UK official calls for government access to encrypted iMessage, WhatsApp messages

Posted:
in iPhone edited March 2017
Apple and other tech companies must provide government intelligence agencies access to encrypted messaging services, the United Kingdom's Home Secretary declared in the wake of the Westminster terrorist attack, claiming there must be "no place for terrorists to hide" from surveillance.




In an interview with the BBC, Home Secretary Amber Rudd called the use of end-to-end encryption communications offered by tech companies and used by terrorists as a "completely unacceptable" situation. Rudd insists organizations behind encrypted messaging systems should not "provide a secret place for terrorists to communicate with each other."

"In this situation, we need to make sure that our intelligence services have the ability to get into situations like encrypted WhatsApp," claims Rudd. It is reported that Khalid Masood, a man who killed four people in Westminster last week in an attack on the Houses of Parliament, had used WhatsApp two minutes before he started his attack.

Messaging services, including Apple's iMessage and WhatsApp, perform end-to-end encryption on communications between users as a security and privacy measure against hackers. This also prevents government intelligence agencies from reading the message directly and from compelling the company hosting the service from providing the message's content, even with a warrant.

Andrew Marr, the interviewer, brings up the ongoing encryption debate in the United States, where Apple continues to resist against requests by law enforcement to add a backdoor to iOS which allows access to stored data and encrypted communications. Rudd's response to a question about whether the UK government could force Apple and other manufacturers to open up their devices to intelligence agencies suggests she wants to go a different route.

"If I was talking to Tim Cook, I would say to him that this is something completely different," claims Rudd. "We're not saying 'open up,' we don't want to 'go into the cloud,' we don't want to do all sorts of things like that."

"But we do want them to recognize that they have a responsibility to engage with governments, to engage with law enforcement agencies when there is a terrorist situation. We would do it all through the carefully thought-through, legally covered arrangements, but they cannot get away with saying we are a different situation. They are not."




In many cases, technology companies do already work with law enforcement agencies to provide information in a serious event, like a terrorist attack. Even so, the amount of help is only limited by the usable data stored on its servers, and while information such as the recipient, sender, and time of the message may be viewable, the encrypted message itself is not able to be passed on.

The United Kingdom has previously investigated the possibility of forcing device producers into adding backdoors or weakening security as part of the Investigatory Powers Bill, but removed the requirement before it passed in 2016. Arguments from Apple provided to a parliamentary committee warned of "dire consequences" if sections that weakened device security were kept in the bill.

While a backdoor would provide access to this encrypted data, it is a solution that may cause more problems than it solves.

During the San Bernardino investigation, Apple CEO Tim Cook declared in an open letter that the U.S. government's request for a backdoor for the iPhone was "something we consider too dangerous to create." The requested "feature" would have "the potential to unlock any iPhone in someone's physical possession," and despite government assurances that it would only be used for the investigation, "there is no way to guarantee such control."
«1

Comments

  • Reply 1 of 35
    lkrupplkrupp Posts: 10,557member
    And if governments demand access and courts agree then what’s Tim Cook going to do? Comply, of course.
  • Reply 2 of 35
    NemWanNemWan Posts: 118member
    lkrupp said:
    And if governments demand access and courts agree then what’s Tim Cook going to do? Comply, of course.
    A secure end-to-end system would make compliance impossible. If it's truly end-to-end, the carrier has no key. 
    equality72521magman1979RacerhomieX[Deleted User]
  • Reply 3 of 35
    gtrgtr Posts: 3,231member
    You need access to everybody's information in order to keep us safe from the dangers you deliberately brought into the country, do you?

    Where's a woman athlete with a throwing hammer to toss at the big face on the screen when you need one?

    Goodbye, Britain.
    magman1979fotoformatlostkiwiRacerhomieXbuzdots[Deleted User]
  • Reply 4 of 35
    baconstangbaconstang Posts: 1,099member
    Great.   Now we have to educate these tea bags about why encryption is essential to cyber security for everyone.
    Considering how highly the Brits are watched by their government, this is no small undertaking.
    lostkiwiRacerhomieX
  • Reply 5 of 35
    eightzeroeightzero Posts: 3,052member
    NemWan said:
    lkrupp said:
    And if governments demand access and courts agree then what’s Tim Cook going to do? Comply, of course.
    A secure end-to-end system would make compliance impossible. If it's truly end-to-end, the carrier has no key. 
    Fine, until the government makes such systems illegal. "No device may be sold that is capable of an end to end encryption system." Done.

    But then we have governments making nuclear bombs, and they call other people "terrorists." 

    iqatedoavon b7
  • Reply 6 of 35
    Home Secretary Amber Rudd called the use of end-to-end encryption communications offered by tech companies and used by terrorists as a "completely acceptable" situation.

