Did WhatsApp Backdoor Rumor Come From 'Unanswered Questions ' and 'Leap of Faith' For Closed-Source Encryption Products? (forbes.com) 105
On Friday technologist Bruce Schneier wrote that after reviewing responses from WhatsApp, he's concluded that reports of a pre-encryption backdoor are a false alarm. He also says he got an equally strong confirmation from WhatsApp's Privacy Policy Manager Nate Cardozo, who Facebook hired last December from the EFF. "He basically leveraged his historical reputation to assure me that WhatsApp, and Facebook in general, would never do something like this."
Schneier has also added the words "This story is wrong" to his original blog post. "The only source for that post was a Forbes essay by Kalev Leetaru, which links to a previous Forbes essay by him, which links to a video presentation from a Facebook developers conference." But that Forbes contributor has also responded, saying that he'd first asked Facebook three times about when they'd deploy the backdoor in WhatsApp -- and never received a response.
Asked again on July 25th the company's plans for "moderating end to end encrypted conversations such as WhatsApp by using on device algorithms," a company spokesperson did not dispute the statement, instead pointing to Zuckerberg's blog post calling for precisely such filtering in its end-to-end encrypted products including WhatsApp [apparently this blog post], but declined to comment when asked for more detail about precisely when such an integration might happen... [T]here are myriad unanswered questions, with the company declining to answer any of the questions posed to it regarding why it is investing in building a technology that appears to serve little purpose outside filtering end-to-end encrypted communications and which so precisely matches Zuckerberg's call. Moreover, beyond its F8 presentation, given Zuckerberg's call for filtering of its end-to-end encrypted products, how does the company plan on accomplishing this apparent contradiction with the very meaning of end-to-end encryption?
The company's lack of transparency and unwillingness to answer even the most basic questions about how it plans to balance the protections of end-to-end encryption in its products including WhatsApp with the need to eliminate illegal content reminds us the giant leap of faith we take when we use closed encryption products whose source we cannot review... Governments are increasingly demanding some kind of compromise regarding end-to-end encryption that would permit them to prevent such tools from being used to conduct illegal activity. What would happen if WhatsApp were to receive a lawful court order from a government instructing it to insert such content moderation within the WhatsApp client and provide real-time notification to the government of posts that match the filter, along with a copy of the offending content?
Asked about this scenario, Carl Woog, Director of Communications for WhatsApp, stated that he was not aware of any such cases to date and noted that "we've repeatedly defended end-to-end encryption before the courts, most notably in Brazil." When it was noted that the Brazilian case involved the encryption itself, rather than a court order to install a real-time filter and bypass directly within the client before and after the encryption process at national scale, which would preserve the encryption, Woog initially said he would look into providing a response, but ultimately did not respond.
Given Zuckerberg's call for moderation of the company's end-to-end encryption products and given that Facebook's on-device content moderation appears to answer directly to this call, Woog was asked whether its on-device moderation might be applied in future to its other end-to-end encrypted products rather than WhatsApp. After initially saying he would look into providing a response, Woog ultimately did not respond.
Here's the exact words from Zuckerberg's March blog post. It said Facebook is "working to improve our ability to identify and stop bad actors across our apps by detecting patterns of activity or through other means, even when we can't see the content of the messages, and we will continue to invest in this work. "
Schneier has also added the words "This story is wrong" to his original blog post. "The only source for that post was a Forbes essay by Kalev Leetaru, which links to a previous Forbes essay by him, which links to a video presentation from a Facebook developers conference." But that Forbes contributor has also responded, saying that he'd first asked Facebook three times about when they'd deploy the backdoor in WhatsApp -- and never received a response.
Asked again on July 25th the company's plans for "moderating end to end encrypted conversations such as WhatsApp by using on device algorithms," a company spokesperson did not dispute the statement, instead pointing to Zuckerberg's blog post calling for precisely such filtering in its end-to-end encrypted products including WhatsApp [apparently this blog post], but declined to comment when asked for more detail about precisely when such an integration might happen... [T]here are myriad unanswered questions, with the company declining to answer any of the questions posed to it regarding why it is investing in building a technology that appears to serve little purpose outside filtering end-to-end encrypted communications and which so precisely matches Zuckerberg's call. Moreover, beyond its F8 presentation, given Zuckerberg's call for filtering of its end-to-end encrypted products, how does the company plan on accomplishing this apparent contradiction with the very meaning of end-to-end encryption?
