Meredith Whittaker Reaffirms That Signal Would Leave UK If Forced By Privacy Bill (techcrunch.com) 69
Meredith Whittaker, the president of the Signal Foundation, which maintains the nonprofit Signal messaging app, reaffirmed that Signal would leave the U.K. if the country's recently passed Online Safety Bill forced Signal to build "backdoors" into its end-to-end encryption. From a report: "We would leave the U.K. or any jurisdiction if it came down to the choice between backdooring our encryption and betraying the people who count on us for privacy, or leaving," Whittaker said. "And that's never not true." The Online Safety Bill, which was passed into law in September, includes a clause -- clause 122 -- that, depending on how it's interpreted, could allow the U.K.'s communications regulator, Ofcom, to break the encryption of apps and services under the guise of making sure illegal material such as child sexual exploitation and abuse content is removed.
Ofcom could fine companies not in compliance up to $22.28 million, or 10% of their global annual revenue, under the bill -- whichever is greater. Whittaker didn't mince words in airing her fears about the Online Safety Bill's implications. "We're not about political stunts, so we're not going to just pick up our toys and go home to, like, show the bad U.K. they're being mean," she said. "We're really worried about people in the U.K. who would live under a surveillance regime like the one that seems to be teased by the Home Office and others in the U.K."
Ofcom could fine companies not in compliance up to $22.28 million, or 10% of their global annual revenue, under the bill -- whichever is greater. Whittaker didn't mince words in airing her fears about the Online Safety Bill's implications. "We're not about political stunts, so we're not going to just pick up our toys and go home to, like, show the bad U.K. they're being mean," she said. "We're really worried about people in the U.K. who would live under a surveillance regime like the one that seems to be teased by the Home Office and others in the U.K."
I'm assuming people... (Score:2)
Let's face it, it's not as if this law's gonna be a huge blow to criminal gangs, is it?
Re:I'm assuming people... (Score:5, Insightful)
Laws like this are about Control. Of everyone.
Criminals are irrelevant. They won't pay attention to laws anyway, and lawmakers know that. Doesn't deter lawmakers because see above.
Re:I'm assuming people... (Score:5, Insightful)
Indeed. This is not about criminals at all. This is about mass-surveillance on one side and the threat to everybody that they could be surveilled, so they self-censor. Hence this is probably mostly about creating chilling effects.
Never attribute to malice that which is.. (Score:3)
... adequately explained by stupidity.
The British Govt is Vote Leave, the imbeciles who were convinced that putting trade sanctions on yourself aka Brexit was a good idea, indeed the Harder the Brexit the better.
Liz Truss was told about 20x by the current PM that her "borrow to give money to the rich" plan would cause much higher interest rates and probably not work in boosting the economy. She actually crashed the bond markets and the Bank of England had to clean up her mess. She was forced out 1.5 mont
Re: (Score:2)
There are plenty of child protection agencies who support the backdoor measure. Nobody ever accused them of being good at cryptography.
There is plenty of evidence (Five Eyes, PRISM, FISA courts, etc.) that "workarounds" can and has lead to massive abuse far beyond the advertised goal.
Had those asking now for backdoors not fucked themselves by thine own hand, we citizens might be more supportive of such measures to combat harm.
Re: (Score:2)
Criminal gangs are already doing criminal things. They are committing bigger crimes than running an "illegal" service on their computers. If you plan to rob a bank, do you care about the parking ticket your getaway car might get for standing in the no-parking zone?
Re: (Score:3)
Re: (Score:2)
And how do you plan to even know that someone is using encryption you can't break? That's no encryption, that's just a protocol you don't know. It's not my fault that you don't use the same software I'm using!
Re: (Score:3)
It is actually not that simple. A VPN provider will have the same issues as Signal. TOR needs to be used right to be secure and that is not quite as easy as it seems.
Re: (Score:2)
If they are going to outlaw end to end encryption, how long before they out law private vpns?
Re: (Score:2)
They won't outlaw them, just ensure that they can penetrate them at will.
Once encryption is outlawed... (Score:5, Insightful)
...only outlaws will use encryption.
Re: (Score:1)
Re: (Score:2)
And it is easy to implement an end-to-end encryption messaging system given what open source code is already available.
Re: (Score:3, Insightful)
And it is easy to implement an end-to-end encryption messaging system given what open source code is already available.
Funny you should mention this. One thing we know for certain is that a lot of criminals get caught using end-to-end encryption messaging systems not made by a major player. This both through incompetence, EncroChat, Sky ECC, Exclu, have all fallen, or through good ol' fashioned sleight of hand https://en.wikipedia.org/wiki/... [wikipedia.org]
If? (Score:1)
Re: (Score:1)
All of which is completely meaningless. So they leave. So what?
