Just one back door required.
Should make things a lot easier for the roz and spy agencies then.
By March 2024, instant messaging and real-time media apps operated by large tech platforms in Europe will be required to communicate with other services, per the EU's Digital Markets Act (DMA). How that will happen remains an unresolved technical and social challenge. In a preprint paper, "One Protocol to Rule Them All? On …
One back door would be a security risk
There are 27 Eu members, so 27 * Sum(police agencies,military intelligence agencies,civil intelligence agencies,government depts,quasi-government depts, federal/state/province agencies, archives, state broadcasters) + MMB
With so many secured agencies with secure access it must be really secure - it's like putting 10,000 locks on a door !
(Well more like putting a single lock on a door and having 10,000 different keys that open it, but the principle is very similar)
I can tell you with 100% certainty that there are police forces in the EU that don't really operate independently of government, and there are governments in the EU where people in power are willing to do anything and everything for their own power and wealth.
If there is a backdoor on such a system it WILL be abused- (and I'm flabbergasted that anyone might think otherwise)
In the course of mountain biking, I have seen many fire roads with gates that are locked by multiple locks such that opening one lock opens the gate. Each lock is used to lock a short chain and the short chains are joined in series. So the fire department, ranchers with cattle/cows on fields, rural residents, horse riding groups with legal access, etc., can each access independently.
I read this with brave on android, but I could have used Firefox on my Linux pc and if I were a lemming, edge on windows. I can pick up my voip phone and call anybody. Anyone using a protocol standard can talk, but corporations want interoperability to fail , get vendor lock in, mine all the data they can from thier "secure" platforms and exploit their cash cows to enable purchase of garbage reports like this one.
All they need to do is use a genuinely secure standard and compete on their interfaces.
You can pick up your VoIP phone and call anybody…..but they are highly unlikely to pick up. If I don’t know the number, and it’s not at least an area code I might plausibly expect, there’s absolutely no way I pick up. A generic VoIP number incoming is pretty much a guaranteed f* off and die for most people. There’s your first problem.
Each IM service has its own way of keeping track of some sort of authenticity. WhatsApp has its little icons. An incoming message from SnapChat with no identifier icon? Errr, no, I have better things to do with my time than search my phone book. Requiring bridges between the IM networks is just a guaranteed truckload of message spam that I will be ignoring. Remember the days when certain email providers were automatic send-to-spam? Well, the future is the past all over again.
"You can pick up your VoIP phone and call anybody…..but they are highly unlikely to pick up. If I don’t know the number, and it’s not at least an area code I might plausibly expect, there’s absolutely no way I pick up."
I think you missed the point the original commenter was trying to make. If we know each others' phone number and we know each other, we can call each other. It doesn't matter if your phone is a fixed line, voip phone or landline, it doesn't matter what brand your phone is or what OS its running,. The call just works. On the other hand if I have Telegram installed and not Whatsapp, and you have Whatsapp but not Telegram, then we can't instant-message each other. So we are in the ridiculous situation of having multiple Apps installed just because each of our contacts use a different app.
The target outcome is that everyone only ever needs one messaging app, and a messages that I type send to you from my Telegram app isn't going to your Telegram app, but to your number, and you can open it with whatever app you choose, even if you don't have Telegram.
Your concern about authenticity is a very valid concern, and has to be part of the common protocol to make sure that if I see a message coming from your number I am confident that it was really you who sent it. Otherwise of course anyone can continue to ignore / send to spam / block all messages that come from unknown numbers. As to "I have better things to do with my time than search my phone book" - no one is going to search their phone book just as they don't know. Your phone has your phone book and will translate number to contact name just as it already does, except that it doesn't have "Whatsapp contacts", "Telegram contacts" etc for every messaging app, there is just 1 common contacts list, the way it should be
>If we know each others' phone number and we know each other, we can call each other.
Yes but that's not the technical problem the ruling is trying to solve.
How to do this securely so that you and the person you are calling have total end-end encryption but the Luxemburg Coastguard can intercept the call if they have a warrant, but that GCHQ can't have access, unless the Eu allows it.
