Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Encryption Facebook Social Networks

Is Facebook Planning on Backdooring WhatsApp? (schneier.com) 131

Bruce Schneier: This article points out that Facebook's planned content moderation scheme will result in an encryption backdoor into WhatsApp: "In Facebook's vision, the actual end-to-end encryption client itself such as WhatsApp will include embedded content moderation and blacklist filtering algorithms. These algorithms will be continually updated from a central cloud service, but will run locally on the user's device, scanning each cleartext message before it is sent and each encrypted message after it is decrypted. The company even noted. that when it detects violations it will need to quietly stream a copy of the formerly encrypted content back to its central servers to analyze further, even if the user objects, acting as true wiretapping service. Facebook's model entirely bypasses the encryption debate by globalizing the current practice of compromising devices by building those encryption bypasses directly into the communications clients themselves and deploying what amounts to machine-based wiretaps to billions of users at once."

Once this is in place, it's easy for the government to demand that Facebook add another filter -- one that searches for communications that they care about -- and alert them when it gets triggered. Of course alternatives like Signal will exist for those who don't want to be subject to Facebook's content moderation, but what happens when this filtering technology is built into operating systems?
Separately The Guardian reports: British, American and other intelligence agencies from English-speaking countries have concluded a two-day meeting in London amid calls for spies and police officers to be given special, backdoor access to WhatsApp and other encrypted communications. The meeting of the "Five Eyes" nations -- the UK, US, Australia, Canada and New Zealand -- was hosted by new home secretary, Priti Patel, in an effort to coordinate efforts to combat terrorism and child abuse.
UPDATE: 8/2/2019 On Friday technologist Bruce Schneier wrote that after reviewing responses from WhatsApp, he's concluded that reports of a pre-encryption backdoor are a false alarm. He also says he got an equally strong confirmation from WhatsApp's Privacy Policy Manager Nate Cardozo, who Facebook hired last December from EFF. "He basically leveraged his historical reputation to assure me that WhatsApp, and Facebook in general, would never do something like this."
This discussion has been archived. No new comments can be posted.

Is Facebook Planning on Backdooring WhatsApp?

Comments Filter:
  • That's okay (Score:4, Funny)

    by Anonymous Coward on Thursday August 01, 2019 @12:28PM (#59023758)
    I plan on backdooring Zuck's mom
  • by BringsApples ( 3418089 ) on Thursday August 01, 2019 @12:31PM (#59023774)

    ...people will finally stop using facebook. Thank GOD that's over...

    • Re: (Score:3, Funny)

      by jfdavis668 ( 1414919 )
      Ok everyone, let's go back to My Space. Tom misses us.
    • Re:Awesome, now... (Score:4, Insightful)

      by mark-t ( 151149 ) <markt AT nerdflat DOT com> on Thursday August 01, 2019 @01:00PM (#59023958) Journal
      It's a safe bet that most of the people using Facebook don't actually care enough about the privacy of their communications using the service to worry about it.

      The groups that really do care will probably just use their own end-to-end encryption, and if they are smart about it, it won't even be detectable as anything out of the ordinary unless you already knew exactly where to look and when.

      • It's also a safe bet that there's already back doors in place somewhere in the communications system that already allows eavesdropping on Whatsapp communions.
      • by Anonymous Coward

        The nice thing about "doing the snoooing on the user's device", is that we can modify the binary. NOP out a call, similar to how we defeated copy protection on games in the 90s.

        Perhaps a little harder, but only one needs to succeed, and may then share the modded binary. Have fun writing " cunt" on facebook...

      • On the flip side people have been using WhatsApp precisely *because* of its encryption and the service has been a continued target for governments to get access to because of it, see comments from India, Australia, and Brazil governments just to name the ones off the top of my head.

  • by Anonymous Coward

    "...what happens when this filtering technology is built into operating systems?"

    You build it from source and leave that part out?

  • by JustAnotherOldGuy ( 4145623 ) on Thursday August 01, 2019 @12:33PM (#59023794) Journal

    Nothing to worry about, I'm sure Facebook would never abuse this amazing god-like power. And they certainly wouldn't cooperate with law enforcement to leverage this perfect, built-in wire-tapping capability.

    Rest easy, Citizen!

  • What will happen? (Score:5, Insightful)

    by smoot123 ( 1027084 ) on Thursday August 01, 2019 @12:36PM (#59023806)

    I'd imagine anyone who actually cares about securing their communication will employ open-source, purely peer-to-peer apps which use sockets and nothing else.

    RMS has a point here: I can only trust code where I can read all the source.If I really care about privacy, I can't depend on Google, FB, Twitter, or anyone else.