Re: (Score:3)
Re: (Score:3)
"Here's the key to the backdoor: FSCK YOU KING GEORGE THE MAD."
Re:If? (Score:5, Insightful)
"Ofcom can require the use of a technology by a private communication service only by issuing a notice to tackle child sexual exploitation and abuse content under Clause 122. A notice can be issued only where technically feasible and where technology has been accredited as meeting minimum standards of accuracy in detecting only child sexual abuse and exploitation content orders to scan user files."
As I understand it, the legistation opens the door for regulators to demand back doors. But the regulators haven't actually done so yet. They will, no worries, but they haven't yet...
Aha! (Score:2)
...to scan user files ."
So, Signal could just prevent users in the UK from sending/receiving any attachments with their text messages, and they're golden!
Re: (Score:2)
Re:If? (Score:5, Insightful)
The law leaves itup to Ofcom to decide who must comply. If Ofcom never asks, signal doesn't need to do anything. If it does, they can leave or challenge it in court. If the court says they must comply, then they will leave since compliance is out of the question.
The Parliament has opened a huge can of worms for themselves. Ofcom could do them a favor by never asking so the law joins the ranks of kooky laws that are never enforced or they can press the issue and let Parliament catch the eggs with their faces.
Meanwhile, in the unlikely case that Signal has any offices in the U.K. now is the time to close them.
At the end of the day, if asked and affirmed by the court, it's unclear what the government could do if Signal has no business presence in the U.K., especially if they officially state that U.K. citizens are not to use the app. People will anyway, of course, but the law doesn't actually make that illegal. That's where the egg on the face comes in.
At the end of the day, compliance is not even technically possible. End to end encryption prevents even signal from reading the messages. The app is Free Software, so they can't just sneak a back door in without it being quickly found and removed even if they were stupid enough to try (they aren't).
That is best for Signal as well as it's users. If they had the technical ability to share the messages with law enforcement they would be continuously bombarded with requests from every Barney Fife that fancies himself to be the next Eliot Ness.
Re: (Score:2)
The law leaves itup to Ofcom to decide who must comply. If Ofcom never asks, signal doesn't need to do anything. If it does, they can leave or challenge it in court. If the court says they must comply, then they will leave since compliance is out of the question.
The Parliament has opened a huge can of worms for themselves. Ofcom could do them a favor by never asking so the law joins the ranks of kooky laws that are never enforced or they can press the issue and let Parliament catch the eggs with their faces.
Meanwhile, in the unlikely case that Signal has any offices in the U.K. now is the time to close them.
Brexit has already caused this. Companies have been shutting down UK arms left, right and centre.
I suspect that like a similar law that used to exist in Australia, the law will never be used because the minute it is, the company in question will tell OFCOM and/or the UK government to go do one.
They're not going to start arresting people or seizing assets because they didn't create a back door for the government and if the Conservatives were daft enough to even try they'd land the entire country in hot
Re: (Score:2)
If they're not just posturing, they should leave, now.
Why would they leave if they haven't been told to do anything. Also not backdooring an app but instead leaving a market is abiding by the law.
Backdoors not needed. (Score:5, Insightful)
You're much better off putting psychologists and sociologists to work on those methods, than breaking encryption. Humans are the weakest link.
Re:Backdoors not needed. (Score:5, Insightful)
Those methods require work. The U.K. government wants to have no effort one click access to read anything they want 24/7.
Re:Backdoors not needed. (Score:4, Insightful)
This is not about fighting crime. As you rightfully point out, crime can be fought quite conventionally. This is about mass-surveillance, and that cannot be done conventionally as there are too many people to be attacked.
Session is superior to signal (Score:5, Insightful)
For two reasons, session is superior to signal. Primarily is also secure and verified original user, but also anonymous. Too many people try to break security and privacy into two separate things. But they are very closely related and you can not truly have security without also being able to be anonymous if you choose. The fact that signal ties the account to a phone number which is usually tied to a real person or can easily be tied to real person is not acceptable. Two people need to be able to verify that the people that exchange credentials are truly each other after that initial exchange, but they do not need to able to expose the real world identity of the other party if that party chooses not to exposed. Many times it is important that two parties trust the communication between each other but due to circumstances need the security of ensuring that neither side, nor the company creating the software, nor the carriers delivering the traffic can easily work out who the real person is behind the communication.
