Apple condemns British spy agency group's proposal to evade message encryption

Posted:
in General Discussion
Apple, Google, Microsoft and WhatsApp have co-signed an open letter urging the UK government to abandon what's being called a "ghost protocol" to allow intelligence services to read encrypted messages.




Apple has joined with Google, Microsoft, WhatsApp and other technology firms in an open and co-signed letter protesting against the UK government's proposal to require the right to eavesdrop on encrypted messages. GCHQ (Government Communications Headquarters) had proposed that services should automatically and secretly copy all messages from every user to law enforcement.

GCHQ's Ian Levy and Crispin Robinson proposed this system in a paper in November 2018 that laid out principles for how "service providers" could implement it. "It's relatively easy for a service provider to silently add a law enforcement participant to a group chat or call," they wrote. "You end up with everything still being end-to-end encrypted, but there's an extra 'end' on this particular communication."

The paper's authors insist this was not the same as granting backdoor access to communications.

"This sort of solution seems to be no more intrusive than the virtual crocodile clips that our democratically elected representatives and judiciary authorize today in traditional voice intercept solutions," they said, "and certainly doesn't give any government power that they shouldn't have."

Start of the open letter co-signed by Apple
Start of the open letter co-signed by Apple


The open letter, originally sent to GCHQ on May 22, describes this approach as adding a "ghost" to every message and decries what it calls this "ghost protocol," saying it would introduce "significant additional security threats."

"The GCHQ's ghost proposal creates serious threats to digital security," says the letter's writers. "Users would no longer be able to trust that they know who is on the other end of their communications, thereby posing threats to fundamental human rights, including privacy and free expression."

While not requiring a backdoor that allowed law enforcement access to messages after they were sent, the proposal would make companies such as Apple alter how iOS handles messaging.
"GCHQ's proposals would require messaging apps, service providers, and operating systems to change their software so that it would 1) change the encryption schemes used, and/or 2) mislead users by suppressing the notifications that routinely appear when a new communicant joins a chat."
The nine-page, 3,000-word letter concludes by pointing out that if the UK is allowed to require this, other countries will follow.

"There is no way to prevent other governments from relying on this newly built system," it says. "This is of particular concern with regard to oppressive regimes and any country with a poor record on protecting human rights."

The open letter asks that GCHQ abandon this "ghost protocol."

GCHQ has responded to the letter.

"We welcome this response to our request for thoughts on exceptional access to data -- for example, to stop terrorists," said author Ian Levy in an email to CNBC. "The hypothetical proposal was always intended as a starting point for discussion."

"We will continue to engage with interested parties," he continued, "and look forward to having an open discussion to reach the best solutions possible."

«13

Comments

  • Reply 1 of 46
    felix01felix01 Posts: 294member
    @"automatically and secretly copy all messages from every user to law enforcement"

    My bolding.

    I trust they've got some serious data storage capability!
    cornchipolswatto_cobrajony0
  • Reply 2 of 46
    entropysentropys Posts: 4,152member
    Obviously a plot by Max Denbigh aka “C” to implement nine eyes for the benefit of a secret cabel. Crispin Robinson is sooo British it must be an alias.
    edited May 2019 PanamaniakcornchipJWSC
  • Reply 3 of 46
    racerhomie3racerhomie3 Posts: 1,264member
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being used to damage American cities.
    edited May 2019 StrangeDaysjbdragonwatto_cobra
  • Reply 4 of 46
    gatorguygatorguy Posts: 24,176member
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    I don't see how it would "leak" on the black market as there's no backdoor modification to any of Apple encrypted messaging service, nor are the Brits asking for one. They simply want Google and Apple and the rest to be legally required to add GCHQ as another recipient of the target's still encrypted message. Apple who whoever would still be the company responsible for actually doing it if I read this correctly. Certainly not something I would advocate for, but still far better than a weakened encryption service. 