    That won't be as convenient as WhatsApp but there it is.

    • by Anonymous Coward

      Why in the world are you trusting compilers to not inject anything? The source may be "clean" but there's no guarantees on the ending executable.

      • I'll compile it by hand using knitting needles, just like granny used to do.

        • No need to go low tech. Just use core memory and code with magnets the way the FSM intended.

          • No need to go low tech. Just use core memory and code with magnets the way the FSM intended.

            I don't need Ethernet either. I whistle into the phone to talk to modems.

      • Re:What will happen? (Score:4, Informative)

        by AleRunner ( 4556245 ) on Thursday August 01, 2019 @01:41PM (#59024132)

        Why in the world are you trusting compilers to not inject anything? The source may be "clean" but there's no guarantees on the ending executable.

        You need to read David A. Wheeler’s Page on Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) - Countering Trojan Horse attacks on Compilers [dwheeler.com]. You also need to know that this is actually practical with GCC which can be built both with its self, with clang and with a GCC which has been built with clang which in the end will mean that the final two products (GCC built with GCC and GCC built with GCC built with clang) will be bit for bit identical.

        • by mysidia ( 191772 )

          So your trojan developer needs a clang such that when GCC is built with it... the binary output of clang contains tampering which is transitively self-duplicating in that it will also cause the result of running that binary to compile GCC source to emit the same tampered-with binary as clang had emitted, and of course further iterations of compiling the GCC source using the resulting binary.

          • So your trojan developer needs a clang such that when GCC is built with it... the binary output of clang contains tampering which is transitively self-duplicating in that it will also cause the result of running that binary to compile GCC source to emit the same tampered-with binary as clang had emitted, and of course further iterations of compiling the GCC source using the resulting binary.

            There's a bit more to it, but, as Bruce Schneier points out you don't need a modern, high performance C-compiler just one that works [schneier.com] so you can use one built in hand compiled assembly on top of vacuum tubes and discrete logic that you can measure yourself if you really feel the need.

        • by epine ( 68316 )

          Man, somewhere in the deep, dark past—possibly as far back as the 1980s—I had the bones of DDC figured out within hours of first discovering Thompson's On Trusting Trust.

          A more formal work-up might have earned me a PhD, and I probably had twenty years to get there. If only I had known.

          I remember my psychological state fairly well: "oh, ho ho—here's something that's not stupid."

          I didn't give out a "not stupid" gold star any old year, but Thompson cleared the bar in just a few paragraphs. T

          • by epine ( 68316 )

            Just to make things a bit more clear: the only insight required to formulate DDC is that Thompson's paper fundamentally exploits the reigning software-development monoculture of the era.

            What "do one thing, and do it well" actually meant in the 1970s and early 1980s: "write one thing once, to do one thing well".

            The economics were against trying to scrounge up enough disk space to host a second full compiler. On one of my early work terms, my employer actually had the IBM XT with the early 10 MB hard drive.

    • by Rexdude ( 747457 )

      I'd imagine anyone who actually cares about securing their communication will employ open-source, purely peer-to-peer apps which use sockets and nothing else.

      *laughs in Network Effect*

      Good luck convincing your friends and family to ditch Facebook and Whatsapp for Signal or whatever else you had in mind. Unless you communicate exclusively with security researchers & experts.

      • No doubt. I don't think my family or friends care much about security or privacy. They (and TBH, I) put a higher value on convenience.

        (Remember when Apple went mano a mano with the FBI about decrypting a phone? I'm still surprised they did. That's the last time I remember a company with a large non-tech user base actually taking a risk so they could sell privacy and security as a mass-market feature. Anyone remember any others? Does WhatsApp actually put "And all your communication is securely private" in t

        • by Rexdude ( 747457 )

          That's the last time I remember a company with a large non-tech user base actually taking a risk so they could sell privacy and security as a mass-market feature

          Pays to realize they did it not out of the goodness of their hearts but because their business model doesn't involve pandering to advertisers and having to snoop on everything and moderate it so that said advertisers don't inadvertently get associated with edgy/racy/obscene content. If you design a system where all the encryption takes place on the

          • Pays to realize they did it not out of the goodness of their hearts...

            Absolutely. Apple concluded it was in their best interest to sell a product which secured their customers' data, and that it was better to depend on the end user as a customer, not a third party like an advertiser.

            Depending on someone's profit motive is much more reliable than depending on their good nature.

  • Already done (Score:5, Insightful)

    by marcle ( 1575627 ) on Thursday August 01, 2019 @12:36PM (#59023814)

    What the heck, we already carry a location beacon filled with sensors that also contains all our contacts and private messages, and we even pay a lot of money to buy it and maintain the communication link.

