Governments can't seem to stop asking for secret backdoors With Apple pulling the plug on at-rest end-to-end encryption (E2EE) for UK users, and Signal threatening to pull out of Sweden if that government demands E2EE backdoors, it's looking bleak. There's no answer to the objection that you can't protect deliberate flaws in encryption from themselves being abused. The strength of …
Yes, this can clearly be seen with other legislation over the years. Tony Blair's government was a very good case in point since Blair and his acolytes seemed all to share the delusion that once you legislated against a thing then that problem was instantly completely solved and didn't need revisiting.
Way back in the 1950s tuberculosis was endemic in UK cattle. A simple immunological test sorted that one out: if a cow was shown to have been exposed to TB it got culled. TB spreads only quite slowly in cattle; culling quickly cleared the cow-to-cow spread. Yet in the south-west of the country, herds stubbornly refused to go clear of TB; there was a wildlife reservoir somewhere. That was identified as badgers; liberal use of cyanide gas sorted that problem.
Fast forward to Blair's time and there's this persistent problem with badger baiting. This is an insanely brutal bloodsport and obsession of a very tiny minority of people; the laws since Victorian times have forbidden it and no new law was really required, only a slight emphasis that the police needed to get onto the problem a bit more effectively. Blair on the other hand thought legislation to be the be-all and end-all of problem solving, and legislated incredible legal protection for badgers.
The few individuals still engaged in badger baiting simply carried on; it was illegal before and it was simply a bit more illegal. They didn't much care and carried on, with the same trickle of prosecutions as before. However with massive protection badger populations expanded and expanded until they were at the land carrying capacity and as a TB reservoir host as well, TB in badgers expanded hugely until the present time when huge number of cattle are culled to contain the cow disease, and similar numbers of badgers are shot by night to do the same thing.
All of this is hugely expensive, entirely self-inflicted and the legislation didn't even solve the initial problem.
The UK government has a problem with repeatedly doing this sort of thing and it really does need sorting out.
Many argue the huge number of cattle movements (& other factors) mean farmers far more to blame than badgers
e.g. https://www.theguardian.com/uk-news/2018/nov/13/farming-industry-to-blame-for-tb-crisis-not-just-badgers-report#:~:text=The%20new%20report%20is%20highly,they%20are%20bought%20and%20sold.
Various wildlife trusts have tried badger vaccination programs*, govt not keen to aid them & still encourages culling in vaccination areas
* You are not allowed to vaccinate cattle against TB. If badger population was effectively vaccinated it would be a game changer as farmers & govt would no longer be able to blame badgers & would have to address farming behaviour properly**
** Some farmers behave sensibly, I live in an area with lots of badgers & also several farms with pedigree cattle herds that have had no TB issues (notably the cattle are free to graze all year, not intensively reared which is often implicated in TB spread & with them being pedigree herds only occasionally are new cattle added (& then from farmers that also operate good welfare & biosecurity standards) )
Culling badgers encourages new badgers from outside to move in to the newly free burrows. This spreads TB nicely; it's counterproductive unless you're going to wipe out all the badgers in a large enough area that they won't move back in any time soon. Which is something that can't be done on the down-low. This has been known for many years, but isn't accepted by those committed to culling for whatever reason.
Many argue that cow-to-cow transmission is the main vector of transmission; they are basically wrong.
TB comes in many minor forms called spoligotypes; think of them as colours if you will. Spoligotypes mutate only very, very slowly generating new ones over hundreds of years; at a day to day level the spoligotype identifies where that cow caught TB.
Forty years ago the different spoligotypes in different geographical areas of the country were mapped; over time if cow to cow transmission predominated you'd expect this geographical distribution to change radically and for some spoligotypes to go extinct altogether; we are after all actively trying to find and cull infected cows.
What you actually see is the geographical spoligotype map has stayed static for the last forty years or so. This ties in nicely with what we know of the disease in cows and humans; both species have co-evolved with TB for a very long time and both are highly adept at fighting it. Actually finding TB bacteria in an infected cow is very difficult, and even heavily infected cows are poor TB transmitters.
Badgers, on the other hand, have a stonking great deletion in the genomic region that deals with immune system responses to TB bacteria, and are pretty crap at resisting the disease. They're tough animals and survive with the disease for quite long periods, but they are the primary reservoir and vector of TB.