The company's lack of transparency and unwillingness to answer even the most basic questions about how it plans to balance the protections of end-to-end encryption in its products including WhatsApp with the need to eliminate illegal content reminds us the giant leap of faith we take when we use closed encryption products whose source we cannot review... Governments are increasingly demanding some kind of compromise regarding end-to-end encryption that would permit them to prevent such tools from being used to conduct illegal activity. What would happen if WhatsApp were to receive a lawful court order from a government instructing it to insert such content moderation within the WhatsApp client and provide real-time notification to the government of posts that match the filter, along with a copy of the offending content?
Asked about this scenario, Carl Woog, Director of Communications for WhatsApp, stated that he was not aware of any such cases to date and noted that "we've repeatedly defended end-to-end encryption before the courts, most notably in Brazil." When it was noted that the Brazilian case involved the encryption itself, rather than a court order to install a real-time filter and bypass directly within the client before and after the encryption process at national scale, which would preserve the encryption, Woog initially said he would look into providing a response, but ultimately did not respond.
Given Zuckerberg's call for moderation of the company's end-to-end encryption products and given that Facebook's on-device content moderation appears to answer directly to this call, Woog was asked whether its on-device moderation might be applied in future to its other end-to-end encrypted products rather than WhatsApp. After initially saying he would look into providing a response, Woog ultimately did not respond.
Here's the exact words from Zuckerberg's March blog post. It said Facebook is "working to improve our ability to identify and stop bad actors across our apps by detecting patterns of activity or through other means, even when we can't see the content of the messages, and we will continue to invest in this work. "
pay no attention to the man behind the curtain (Score:1)
Re: (Score:2)
The government would never keep security experts on payroll to shill for them. No siree. We're just reading all communications for your protection. Not to maintain absolute power, no way.
Well, yes, of course they do. Howver that's not the point here. The person saying that this isn't true is Bruce Schneier and he has lots more reputation, plenty of money of his own and a history of standing up to (as well as working with) government. However, the key Schneier quote here is:
and that's the really interesting bit and the reason I wouldn't properly
Re: pay no attention to the man behind the curtain (Score:2)
You can always trust spokesmen from the Ministry of Truth. Because Big Brother loves us all.
Re: (Score:3)
Re: (Score:1)
Don't dwell on closed source (Score:1)
Just name some alternatives for us to use that can't be pried open by the courts.
Re: (Score:2)
Re: Don't dwell on closed source (Score:3)
Signal uses your phone number for login. No one outside the gestapo likes or wants that anti-feature. It exists for one and only one reason: to enable real-ID for all users. The whole point of real-ID being to snoop the users and expose them to persecution should the gestapo so desire.
Ergo I do not trust Signal nor believe their claims of superior privacy.
A somewhat shady character I know tells me that "all real criminals use Line", the Korean-owned messenger app. According to him Line uses old school usern
Re: (Score:2)
Because I have a reasonable expectancy of this platform not 'sharing' the connections made with Big Brother.
The encryption used to keep content private is among the best available.
Does it work with voice lines? (Score:2)
It's not "a minor issue" for subscribers to voice-only phone service. Many services that use a phone number for user identification or wannabe 2-factor authentication require specifically an SMS number, not a voice number. This shuts out users of land lines and the "wireless home phone" service offered by AT&T and Verizon, which are voice-only.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Two-factor authentication using a TOTP application and printed backup codes is not "secret police real ID." Nor is two-factor authentication using a FIDO U2F dongle and printed backup codes. In addition, for users on basic phone plans with limited number of SMS messages per month, TOTP and U2F don't contribute to exhaustion of the cellular subscription's monthly SMS quota.
However, particularly parano^W careful users may want to enable black-and-white output so that the printer doesn't spray identifying yell [wikipedia.org]
Re: (Score:2)
According to him Line uses old school username/password for authentication, which is a good sign.
On the desktop, yes.To create an account you need a phone or tablet: with a phone number.
Re: Don't dwell on closed source (Score:2)
It seems you are correct - I just downloaded the app and checked. So Line is snooped, too.
It may well be the case that distributing a non-snooped messenger app is illegal. Most likely illegal under a secret law, or under a secret implementing regulation of a nominally public law.
Re: (Score:2)
Well, you simply ask s friend to install it for you on his device. Then with his help you install it on a tablet and computer. Of course, after he has deleted his app, he could reinstall it ... so get a throw away sim and do it yourself.