Building a domain specific language to enforce 3rd party access rights into the protocol is an 'interesting' software engineering challenge
“The target outcome is that everyone only ever needs one messaging app”
No, that’s *your* target outcome. I have no such target outcome. I’ve never heard anyone even express a “wouldn’t it be nice if” outside this forum. Nobody asked for it. It sounds utter folly to me.
Back in the real world, most people have an app they expect to use in each circle. For me, WhatsApp, FB Messenger and SMS are all “common”. I personally loathe FB Messenger with a passion because it’s clumsy. But some of my friends use it. Therefore I have downloaded. If I simply refused to do so, they would rightly say, “hey, why are you being such an asshole”. It takes ten seconds to download the app.
This new system concept also makes zero sense from the recipient point-of-view. So, if I use both FB Messenger and WhatsApp, and someone sends me a message….which app picks it up? The first one I open? Is it then not available for any of the other ones, or on all of them? Must the sending App ecosystem store it “forever” as “not yet read” until *all* of the Apps registered to the recipient have picked it up? But it was the whole point of Snapchat that it disappeared as soon as you read it. If I block a sender on one app, do I have to block on all of them - or do apps also have to exchange their block-lists? How are message-threads handled where potentially the answers are coming back from multiple ecosystems? If I join a WhatsApp group, how does Telegram know?
There is of course a very simple answer to that complete set of questions. Make it all work exactly like email. That’s fine. We have such a system. It’s called *email* and it was standardised in RFC whatever fifty use years ago. If you want email, you are free to use email. Seems that the EU just decided they didn’t actually like IM systems at all, and are busy just reinventing SMTP. But other people *do* want IM systems and *not* email and it’s not clear why they shouldn’t be allowed to have them.
What is the definition of an IM system? Do corporate IM systems count? Can they opt in for interoperability, and must they? How do I maintain multiple independent “identities” for different societal roles? Is Fortnite covered? Is Tinder an IM system? Is Twitter an IM system - it can be used as such?
If the password of *one* of your IM accounts is compromised, now your attacker can see *all* your messages on *all* systems and impersonate you on all of them? That’s pretty damn fatal.
The whole thing is a smoking pile, as soon as you think about it.
The target outcome is that everyone only ever needs one messaging app
The "target outcome" is that no one has end-to-end encryption.
Honestly, I don't understand why some people find this so difficult to comprehend. If you force OTT messaging apps to interoperate, you lose privacy and security.
Our VOIP number here is the old landline number, complete with the 01267 dialling code and the first three digits identifying the local exchange. There's absolutely nothing to identify it as a VOIP number. In fact, I don't think there are any specific VOIP dialling code areas, are there?
GJC
Not whole area codes AFAIK, but certainly blocks of numbers. There are whole swathes of 020 numbers I’d like to block, though recently the spammers have started to use Scottish numbers where presumably there’s a few spare blocks. A single area code for businesses selling stuff would be welcome and I’d block it in an instant. Oh and even when the spammers are told to GTFO by the business managing their number, they still keep using it.
Not sure why all the downvotes to ACs post. He/she is making the very valid point that the only way to really make things truly interoperable is a shared standard. Going the way of shared APIs and bridges allows the corporations to break interoperability, or make it work badly enough that keeps the walls up on their walled garden.
"All they need to do is use a genuinely secure standard and compete on their interfaces."
This is absolutely the best outcome for consumers. Yes devising a secure and functional protocol for this is difficult, but it's the way forward. I wouldn't really say "all they need to do is..." simply because the walled gardeners will do anything possible to avoid having to knock the walls down. They would much prefer opening a few more gates.
"All they need to do is use a genuinely secure standard and compete on their interfaces."
Yes, but the problem is that the interfaces we had were not secure. Phone calls, SMS, and email were the main standards when these apps started showing up. The former two have no cryptography unless you cobble your own together, and PGP on email isn't understood by several clients and can be confusing to nontechnical users. The next apps to come along happened to include security, but it wasn't the point. WhatsApp was popular at first not because it was encrypted, in fact for a while it wasn't, but because it made communication cheaper in a land of paying per message, especially for those who send messages internationally. By the time that Signal showed up, WhatsApp was being eyed a bit too closely by Facebook, so even though it had become encrypted, people who cared about their security were edging away from it. There isn't a standard that all of these apps speak because many of them were designed in a time where they needed to fulfill a requirement that, in their mind, the existing options had failed to meet. Each new feature that needed to be added would require adjusting the standard, which isn't feasible if every other app has to support them immediately.