With quite a few "problems" cyanide usually does I suspect.
But I was tickled by the idea that the UK Liberal party was resorting HCN gas sort out their problems not that there any evidence they were and going by the Thorpe trial they would have been in more danger of exterminating themselves.
I guess in the case of TB it will have to affect the human population before some sanity in approach and legislation is restored.
I know first hand how unpleasant and drawn out the antibiotic treatment for non-TB mycobacterial (MAC) lung infections are and wouldn't wish TB on anyone especially with it's greater likelihood of antibiotic resistance.
Well they all do that because it's an easy solution when the press print the "something must be done" headlines. What could be more important for a legislative body than writing more legislation? If the press aren't satisfied then they lose their righteous rhetoric weapon that the use daily to fight lawmakers over the things that they want relaxed (like making their owners pay tax for example).
A coincidence that his wife is a lawyer? All politicians are one step away from lawyers and lawyers are going to lawyer, regardless of the contents of the quagmire they wade in for a living.
Indeed, the job of a legislature is to write laws. It's all they can do. So if someone says "something must be done!" then all they can do is write a law.
The Government could have opted to address it in a different way, via budgeting more for police or the courts or the prison system etc, however they chose not to in most cases because there's no money in the system to do that, and the public can be bought off with a nice debate in parliament and a shiny new law for the media to talk about.
Recent evidence has it that the badgers aren't to blame, and improved hygiene on the farms makes an enormous difference. Whodathukit?
It's because it appeases the small yet extremely vocal placard wavers and makes it look like work has been done. When in actual fact, as you say, nothing changes.
End to End Encryption is no different. Even if they outlaw it, there is nothing stopping you self hosting it on an overseas VPS that you connect to with a VPN. Nothing. All banning it serves to do is weaken the mass population of the UK that won't be able to access it anymore and put us in a weaker security stance as a country.
"Blair and his acolytes seemed all to share the delusion that once you legislated against a thing then that problem was instantly completely solved "
Not just Blair. All governments seem to think that every problem can be addressed by legislation, and they fail to look at the underlying sources of the problem. In practice, what they largely do is to0 create new crimes and new criminals - or a workaround that evades the intent, but not the letter of the law. The use of encryption on one's own machine is an example of such evasion..
A classic example was that supermarkets used to change the price labels on their goods. After a campaign in the press this was outlawed. Shops responded by not putting prices on the goods, only on the shelf, and these could be and are changed regularly. The legislation merely hastened the adoption of barcode readers.
I had a chat with my mum abot this a few years ago when a politician brought up E2EE and the “dangers” of it. She’d just started using online banking despite her advancing years and found it very useful. I said to her without E2EE her new found way of banking wouldn’t be possible. A slightly dumbed down explanation followed where she then understood a lot of things rely on E2EE. I said the second you put in a back door then you cn assume multiple criminals will be looking for this easy way in. Imagine shopping online and paying only to have your purchase redirected or your card details stolen and used elsewhere. She said why don’t politicians understand this? I said she’d answered her own question there, they’re politicians and whilst not all of them are clueless idiots, there are more than a few around who were.
> She said why don’t politicians understand this?
If I was feeling cynical, I'd suggest that they do. But:
1) It's something that makes for good headlines (E.g. "Won't someone think of the children?")
2) It's something that's effectively zero-cost to the government; once the laws are changed, it's the private sector which has to cover the cost of implementation
3) There'll no doubt be a special exemption for politicians
Someone online posted (can’t find it now) about the Apple encryption that the UK government objected to. According to them the US intelligence agencies were not ignorant of the then upcoming request. Rather they would like to have access too and another member of the five eyes member can request it. Then they at some later point one of the US three letter agencies requests the same access to an encrypted app/program/messaging system not based in the USA that the five eyes would like into.
Don’t know if that’s true but it sounds convincing.
Lots of countries have laws that prevent spying on their own citizens without certain levels of oversight. But theirs no laws to prevent spying on other countries citizens, and what if your were in a group of nations who share intelligence, like say five countries? You can generally spy by proxy and get the important stuff sent to you filtered from the chaff that you are prevented from doing yourself.
