Why putting back doors in message apps will not stop terrorism

I’m not a security expert.  So why don’t you listen to one?  This video is Bruce Schneier, a well-known security and cryptography expert, taking questions at DEFCON 23.  He addresses the issue of back doors at about 07:20, but the entire video is worth watching.

If you don’t want to watch it, I’ll paraphrase:   The feds say that ISIS recruits via Twitter.  A recruiter will get into conversation with people,  and the feds can monitor that okay.  But then the recruiter says “go download secure-app X” and all of a sudden the authorities can’t monitor them any more.  This makes the cops sad.  So they want to put back doors in all the messaging apps.  But that is not going to solve the problem!

(About 09:10) “This is not a scenario that any type of back door solves. The problem isn’t that the main security apps are encrypted. The problem is that there is one security app that is encrypted. The ISIS guy can say ‘Go download Signal, go download Mujaheddinsecrets, go download this random file encryption app I’ve just uploaded on Github ten minutes ago.’ The problem is not the encryption apps that the authorities want to get into, the problem is general purpose computers.  The problem is the international market for software.”  Back doors are not the solution for the problem the authorities claim to have.

You’d have to put back-doors in all messaging apps.  Not just the mainstream ones.  Not the not-so-popular niche apps that some people like to use.  ALL apps.  Including ones created by ISIS guys and uploaded to whatever-server-wherever-whenever.  “So we need to stop talking about that [back doors] or we’re going to end up with some really bad policy.” [about 10.00]

 

 

One Response to Why putting back doors in message apps will not stop terrorism

  1. […] professionals have pointed out that back doors are not the way to carry out investigations: see here and here for just a couple of examples.  The tragic San Bernadino shootings are, I’m sorry […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: