
WhatsApp Encryption Said to Stymie Wiretap Order - danso
http://www.nytimes.com/2016/03/13/us/politics/whatsapp-encryption-said-to-stymie-wiretap-order.html
======
lorenzhs
What the article doesn't make quite clear is that OpenWhipserSystems, the
creators of Signal, partnered with WhatsApp to bring their crypto to WhatsApp.
See
[https://whispersystems.org/blog/whatsapp/](https://whispersystems.org/blog/whatsapp/)
(this was when Signal was still split into TextSecure and RedPhone). The
problem, of course---and the article touches upon that---is that with a closed
source app like WhatsApp you have no way of knowing whether your
communications are actually being encrypted; you have to take their word for
it.

~~~
tshtf
Open source is not a panacea here.

The situation is largely the same with Signal: Unless you manually build and
install Signal yourself, there is no guarantee that the App Store or Play
Store versions are actually built from the source provided by
OpenWhisperSystems.

And even if you compile Signal yourself, there's always "Reflections on
Trusting Trust".

~~~
ex3ndr
If you trust openwhispersystems than on android it is guaranteed to be the
same build that was uploaded. All builds are signed by developer unlike apple
(where you sign builds to prove that this is your build to apple, not to
user).

~~~
ethanbond
"If you trust OpenWhisperSystems" is a pretty huge condition – the exact
condition we're discussing here. The advantage of open source is that you
don't have to trust OWS, you have to trust the source code, which you can do
by auditing it yourself.

~~~
jMyles
> The advantage of open source is that you don't have to trust OWS, you have
> to trust the source code, which you can do by auditing it yourself.

No. That is not the advantage of open source. The advantage is that as long as
_somebody_ audits the code, you don't have to.

And in this case, you don't need to trust OWS to do the right thing, only to
refrain from pushing rogue updates (ie, to only sign versions that are actual
releases). You can still read the code yourself.

~~~
nl
_And in this case, you don 't need to trust OWS to do the right thing, only to
refrain from pushing rogue updates (ie, to only sign versions that are actual
releases). You can still read the code yourself._

You've missed the subtleties around the word "trust" in the context. You don't
need to trust that the WhatsApp people are nice, or want to do what is right.

You need to trust that they and Google haven't been legally compelled to push
a "rouge" update - perhaps only to you. Don't forget there is nothing
technically stopping a uniquely compiled update being pushed to a single
account holder.

The only protection against this is 3rd party auditing and checking the
signatures yourself, and that the 3rd party is completely located in a
jurisdiction where they are unlikely to be legally compelled to comply with an
order that applies to WhatsApp and/or Google.

------
patrickaljord
Unless it's opensource, it can't be trusted. Not saying it is enough, but it
is a requirement. But that's not enough, any smartphone OS maker (google and
apple) can be ordered to install a Trojan by force and keylog everything. So
you'd need something like [http://www.replicant.us/](http://www.replicant.us/)
I guess and compile it yourself if you're completely paranoid. Even then,
there could be a keylog in the hardware directly talking to the bios.

tl;dr: if you want complete risk-free privacy, a smartphone is probably not
what you want. I use a smartphone myself by the way, just saying.

~~~
nickpsecurity
That's not true: strongest products ever made were high-assurance closed
source. There's also been strong FOSS apps. Most apps, open or closed, are
insecure due to lack of rigor or specialist skill. Key things are right
development, review, and distribution.

I broke it down in the essay below:
[https://www.schneier.com/blog/archives/2014/05/friday_squid_...](https://www.schneier.com/blog/archives/2014/05/friday_squid_bl_424.html#c6051639)

Review and identification/possession of what was reviewed are important
points. Mass publication or distribution of source hasn't proven to be a
determining factor.

~~~
zanny
> strongest products ever made were high-assurance closed source

Because we never found the backdoors put in place by the developers does not
mean they were not there, and without source access we have absolutely no
reason to believe anyone when they say there are none.

~~~
nickpsecurity
High assurance prevents that by full specs of all success and failure states,
modular code, avoidance of dangerous constructs, covert channel analysis,
testing of execution paths, pentesting with source, and so on.

You could conceivably slip a backdoor in with extra cleverness sure. Yet,
whether OSS or closed, you depend on talent of reviewers to find it for you.
High-assurance closed has most labor put into that. That's why it was more
secure. Aside from activities described above that were mandatory for high
assurance security but optional or ignored for the rest.