It's the same as attaching FBI agents to CIA operations so they can operate within the US borders, there's always a way to get around those pesky laws if you try hard enough.
Banking and commerce sites are not E2EE, they use encryption between the user and the server, and the server has access to the decrypted data. E2EE is encryption either encrypted direct user to user communication, or if it does go from user to user via a server, the server cannot access the encrypted data, as only the user have the key.
"Why the British government don't understand that this makes everyone less safe I will never understand."
They do understand it. They're not stupid. They know the moment they ask for that they won't get it, but at the same time they could make it difficult for the company to provide such a level of security.
So what happened here wasn't the UK.Gov being stupid asking for the moon on a stick. It was UK.Gov forcing a company to remove that level of security for everyone. This way the company blames the government for asking for something impossible, instead of the Government going to the country "you aren't allowed to go past a certain level of privacy". That was mooted before and it did not go well for them.
It's easier for them to bring everyone down by making it impossible for a company to do business in the UK, rather than suffer the bullshido of forcing companies in to a public tit for tat about what is required and what is possible.
They don't "get it" because we haven't made a habit of beheading the ignoranuses who make such proposals after explaining for the umpteenth time that it is mathematically and socially impossible to have a "secure" back door.
If we were to do so, it would warn the remaining population of ignoranuses in the world, and after a mere dozen beheadings I'm sure they'd finally shut up.
They do
They just don't care and think that Britannia still rules the waves (or at least large sections of the old boys and girls network in the senior echelons of the civil service do, judging by how hot n bothered they got at the idea of 'empire 2.0' post Brexit when they were CONVINCED that the 'colonies' would ALL come sprinting back to Britannia's embrace and then shocked when they all went 'nah but could you have a word with the EU' )
The TSA keys were compromised from the very beginning as they were just a sampling of keys already in use for very low security applications. I think that Deviant Ollam covered this or maybe the Lock Picking lawyer.
The TSA would just cut the "TSA" locks off of my luggage and toss them in my bags with a notice telling me how much safer I was for their mangling of my stuff.
Same with firefighter's lift keys or building skeleton keys. Deviant Ollam talking about how easy it is to break into a building is quite a fun lecture, and so is this one on physical pentesting
"Same with firefighter's lift keys or building skeleton keys. "
Yes, the "Knox Box" key safes that cities require retail shops to install so the fire brigade can get the keys to open a shop if it isn't burned through already. I have the key for my city. I know what they are and what they look like so when I came across one, I kept it. Deviant's lectures are awesome. I have a set of keys that can open so many things now and it comes in handy from time to time as I work in real estate as one of my jobs. It's often that when somebody moves, they leave side gates, sheds and alarm boxes locked up and the agent needs to have locks they can open. It's worth a few bucks to them for me to remove the old locks or leave open an annoying alarm control box so it can be bypassed until reprogrammed for a new owner.
All of this is likely why some locales want to ban anybody from learning about locks unless they are licensed and have every wrinkle on their body rolled in ink and applied to a card. It's something of a disservice as too many people buy crap locks not knowing how easy they are to bypass. The criminal know. Learning some basic locksmithing taught me how to not have the easiest to bypass locks on my stuff. I've also learned that it can be taken too far since if somebody really wants into my house and can't bump the lock on the front door, they can go through a window or even cut a hole in the wall since doors and windows are often alarmed.
These arguments always begin "Assume a perfect criminal..." and normally continue "...with technological know-how as good as the best of us here and ample time to do things perfectly..." (Pay attention to the ransomware that has been cracked because the authors made a mistake. And they are scummy "pros" making money from crypto.)
But I have no doubt there are a bunch of clueless criminals who will keep on using Apple - seduced by Apple's promises; I imagine few read El Reg. And I have no doubt this will impose a cost on criminals who aren't quite so clueless. After all, we could protect ourselves as described and we're complaining about the cost!
The question is whether the cost to the rest of us exceeds the benefit to society by making some criminals easier to catch.
"The question is whether the cost to the rest of us exceeds the benefit to society by making some criminals easier to catch."
