

      Re: DOJ = Bill Barr

      Yep, July 6th, I correct called that Trump would pull the troops from Afghanistan. It was the backdoors in the EARN Act that Barr and McConnell were pushing, I pointed out the obvious pattern they were following was the same one they (Putin and Trump) tried to run in Syria, but the attack on the US base failed.

      Trump has just said he will withdraw all US troops from Afghanistan before December, taking the Pentagon by surprise. Yet it did not surprise me, because its so obvious what the pair of them are up to. Why do you think he suddenly needs to withdraw troops before December! Because he fears he might lose.

      If you backdoor tech, then Trump will sell your backdoors to his Russian backers and Bill Barr here will help. Even if Trump loses, there will always be a next time, another Trump, another quid-pro-quo.

      My comment from this article 3 months ago:

      https://www.theregister.com/2020/07/06/revised_earn_it_act/

      My comment:

      "Leaked to the bad guys?

      "They ARE the bad guys.

      "This is a Republican thing, like the "Barr can snoop on any Americans internet without a warrant amendment", its pushed in the Senate by Mitch McConnell. These backdoors won't be leaked to the bad guys, THEY are the bad guys!

      "They're the ones committing the big crimes. Example: look at Putin's bounty on US troops, It's the same thing as Syria, send US troops back in body bags, Trump does a photo op with the body bags, pretends to have empathy, withdraws the troops from Afghanistan, and Putin takes over those bases. The body bags are supposed to be Trump's excuse. *Big* crimes.

      https://www.independent.co.uk/news/world/battle-syria-us-russian-mercenaries-commandos-islamic-state-a8370781.html

      "Do you think they would do that if there was any chance they would be out of power next year? Do you think they'd tolerate all these back doors and US surveillance laws wielded by a Democrat? Obviously no!"

      1. stiine Silver badge

        Re: DOJ = Bill Barr

        The U.S. should never have put troops into Afganistan (and most other places) in the first place.

    2. DS999

      Re: DOJ = Bill Barr

      Trump can't drop sanctions against Russia - congress passed a law preventing him from doing so early in his term. If it wasn't for that he would have done so years ago.

  6. T. F. M. Reader

    The real goal (hint: not terrorists or child molesters)

    Warrants to obtain details of everyone who uses particular Google search terms already exist in the wild. From here it does not take a huge quantum leap in legal thinking to include WhatsApp and such in this tender embrace, extend applicability to "issues of public safety" such as, say, conspiracy to co-ordinate an anti-lockdown protest or to spend a night together with a member of a different household (coming up with other illustrative examples is left as an exercise to the reader), and thus extinguish free and unfettered exchange of thoughts and ideas and information and feelings by ordinary people who won't rely on "end-to-end encryption" (that will still be marketed, no doubt, the details buried on page 3672 of T&C) anymore. Before long, any meaningful communication will be limited to parties trusted not to share it with others, while huddled together in a kitchen with running water, not unlike the USSR/GDR/DPRK/PRC/Other...

    A giant leap for mankind towards a much more governable population...

    1. BebopWeBop Silver badge
      Big Brother

      Re: The real goal (hint: not terrorists or child molesters)

      A very particular form of 'governance'

    2. bombastic bob Silver badge
      Pirate

      Re: The real goal (hint: not terrorists or child molesters)

      Warrants to obtain details of everyone who uses particular Google search terms already exist in the wild

      Ok, what are those terms, and just how hard would it be to publish that list so that nobody uses them, except for people (possibly like me) who do it in a bash script in the backgtround to make those requests several hundred times per day, in protest, via the Tor network... thus filling their database with SO much crap it becomes WORTHLESS.

      It's a fair bet that for an individual, the amount of bandwidth this would generate would be small. If a few THOUSAND people do this, it might become large enough to make such "search term" investigations IMPOSSIBLE. It really would not take very much to frustrate them into silence.

      It also makes you wonder how the specific search terms were figured out... any MASS SURVEYLANCE involved in that process?

      1. T. F. M. Reader

        Re: The real goal (hint: not terrorists or child molesters)

        @bob: what are those terms

        Here is a recent example: https://www.cnet.com/news/google-is-giving-data-to-police-based-on-search-keywords-court-docs-show/. Never mind that this particular case was related to a specific investigation - the point is that warrants on search terms are perfectly fine now.

        Note that the warrant itself is still sealed. So, good luck with figuring out what keywords may be targeted in my (hopefully still hypothetical) scenario. And suppose you have figured the keywords out, so that

        nobody uses them, except for people (possibly like me) who do it in a bash script in the backgtround

        Mission accomplished then, eh?