    Not to mention the listening devices scattered around our houses, which we again have been induced to pay for.

    Most people will claim, "I don't care. I don't have anything to hide." It's like the old parable about putting a frog in a pot of cold water, and then slowly heating it. By the time the frog realizes what's happening, it's too late.

    • by Chromal ( 56550 )
      Sounds like someone has poor InfoSec hygiene on their smartphone... :P
      • If your phone was lawfully sold in the United States, it's factory p0wned at the hardware level. Thanks to the CALEA law signed by Bill Clinton.

    • by fenrif ( 991024 )
      Why do you have all these things if you don't want them or like them?
  • by Anonymous Coward on Thursday August 01, 2019 @12:39PM (#59023828)

    The LUDDITES at LUDDITE Facebook are destroying modern appy AppsApp because they're too stupid to know how to app apps while apping other apps!

    Apps!

  • I mean, how many whacks to the back of your head with a clue-by-four will it take to stop your self-loathing? Facebook was a bad idea fifteen years ago, and the veil has been lifted more and more as time has gone on-- it's not just a bad idea, it's actually an attack upon liberty, freedom, civilization, and most certainly the Internet itself. Zuckerberg is a criminal scumbag and deserving of the gallows for his role in any number of conspiracies to undermine liberal democracy and desecrate pivotal universal
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      You'd be surprised by the amount of people out there who don't know that Facebook own WhatsApp.

  • Comment removed (Score:5, Interesting)

    by account_deleted ( 4530225 ) on Thursday August 01, 2019 @01:08PM (#59023980)
    Comment removed based on user account deletion
  • FB Messenger currently allows fully-secure e2e, in crypto terms, but they give themselves an encrypted copy any time somebody clicks "report message".

    See 'abuse reporting' :

    https://fbnewsroomus.files.wor... [wordpress.com]

    and be wary of conflating 'e2e' with 'private' in all cases.

  • Time to update everybody in my family to Signal I guess.

  • Comment removed based on user account deletion
    • by Anonymous Coward

      Right now in Brazil there is this *huge* scandal where the Minister of Justice(and a lot of prosecutors too) Telegram chat history has been compromised. The logs are being published by The Intercept Brazil (from that guy Glenn Greenwald) and are causing a lot of fuss.

      A (now minister of justice) judge colluded with the prosecutors to put one of(and first in the race at the time) the presidential candidates in jail.

      How did they hack it? Well a telephony hack:

      • They spoofed the cellphone
      • gained access to its
  • Everyone mentions the case of privacy and governments wondering if you are plotting against them, but few realize the most obvious temptation of industrial espionage and theft of confidential information. As an example, it is common practice today to exchange information between company directors using whatsapp, information that a competitor would pay very well to have and he would only need to "buy" a facebook employee to obtain. Now on Whatsapp we have a considerable amount of information, even though it
  • Suppose we have an app that generates a block of random numbers and/or random trigger words to out clipboard and add this to our messages. Flood their systems with false positives.
  • by couchslug ( 175151 ) on Thursday August 01, 2019 @01:54PM (#59024172)

    The privacy battle is lost. What remains is managing your metadata so you aren't a target.

    You cannot have privacy on the internet where nation-state actors or big corps are concerned. If you cease to need it your problem is solved.

  • in an effort to coordinate efforts to combat privacy and security.

    FTFY

  • FaceBook had something that wasn't backdoored? There's the real headline.

  • Once this is in place, it's easy for the government to demand that Facebook add another filter

    They can already do this now. The app probably updates itself every few days, and there is no reason to assume they don't already have this filter capability in there now. The only way to know your software isn't backdoored is to review the code yourself and compile it yourself... with a compiler you wrote yourself.

  • Applications that have backdoors need to have an "Not Secure" label across the top. Something in bold red that is prominently displayed at all times no matter what the user is doing. This strikes a balance between informing the consumer and letting the market decide. If companies want to make insecure products they can do so, but they really should prominently warn the public first. This is especially true when the application otherwise appears to be secure.

  • Been seeing ads on Youtube for that Facebook Portal device? Now imagine this wiretap scheme built into a device with an always-on camera you brought into your home and actually paid money for.

  • I don't think they understand the meaning of "end to end encryption". If someone else can access the cleartext, then it's not "end to end encryption".

  • to PRISM.
  • by astrofurter ( 5464356 ) on Friday August 02, 2019 @01:13AM (#59027092)

    Now we know why the Big Tech monopolists are so keen to replace us all with H1Bs. When your business plan is viciously hostile to American values, it's best not to hire Americans to implement it.

Be sociable. Speak to the person next to you in the unemployment line tomorrow.

Working...