If that were the only cost to consider, it would be a no-brainer. Those of us that know what we're doing can always implement E2EE when communicating with somebody else who knows what they are doing. Losing the consumer-level services doesn't impact that comms channel at all, beyond a little mild swearing at having to set it up ourselves.
Except if "the cost to the rest of us" includes - as it does - the cost to everybody else, who have to rely on the consumer level services because they don't have the tech chops to set it up themselves, then that cost balloons massively as soon as one backdoor is compromised. It doesn't even require all the crims to be that tech-savvy either. The tech-savvy criminal will code up a one-click tool to open the compromised backdoor and then make their cash at once-removed by selling that tool to the folks that actually use it to extract private data for their schemes.
"If it can be compromised, sooner or later it will be" is a statement that is as fundamentally true as rule 34 of internet pr0n.
And so when we compare that risk to society at large vs the risk that "some criminals" will perhaps escape because they weren't made "easier to catch" it's pretty obvious which way the scales will tip.
Yes, I damn well do. The UK government is only a few decades away from demanding war heroes got chemically castrated for consensual sex. It's got a history of giving away secrets to the Americans and pretending to be surprised. It's got a history of leaking to other countries too- our last Postmaster General was passing secrets to the Soviets. They've engaged with the US on networks of black sites and illegal mass-surveillance. And when that fails- say, with the death of a Brazilian electrician instead of the intended target despite being under the watchful eyes of a team of police and a dense camera network- they just shrug it off.
Don't even get me started on the Met.
All that is to say, the people that this is intended to give greater access to have shown that they treat this power with no respect, and are willing to torture people they don't like. And when all this fails their solution is to raise taxes to fund more power.
And if you think they're not interested in you, what about next election? Or the one after that? These powers aren't just for the current crop but the ones afterwards.
This is a situation where we all have a lot to fear.
Exactly. Though what I might say/write/post now may be legal and innocuous, it may not always remain so. That's the risk; that's why the UK requirement to hand over passwords or face jail is an issue, and it's why making end-to-end encryption illegal is also an issue.
Allow me to add something to that list that has been there for about a decade now:
mcnx@rffi14 ~ % dig +short mx digital.hmrc.gov.uk
20 alt2.aspmx.l.google.com.
30 alt3.aspmx.l.google.com.
30 alt4.aspmx.l.google.com.
10 aspmx.l.google.com.
20 alt1.aspmx.l.google.com.
They've allegedly been "helping".. Themselves first, I suspect.
'dig' is a command line program you'll find available on any Unix and Unix-alike OS like MacOS that allows you to interrogate DNS records which contain all sorts of fun information for those who know what to do with it.
An MX record stands for Mail eXchange - it indicates where email should go for a particular domain (the bit after the @ sign in an email address).
What this command shows is dat there is a domain right inside HMRC where email (to (someone)@digital.hrms.gov.uk) is shipped straight to Google instead to some safe place not replete with US spying facilities and laws to compel access.
Statement is at the heart of a great deal of peoples faith:
"You can't hide a back door in open source because it would be immediately visible and removable"
But it isn't true. You also need control, and trust, the rest of the compile time and runtime environment.
Only a very naive infiltrator would put a piece of malicious code in plain sight.
Even all of that isn't enough. You can't trust anything you didn't build from scratch yourself. Starting with the sand needed for the silicon.
Read Ken Thomson's "Reflections on trusting trust": https://dl.acm.org/doi/pdf/10.1145/358198.358210
XKCD - Real Programmers - the alt-text being "Real programmers set the universal constants at the start such that the universe evolves to contain the disk with the data they want."
Thanks! I had forgotten where I first met the concept.
Hmm... I wonder how much silicon you'd have to add to _every_ 8-bit latch to allow it to recognise it was being built into a discrete computer, and automatically make it less discreet?
Arguably part of the runtime environment but yes, the logic that is used to process your code is itself a security concern. Ken Thomson's essay is a good start down the trapdoor of paranoia into the land of the queen of hearts.
I was just trying to point out that having visible source code isn't any real form of security guarantee and that saying so is at best disingenuous but most likely downright dangerous as people might actually believe that it is.
"You can't trust anything you didn't build from scratch yourself. "
That can often be the worst approach since it's only as good as you can create it with no outside review. It's far better to use something that's been exposed to the elements and stood up to many others trying to tear it down.