Re: (Score:2)
PGP/GnuPG encrypted email. If you manage to invest a few hours into the documentation.
bad juju (Score:3)
Re: bad juju (Score:2)
"lawful intercept"
My God, it's full of laws!
Re:bad juju (Score:5, Informative)
Facebook after their share purchase, is in the process of removing all these features from WhatsApp. So you do not need to be downvoted to oblivion but need to learn to research and remember, preferably some thinking would also be useful.
Skype had no such features/promises so not providing those would not be a problem. However with WhatsApp the promise was basically a paid, hassle free, secure and reliable alternative to SMS, and VoIP later on, services. These days I would very much like to use Skype, and waiting for a very big scandal with WhatsApp in order to see an increase in Skype penetration again. MS' reputation is far more better than Facebook's, and that is something you do not see or hear very often here in /. about MS.
Re: (Score:2)
But seriously, you said that in kind of a dickish way. I'm not going to apologize for not knowing about an app used by children. Let's move on.
If Facebook is, in fact, removing the aspects of WhatsApp that made it a distinct service, than that is the worst move ever. Especially considering their already shitty reputation and the growing momentum of people realizing how important priva
Re:bad juju (Score:5, Informative)
If you can bother to check following URLs in your research in order to reduce your ignorance, your would see that WhatsApp has a serious user base, especially in countries with oppressive governments or countries with populations valuing their privacy (https://www.messengerpeople.com/global-messenger-usage-statistics/) (https://www.statista.com/statistics/291540/mobile-internet-user-whatsapp/)
Claiming WhatsApp being used by children however is more harmful, than being just idiotic, because you are normalising the degeneration of a tool used by people with actual concerns about privacy. I do not know which country you are from but WhatsApp is being used by more people than actual phone users in your country.
Re: (Score:2)
Re: (Score:2)
In Europe WA is very popular. And childs don't use it because they use the Instagram or Twitter related apps.
Re: (Score:2)
Re: (Score:2)
Well, it is a playing of words about: "what's up!!?"
An american 'slang greeting' made 'famous' in a TV show. Many use it as s greeting in a phone call.
Re: (Score:2)
Re: (Score:2)
They do ... many do. Or you could claim that they are 40 or 50 but still not adult :)
Re: (Score:2)
I'm not going to apologize for not knowing about an app used by children.
You're an idiot. Not for not knowing what apps children use, but for your assumption that the app is used by children as an excuse for your ignorance.
WhatsApp is the *only* messaging platform in many parts of the world. Large parts of Europe and South America use SMS for 2FA codes, and alerts from governments only. WhatsApp has some 30 billion messages sent every day.
While you're "thinking about children" (you disgust me) I use my banking app's integrated whatsapp features to split bills and track who has p
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
For the Skype, I have three problems (client performance, network performance and recently market penetration), none of which are directly related to privacy. I am/was not very concerned about privacy related to communications
Skype was Peer-to-peer at the beginning (Score:5, Interesting)
Again, back before Microsoft acquisition, back when it was designed by former Kazaa devs, Skype was designed to be peer-to-peer.
The devs were thinking basically: we have a cool peer-to-peer NAT traversal tech that does not require any central server (in the case of Kazaa's filesharing: for obvious reasons), what else can we apply it to?
And VoIP/chat came as an obvious idea. Standards at the time (and some still used today) such as H323 and SIP relied on computer being directly accessible and connectable on the network, thus couldn't be reliably used by home users in their desktops, only in corporate settings.
The Fastrack protocol developed for Kazaa already solves this problem.
So Skype was exclusively peer to peer, with some coordination provided by a few nodes autopromoted to super-peer status. No need for any server owned by Skype. Thus also no way for Skype to even know who is calling whom as they don't ever see this information (only some random peer on the network who serves as super peer could see it occasionally ).
Skype had some form of privacy, mostly of the metadata type, simply due to its architecure that the FastTrack protocol inherited from its Kazaa filesharing origins.
(regarding encryption: it wasn't as good, due to bad RC4).
When Microsoft arrived, they threw all this through the window and evolved it into a classical server/client topology.
All the initial promises of a decentralized topology were lost in the Microsoft acquisition, just like eventually one day Facebook is going to kill the end-to-end encryption in WhatsApp.
Re: (Score:2)
As mentioned in my other post below somewhere, I am not claiming MS's history is as clean as a milk white sheet and it is safer to assume if they saw any profit potential it is/
Re: (Score:2)
When Microsoft arrived, they threw all this through the window and evolved it into a classical server/client topology.