    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. At least in China it is no longer Apple iCloud nor an Apple-controlled service, rebadged as GCBD iCloud and run by the Chinese. Simply inserting themselves as an additional recipient of still-encrypted iMessages would be the so-simple fix. Russia may bve in the process of doing something similar. 
    JWSC
  • Reply 5 of 46
    racerhomie3racerhomie3 Posts: 1,264member
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    I don't see how it would "leak" on the black market as there's no backdoor modification to any of Apple encrypted messaging service, nor are the Brits asking for one. They simply want Google and Apple and the rest to be legally required to add GCHQ as another recipient of the target's still encrypted message. Apple who whoever would still be the company responsible for actually doing it if I read this correctly. Certainly not something I would advocate for, but still far better than a weakened encryption service. 

    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. At least in China it is no longer Apple iCloud nor an Apple-controlled service, rebadged as GCBD iCloud and run by the Chinese. Simply inserting themselves as an additional recipient of still-encrypted iMessages would be the so-simple fix. Russia may bve in the process of doing something similar. 
    iMessage keys are not held by . The new iMessage syncing feature is enabled by a circle of secure devices. iCloud storage holds your backup info, photos, contacts, etc. which  has a key for. Not your iMessage.I believe  is trying to enable this circle of secure devices, for more cloud features, so they dont have the keys. 
    SolicornchipStrangeDayslostkiwisteven n.watto_cobrajony0
  • Reply 6 of 46
    macplusplusmacplusplus Posts: 2,112member
    The respondents should begin to train their lawyers already. The cops may come with a court order requesting the implementation of the exact same scheme, on a case by case basis. They don’t need to turn it into a law. The “virtual crocodile clips” analogy may be convincing enough on many courts.
    edited May 2019 jbdragon
  • Reply 7 of 46
    peteopeteo Posts: 402member
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    but still far better than a weakened encryption service
    There is an account associated with this. The account could be secretly compromised and then that account would have access to EVERYONE'S messages in any app. Also you are missing the whole proposal: "GCHQ's proposals would require messaging apps, service providers, and operating systems to change their software so that it would 1) change the encryption schemes used, and/or 2) mislead users by suppressing the notifications that routinely appear when a new communicant joins a chat."
    edited May 2019
  • Reply 8 of 46
    gatorguygatorguy Posts: 24,176member
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    I don't see how it would "leak" on the black market as there's no backdoor modification to any of Apple encrypted messaging service, nor are the Brits asking for one. They simply want Google and Apple and the rest to be legally required to add GCHQ as another recipient of the target's still encrypted message. Apple who whoever would still be the company responsible for actually doing it if I read this correctly. Certainly not something I would advocate for, but still far better than a weakened encryption service. 

    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. At least in China it is no longer Apple iCloud nor an Apple-controlled service, rebadged as GCBD iCloud and run by the Chinese. Simply inserting themselves as an additional recipient of still-encrypted iMessages would be the so-simple fix. Russia may bve in the process of doing something similar. 
    iMessage keys are not held by . The new iMessage syncing feature is enabled by a circle of secure devices. iCloud storage holds your backup info, photos, contacts, etc. which  has a key for. Not your iMessage.I believe  is trying to enable this circle of secure devices, for more cloud features, so they dont have the keys. 
    If you send a message to a few other Apple device owners they now become part of 'the circle" for that message. If I understand correctly the Brits simply want Apple to be required to add GCHQ as another member of the circle for that message with the proper legal request to do so. The Brit don't need a key. With that said they might rquire the service provider not disclose they've they're been added to the secure circle, so yeah that would be a change from the way it works now. The encryption itself would not have to change theoretically. It's decrypted for all the approved recipients already. 
    edited May 2019 JWSC
  • Reply 9 of 46
    StrangeDaysStrangeDays Posts: 12,834member
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. 
    Are you honestly suggesting Apple has given Russia access to everyone's encrypted iMessages, and not told anyone? Is that honestly what you're suggesting?