If we're adopting a standard, I suggest we make an easier to use wrapper around email; it's already decentralized, so if we add some cryptographic validation, that should handle text messaging. Except we also want secure audio and video calls, so email is out. So maybe we can use something like Jitsi's protocol except that's self-hosted and doesn't have a global network. So maybe we should use the Signal protocol like WhatsApp also does, except that will use different keys if you're sending through Signal-run or Facebook-run servers, and you only know which key to use based on which app you're employing and maintaining a centralized database of keys would introduce privacy risks. So it looks like we might have to take some of the underpinnings and make a completely new one so that apps we trust and apps we don't are all part of one network. Maybe there's a benefit to having disconnected ones for people to choose from after all. I'm all for standards, but not single mandatory standards for something as simple as text communication.
Well interoperable messages sound good on paper, as the article mentions some users specifically avoid using certain platforms because of who runs them, and having Whatsapp users able to send and receive messages to people on Signal or Telegram means that Zuckerberg is able to suck up information from users on other platforms without their express permission being needed.
Also how will it handle connecting to platforms where the phone number is not required, such as Snapchat where you can create accounts with just an email address?
I'm not totally clear on what problem this is supposed to solve. If you want to message someone on telegram, use telegram. If you want to message someone on WhatsApp, use that.
As the paper suggests, folks using telegram / signal etc likely do so because they don't want to use WhatsApp or messenger, either because they can't abide Facebook / meta, or don't trust the apps. Why open gateways to services they don't want to use? And will they be able to decline those gateways if they wish.
" If you want to message someone on telegram, use telegram. If you want to message someone on WhatsApp, use that."
And what if you just want to have one ID on one system instead of buying into every service every would-be tech bro sets up
I don't have to have a mobile on every network and a landline from every landline operator because they all inter-operate.
I don't have to have email addresses with multiple MSPs because email inter-operates.
What's proposed here is to try to make messaging work the same way.
At one time, the interoperability of email used to be a *huge* problem. The spammier providers were sending tens of thousands of messages per day to those on the better managed providers. We reached the point where those providers were auto-deleted as spam, which means they really weren’t connected. If this IM interop happens, there will be a similar Wild West of IM spam for a few years. All to solve a problem that isn’t really a problem.
And if it were a problem, having common IM interop doesn’t really solve it. Most peoples issue isn’t being unable to *send* the message on their desired app to AN Other. It’s that they can receive messages from any of: email, SMS, Facebook comment which is different from Messenger!, Instagram Comment, Instagram DM, WhatsApp etc. And unless you are very “assertive” with telling people how you can be contacted, they get upset unless you are continuously monitoring all the streams. And you can never find or remember which random stream a message came in on. It’s not an interop problem, it’s a notifications/tracking problem, which the legislation entirely misses the point of.
Interoperability is great, but why are we trying to make different technologies work with completely different technologies. You don't expect your POTS landline phone to act as a WhatsApp client just by speaking in to it.
Isn't interoperability in this case the capability of having a client that can send WhatsApp messages, Telegram messages etc, rather than having a client that can only send one type of message? You'll need a WhatsApp account to send WhatsApp messages, and a Telegram account to send Telegram messages, etc, so the client will need to be able to log into each service. The change forced by the interoperability legislation would then be to make access to each system open, rather than closed, as it is generally now. (So you could use a landline handset that also has WhatsApp capabilities in it, but you are not forcing the telco to do the interchange - sounds a bit like a smartphone...)
Your choice of client is yours. The choice of which messaging systems you want to use is yours (or your friends/colleagues who have chosen what they want to use). What to change client, then go ahead. Don't want to use a certain type of messaging provider any more, your choice. Want to start using a new message provider in addition to the ones you already use, your choice.
Interoperability isn't email to sms, or Telegram to WhatsApp. It's allowing people to use whatever client they want with an account they sign up for with the service provider of that system.