  7. Anonymous Coward
    Anonymous Coward

    Encryption is an existential anchor of trust in the digital world

    Problem is that trust is gone, and not only in digital world, but everywhere. Sadly, I no longer trust any public institutions or businesses that they act in MY best interest. I absolutely trust they act in THEIR best interest, and if something goes wrong, it's ME who's the casualty / collateral damage. The only thing that keeps me in the "system" is that I have no choice (other than going off grid or ending my life).

    So, do I trust the businesses that their encryption is designed so that it really protects me from 3rd parties' access, and they don't abuse their power to gain access themselves, or sell it to someone, or screw is so that someone gains this access? Or do I trust "trusted 3rd parties", which is, basically, government agencies that they really use their "privileged" access only for legal and genuine purposes, when those very agencies define and shift those legal and genuine purposes - as fits their current goals?

    1. Duncan Macdonald Silver badge
      Mushroom

      Re: Encryption is an existential anchor of trust in the digital world

      Not even THEIR best interest - just what they conceive as being most convenient at that moment. History is full of "powers that be" ignoring warnings because acting on them would require thinking (Space Shuttle booster rings being sensitive to cold being a prime example).

      As for trusting governments - well if you do then I have a nice bridge to sell you - it is called Brooklyn !!!

      Icon for what should happen to the promoters of these anti-encryption ideas. ======>

  8. C-L
    FAIL

    Who decides who is trustworthy?

    Think of the slimes such as US AttyGen Barr, or WH Operatives such as Steve Miller, and in the past Bannon, and of course the stable genius Orange Monkey currently known as "US President"... Would you trust them or their delegates and appointees? I'd rather perform a self-root-canal...

    This is an idea that deserves to be ground to dust, then sent on a rocket to a sun in another galaxy. Yikes!

    1. Eclectic Man Bronze badge

      Re: Who decides who is trustworthy?

      "Think of the slimes such as ... Steve Miller"

      But I liked his band, although he was a bit of a Joker, and a Space Cowboy.

      <Sorry, couldn't resist, this is a serious topic, I know.>

    2. Claptrap314 Silver badge

      Re: Who decides who is trustworthy?

      And you think that Eric Holder & Janet Reno were any better?

      The US DOJ has been pushing this garbage in every administration since the original Clipper initiative under Clinton.

      Make this a partisan issue, and you are guaranteed to lose at some point. Security is way too big of an issue for that.

      1. quxinot Silver badge

        Re: Who decides who is trustworthy?

        I just was thinking, if we want to stop the criminals and terrorists, we don't need to break encryption.

        We just need to stop electing them.

  9. RobLang

    They don't explain how, they never do

    Do they know something about prime number mathematics that the rest of the world doesn't?

    1. CAPS LOCK Silver badge

      "Do they know something about prime number mathematics that the rest of the world doesn't?"

      Quite possibly. The NSA is the largest employer of Maths Ph. D.'s in the world. Clifford Cocks created a form of public key encryption years before R, S and A. I wouldn't rule it out...

    2. Someone Else Silver badge

      Re: They don't explain how, they never do

      Do they know something about prime number mathematics that the rest of the world doesn't?

      Depends on whom you ask. If you as the Stable Orange'utan, I'm sure he will tell you he does.

      But then, everything he says is a lie, so bring a salt shaker to the conversation.

      1. John Robson Silver badge

        Re: They don't explain how, they never do

        "But then, everything he says is a lie, so bring a salt shaker to the conversation."

        That's not fair, he slips up sometimes.

  10. cantankerous swineherd Silver badge

    politicians should realise this means we would be able to get at their WhatsApp messages.

    1. idiottaxpayerhere previously ishtiaq/theghostdeejay

      @cantankerous swineherd

      Most Mps have switched to Signal.I can't find the article, but it was published on the Beeb website.

      As have Euro Mps. I did find this article.

      https://www.politico.eu/article/eu-commission-to-staff-switch-to-signal-messaging-app/

      When I switched to Signal, the hardest part of doing so was getting all my friends to do the same. I had to resort to telling them I had deleted Whatsapp. Somewhat surprisingly, it mostly worked

      Cheers… Ishy

    2. Ken Hagan Gold badge

      And their bank accounts.

  11. Ordinary Donkey

    Three weeks to the election and impossible demands are being made again.

  12. Potemkine! Silver badge
    Childcatcher

    What a bunch of hypocrites.

  13. iron Silver badge

    "access to content in a readable and usable format... subject to strong safeguards and oversight"

    Which it won't be. Every Tom, Dick and Sally at your local council will be able to read all your messages whenever they feel like it because they don't like your face. Like other similar UK gov legislation.

    1. Richard 12 Silver badge
      Holmes

      Doesn't matter. They will be stolen

      Any key that valuable will be stolen.

      Something that valuable means a miscreant will be willing to kidnap some official and torture them to death to get the key.