This is valid, the typical trusting trust problem. However, I think the more concerning one is the Underhanded C problem. There is a lot of code that nobody is reading, and there's code that people aren't successfully reading. Not all vulnerabilities are obvious, whether that hidden-ness is deliberate or accidental. If you have the ability to read code, you almost certainly know this from experience, because we've all written bugs that should be simple to fix but you can't see the problem for the life of you.
This is beyond tiresome and childish.
Black is white, 2 plus 2 equals 5, or whatever I say it does bla bla. It's so 1984 it's now just a sick joke.
The idiot politicians who keep insisting that you can have "lawful access" are either seriously delusional or outright fucking lying.
There are no other possibilities.
I can't find the passage now but in one of the Neuromancer era novels was mention that the logical end game of the competition between criminals and gonverments was the Columbian cartles got VERY good at cyber security - to the point they just opened up for business storing other's data.
I mean, if your criminal enterprise relies on good InfoSec and you have Beeelion$ in profit to throw at it, why wouldn't you spend a bit on ensuring you keep it?
And once you've done that, spin it off as a profit making service: Cartel Web Services anyone?
While cryptologists do sometimes talk in terms of 'proofs' these are all(*) conditional on underlying mathematical theories which lack proofs. Can we please not forget this, particularly as the US makes the move to hold a strategic crypto-currency reserve.
Impagliazzo's "A Personal View of Average-Case Complexity" (Five computational worlds) essential reading
(*) For completeness: excepting the mostly impractical one-time pad
> these are all(*) conditional on underlying mathematical theories which lack proofs.
They are also theories which experts in the field have factual reasons to believe to be true.
They are also theories that have undergone intense study. They are also theories for which no one, despite intense study, has shown a counter-example.
They may not have absolute proofs, but it is suspected that they have proofs* which we simply do not yet know.
* proofs, here, generally means "cannot be reversed in any polynomial-time fashion" and for reversing hashes or encryption typically means, "Cannot be used to recover the plain-text, or impersonate a text, with computation time less than the expected life of the universe" (and, when given a set of GPUs, life-of-the-universe divided by N).
Lets not be overly pedantic.
If you study the history of cryptography you'll see every crypto scheme of it's day was considered unbreakable until it was broken. Including lots of the more modern mid-to-late 20th century primitives. There are no proofs, and no factual reasons, just a lack of breakthrough which happens all the time in maths and can mean anything. This absolutely isn't pedantic in a world where so much is being built on these schemes and academics, journalists, and crypto proponents keep misleading people by using words like 'proof', 'provable', etc.
"If you study the history of cryptography you'll see every crypto scheme of it's day was considered unbreakable until it was broken. "
As time has progressed, the really good encryption has taken longer and longer to break. Once you have something that going to take lifetimes using a really big and expensive to operate computer, you've essentially got to "unbreakable". The value of data has a tendency to decline with time. If you only need to keep something secret for a week, encryption that might take 1,000 years to break might be overkill. If the value is small, throwing massively more valuable resources at is doesn't have a return. Even if the value of the contained data is high, it might be one message in 100 with the other 99 being a load of spanners to gum up the works.
As time has progressed, the really good encryption has taken longer and longer to break
The opposite, no? (Or can you explain better what you mean?). The Vigenere cipher lasted 3 centuries before being broken. RSA is barely 50 years old, it's been broken partially by Shor's algorithm for 30 years already and is probably on a trajectory toward full breakage. Meanwhile the "not really good" encryption has been broken in greater quantity in the last 50 years than at any other point in history.
I'm not talking about individual schemes though, I'm talking about the timeless human tendency for hubris: that because the currently-used one hasn't been broken it's therefore unbreakable. This has been wrong over and over throughout history, and there's nothing different about today. I'm not advising against using encryption, use the best we have, but use it while aware of the risks and don't spread misinformation about it.
"The opposite, no? "
For a given amount of resources thrown at it. Those resources have been getting more powerful as time goes by, but power comes at a cost. Both in terms of electricity and the hardware.
It's like saying a nation-state's army is unbeatable. We have the means to defeat any army, but the cost goes up exponentially in all sorts of manners.
