Law enforcement agencies in Taiwan are investigating a cyberattack on over 100 local political figures and dignitaries who used the messaging app LINE. A statement issued Wednesday by LINE confirmed the attack and stated the company took measures to protect its users and reported the incident to relevant law enforcement …

    Get that encryption outta here!

    Firstly, "outta" in a headline not otherwise impersonating colloquial speech? Whatcha playin at Reg?

    Secondly, the real security vulnerability is being able to turn off encryption in the first place. Why would such an option exist?

      You're outta line ;-)

      Seems like a good idea that government officials should have their encryption turned off.

      Publish their expenses while your at it.

      The real vulnerability is using a "secure" messaging platform that wasn't developed by security experts or cryptographers. LINE's code is "not consistent with well-known cryptography engineering best practices".

      There's been a proliferation of OTT messaging platforms that make all sorts of security claims. As we saw with the Zoom "end-to-end" scandal and other cases, those claims are often rubbish, and even when they're accurate in themselves, they paper over a wealth of other vulnerabilities which make them largely irrelevant.

    The commercial chat stuff is not encrypted.

    That'll be a few politicians who can see the consequences of unencrypted communications. Will they see the solution as one that should apply only to themselves?

