Under the new user agreement, WhatsApp will share the phone numbers of people using the service with Facebook, along with analytics such as what devices and operating systems are being used. Previously, no information passed between the two, a stance more in line with WhatsApp’s original sales pitch as a privacy oasis.
Wired: WhatsApp’s Privacy Cred Just Took a Big Hit »
“Only at the end do you realize the power of the Dark Side.”
In a new level of dumb, Germany and France are demanding strong encryption for all citizens at the same time as they demand this strong encryption to be breakable. They also demand messaging providers of end-to-end encryption to provide police with keys they don’t have, and for terrorists to stop using freely available strong encryption without a messaging provider. You really couldn’t sound dumber if you tried.
Last winter it looked as if there was going to be an international initiative against encryption. However, after some public attention, President Obama announced that there were no such plans – at present. Shortly after that, there was a brawl between Apple and the FBI, ending with the FBI withdrawing its subpoena for Apple to build software to give backdoor access to an iPhone. (The FBI cracked it by other methods.) Meanwhile, the UK is slowly moving towards some sort of ban on encryption.
Now, it seems this issue will get new attention. Last week the French called for a global initiative to “deal with” encryption. Apparently, they are trying to get Germany aboard on such an initiative. If so, we can expect the issue to become a hot topic in the EU shortly.
As most politicians are somewhat ignorant when it comes to IT and the Internet – we can expect some ill-conceived proposals.
It would be very difficult for politicians to ban user managed end-to-end encryption like PGP. That should reasonably not be up for discussion. (But you never know when it comes to the EU.)
My guess is politicians (and law enforcement) will take aim at popular communication apps like Whatsapp and Telegram – and to demand backdoors to smartphones and other encrypted hardware.
Cracking communication apps and installing backdoors is still a terrible idea. These techniques will – sooner or later – end up in the wrong hands. And government having access to citizens communications is still a very unpleasant concept.
However, this will not prevent terrorists and criminals from communicating securely and covertly – if they really want to.
/ HAX
France in global call to “deal with” messaging apps »
How the Government Is Waging Crypto War 2.0 »
Microsoft has inadvertently demonstrated the intrinsic security problem of including a universal backdoor in its software after it accidentally leaked its so-called “golden key”—which allows users to unlock any device that’s supposedly protected by Secure Boot, such as phones and tablets.
Ars Technica: Secure Boot snafu: Microsoft leaks backdoor key, firmware flung wide open »
Privacy Shield—the much maligned replacement to the Safe Harbour deal between the European Union and the US—looks set to be approved by national representatives on Friday, Ars understands.
The scheme, which will allow the transfer of personal data from the EU to the US despite privacy and data protection concerns, has faced an uphill battle. Brussels officials who negotiated the deal on behalf of the EU have been desperate to push it through in the face of criticism from the European Data Protection Supervisor, national data protection authorities, and the European Parliament, in order to give some legal certainty to companies that rely on transatlantic data flows. (…)
The agreement is expected to be formally adopted by the European Commission next Monday, followed by the deal being inked by justice commissioner Vera Jourová and US secretary of commerce Penny Pritzker on Tuesday.
Jennifer Baker in Ars Technica: Privacy Shield to be dragged across finish line—sources »
Washington Post:
Like many Silicon Valley start-ups, Larry Gadea’s company collects heaps of sensitive data from his customers.
Recently, he decided to do something with that data trove that was long considered unthinkable: He is getting rid of it.
The reason? Gadea fears that one day the FBI might do to him what it did to Apple in their recent legal battle: demand that he give the agency access to his encrypted data. Rather than make what he considers a Faustian bargain, he’s building a system that he hopes will avoid the situation entirely.
Youtube: ‘State of Surveillance’ with Edward Snowden and Shane Smith »
In other words, there is no central repository of plain-text messages that the company can access to comply with a court subpoena. Nor is there a “universal key” that can be used as a government backdoor to decrypt information. When a user sends a message on WhatsApp, he or she can feel fairly confident that no confidence man in the middle lurks between them and the intended recipient of a message. Such security is a very strong selling point in this age of constant data breaches and headache-inducing identity thefts.
Reason: Why We Should All Care About Brazil’s War on WhatsApp »
Here is an interesting piece in Foreign Policy: Fear this man »
It’s about the Italian firm Hacking Team and its founder and CEO, David Vincenzetti. The article gives an interesting and chilling glimpse into the commercial side of providing governments with IT tools for surveillance – that also is being used by authoritarian regimes for oppression and disinformation.
“Privacy is very important,” Vincenzetti says on a recent February morning in Milan, pausing to sip his espresso. “But national security is much more important.”