Actually no. Well yes, but not quite. Your timeline is wrong. The client/server topology came *before* the Microsoft acquisition and was the natural result of NAT breaking the peer to peer concept.
Before Microsoft came along and actually put some proper bandwidth behind the client/server topology you could actually tell whether you were peer-to-peer connected or client/server connected based poorly on the massive downgrade of video quality the latter incurred.
Super-peers, not servers (Score:2)
Nope.
The whole raison d'etre for the Fasttrack protocol was to handle NAT.
initially for Kazaa and then for Skype.
NAT users were accounted for from the beginning (and explains the rise of popularity of Kazaa and Skype among home users).
It does *NOT* rely on servers (which would be central and owned by the company), but on "super-peers" nodes on the network which get the status because they fulfil a bunch of criteria (mostly, their are net-accessible (= public IP), have plenty of bandwidth, and are up for lon
Microsoft destroyed peer-to-peer (Score:2)
MS' reputation is far more better than Facebook's, and that is something you do not see or hear very often here in /. about MS.
You mean the same Microsoft who - after they acquired Skype - ripped appart the peer-to-peer topology it was built upon (inherited from the FastTrack protocol that was initially designed for Kazaa filesharing - obviously designed on purpose without a central point of failure), and rebuilt it as a client-server topology ?
Yeah, sure, totally trust worthy...
Re: (Score:2)
MS' reputation is far more better than Facebook's
Does that expression contain anything like "totally trust worthy" or even "trust". If in your inner grading "trust worthy" is just above whatever the level you see Facebook at, that is the problem. I know pimps and government officers who are above Facebook's level, which does not mean they are trust worthy.
Re: (Score:2)
False. The client-server topology for Skype was built *before* Microsoft acquired Skype. It was the natural result of NAT constantly causing Skype connections to fail.
Microsoft simply threw more bandwidth at the client-server topology and once it stopped incurring the massive quality hit that it did (before the acquisition) they phased out peer to peer communications.
Re: (Score:2)
Skype was only any good when it still was owned by skype.
The first buydr ruined it, and now under the control of MS it is barely useable.
At least phone and video calls still work.
Re: (Score:2)
Re: (Score:2)
Exactly. WhatsApp could be sending all your messages to the CIA. Or not encrypting anything. And the behavior could change on every update. That is the point about using closed source - you have no idea what they are doing.
Re: (Score:2)
I mostly use Telegram. Which is open source. But I don't know what it is really doing either. Like 99% of the other users, I never looked at the source code.
Skyoe (Score:2)
Eons ago, Skype was peer-to-peer, (it was purposefully built on the FastTrack protocol that was used on the Kazaa filesharing network).
Back then it wouldn't be anything other than end-to-end, because there was no other machines involved than the two end nodes (with occasional exception of super-nodes, but those only help NAT traversal and traffic redirect, they don't take part in the channel encryption).
The problems that Skype faced wasn't due to the non "end-to-end"-ness of the encryption, but because the
(web app) (Score:2)
but it wouldn't surprise me if they changed the encryption to a server-to-client model too...
(My logic being that Microsoft has made a WebApp version - web.skype.com (Note: change your User-Agent to Chrome during log-in if you're on FireFox) - and in my experience at least on Android and Linux the official client is the web site repackaged as an App. Using electron if memory serves right. Client-server encryption would make sense in this context)
Re: (Score:2)
All of this lead to an incredibly simple set up experience, which led to
Re: They canâ(TM)t tell the truth (Score:2)
In Soviet America, every man has an inalienable right to freedom of speech. Unless a secret court decides he doesn't.
Where is gag order authority codified? (Score:2)
What statute or regulation gives a court the right to issue such a gag order? I ask because one way to circumvent a gag order might be to say "(USC or CFR citation) is law in the United States" as a euphemism for "we are subject to a gag order pursuant to (USC or CFR citation)."
Re: (Score:2)
Facebook has a long road ahead to gain user trust (Score:2)
Re: (Score:2)
You think they can be redeemed? I doubt that very much. What will probably happen that over time people will get used to being spied on (only "criminals" need to fear that, right?) and things will get progressively worse. At some time, after the end-state of full-blown fascism this inevitable devolves to, has completely ruined the economy (as it always does), things will eventually collapse, and after that individual freedoms may have worth for a century or so. Then the same stupidity starts again if curren
Once FB hires you away from EFF... (Score:4, Insightful)
Re: (Score:2)
Who are you talking about? Bruce Schneier does not work for Facebook.