    Man, who pays you to drop such copious amounts of FUD pellets on everything Apple? What do you get out suggesting such nonsense?
    jbdragonwilliamlondonlostkiwiwatto_cobrajony0
  • Reply 10 of 46
    gatorguygatorguy Posts: 24,176member
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. 
    Are you honestly suggesting Apple has given Russia access to everyone's encrypted iMessages, and not told anyone? Is that honestly what you're suggesting?
    If Apple still runs the Russia service once the changeover is in full effect then no I don't think Apple would turn over any messages that were not already existing in the users Cloud account. They'll comply with the law just as they do everywhere else they do business and they can't turn over what they don't have. 

    BUT If they do as they did in China and turn it all over to a Russian agency to operate, no longer even branded as an Apple service, then of course it would not be Apple making the choices. Clean hands.

     
    edited May 2019 JWSC
  • Reply 11 of 46
    tzeshantzeshan Posts: 2,351member
    I can imagine US spy agency will make similar request to Huawei should US accepted its 5G equipment. But this is impossible because then Huawei knows how spy agency spy on people and governments. From the beginning I think AT&T has a division that works with the government in this way. 
  • Reply 12 of 46
    macplusplusmacplusplus Posts: 2,112member
    gatorguy said:
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. 
    Are you honestly suggesting Apple has given Russia access to everyone's encrypted iMessages, and not told anyone? Is that honestly what you're suggesting?

    Man, who pays you to drop such copious amounts of FUD pellets on everything Apple? What do you get out suggesting such nonsense?
    If Apple still runs the Russia service once the changeover is in full effect then no I don't think Apple would turn over any messages that were not already existing in the users Cloud account.

    BUT If they do as they did in China and turn it all over to a Russian agency, no longer even branded as an Apple service, then of course it would not be Apple making the choices. Clean hands 
    Yours is a very bold claim: iCloud run and monitored by Chinese agency ! Any link for that? All the Chinese wanted from Apple was keeping the servers in mainland China...
    williamlondonwatto_cobrajony0
  • Reply 13 of 46
    tzeshantzeshan Posts: 2,351member
    gatorguy said:
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. 
    Are you honestly suggesting Apple has given Russia access to everyone's encrypted iMessages, and not told anyone? Is that honestly what you're suggesting?

    Man, who pays you to drop such copious amounts of FUD pellets on everything Apple? What do you get out suggesting such nonsense?
    If Apple still runs the Russia service once the changeover is in full effect then no I don't think Apple would turn over any messages that were not already existing in the users Cloud account.

    BUT If they do as they did in China and turn it all over to a Russian agency, no longer even branded as an Apple service, then of course it would not be Apple making the choices. Clean hands 
    Of course Apple will give access to Chinese government if requested. Because it is Chinese laws. Apple has said it obeys laws of government for the country it do business with. There are so many examples. 
    williamlondon
  • Reply 14 of 46
    JWSCJWSC Posts: 1,203member
    gatorguy said:
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. 
    Are you honestly suggesting Apple has given Russia access to everyone's encrypted iMessages, and not told anyone? Is that honestly what you're suggesting?

    Man, who pays you to drop such copious amounts of FUD pellets on everything Apple? What do you get out suggesting such nonsense?
    If Apple still runs the Russia service once the changeover is in full effect then no I don't think Apple would turn over any messages that were not already existing in the users Cloud account.

    BUT If they do as they did in China and turn it all over to a Russian agency, no longer even branded as an Apple service, then of course it would not be Apple making the choices. Clean hands 
    Yours is a very bold claim: iCloud run and monitored by Chinese agency ! Any link for that? All the Chinese wanted from Apple was keeping the servers in mainland China...
    Read it and weep.

    https://www.google.com/amp/s/www.theverge.com/platform/amp/2018/7/18/17587304/apple-icloud-china-user-data-state-run-telecom-privacy-security
    williamlondon
  • Reply 15 of 46
    JWSCJWSC Posts: 1,203member
    Damn the British.  Smart bastards.  This one is going to be much harder to fight on the grounds that it weakens encryption.  I’m afraid this particular implementation has legs.
  • Reply 16 of 46
    gatorguygatorguy Posts: 24,176member
    gatorguy said:
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. 
    Are you honestly suggesting Apple has given Russia access to everyone's encrypted iMessages, and not told anyone? Is that honestly what you're suggesting?

