I love how
They seem to be trying to intimidate math.
The standoff between Brazil's legal system and Facebook's WhatsApp messaging platform continues, after a Rio de Janeiro judge ordered all carriers to block the app as of next Tuesday. WhatsApp claims 100 million users in the country. While judge Daniela Barbosa has declined to publish her reasons in full, she says the order …
If WhatsApp genuinely are not able to hand over messages (Either because they don't have them or can't decrypt them) then the government and courts are wasting their time. Unless, of course, the government & courts believe WhatsApp are lying....
(An alternative thought is that the government want WhatsApp to add back-doors to enable them to get at the clear-text messages)
The two options are:
1) The judge is a technical incompetent and unable to comprehend how properly implemented encryption works.
2) They are trying to bully WhatsApp in to creating a back-door but without going through the Brazilian parliament, etc, to do so in an open and properly debated manner (such as having a telecoms regulation that explicitly covers over-the-top providers like this).
The motive for (2) is probably not wanting to alienate the population or businesses that then see proper encryption as illegal and not something that protects you from the multitude of criminals (private or "state") who also want your information.
It's both, probably a little more 2) than 1). She's not particularly interested in how it works or why they can't give her the messages, she just wants them and she'll block WhatsApp till she gets them.
"This is what happens in several investigations. Operators comply. Google complies. Why can't WhatsApp comply? Brazilian criminals see a shield in WhatsApp, a safe haven to commit crimes and plans executions." link
So she'd like them to remove E2E encryption and store messages.
Nobody is trying to intimidate math.
The judge is indeed asking that messages (for the "criminals") be recorded before encryption and handed to authorities. Well, not asking... ordering.
As she sees it, whatsapp does indeed have the power to do that. It just doesn't want to.
And no, she is not trying to bypass parliament, as the law that allows her to demand such things already exists.
I'm not saying that they are right or wrong, but judges don't make laws... they enforce them.
Blame the politicians for taking away your freedom to talk privately among yourselves.
Then, blame yourselves for letting them do that in the first place.
The judge is indeed asking that messages (for the "criminals") be recorded before encryption and handed to authorities. Well, not asking... ordering.
Is this on-going (i.e. a request to change it) or for an case on trial where they want stuff that it is too late to change?
And no, she is not trying to bypass parliament, as the law that allows her to demand such things already exists.
I think the point is this does not already exist for WhatsApp, and the system was designed that way to avoid criminals, spooks and nosy ISPs from listening in. In effect she is demanding that a change is made to back-door the system for surveillance purposes. The question is whether or not there is an existing law that applies to over-the-top suppliers like WhatsApp that mandates such access. Do they clearly fall under telecoms regulation, for example, where this is often that case, or not?
If not she is trying to make properly functioning encryption in software illegal by the back door of punishing a supplier for not having the ability to sneak in to its customers data, and not by parliament making that an explicit aspect of law.
@Paul Crawford,
"over-the-top suppliers" is something americans invented to differentiate "real" ISPs from "virtual" ISPs.
To brasil's law there is no such distinction, and applies to any provider of a service over the internet, as you can read here: http://www.planalto.gov.br/CCIVIL_03/_Ato2011-2014/2014/Lei/L12965.htm
If whatsapp does not like the law in some country it has the option of not doing business there.
If they want to do business somewhere, they have to obey that place's laws.
Just like google has to censor itself in china, and hide results in america due to copyright laws.
Don't like the laws? --> Don't do business there.
What is needed are communication applications that don't need you to be an IT pro to use that allows a P2P E2E decentralised solution so no one supplier can be leveraged or legislated to impose back doors or weaken the encryption used.
the only way around E2E encryption should be compromising the physical endpoints not the application used.
"way around E2E encryption should be compromising the physical endpoints"
This is very likely to be possible with any phone, including those featuring in the current criminal cases, given how crappy the software is. But it much simpler and cheaper to shoot the messenger, isn’t it?
If it's THAT important then those that care enough will use solutions less likely to be cooperating with governments.
More likely they will have their own code above and beyond whatever encryption might be there to obfuscate further.
Me personally I am numb to all of this shit now. I used to get angry or frustrated back in the days when it was discovered ATT had secret mirroring of traffic to the feds. I don't care anymore though.
I wouldn't trust that whatsapp truly cannot produce the messages if I was doing shady stuff.
(Same goes for any provider)
Over the top services does not prevent criminals implementing their own proprietary E2E systems offshore.
Id imagine the kingpins at the top already do this and only the street level crims use public services. In which case its not worth busting them. For each one you put inside theres likely dozens waiting to take their place. Its Brazil...people are struggling hard out there.
It also does not prevent falling back on low tech late night car park meetings, open fields in the middle of nowhere etc.
You cant eavesdrop on those methods easily either.
I dont see an order for farmers to mic up their swathes of land.
Lastly messages suggesting a crime may take place / has taken place is not evidence of involvement.
Saying you're going to do something and actually doing something are two entirely different things.
Hence why I'm always late for stuff and occasionally I forget to pick up milk on the way home.
Being at the scene of a crime (proven with DNA etc), having a clear motive and then and only having tenously linked messages, metadata and comms logs makes a guilty party.
Hanging an entire case on WhatsApp messages is as ludicrous as it sounds.
As for WhatsApp being able to deliver...check your WhatsApp folder on your phone. Quite a lot is stored in unencrypted form. Those photos of your dick that you sent to Betty in accounts are all there. Even if you deleted them from your message stream. Same goes for that upskirt she sent you.