  14. Christoph

    "Embed the safety of the public in system designs, thereby enabling companies to act against illegal content and activity effectively with no reduction to safety, and facilitating the investigation and prosecution of offences and safeguarding the vulnerable;"

    Does this mean anything at all, other than "Wave a magic wand"?

    1. Dr AntiSol, astrophysicist

      yeah, it means "bullshit bullshit bullshit bullshit bullshit bullshit bullshit bullshit"

    2. ancilevien74

      Shut up, it's magic.

      The excuse of the worst GM.

  15. lxndr
    Meh

    It's not so easy...

    Like everything, this is prob not an easy discussion.

    Before internet, a large part of crime stopping was based on phone tapping, intercepting SMS messages, intercepting all kinds of communications before tech existed.

    So it is understandable law enforcement wants / needs 'a way in' to be (more) succesful in their job.

    Of those five+ nations the democratic elected governments already have the right to access homes, tap phones, etc for 50+ years.

    All telco providers by law are required to provide ability to tap phones when a legal warrant is presented.

    So I would say, the governments are prob fully in their legal rights to compel companies to provide access to comms of their users.

    Problem is of course that this is no longer a local telco providing access to its local government.

    The issue now is that any gov, whether you and I consider it good or evil, is making a claim to a company not under its laws to force it to do something that might result in something not legal where that company is based (e.g. arresting annoying journalist).

    Hence the Apples of this world are blocking US gov, because if they allow access to one, they have to allow access to all.

    1. Dr AntiSol, astrophysicist

      Re: It's not so easy...

      Before internet, a large part of crime stopping was based on phone tapping, intercepting SMS messages, intercepting all kinds of communications before tech existed.

      Yeah, and there were always ways around those measures.

      So it is understandable law enforcement wants / needs 'a way in' to be (more) succesful in their job.

      No, it's not. Law enforcement has had more effective ways of stopping bad guys for like a century now. Any bad guy who is an actual threat can just encrypt everything with an uncompromised cypher, making this idea entirely useless for its stated purpose.

      You're falling into their trap, where they make you think what they say they want is somehow reasonable, useful, or indeed possible. The truth is that it's all just bullshit. It's not about stopping crime or saving the children, that's just the lie you've swallowed. They want mass surveillance, and widespread encryption makes that hard.

      I could explain it to you in great detail, but I don't have the patience. Instead, you should do 5 minutes research on the topic.

    2. pmb00cs

      Re: It's not so easy...

      Except, the Governments haven't had the access they are asking for for that long. Phone Lines used to be analogue, to tap a line you needed to tap that line, and get someone to listen to the call in real time, or record it and play it back. Text was by post, and you needed to intercept the individual letters, and read them. The process of "intelligence" gathering was personnel intensive, and expensive. This led to it's use being targeted by necessity. As more and more communication became digital it became easier to gather vast amounts of communications data without really having to commit personnel to reviewing it. This made the "intelligence" gathering cheap and easy. The "intelligence" processing however was still expensive and personnel intensive, but as long as they have the "intelligence" they can do that processing at their leisure. This has only really been the case with the internet, and only then with the increase in the popularity and utility of the internet. It is a myth that these agencies are only asking to maintain capabilities that they have always had, they haven't. It is also a myth that they would only use these capabilities in responsible ways, unfortunately for them that myth was blown wide open by Snowden, and other whistle blowers. These agencies are adicted to gathering ALL the information they can, but are unable to point to any substantive reasons why them having voyeuristic access to the entire world's communications is of any value to them. Let them do the hard work of actually doing targeted intelligence gathering again. That actually works.

    3. amanfromMars 1 Silver badge

      Re: It's easy...You pays your money, you takes your choice @lxndr

      Governments don't have a right to what you have shared, lxndr, however they may very well have a fervent all-consuming desire. The one is completely different from the other.

      It is no more complicated than that, no matter how much is said and spun to try and deny it is so. And such is invariably self-serving and primarily designed to try and hide from general view and common knowledge, unsavoury government tolerated or sanctioned shenanigans which they would persecute and prosecute as being abhorrent and criminal whenever copied and performed by others no matter where.

      The knowledge of the veracity of those simple facts is the deadly phantom enemy that they do vain battle against, jousting as they continually do against the windmills in their mind and the honest soul who would ask them about the validity of such facts as they would desire to be a fantastic fiction they could easily deny and disprove ....... without drawing any further inquisitive attention to any of their attempts at covering up their discovered actions and guilty proactivity.

      However, once the horse is bolted, locking the stable door is no answer. One just needs to accept and prepare for the loss and take the hit and stop digging down deeper into one's own burial pit. Hopefully it leaves one wiser but ..... as Einstein is reputed to have said ....... “Two things are infinite: the universe and human stupidity; and I'm not sure about the universe.” ...... and he knew quite a lot about some really weird things, didn't he, and is even to this very day universally feted for them, by all accounts.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020