    Man, who pays you to drop such copious amounts of FUD pellets on everything Apple? What do you get out suggesting such nonsense?
    If Apple still runs the Russia service once the changeover is in full effect then no I don't think Apple would turn over any messages that were not already existing in the users Cloud account.

    BUT If they do as they did in China and turn it all over to a Russian agency, no longer even branded as an Apple service, then of course it would not be Apple making the choices. Clean hands 
    Yours is a very bold claim: iCloud run and monitored by Chinese agency ! Any link for that? All the Chinese wanted from Apple was keeping the servers in mainland China...
    Do long-time AI members here even bother with research anymore? It is no longer Apple iCloud in China. The new service is called  "iCloud operated by GCBD" and any user agreements are between them and AIPO CLOUD (GUIZHOU) TECHNOLOGY CO., LTD. Apple no longer has control nor offers any privacy guarantees to the user themselves, for the obvious reason it's not their service even if it is their device with the service built in. 

    https://support.apple.com/en-us/HT208351

    "iCloud services in China mainland are now operated by Chinese internet services company Guizhou on the Cloud Big Data Industrial Development Co., Ltd., (GCBD). This allows us to continue to improve iCloud services in China mainland and comply with Chinese regulations.

    iCloud services and all the data you store with iCloud, including photos, videos, documents, and backups, will be subject to the new terms and conditions of iCloud operated by GCBD."

    edited May 2019
  • Reply 17 of 46
    macplusplusmacplusplus Posts: 2,112member
    JWSC said:
    gatorguy said:
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. 
    Are you honestly suggesting Apple has given Russia access to everyone's encrypted iMessages, and not told anyone? Is that honestly what you're suggesting?

    Man, who pays you to drop such copious amounts of FUD pellets on everything Apple? What do you get out suggesting such nonsense?
    If Apple still runs the Russia service once the changeover is in full effect then no I don't think Apple would turn over any messages that were not already existing in the users Cloud account.

    BUT If they do as they did in China and turn it all over to a Russian agency, no longer even branded as an Apple service, then of course it would not be Apple making the choices. Clean hands 
    Yours is a very bold claim: iCloud run and monitored by Chinese agency ! Any link for that? All the Chinese wanted from Apple was keeping the servers in mainland China...
    Read it and weep.

    https://www.google.com/amp/s/www.theverge.com/platform/amp/2018/7/18/17587304/apple-icloud-china-user-data-state-run-telecom-privacy-security
    So what? How it is different from renting storage space from AWS Akamai or whatever? OK bad old commies state run bla bla bla back to 60s LOLz...
    williamlondon
  • Reply 18 of 46
    gatorguygatorguy Posts: 24,176member
    JWSC said:
    gatorguy said:
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. 
    Are you honestly suggesting Apple has given Russia access to everyone's encrypted iMessages, and not told anyone? Is that honestly what you're suggesting?

    Man, who pays you to drop such copious amounts of FUD pellets on everything Apple? What do you get out suggesting such nonsense?
    If Apple still runs the Russia service once the changeover is in full effect then no I don't think Apple would turn over any messages that were not already existing in the users Cloud account.