My other main point is that many secrets are only needed to be kept for a short period of time. Once the operation is over, decrypting the "go" message is far less valuable unless it points at unknown players. If a drug cartel sends a route for its mules to smuggle a load of drugs at a particular date and time, once that's passed, the info isn't very useful anymore. I won't say it's entirely worthless, but the value of it has dropped significantly.
In a similair vein, back in the 90's (if i remember the details correctly) there was an engineer at Nortel that created a custom hardware device that could crack an n-bit secret in time x at a cost of $1M, and it could be deployed in parallel.
His point was that this hardware made key cracking practically an economic function. You could in theory choose the level of encryption needed to make your data "too expensive" to be decrypted.
I don't know? Seemed to work well enough for the French. The monarchy, church and aristocracy never really got back into the saddle after that.
I guess you just have to choose the right heads.
The poisonous Hydra of the contemporary body politic would overwhelm even the most enthusiastic headsman but I am certain he would be delighted give it his best shot (chop?)
Can someone explain it to the politicians like this. Let's install microphones into all temporary occupancy rooms in the UK. Let's restrict the keys to decrypt those recordings to just the people who occupy those rooms. That's E2E encryption. Now, let's add the ability for the room owner to also hold a master key, that's what you have if you don't have E2E encryption. So if the hotel isn't any good at securing their master key or gets hacked or has someone working for them that's willing to sell the data that's the downside.
So, how many ministers or MPs or members of MI5 are going to be willing to stay in any room with a microphone in it with such a system (a lá 1984)?
Quote: "...The entire point of modern encryption is that, except for the keys, there are no secrets and nowhere to hide..."
OK....in schemes like PGP there are persistent keys.
But in schemes which use Diffie/Hellman the keys:
- change with every transaction
- exist only for tiny fractions of a second and are then destroyed
So notions like "Please disclose your encryption keys" become not only illogical.....but also impossible!!
....yet another reason for those who do not trust either service providers or governments.......to go ahead and implement their own encryption.
I was under the impression that it was Australia that came up with the 'cunning plan' to make it illegal to disclose the back door order in their equivalent legislation.
Similarly Australia has a similar law in place on disclosing the list of banned/block websites that ISPs have to restrict access to - I'm not aware that the UK has copied that particular bit of censorship - yet!
"Similarly Australia has a similar law in place on disclosing the list of banned/block websites that ISPs have to restrict access to - I'm not aware that the UK has copied that particular bit of censorship - yet!"
The US was talking about a "kill switch" to be installed in cars so police could remotely disable a fleeing vehicle. I expect a black box with a directional antenna would be for sale on Amazon/Temu/Aliexpress/eBay in a week if that were put in place. It would be listed as a "solvent trap" or something. There are things listed on Amazon that are illegal in the US that exist for years. If you want an exhaust bypass for your Dodge muscle car, no problem. You can get a kit that bolts right in with basic tools. In the US, it's not legal for cars to show blue lights as that's reserved for police. Red lights are only allowed at the rear of a car yet you can buy emergency-like lighting for your car on many of the online market places. There are laws and then there is the implementation/enforcement of those laws.
... who's listening/reading.
When I'm bothered about anyone listening in I use a burner, unregistered, text files, with PGP encryption.
And use a mix of Scouse & Cockney slang - that always bewilders anyone annoying me in person.
Frankly, if any state agency can read/translare anything that I send that actually matters to me, I'll buy the techs a crate of beer.
"Everyone knows the Romans actually spoke English. The Latin language was simply a code to stop the English-speaking barbarians from knowing what the Roman army was up to. "
It's like the US using Navajo to send messages in their own language due to how obscure it was. Even if you could break encryption wrapped around that, they spoke the messages, you be left with a tough puzzle. It's like in Spook Country where the family sends texts in a Roman alphabet that approximates Cyrillic. Mire that in some good encryption and cipher and you wind up having to put humans in the loop that can recognize what's going on.
"[Innocent people] are the most at risk of abuse from snoops,"
I am convinced the targets of these backdoor laws are not the terrorists or criminals. The real enemies of the political order have always been the common people. They are the ones that have to be kept under control.