    I assume she actually said (or meant?) “completely Unacceptable”.

    edited March 2017 slprescott
  • Reply 7 of 35
    baconstangbaconstang Posts: 1,099member
    Lame argument regarding the attack.
    If Masood planned this attack for some days or weeks, do they seriously believe they'd have thwarted it 2 minutes before with an intercepted message?
    iqatedolostkiwi
  • Reply 8 of 35
    mike1mike1 Posts: 3,273member
    They will never be able to stop the proliferation of 3rd-party encryption software, so all this noise is total BS.
    baconstangmagman1979argonautgeorgie01lostkiwibonobobjbdragon
  • Reply 9 of 35
    eightzeroeightzero Posts: 3,052member
    gtr said:
    You need access to everybody's information in order to keep us safe from the dangers you deliberately brought into the country, do you?

    Where's a woman athlete with a throwing hammer to toss at the big face on the screen when you need one?

    Goodbye, Britain.
    OTOH, there's a good opportunity in the EU that just came open. 
    maciekskontakt
  • Reply 10 of 35
    Looks to me like simple political ass covering.  After all, she does have to appear to be doing something to justify her employment.
    baconstangequality72521fotoformatargonautlostkiwi[Deleted User]watto_cobra
  • Reply 11 of 35
    eightzero said:
    gtr said:
    You need access to everybody's information in order to keep us safe from the dangers you deliberately brought into the country, do you?

    Where's a woman athlete with a throwing hammer to toss at the big face on the screen when you need one?

    Goodbye, Britain.
    OTOH, there's a good opportunity in the EU that just came open. 
    EU becomes centralized mess that asks for too much in one space while not handling affairs in other space (immigration control) properly. Either it is part of some large plan or EU is run by fools.
  • Reply 12 of 35
    macplusplusmacplusplus Posts: 2,112member
    Go after the device, not the device producer.

    If a car is used in robbery, do you issue a warrant to the car producer? "Give me access to that car, now !!!!"

    Once you get the device, you have access to all the information you need. You get the key to any encryption that device may be involved with. There is no unbreakable device. Since you have the absolute power to access any device used in crime, you cannot subpoena device producers. Be a good cop, go to the field and get the device...
    edited March 2017 magman1979[Deleted User]
  • Reply 13 of 35
    irelandireland Posts: 17,798member
     Fascist idiots.
    magman1979argonautbaconstang[Deleted User]
  • Reply 14 of 35
    Encryption is the safe, non-offensive target to attack after ever-increasing atrocities such as these. This will blow over again, citizens will be back to being canon fodder and government will have danced around the real issues yet again.
    magman1979baconstang
  • Reply 15 of 35
    Once again, government people are clueless. If you make Whatsapp or iMessage breakable or have a "back door," two things will happen: 1. Serious criminals and terrorists will switch to other third party encrypted messaging tools or create one themselves. You might occasionally run into a dumb criminal where this might help, but you won't be making anyone safer from international crime or terrorism. 2. The same back door that the gov't now has will eventually fall into the hands of hackers and criminals and be used for identity theft and such. The end result will be, criminals and terrorists will still have secure communications the gov't can't access, regular law-abiding people will not and their private, personally identifiable information will be insecure.
    edited March 2017 magman1979argonauticoco3lostkiwibaconstangbonobobwatto_cobra
  • Reply 16 of 35
    sandorsandor Posts: 654member
    cryptology is millennia old.
    those who wish to keep their messages hidden will always find a way to do it. period.


    end-to-end encrypted transmissions without a backdoor keeps the common man's personal data & banking & social identity (ie state ID) safer from criminals in the 21st century.

    edited March 2017 baconstangwatto_cobra
  • Reply 17 of 35
    Delicious irony - Orwell's mother country.
    lostkiwiiqatedo
  • Reply 18 of 35
    singularitysingularity Posts: 1,328member
    gtr said:
    You need access to everybody's information in order to keep us safe from the dangers you deliberately brought into the country, do you?

    Where's a woman athlete with a throwing hammer to toss at the big face on the screen when you need one?

    Goodbye, Britain.
    He was born in the UK. So not brought in.

    As for asking for access, that's just not going to happen.
  • Reply 19 of 35
    linkmanlinkman Posts: 1,035member
    Go after the device, not the device producer.

    If a car is used in robbery, do you issue a warrant to the car producer? "Give me access to that car, now !!!!"

    Once you get the device, you have access to all the information you need. You get the key to any encryption that device may be involved with. There is no unbreakable device. Since you have the absolute power to access any device used in crime, you cannot subpoena device producers. Be a good cop, go to the field and get the device...
    Having physical access to a device does not necessarily you have access to the entire decryption key. Please read up on Apple's implementation of encryption: https://www.apple.com/business/docs/iOS_Security_Guide.pdf

    Brute forcing decryption against something using AES 256 is effectively impossible. It would take billions of years and $8 x 10^57 in electricity costs.
  • Reply 20 of 35
    SpamSandwichSpamSandwich Posts: 33,407member
    LOL! If governments were run by angels, there would be no argument. That they are run by people who are no smarter or more capable than any of us should be evidence enough that they cannot be given complete autonomy and access to confidential personal communications and data.
    [Deleted User]
Sign In or Register to comment.