    BUT If they do as they did in China and turn it all over to a Russian agency, no longer even branded as an Apple service, then of course it would not be Apple making the choices. Clean hands 
    Yours is a very bold claim: iCloud run and monitored by Chinese agency ! Any link for that? All the Chinese wanted from Apple was keeping the servers in mainland China...
    Read it and weep.

    https://www.google.com/amp/s/www.theverge.com/platform/amp/2018/7/18/17587304/apple-icloud-china-user-data-state-run-telecom-privacy-security
    So what? How it is different from renting storage space from AWS Akamai or whatever? OK bad old commies state run bla bla bla back to 60s LOLz...
    Oh, it's a LOT different. Apple doesn't hand over their cloud service for AWS to operate.

    So no followup comment after reading my link, and directly from the horse's mouth, Apple themselves?
    edited May 2019
  • Reply 19 of 46
    gatorguygatorguy Posts: 24,176member
    tzeshan said:
    gatorguy said:
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. 
    Are you honestly suggesting Apple has given Russia access to everyone's encrypted iMessages, and not told anyone? Is that honestly what you're suggesting?

    Man, who pays you to drop such copious amounts of FUD pellets on everything Apple? What do you get out suggesting such nonsense?
    If Apple still runs the Russia service once the changeover is in full effect then no I don't think Apple would turn over any messages that were not already existing in the users Cloud account.

    BUT If they do as they did in China and turn it all over to a Russian agency, no longer even branded as an Apple service, then of course it would not be Apple making the choices. Clean hands 
    Of course Apple will give access to Chinese government if requested. Because it is Chinese laws. Apple has said it obeys laws of government for the country it do business with. There are so many examples. 
    Apple no longer has to give approval to turning anything over to the Chinese government that's stored or taking place "in the cloud". It's out of their hands, they look to GCBD now. I suspect that's the intent of the new Russian laws too but I haven't had a chance to look into that as deeply. 
    edited May 2019
  • Reply 20 of 46
    macplusplusmacplusplus Posts: 2,112member
    gatorguy said:
    gatorguy said:
    gatorguy said:
    I am sure this key would ‘leak’ on the black market just like how CIA’s or NSA’s malware is being to damage American cities.
    In fact I'm wondering if this is already in play in a couple of other countries.  It would explain how Apple iMessage has escaped the same fate of the other encrypted messaging services who have refused to cow-tow in China and Russia. 
    Are you honestly suggesting Apple has given Russia access to everyone's encrypted iMessages, and not told anyone? Is that honestly what you're suggesting?

    Man, who pays you to drop such copious amounts of FUD pellets on everything Apple? What do you get out suggesting such nonsense?
    If Apple still runs the Russia service once the changeover is in full effect then no I don't think Apple would turn over any messages that were not already existing in the users Cloud account.

    BUT If they do as they did in China and turn it all over to a Russian agency, no longer even branded as an Apple service, then of course it would not be Apple making the choices. Clean hands 
    Yours is a very bold claim: iCloud run and monitored by Chinese agency ! Any link for that? All the Chinese wanted from Apple was keeping the servers in mainland China...
    Do long-time AI members here even bother with research anymore? It is no longer Apple iCloud in China. The new service is called  "iCloud operated by GCBD" and any user agreements are between them and AIPO CLOUD (GUIZHOU) TECHNOLOGY CO., LTD. Apple no longer has control nor offers any privacy guarantees to the user themselves, for the obvious reason it's not their service even if it is their device with the service built in. 

    https://support.apple.com/en-us/HT208351

    "iCloud services in China mainland are now operated by Chinese internet services company Guizhou on the Cloud Big Data Industrial Development Co., Ltd., (GCBD). This allows us to continue to improve iCloud services in China mainland and comply with Chinese regulations.

    iCloud services and all the data you store with iCloud, including photos, videos, documents, and backups, will be subject to the new terms and conditions of iCloud operated by GCBD."

    A very recent event from two months ago, published March 31, 2019. Keep up the good work you do your job well.

    So, Apple does no longer provide iCloud services in China as we know it. All its role seems to be reduced to providing OS support to the Chinese iCloud on its devices. You still need to explain how you correlate that business model change with suggested British evasive maneuver over encryption...
Sign In or Register to comment.