Re: (Score:2)
I want to give him the benefit of the doubt, but if he takes a job with them in the not-so-distant future, let's just say I won't be surprised.
Re: (Score:2)
Guilt by association?
Re: (Score:2)
Re: (Score:2)
Fair enough, although usually Facebook hires people with shit reputations like Nick Clegg, because people with integrity won't push their BS.
Re: (Score:2)
Re: (Score:1)
I met Bruce back at MIT. And I've met hime a few times since, when he presented details of how Kerberos works to a Harvard sys-admin group, and some old fraternity brothers of mine involved in creating Kerberos have worked directly directly with him at MIT's Project Athena. I think he does his due diligence on security claims. I take his opinions pretty seriously.
Other technical means (Score:1)
Bruce's comments remain spot on, but the AG Mr Barr has lower standards.
First off compliance with the law IS compulsory if secret letters served. Some other highly respected message services closed down altogether - read into that what you may.
Secondly you can record encrypted conversations and decode later - perhaps you have a list of IP addresses or TOR nodes, and mine the routing information with the aim of installing law enforcement malware. Then you might recover the likely keys - because keyloggers a
... yet. (Score:3)
"He basically leveraged his historical reputation to assure me that WhatsApp, and Facebook in general, would never do something like this."
.... yet.
(1) we've seen this before, countless times, with "freeware" that "promised" never to put spyware or adware into their "free" products. they get bought out... next upgrade... crapware / spyware / adware.
(2) only last week there was some idiot politician demanding that "the days of encryption are over" and that products must start bypassing strong encryption by sending the data to the U.S Government... *in exactly the way described by schneier*
(3) all facebook has to do is fire the guy from the EFF (actually, he would probably quit) and do an "upgrade".
the only way this is going to work - if facebook is to be involved at all - is for facebook to provide a "transport API" mechanism for 3rd party applications, where it would transparently carry ENCRYPTED end-to-end data, and to let its infrastructure be utilised by FREE SOFTWARE where the source code can be audited by users.
Which is more insulting, the lie or the spying ? (Score:1)
Despite prevalent marketing speak, logic is still a thing. Some requirements are simply inconsistent, and therefore will never be fulfilled, whateever the salesman says:
You cannot have private conversations and third party control over it (to prosecute illegal conversations). Either the third party has access to the conversation and it is no longer private, or none has access and then it is uncontrolled (beyond what each party in the conversation can control). The puppeter is trying to fool us by changing
Does this actually change anything? (Score:5, Interesting)
I respect Schneier. I appreciate that he talked to WhatsApp’s Privacy Policy Manager (Cardozo) and asked questions. But I’m bothered that the Director of Communications (Woog) has not responded to some pointed questions about the specific, fundamental issues people have found concerning.
Sometimes non-answers are the most telling.
Government Not Totally Stupid (Score:1)
After PRSIM (Score:2)
What did big bands do?
Help the NSA/GCHQ?
Did not understand the NSA skills set and never noticed?
Let the NSA in? Let the NSA stay in?
It was all legal at the time?
Now the gov/police/mil wants back in?
Re: (Score:2)
BIG? They now call it telemetry...
Triggered unencrypted mode. (Score:2)
The only way to really ensure end-to-end encryption not be backdoored and allow governments to pry in on people they are interested in is to have a way of disabling the end-to-end encryption. To do this ad hoc there would need to be something that would trigger this. It could be triggered using list of words/phrases or be as simple as a remote computer sending a signal to trigger this unencrypted mode.
Then again, maybe they just agreed to leave in a mistake in the encryption scheme thereby making the encr
Broken record time (Score:2)
If it's not open source, and you're not in control of the code, you can't trust it.
It doesn't matter even slightly what Bruce thinks of this, especially if what he thinks of it is based entirely on what someone else told him, but frankly that makes no practical difference. If you cannot audit the source, and you can't build and run the code yourself, then you cannot trust it. Period. End of story. PLS STAHP
By virtue of its business model, WhatsApp is not trustworthy, and if you trust them then you are a buf
mix up sign on with log on (Score:2)
What do yiu think how many FB accounts my GF has?
I hate web sites where the Sign ON Screen (aka: enter your email and get an account) is the first screen and "log into existing account" is some where hidden.