Ex-military and security firms oppose Home Sec in WhatsApp crypto row

'We are in real trouble if we apply blunt weapons to this'

UK government ministers calling for increased surveillance abilities in the wake of last Wednesday's terrorist attack have encountered opposition from a somewhat unexpected quarter.

Home Secretary Amber Rudd went on TV at the weekend to say it was "completely unacceptable" that authorities were unable to look at the encrypted WhatsApp messages of Westminster terrorist attacker Khalid Masood. There should be "no place for terrorists to hide", she added.

Not so, according to the Ministry of Defence's former cybersecurity chief. The case for increased surveillance powers following is "weak", especially just months after the Investigatory Powers Act became law, according to Major General Jonathan Shaw.

"There's a debate in Parliament about the whole Snooper's Charter and the rights of the state and I think what they are trying to do is use this moment to nudge the debate more in their line," Shaw told BBC Radio 4's Today.

What the Home Secretary seems to want is for services such as Facebook, WhatsApp and Apple's iMessage to shift their approach from using end-to-end encryption to something that (at least) allows them to hand over messages in response to a warranted request. Such a move would make it easier for authoritarian governments, foreign spies and criminals to access communications. And such a move would not make it easier to foil future terrorist attacks. For one thing terrorists would likely move to more secure methods of communication.

"The problem will mutate and move on," Shaw argued. "We are aiming at a very fluid environment here. We are in real trouble if we apply blunt weapons to this, absolutist solutions."

Some tech firms have also weighed in against Rudd's call for security services to have access to decrypted WhatsApp messages.

Tony Anscombe, senior security evangelist at Avast, said: "We understand why governments want to be able to access the content in these messages but, unfortunately, banning encryption in order to get to the communications of a select few opens the door to the communications of many, and renders us all less secure and our lives less private.

"If you build a back door, it's there for everybody to access. And if you store that data you collect, even in encrypted form, how secure is it? All these data breaches we hear about show our privacy is regularly being breached by hackers, so the action suggested by the Home Secretary would only open us all up to further invasions of privacy."

Homebrewed jihadist crypto apps have been shown to be weak. Alternatives, such as Telegram, to mass-market Western message utilities have also had heir share of flaws. Pushing terrorists towards crypto alternatives is still not necessarily a good idea, according to Anscombe.

"It would be naïve of us to think that by removing the public methods of encryption which we use to protect our identity, our freedom of speech and to keep us safe from persecution, that those terrorist organisations will not develop alternative methods to encrypt their communications. If this were to happen, we'd only be pushing these people further underground, presenting a greater challenge to security intelligence services." ®

Keep Reading

Apple wants privacy 'nutrition labels' on all new and updated apps in its software store from next month

How many grams of carbo-spy-drates are in your favorite applications?

Fake crypto-wallet extensions appear in Chrome Web Store once again, siphoning off victims' passwords

'Seriously sometimes seems Google's moderators are only optimized to respond to social media outrage'

As promised, Apple will now entertain suggestions from the hoi polloi on how it should run its App Store

You may have one or two, dare we say Epic, thoughts to share

Apple's big trouble in not-so-little China – culls 30,000 apps from its Middle Kingdom App Store in legal crackdown

Game developers face local license law that could 'devastate' iOS revenues

Epic Games gets itself epically banned, launches epic Fortnite death match with Apple over App Store's epic 30% cut

Updated Google yoinks smash-hit video game from Play store, too

Huawei's UK code reviewers say Chinese mega-corp is still totally crap at basic software security. Bad crypto, buffer overflows, logic errors...

Last year telcos scrambled to plug 'critical user-facing vulns' in network kit

Sure is wild that Apple, Google app store monopolies are way worse than what Windows got up to, sniffs Microsoft prez

Analysis 'Far more formidable gates to access to other applications than anything that existed in the industry 20 years ago'

Emirati 'surveillance app' ToTok promoted by Huawei as Apple punts it from store

Yes, people of UAE. That free govt-approved VoIP app that replaced all the banned encrypted chat apps

Biting the hand that feeds IT © 1998–2020