The organised environmental organizations, climate action, unions, are the real enemies. From the suffragettes of the 19th century, to the student and civil rights protests, to the climate activists of the 21st, it is the organised common people that are feared most and must be brought under control.
Because, if you look back, it is the abolitionists, suffragettes, civil rights, student protests, and flower power that have changed the political and social order more than terrorists and criminals.
That's why they need these backdoors, to prevent the common people to organize unobserved.
I rarely upvote ACs on principle, even when I agree with them, but I’ve made an exception for you because I think you are spot-on. It isn’t either/or though, in the UK the Government and the Police are interested in both criminals and activists.
Personally I rarely post AC because I stand by my opinions and want other people to hear them. OTOH I am always willing to change my opinions (and have done) if I find that I have been misinformed or have misunderstood through lack of information.
Unfortunately mostly I find that it is other people who are ill-informed yet nevertheless hold strong opinions.
Sometimes I think that the government makes a big show of requiring access to encrypted communications just to hide that they have already cracked breaking E2EE.
If "they" have already built a quantum computer that can break and read encrypted data then the last thing would be to even hint that that had done it.
So double down on seeming to not have that capability by noisily and publicly asking for back doors into encryption systems.
Are you paranoid enough??? :-)
"just to hide that they have already cracked breaking E2EE."
"They" did not break the algorithms. Breaking the part between the end points requires breaking math that is too well studied. That was possible in the old days when the NSA and GCHQ together employed more than half of all cryptographers. The time when they were able to backdoor the GSM encryption.
But "they" can break the end points, the soft and hardware of the mobile phones. If you install a key logger, you don't have to break the password. If a pseudo random number generator produces easy to guess numbers, you don't need a backdoor.
That is how the police cracks crypt phones of criminals time and again, by invading the software distribution and (physical) server infrastructure.
The crux is, breaking end points is expensive. You need to invade and break every potential end point for mass surveillance. That works for small setups, but not for mass market brands. Zero days for, eg, iPhones are sold for millions of €/$. Messing with hardware requires physically touching every target gadget, either in the factory or on the ground. And it is difficult to hide messing with millions of mobile phones from many brands.
Therefore, "they" need a way to be able to survey any and every person from behind their desk if they want to snoop on everyone. To just have to fill in a form to get all the data they want.
"are millions of phones and other computers but not so many networks..."
But I have yet to see the mathematics that show E2EE can be broken in transit even in theory. * Cracking a million endpoint phones looks positively cheap and easy in comparison.
* Nor have I seen the basic science needed to build the quantum computers that could theoretically crack the existing encryption. Such quantum computers too would be extremely expensive.
Do they have any business presence in Sweden? It doesn't charge for the app and AFAIK doesn't run ads but is fully funded by donations. So I'm not really sure what leverage Sweden would have over Signal other than blocking IPs associated with them (which doesn't do anything about VPNs) and maybe pressing Apple/Google to drop them from their app stores in Sweden (which doesn't do anything about their web interface)
I don't think Sweden is going to be able to do much beyond making it more of a hassle to use Signal.
I don't think Sweden is going to be able to do much beyond making it more of a hassle to use Signal.
Not even much of a hassle at that for somebody that is determined to use Signal. It's just that tiny little challenge that might be too much work for somebody only casually interested.
I came across and nasty bit of Malware that is installed by samsung on its A & M model phones called AppCloud it was developed by an Israeli company IronSource and allows the background download and installation of apps without the phone owner knowing. So this could install endpoint intercept software, it could install software to access the phone contact list. The options are endless.
You cannot uninstall this malware, you can only disable it. This is by all intents and purposes a backdoor. So if you have a SAMSUNG phone disable it and if you are thinking of getting a phone DO NOT get a SAMSUNG phone!
Perhaps you're thinking of Googoyle Play.
Play Store works by push -- you send a request to the Play Store that you want an app, and it sends a push request to your phone, and installs the app. Basically remotely. Anything can be installed on your phone at any time, exactly as you described. Samsung also comes with the Galaxy Store, which doesn't seem to function in the same way, but there are Samsung Services in the background - that you can't disable.
Play Services requires access to your contacts, phone, location, and a myriad of other things. If you disable play services, half your apps stop working - such as anything that uses GPS.
Googoyle creates spyware, nothing more. Android is spyware. iPhone may be similar, but imo the user interface just sucks. So, don't do anything questionable on your phone. You can get flip-phones cheaply, if you need to keep in touch with someone. Unsure if they support other IM apps.
Quote: "...don't do anything questionable on your phone..."
Assumption Alert: Do ANYTHING YOU LIKE on your phone........
....as long as:
(1) You bought the SIM for cash in a convenience store
(2) You bought your (pay-as-you-go) minutes for cash in a convenience store
.....and you are all set.
Warning: The snoops don't know who YOU are......but they may know all the people you call or message!!
Advice: Make sure all your contacts have already performed steps #1 and #2!!!
Yep. I remember reading a post somewhere from a guy who said he'd done the above and had been happily using his "untraceable" phone for the past year. So many people replied asking him if he had a home, because if he did it has already been triangulated to that location by cell towers so he's eminently traceable. He tried to defend himself for a bit then disappeared from the thread lol
Perhaps you're thinking of Googoyle Play.
Play Store works by push -- you send a request to the Play Store that you want an app
No! AppCloud sends a request to Play Store or Galaxy Store in the background to request the install of the app. You have no control. The new app will just appear on your phone.
What we need is a new open E2EE distributed client that companies can dress up any which way they like with features and addon, so long as the encryption code itself remains constant, so anything with the same plugins/features can read it and those without just ignore it and decrypt a vanilla version.
@tubz
Design Of Open E2EE Client
STATIC
(1) Feature to create a Diffie/Helman token pair
(2) Feature to publish your PUBLIC token to your friends
OUTGOING
(3) Feature to create a TRANSIENT token for each outgoing message
(4) Feature encrypt your message (using the TRANSIENT token and your friend's PUBLIC token to create a transient encryption key, then encryption - then the transient key is destroyed)
(5) Feature to create a wrapper for each outgoing message (wrapping your name, the TRANSIENT token and your encrypted message)
INCOMING
(6) Feature to decrypt incoming messages (using the sender's name, the sent TRANSIENT token, the recipient's PRIVATE token to create the transient encryption key, then decryption - then the transient key is destroyed)
Is quite easy to do as a Linux command line application. Bit more work to use GTK3 and Glade.
Most of the detail in C can be found by searching for the work of the amazing Daniel Bernstein (you know....chacha20, curve25519........)
PROBLEMS
(7) Distribution of PUBLIC D/H tokens
(8) Transport. Might be a nice idea to use Signal as transport!!
"Cut off one head and 100 grow back? Decapitation may not be the way to go"
Will have to nuke them from orbit, it is the only way to be sure...
Hilarious that they ask for a back door, when every os maker has a big honkin' front door to your computer.
shhhhhh! it's called software update.. dont tell anybody!
If security clearance was a little less opaque and hiring in general achieved a more skilled workforce like Tommy Flowers, Alan Turing, Mary Coombs nee Blood, Steve Shirley, Tim Berners Lee... it's not like the UK has not produced talented computer scientists and coders. Perhaps the the records that can be accessed with a warrant when End to End Encryption (E2EE) is enabled i.e. who is messaging whom were combined with actually responding to sound intelligence like those refereed to the prevent program by their school for example perhaps we could without breaking E2EE still respond adequately. One possibility may be, something akin to the postmasters of old using special kettles to open mail in transit, like aurthorised attacks e.g. find a contact with lax security whose device can be compromised or one who can be trusted and then use the avenue to send targeted spyware. This approach has two advantages over asking companies to do magic. First it is possible in the real world and second it may be possible to complete without alerting the target as large firms in the UK have no problems complying with legal warrants that are reasonable, and will not disclose doing so if instructed not to. It would also allow law abiding citizens to retain some semblance of privacy as there is a barrier to reading private messages that costs time and effort although governments of today clearly have no interest in that.
The uncomfortable truth bears repeating, that not only could a group of school-age children exchange encrypted messages among themselves, which are demonstrably impossible (not just supremely difficult, but actually impossible; as in, given a ciphertext, every possible plaintext is equally likely. Even quantum computing won't help) for anyone other than the intended recipient to decrypt, over an insecure channel such as SMS; but they could do all this using entirely manual methods and commonly-available materials.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