Your examples aren't interoperable for the same reasons that these apps are not. I can't call your email address from my phone. I can't email you a voicemail. Sending an audio file as an attachment isn't the same. If I encrypt a message and send it to you as an SMS, your email client won't decrypt it. The things you mention aren't interoperable; they're decentralized. I'd be much more interested in decentralized communication apps than in enforced interoperability.
If you're using any of these apps, whatever one it is, it means you have a phone capable of running the apps (or you found a way to make them work on a computer without one, something I'd also like to see more work on). That means that you can have any number of alternatives there as well. On my phone, for example, you can find Signal and Jitsi icons. I can't group together people in video calls placed on both of them, but I can call people on either of them as I choose just by opening a different application. This means that, should Signal break because their centralized system goes down, it doesn't break my self-hosted Jitsi installation or the app that connects to it. If the two had to interoperate, then either Signal would have to connect to a self-hosted version and deal with possible problems or attacks raised by that or that Jitsi would have to drop support for self-hosted versions. Neither option appeals to me.
And what if you just want to have one ID on one system instead of buying into every service every would-be tech bro sets up
Maybe people don't want a single ID on all systems. I don't.
Maybe this "problem" isn't a concern for many users. It certainly isn't one for me.
Maybe the EU should keep its fingers out of domains it doesn't understand.
What if I want to message someone on ICQ?
Or MSN? AIM? Yahoo!? One of the myriad not-quite-interoperating jabber services? The POTS? The mobile POTS? Viber? WeChat? Apple? Whatever Microsoft's doing this week? One of the messengers I barely know about from the far south or east?
What about Roblox chat? Do I have to sign up to Roblox and play their stupid playground games so I can speak to my daughter?
I know phones are supposed to be for chatting anyway but at this rate there isn't going to be room on the device for anything besides chat apps, and that's just the ones that still exist.
And just imagine the notifications!
Quote: "...doesn't rotate keys regularly..."
Quote: "...Designing a system capable of securely encrypting and decrypting messages and associated data across different service providers raises many thorny questions..."
Quote: "...others rely on different versions of the Signal protocol...."
Yup...rotate keys...
Yup...thorny questions...
Yup...Signal protocol...
All this is just serious misdirection. Citizen groups who want privacy and security for their messaging will ignore this tittle-tattle.......
.....and they will avoid all the backdoors in Signal, Telegram, WhatsApp...........
.....by implementing private encryption on a point-to-point basis....their ONLY encryption/decryption will be done ONLY on their own end point devices!!
That way, Gmail will be a perfectly secure transport. Of course, if they choose to send private encrypted messages over Signal....so what....the spooks will use the Signal backdoor, and will just read.....private encryption!!
And on the subject of keys.....who says that keys need to be persistent....who says keys need to be published?
Well.....since the Diffie/Hellman findings in 1976, it turns out that keys can be randomly assigned to every message....calculated as needed....never published...and thrown away after use.
........why would anyone need to "rotate keys"? Did I mention misdirection?
The El Reg needs to publish more informative stuff about privacy and security. But if commentards want to read up:
(1) Applied Cryptograpy, Steve Schneier (Diffie/Hellman, Chapter 22.1)
(2) Cryptography Engineering, Ferguson/Schneier/Kohno (Diffie/Hellman, Chapter 11)
(3) Daniel J. Bernstein, multiple resources
As you say, people who genuinely need privacy probably already use encrypted email with all the encryption done locally - or other specialist stuff that I don't know about. This is a very small proportion of the population, but their circumstances have made them relatively expert in message security.
Then there's another group which frets a lot about privacy, has browser shields, keeps away from some (or all) messaging apps (except email and SMS) and social networks, runs a Pi-Hole, but (financial transactions aside) has no real **need** to encrypt anything. I'm in this group (except Pi-Hole.... yet), as are probably most Reg readers. Nothing really works; websites don't load, videos don't play, apps don't update, you've no idea what your old friends who moved abroad are doing cos they use Facebook to keep everyone up to date, you walk to the local shop only to find that it's shut for the afternoon and everyone else in the neighbourhood Facebook group knew about it and you get 99% of the way through buying something online that you've been looking for for ten years only for it to crash at the last payment hurdle cos your JS blocker blocked the payment server and when you go back with shields down someone who doesn't give a shit about privacy has just bought it (this happened to me a couple of years ago with my grail guitar ). Nothing we do would be interesting to anyone snooping on our stuff and if any of us did want to do anything nefarious or hide something then we'd jump up into the first group and cover our tracks pretty well.