Re: (Score:2)
verified original user, but also anonymous
That's an oxymoron: you can't be both verified and anonymous.
Re: (Score:3)
It can be, depending on what you mean by anonymous. If you mean that nobody can tell where a message comes from then you're right. When your goal is just to not have any real life names and information attached to it, you're essentially at what registered users are here to the readers. De-facto anonymous, but at the same time you can easily verify whether something was posted by me.
Re: (Score:3)
Re: (Score:1)
For that you use a throw away SIM, and you are done.
Re: (Score:2)
but also anonymous
This is the least desirable feature of a messaging service used for anything other than nefarious activity.
Re: (Score:2)
There are 2 types of channels of communication: Knowing who is talking to whom (most electric/cyber technology) and the dead-drop (where the parties can't identify each other). The dead-drop brings complications to speed, reliability and size, so address-based communication is preferred. Since all addresses are owned, there can never be anonymity: Many 2FA services use that fact as proof of identity.
Session is inferi Re:Session is superior to signal (Score:2)
There is no "government only" backdoor (Score:3)
Imagine your government has access to a backdoor to encryption and can break any encryption. This in turn means that someone has to have access to those keys.
Now imagine someone scooting up to the government agent who has those keys and says things like "You have a nice wife. And really beautiful children. Shame if anything happened to them. Real shame. But you know what, let me have those keys. Don't worry, I won't tell anyone. And your beautiful wife and lovely kids can continue to live".
And if he doesn't comply, he'll be made the example for the next guy getting that offer with a "I heard what happened to your colleague, really terrible that accident. Now I noticed you have a nice wife and some beautiful children, too..."
You think those keys will remain secret for long? Please don't be so naive.
Re: (Score:3)
Occasionally cops get nailed for abusing the resources they can access - usually stalking someone they desire, but sometimes looking for a way to punish someone they don't like. And I would bet absolutely everything I own that the ones we hear about are a tiny fraction of those who do the crime, with most of the occurrences being brushed under the rug or never caught in the first place.
Now imagine cops can read any and all of your communications, instead of just being able to check for criminal records, yo
Re:There is no "government only" backdoor (Score:5, Interesting)
Indeed. Also remember that even the mighty NSA had malware stolen from them a few years back and that Microsoft had a cloud master key (i.e. "crown jewel") stolen from them due to sheer incompetence this year. There is no way to make a system that is connected to the Internet and needs to communicate with lots of other systems hack-proof these days. And then the criminals have that backdoor access too.
Re: (Score:2)
I rather suspect that there are multiple ways to implement a secure system. And that they're all so inconvenient that nobody uses them.
Re: (Score:2)
Theoretically? Yes. Or at least you can come very close by reducing input interfaces dramatically. I once did a mini-study where the only outside connectivity was via serial interface using the rather small Linux serial driver and a very restricted protocol and an otherwise passive MCU watching over the protocol being kept and cutting the connection otherwise. With such a set-up you get a very low residual probability of attackable vulnerabilities being left and even hardware backdoors can be prevented as l
Re: (Score:2)
Imagine your government has access to a backdoor to encryption and can break any encryption. This in turn means that someone has to have access to those keys.
Exactly this. Government is not some magical entity. It is composed of people. Some good, some evil, most just trying to get through the day. Those people will have access to the backdoor. They will get phished. The evil ones will spy on people they don't like. Politicians will want dirt on their rivals. Whatever.
Any politician who voted for this is either technically illiterate or a wannabe totalitarian.
Re: (Score:2)
If you changed your comment to read "Any politician who voted for this is either technically illiterate or a wannabe totalitarian or both", you'd be describing a majority of the Tories, and more than a few Labour MPs.
Re: (Score:2)
Why not both?
Re: (Score:2)
Imagine your government has access to a backdoor to encryption and can break any encryption. This in turn means that someone has to have access to those keys.
Now imagine someone scooting up to the government agent who has those keys and says things like "You have a nice wife. And really beautiful children. Shame if anything happened to them. Real shame. But you know what, let me have those keys. Don't worry, I won't tell anyone. And your beautiful wife and lovely kids can continue to live".
And if he doesn't comply, he'll be made the example for the next guy getting that offer with a "I heard what happened to your colleague, really terrible that accident. Now I noticed you have a nice wife and some beautiful children, too..."ed you have a nice wife and some beautiful children, too..."
You think those keys will remain secret for long? Please don't be so naive.ed you have a nice wife and some beautiful children, too..."
