Govts everywhere are talking up their need for back-doors in encryption etc by saying how the Paris killers got away with so much because of their encryption opsec skillz… but it turns out their opsec is flaky as shit and backdoors wouldn’t be nearly as useful to the cops as listening to the repeated warnings they’d got from Turkey.
Wired.com reported that “news reports of the Paris attacks have revealed that at least some of the time, the terrorists behind the attacks didn’t bother to use encryption while communicating, allowing authorities to intercept and read their messages…
“Reports in France say that investigators were able to locate some of the suspects’ hideout this week using data from a cellphone apparently abandoned by one of the attackers in a trashcan outside the Bataclan concert hall where Friday’s attack occurred, according to Le Monde. Authorities tracked the phone’s movements prior to the attack, which led them to a safehouse in a Paris suburb where they engaged in an hours-long shootout with the other suspects early Wednesday. These would-be attackers, most of whom were killed in the apartment, had been planning to pull off a second round of attacks this week in Paris’s La Defense business district, according to authorities.”
Other reports indicate that a previous ISIS terrorist plot targeting police in Belgium was disrupted in that country last January because Abdelhamid Abaaoud—suspected mastermind of both that plot and the Paris attacks—had failed to use encryption. He also carelessly left behind a cellphone in Syria, which contained unencrypted pictures and videos, including one now-infamous video showing him smiling from a truck as he dragged bodies of victims through a street.
The killers were guilty of serious OPSEC failures… sometimes they didn’t use encryption at all, sometimes they left plaintext evidence lying round where anyone could find it. But as crappy as the terrorists were, the French cops were worse: Turkish authorities have said they tried to warn French authorities twice about one of the suspects but never got a response.
But Western authorities, notably the US and the Brits, have been complaining that they need their secret back-doors to beat the killers, even suggesting that “US companies like Apple and Google have blood on their hands for refusing to give intelligence and law enforcement agencies backdoors to unlock customer phones and decrypt protected communications”.
My question for the authorities is this: if encryption products have back doors built into them for law enforcement to use, isn’t it likely that crooks will also be able to use these back doors to steal our personal info, IDs, banking details, our entire fucking lives? The govt are constantly losing top secret laptops on trains and in taxis, and computer intruders regularly bust into official data centres and make off with piles of sensitive data. Do the authorities think their new back doors will somehow be magically better than all the fucked up attempts at secrecy and security they’ve tried before?
Also, if the authorities get their way, they will be able to find out anything they want to about us. Maybe (ha ha) that’s not a big problem right now. But who knows what changes in governments will happen? Far-right parties are getting more popular all the time. And look at US presidential hopeful cock Trump: one press of a button and he’ll know exactly where to go to round up the Muslims he hates and send them to be tortured and killed by his friend Assad in Syria.
Don’t listen to the authorities when they say why they “need” the ability to access every bit of data on us. They don’t need it. They want it. Just as they’ve always wanted new ways to eliminate those they don’t like.