Then there's most of the world who either don't know or don't care about "privacy". They use whatever browser comes with the PC. They put everything online and use any and all the messaging apps (except email and SMS), depending on whatever their mates use. They keep up with their friends and family and neighbourhood and train and bus service using whatever apps they need to. They leave GPS turned on. They track their spouses and friends and can be tracked by them. They don't spend a couple of hours turning Google history off and checking it every month or so. They don't even seem to notice the annoying ads, pop-ups and other stuff cos they seem to have found a way to balance convenience and annoyance.
My life would be a bit easier if I were in the last group.
Sure but that still meant you had to sign up to all the services, it just provided one convenient client to manage all of them at once. That's easy.
What this law wants to do is make users of different services somehow (not sure by which kind of magic it should happen) talk to each other without signing up for all the different services.
Matrix is decentralised and lead by an open source foundation so logically it's the sensible choice as oppsed to signal or whatsapp which this article then seems to think are the only real choices (one mention only of it!). Obs EU gets behind matrix and it'll be mistrusted by Russia and others obvs.
Don't we have the tools to allow encryption services already? GPG/PGP? Is it so hard to figure out such a solution for the encryption part, and allow access via whichever platform you want?
The interoperability aspect shouldn't be too difficult either - there's been a wide range of protocols that can handle that created already. Such as XMPP.
We're talking about companies with billions in profits each year. I'm 100% sure they can come up with both E2E systems that operate well, and interoperable communications systems as well.
I don't think the issues are technical at all. Rather political and commercial.
Well sure for single user to single user you could use pgp, although you need to handle the secure key exchange and authentication first.
Given many of the chat systems support groups, that gets way more complicated.
Different systems have different features after all. Does everyone have to implement all the features or do services have to drop features that are not universally supported?
And if you change the protocol, you just broke compatibility with all the existing clients on that service. So much for making things more interoperable when you start by breaking everyone.
"I don't think the issues are technical at all."
I'm afraid you're mistaken. Let's take a few examples as challenges.
First, build me a system that encrypts a video call among multiple parties using PGP. Can you do it? Sure, eventually you can, but it will take some effort. Are you going to use a centralized server to distribute the video or will you run decentralized. The former has the advantage of not overburdening the clients that might be mobile phones. The latter has the advantage of not requiring the server to operate and facilitating self-hosting. If you're not using the server, how do you identify the users you want to send the keys to. This is why apps with video call features, which all the things mentioned in the article have don't operate together.
Now show me how you plan to get keys around. I've done PGP email. I have my key, and I have to give it to everyone I know. I could always use the PGP business cards that some people had, but I never did. I could arrange with a friend to introduce us on a channel somewhere with their keys serving as a secure exchange, which means that we will need a mutual friend every time we meet someone new. Or I can do what I actually did, which was to send my key in an unencrypted email and just hope that nobody intercepted things until after we had set it up. I just sent a message on Signal to someone I know personally, but not well enough that we've pre-exchanged keys. I could do that because I knew her phone number. If I had to deal with keys first, how would the nontechnical user do so? For that matter, how would I do so even when I know what the keys are for, because I'd have to first set up an insecure communication path to provide my key and get hers, and any attacker could pose as me to do that.
There will always be technical tradeoffs between a very secure system and one to which the average user can simply log in and they're there. Signal and most similar apps chose the latter using verified phone numbers as authentication tokens, and PGP is the former. There are some improvements we can make to both of them, but we cannot just combine the approaches.
In a narrow sense you are correct, but ... Remember the 2018 EFAIL bug? That was big news, which also left years of past mail vulnerable [ see confusingly wrong description: efail dot de ]. That wasn't really a bug with PGP at all, but with S/MIME, which is (was?) a protocol on top of PGP to make PGP "transparent" to easy use in email communication.
PGP is not a piece of software but a pretty good algorithm. The problems start when putting it into practice. The S/MIME EFAIL bug might have been purely technical but that can not be proven.Same goes for the Heartbleed bug in SSL.