------
stryk
I'd be interested to find out how many actually legitimate terrorist plots
have been foiled because of NSA/government eavesdropping. I'd bet it's
staggeringly low, if not 0. I'd put money on single digits, easily. It seems
like the vast majority of good & concrete actionable intelligence found in
these cases are the results of good old-fashioned police work. I mean, they
have already caught these people (or, as in the case of San Bernadino, the
suspects are dead) -- so now they just want what?... more evidence against
them, links to other people/suspects, etc? It seems lazy and/or a lie that
they couldn't gather this info with, y'know, investigative police technique.

~~~
danieldk
I think this is a very good question, but numbers given by officials will be
difficult to verify.

It seems that the problem with foiling terrorist plots is not the amount of
information that is available, but the inability to connect the dots:

[http://www.theguardian.com/world/2015/nov/16/french-and-
belg...](http://www.theguardian.com/world/2015/nov/16/french-and-belgian-
intelligence-knew-paris-attackers-had-jihadi-backgrounds)

If anything, they should be asking (at least in Europe) for more personnel to
keep better track of possible terrorists, because that is what has failed
here. Another problem is that some countries have cut budgets of
deradicalization programs and local eyes and ears since the mid-2000's.

As we all know, the terrorist attacks are just a convenience for asking
backdoors. Each opportunity is exploited.

------
tankm0de
The long term problem for broad adoption of end-to-end encrypted mobile
messaging is closed software ecosystems; the government will just pass a law
to force Apple & Android App stores to stop distributing apps like WhatsApp
that facilitate it. Game over.

add:

I suspect that code itself and the act of posting it on the internet could be
interpreted as free speech. Even if not, it would difficult to stamp it out
from international sites or bit-torrent. Distributing via an App "Store", even
for free, could be more likely to be construed as commerce, which is already
heavily regulated and for less important reasons than criminal/terrorism
investigations. Google and Apple as large public corporations have fiduciary
duty to their stockholders to protect their profits, which the US government
can easily threaten. So there's a big weak link (and an easy lever for
government to pull on) in the closed distribution of secure communications
code.

~~~
simoncion
Such a law may well be unconstitutional. I would expect Apple and Google to
forcefully petition for an injunction (or whatever) that would prevent FedGov
from prohibiting them to distribute such software until the constitutionality
case was decided.

~~~
coldcode
I expect the government to eventually under NSL demand the source code be
given to them along with any necessary keys. The question at that point is do
the targets say no. This of course would create standing to challenge the
constitutionality of secret courts and NSLs and the like which I don't think
the DOJ and FBI want to lose.

~~~
tankm0de
In end-to-end encryption the private keys are on the user's phone. The point
of a wiretap is not to let the target know you're listening. Having the code
source + user's public keys from WhatsApp is of no help in decrypting.

~~~
simoncion
Yup. E2E crypto with keys stored on the conversing devices shuts down _all_
MitM attacks. It doesn't stop targeted attacks (warranted or unwarranted), but
I expect that law enforcement considers passive data scraping to be much less
serious than targeted surveillance.

------
kabdib
Hmmm ... is that a real, statutory wiretap? Like, to an actual and regulated
telecommunications provider? Or is DOJ skating by on "quacks like a duck"
orders? CALEA was limited for a reason (I imagine they really want to change
that).

AFAIK pen-register and similar wiretappy things are only applicable if you're
a phone company, or very much like one. If you just ship an app and handle
packets, that's a different story.

~~~
elpool2
The article doesn't really provide many details so it's hard to tell. I don't
think they can order a wiretap under CALEA since, like you said, that only
applies to telecom providers. And even if they determined that WhatsApp was a
de facto telecom, CALEA still has exceptions for end-to-end encryption.

------
Kenji
Sad. I'd argue that end-to-end encryption is one of the strongest principles
of privacy in the history of mankind. I would have loved to see widespread
adoption. It is obvious that the state pushes against it. But we must win. We
probably won't though.

~~~
studentrob
Not with that attitude!

Contact your representatives, tell them how you feel. Share information with
your friends and coworkers. The public wants data security. On balance,
backdoors will make us less secure. A few representatives like Lindsey Graham
have already changed their minds when presented with new information. [1]

[1]
[https://youtu.be/uk4hYAwCdhU?t=1m44s](https://youtu.be/uk4hYAwCdhU?t=1m44s)

------
mbenjaminsmith
I think it's surprising / disturbing that the discussion here is centered on
the importance of open sourced _apps_. What security does an open source
encryption app offer when it's running inside a closed hardware / software
platform that has direct access to your messages in the clear before they're
encrypted and after they're decrypted. If Apple (not picking on them I'm just
an iPhone user) wants to or is compelled to monitor what you're doing on your
phone they can. Period. End of discussion.

As a thought experiment I think it's valuable to consider what secure
messaging over an iPhone would look like. It's actually very simple, just very
inconvenient. You encrypt your messages on another, air-gapped computer with
known and trusted hardware (a Raspberry Pi works). From there you deliver your
encypted text over the phone via whatever channel is convenient -- SMS,
Facebook, Twitter, etc. On the receiving end you do the reverse.

If you're not doing that then your communication is theoretically and
practically insecure. Discussion of the security of encypted messaging apps is
not only worthless it's actually dangerous. It's security theater and takes
the focus away from the actual issues -- at best, at worst it convinces people
that insecure channels are secure.

I can't figure out if this is lost on most people, they're in denial or if
there is actually a concerted effort to mislead. Smartphones -- and most
computers -- are insecure by definition. People need to understand that and
act accordingly if privacy is important to them.

