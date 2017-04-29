Become a fan of Slashdot on Facebook

 


Encryption United Kingdom Privacy News

Posted by EditorDavid
Bruce66423 brings word that a terrorist's WhatsApp message has been decrypted "using techniques that 'cannot be disclosed for security reasons', though 'sources said they now have the technical expertise to repeat the process in future.'" The Economic Times reports: U.K. security services have managed to decode the last message sent out by Khalid Masood before he rammed his high-speed car into pedestrians on Westminster Bridge and stabbed to death a police officer at the gates of Parliament on March 22. The access to Masood's message was achieved by what has been described by security sources as a use of "human and technical intelligence"...

The issue of WhatsApp's encrypted service, which is closed to anyone besides the sender and recipient, had come under criticism soon after the attack. "It's completely unacceptable. There should be no place for terrorists to hide. We need to make sure that organisations like WhatsApp, and there are plenty of others like that, don't provide a secret place for terrorists to communicate with each other," U.K. home secretary Amber Rudd had said.
Security sources say the message showed the victim's motive was military action in Muslim countries, while the article adds that though ISIS claimed responsibility for the attack, "no evidence has emerged to back this up."

  • Bullshit. (Score:3, Insightful)

    by Frosty Piss ( 770223 ) * on Saturday April 29, 2017 @12:44PM (#54325365)

    The claim is dubious. Why would they inform all the Terrorists that they can decrypt WhatsApp with ease? They wouldn't. The reason for the "disclosure" is to influence Terrorists to use some other - perhaps less secure - means of communication because they CAN NOT decrypt WhatsApp.

    • Re: (Score:1)

      by Anonymous Coward

      It's possible that they didn't actually decrypt anything and, instead, managed to get into the phone. If the terrorist didn't secure his phone, then whatsapp could easily be opened and messages read. They had access to his phone, that was stated in the article.

      • Re: (Score:2)

        by janoc ( 699997 )

        That. Or simply retrieved the content from some temporary file/cache/whatever Whatsapp uses. Another possibility is that they simply got the content from whoever the message was sent to - which would explain the "human intelligence" (aka interrogating someone) part.

        • Lookup information on Open Whisper end-to-end encryption, which is what WhatsApp uses. You will see that the whole point of the system is to prevent police from "simply" doing what you have said. There are no unencrypted temporary files, caches, etc.

          Getting the contents from the recipient is a valid possibility however without defeating the technology.

          • How do you know that is what WhatsApp uses? It is closed source. They could be doing anything, no matter what they CLAIM they are using. They could be sending all of your messages directly to the NSA. Why do people trust closed source apps?
      • exactly. physical security is the first security. given that was compromised. It seems more likely that was the vector they used.

    • They want you to think that they think they can trick you to using what's app by saying they can decrypt it when they can so that you will think they are saying they can decrypt it so you will think they can't because they are saying they can.. And yes that also makes no sense, just like your post.

  • WhatsApp backdoor. Can be nothing else.

  • "It's completely unacceptable. There should be no place for terrorists to hide. We need to make sure that organisations like WhatsApp, and there are plenty of others like that, don't provide a secret place for terrorists to communicate with each other,"

    It is completely unacceptable that history majors like Amber Rudd, who evidently has not the slightest understanding of technology, end up in positions like Home Secretary. or "Secretary of State for Energy and Climate Change". Rudd seems to be an object less

  • Regardless if the claim is true or not, all your data and messaging should be encrypted at all times PERIOD! I will gladly accept terror acts for the right to have my data protected and safely stored. Across all my computers and my phone, everything is encrypted when possible, including my emails, which are sent from a encrypted provider, my SMS messages, which are sent encrypted and almost everything else I do. Encryption is a right to not have your data / personal information exposed and one that must

  • Huh? crooks in brazil do this all the time (Score:1)

    by Anonymous Coward

    (OBNOTE: they might have done something far different, but this is one way it could be done -- and it is being done in Brazil):

    1. Clone the victim's phone line (not chip, not iemsi, you just need to reassign its phoneline. Costs about US$100 in Brazil to get a sleazy, disgruntled phone-company-cellphone-outlet employee to do it for you).

    2. Using the rogue SIM that has the victims' phone number active for a while, install whatsup. Do the SMS verification, it will pass. And yes, that *does* mean you could

  • I must assume that the phrase 'the victim's motive' in the summary should be 'the terrorist's motive'.

  • If there's no place for terrorists to hide (Score:4, Insightful)

    by HalAtWork ( 926717 ) on Saturday April 29, 2017 @01:04PM (#54325459)

    If there's no place for terrorists to hide then there's no place for *anyone* to hide, and that is unacceptable considering how valuable it is to hide from oppression or the abusers of the system used to ensure there are no hiding spots, those who operate the system are disproportionately advantaged and with access comes the capability of concealing themselves, censoring, framing content and concealing context, etc.

    This idea is ridiculous and imbalanced off the bat.

  • Here's the original article [independent.co.uk] that this is all based on.

  • They had a specifically targeted phone, they used "human and technical intelligence" to get into it. No broad request (specifically from them, anyway, in this case) to compromise everyone else's personal privacy and financial security in pursuit of their goal.

    On the face of it, at least, this seems to be what I would want them to do.

  • You don't know what the WhatsApp "app" is doing. It is closed source. It could be sending all your messages directly to the NSA. Why would you trust your communications to closed source running on a megacorporations system?