Why do that? Threats may be met by getting law enforcement involved. Cash or blackmail is better. "wouldn't you like to have a nice retirement fund?" or "You know those two hotties you were with last night. Be a shame if your wife found out by watching this video..."That also has teh advantage of making them a willing accomplice or with something to hide, so they are more likely to not turn you in.
You think those keys will remain secret for long? Please don't be so naive.
You think those keys will remain secret for long? Please don't be so naive.
I suspect they'd be compromised in minutes. The power they potentially possess is quite large, and too juic
Re:There is no "government only" backdoor (Score:5, Interesting)
It may not come to that. Someone (yet again) leaves a laptop on the train...
For years, the Italian Mafia listened in on prosecutor's phones using a backdoor in the phone switches that was meant for "lawful intercept" use.
Re: (Score:2)
It will be stupid things like leaving a copy of the keys on a laptop in a cafe.. or someone is paid for a copy of the keys (what do they care as in their mind, its only "those" people that are using it anyway, so no worries on the government side), or hackers breaking in to obtain the keys, or they are on an unprotected AWS/GC/Azure Server, or its simply given to a third party (contractors or integrators) who is subject to all of the above.
In short the second its given to the
Re: (Score:2)
That's not really fair. Only a fraction of the secrets held by the governments (any!) are released unintentionally (i.e. against policy). It's just that the risk is unacceptable given the presumed benefit. (I'm presuming there must be benefits I'm unaware of, and I'll still assert that.)
Obligatory XKCD (Score:2)
Security [xkcd.com]
Re: (Score:2)
Yup, this right there.
Why do you think there is not a single person in our organization that has the Administrator password for our AD? Always takes at least two people.
Just another step in the line (Score:1)
Signal used to double encrypt their database. First with their own RSA implementation, and then within the phone's keystore. Now they only use the keystore, which we know is vulnerable to state hacking
Signal used to offer plausible deniability in the event of search and seizure, because it was capable as acting as the phone's default SMS provider. With that removed, it's easier for tyrannical police to identify a person to interrogate, simply by the presence of Signal being on the phone. Meredith claimed th
What does "leaving the UK" even mean? (Score:2)
Re: (Score:1)
> how can Signal even leave anyplace
Moving everything to some place(s) that are hard to get to, in some uncooperative jurisdiction(s), might help somewhat.
Running the server-side stuff in some form of distributed mode would further fragment what could be extracted from the same place.
SD
Re: (Score:2)
Accessible *now*. UK government can force Google and Apple to block the app in their stores for people in the UK.
Re: (Score:2)
On Android you can get the apk. Hopefully they'll get a clue and build an FDroid version too. GPS notifications are a metadata treasure trove.
Not much you can do for iOS. Apple is Father, Apple is Mother.
Re: (Score:2)
UK government can force Google and Apple to block the app in their stores for people in the UK.
What is a VPN?
What is a quick trip across the Channel to France?
I don't know if Signal message traffic can be identified as such. But the next step would be to block it at the ISP/Cellular provider level.
I'm just kind of "meh" about it. (Score:1)
Dumb-ass British law being what it is (they completely lost me at Brexit), Signal itself is still just "meh" to me. When Signal disabled the trivial but useful application PIN at launch and told me, "just use the android lock mechanism" I was pretty much done with them too. Now it's just another app, not the end-all/be-all. Like "The Great Firewall of China" other solutions will arise for the Brits who still have some brains left and are willing to push back against encryption back doors.
Re: (Score:1)
Good point. Do you have any suggested alternatives to Signal?
Re: (Score:2)
I'm using Session these days. I'm not sure if it has all the features such as video and voice calling, which are both in beta and I haven't tried them, but texting works and sending images works. I know you can send images through it as well. https://getsession.org/ [getsession.org]
I'm not British (Score:3)
and I don't live there. The UK government and "Ofcom" can go fuck themselves.
I am British (Score:4, Funny)
and I live here. The UK government and "Ofcom" can go fuck themselves.
Re: (Score:2)
and I live here. The UK government and "Ofcom" can go fuck themselves.
Pretty much this, except it's not really Ofcom but the UK Conservative government who need to go fuck themselves. They've spent near 15 years cutting budgets of the police at every level to the bone, then getting the angle grinder out to see how much bone they could remove and now try to claim to be the party of law and order by passing bullshit like this. Their time in office cannot end soon enough.
Re: (Score:2)
Well, the Ofcom position is that the right-wing TV news channel "GB News" is not actually a "news" channel, and therefore it's perfectly alright for them to employ sitting Tory MPs to "interview" Tory government ministers...
On that basis alone, Ofcom can fuck off... and then fuck off some more.
So leave (Score:1)