~~~
nickik
You are missing one impotent aspect. The problem is that this is a war of
resources. In the end a government can almost always get access to the end
user device.

What we have to fight first is the dragnet. Government just sucking up all
communication. This can be archived by end to end encryption even if the
computer used are not secure. This forces government to compromise every
individual enduser device, such action is impossible on the scale that they do
now.

This means the have to limit the amount of people they attack. Once we have
archived that, we need to massively improve on end user device security.
Secure elements and separate smart cards are decently the future.

Having a trusted Smart card for your encryption needs is decently the future.
I already use a Yubikey over NFC when sending email.

You need to stop thinking about absolute security and start thinking about the
cost of mass surveillance.

------
avmich
Why nobody talks about steganography? Even if there are laws forbidding
cryptography, the interested parties can use that today, if they have
plausible deniability.

That's in the worst case when majority doesn't care, minority isn't strong
enough and there aren't enough education about how to implement cryptography
reliably in the absence of companies which would offer the product.

~~~
nickik
Im glad that steganography exists but the fight we are fighing, is about the
large public. I have no dought that with Open Hardware, Open Source,
Smartcards, Tor and a lot more, I will always be able to hid my most important
message I send to a simularly connected friend.

However that is not usuable for most people and such products will have a hard
time taking over majority market share.

------
natch
>Jan Koum, WhatsApp’s founder, who was born in Ukraine, has talked about his
family members’ fears that the government was eavesdropping on their phone
calls.

And the Ukraine government is not the only government that might be suspected
of having shenanigans, whether officially or done by rogue agents.

Even our own FBI has been infiltrated by rogue agents, such the case of an
illegal immigrant who managed to become an FBI agent and was trying to get
information on their investigation of Hizbollah, as documented on their own
web site:

[https://www.fbi.gov/news/stories/2007/november/prouty_111307](https://www.fbi.gov/news/stories/2007/november/prouty_111307)

Of course the majority of the people there are great people doing a good job.
But extending trust to them does not protect the users' interest in privacy
and more importantly safety.

------
randyrand
Are wire tap orders mandatory? Or is it just permission to wiretap...

If you can't succeed in wiretapping you aren't penalized right?

------
doctorshady
Didn't they do something like this with Skype years ago?

------
denzil_correa
So, there are two end positions - Apple/WhatsApp on one end and the FBI on the
other. Is there a third one we aren't looking at? Obama and FBI director want
a "middle ground". Is there a middle ground?

Since the US govt helped develop the technology behind WhatsApp encryption,
now might be a good time to put money into developing a technology that
creates a "middle ground".

~~~
junto
You have to trust the government to have a middle ground. It has been shown
again and again that we cannot trust them.

Even if we trust one government, it doesn't mean you can trust the next one.

If the USG force the US tech companies to provide a backdoor, then the
technology is out there in order for non-US tech companies to pick up where
they have left off.

It is a battle the USG cannot and should not win.

Trust the maths. Thank you Snowden for showing us the light.

~~~
mike_hearn
Bingo. Obama, Clinton and the rest keep asking for Silicon Valley to find some
workable compromise and getting frustrated at the "absolutism". But they don't
have enough self insight to see that they're guilty of the exact same thing.

In a world where governments were transparent and government employees were
robustly held to account for transgressions of clearly written laws, I doubt
many in the Valley would be putting so much effort into e2e encryption. It'd
be like the world pre-Snowden, or the telcos, where companies just complied
with warrants and orders and didn't see any big problem with that.

The problem is the Snowden affair showed that governments are utterly
incapable of handling the power they temporarily obtained via subterfuge,
utterly uninterested in holding people like Clapper to account, and generally
don't seem to care about whether the people trust them or not. Standoffs like
this are the inevitable end result.

If there was trust, there'd be a lot of technical solutions. Like just not
employing E2E crypto to start with. SSL would be enough.

------
gtirloni
Couldn't these companies use a public/private key to encrypt a special message
that their apps could receive and verify it's signed by the mothership and
then proceed to relay message or send unencrypted traffic? I mean, there are
technical ways to make this work in a secure way (maybe not using my example).

This discussion seems old and all safeguards are supposed to be in the law
(warrants and other legal devices), IN SOME COUNTRIES. And here's the key of
this discussion, should FB/WhatsApp and other be above the law? Why is the
government being so careful with them and it wouldn't be if this was, say,
Verizon withholding phone records in a specific case if there was a warrant?

~~~
elpool2
They are not "above the law" because there is no law that they've actually
broken. As far as I can tell there's no law against providing secure end-to-
end encryption to your customers, and no law requiring that encrypted
connumication be tappable.

