Why putting back doors in message apps will not stop terrorism

17/02/2016

I’m not a security expert.  So why don’t you listen to one?  This video is Bruce Schneier, a well-known security and cryptography expert, taking questions at DEFCON 23.  He addresses the issue of back doors at about 07:20, but the entire video is worth watching.

If you don’t want to watch it, I’ll paraphrase:   The feds say that ISIS recruits via Twitter.  A recruiter will get into conversation with people,  and the feds can monitor that okay.  But then the recruiter says “go download secure-app X” and all of a sudden the authorities can’t monitor them any more.  This makes the cops sad.  So they want to put back doors in all the messaging apps.  But that is not going to solve the problem!

(About 09:10) “This is not a scenario that any type of back door solves. The problem isn’t that the main security apps are encrypted. The problem is that there is one security app that is encrypted. The ISIS guy can say ‘Go download Signal, go download Mujaheddinsecrets, go download this random file encryption app I’ve just uploaded on Github ten minutes ago.’ The problem is not the encryption apps that the authorities want to get into, the problem is general purpose computers.  The problem is the international market for software.”  Back doors are not the solution for the problem the authorities claim to have.

You’d have to put back-doors in all messaging apps.  Not just the mainstream ones.  Not the not-so-popular niche apps that some people like to use.  ALL apps.  Including ones created by ISIS guys and uploaded to whatever-server-wherever-whenever.  “So we need to stop talking about that [back doors] or we’re going to end up with some really bad policy.” [about 10.00]

 

 


The govt need “back doors” to thwart terror attacks? Bullshit: they just need to do their jobs properly.

01/01/2016

Govts everywhere are talking up their need for back-doors in encryption etc by saying how the Paris killers got away with so much because of their encryption opsec skillz… but it turns out their opsec is flaky as shit and backdoors wouldn’t be nearly as useful to the cops as listening to the repeated warnings they’d got from Turkey.

Wired.com reported that “news reports of the Paris attacks have revealed that at least some of the time, the terrorists behind the attacks didn’t bother to use encryption while communicating, allowing authorities to intercept and read their messages…

“Reports in France say that investigators were able to locate some of the suspects’ hideout this week using data from a cellphone apparently abandoned by one of the attackers in a trashcan outside the Bataclan concert hall where Friday’s attack occurred, according to Le Monde. Authorities tracked the phone’s movements prior to the attack, which led them to a safehouse in a Paris suburb where they engaged in an hours-long shootout with the other suspects early Wednesday. These would-be attackers, most of whom were killed in the apartment, had been planning to pull off a second round of attacks this week in Paris’s La Defense business district, according to authorities.”

Other reports indicate that a previous ISIS terrorist plot targeting police in Belgium was disrupted in that country last January because Abdelhamid Abaaoud—suspected mastermind of both that plot and the Paris attacks—had failed to use encryption. He also carelessly left behind a cellphone in Syria, which contained unencrypted pictures and videos, including one now-infamous video showing him smiling from a truck as he dragged bodies of victims through a street.

The killers were guilty of serious OPSEC failures… sometimes they didn’t use encryption at all, sometimes they left plaintext evidence lying round where anyone could find it. But as crappy as the terrorists were, the French cops were worse: Turkish authorities have said they tried to warn French authorities twice about one of the suspects but never got a response.

But Western authorities, notably the US and the Brits, have been complaining that they need their secret back-doors to beat the killers, even suggesting that  “US companies like Apple and Google have blood on their hands for refusing to give intelligence and law enforcement agencies backdoors to unlock customer phones and decrypt protected communications”.

My question for the authorities is this: if encryption products have back doors built into them for law enforcement to use, isn’t it likely that crooks will also be able to use these back doors to steal our personal info, IDs, banking details, our entire fucking lives?  The govt are constantly losing top secret laptops on trains and in taxis, and computer intruders regularly bust into official data centres and make off with piles of sensitive data.  Do the authorities think their new back doors will somehow be magically better than all the fucked up attempts at secrecy and security they’ve tried before?

US-paramilitaries

Also, if the authorities get their way, they will be able to find out anything they want to about us.  Maybe (ha ha) that’s not a big problem right now.  But who knows what changes in governments will happen?  Far-right parties are getting more popular all the time.  And look at US presidential hopeful cock Trump: one press of a button and he’ll know exactly where to go to round up the Muslims he hates and send them to be tortured and killed by his friend Assad in Syria.

Don’t listen to the authorities when they say why they “need” the ability to access every bit of data on us.  They don’t need it.  They want it.  Just as they’ve always wanted new ways to eliminate those they don’t like.

giff-logo-small

CLICK ME FOR FREE SIMS!

free web stat


Foreign Policy doesn’t fuel domestic terrorism? Get real!

09/12/2015

A lot of “centre-ground” (and right-from centre)  commentators and “moderate” Labour MPs are pissed off that Stop The War Coalition think that French foreign policy regarding Syria might have provoked the shootings and bombings in Paris in November – and that Labour leader Jeremy Corbyn has not distanced himself from the anti-war group.

It was blogged in the Spectator site:

Labour MPs appear to be just as annoyed by Jeremy Corbyn’s links to the Stop The War coalition as they are about his comments on shoot to kill. In the questions following David Cameron’s Commons statement on the Paris attacks, several MPs used the opportunity to make coded attacks on Stop The War for a blog it published, titled ‘Paris reaps whirlwind of western support for extremist violence in Middle East’. It has been since been removed (cached version here) and Corbyn said he was glad it was deleted — but he has yet to condemn the fact it was published in the first place.

And the Daily Mail reported that

One Labour MP said the suggestion that the French people were to blame for the attack was ‘akin at the time of the Second World War to blaming the Jews for their deaths under the Nazis’.

Frontbencher Hilary Benn refused to rule out resigning if Mr Corbyn attended the event [a Stop The War Coalition Christmas fundraiser] as Labour MPs lined up to condemn their leader’s opposition to armed police shooting to kill terrorists.

This is so disingenuous, and not the first time politicians and political commentators have come out with this nonsense that somehow Western military action abroad doesn’t provoke terror acts at home.  Tony Blair, UK prime minister in 2005, denied at the time that the 7/7 bombings were in any way provoked by British military action in Iraq – and he’s still denying it.  But, after the bombings, a video was acquired by an Arab TV station in which Mohammad Sidique Khan, one of the suicide bombers, said the attack was in response to British military foreign policy in the region.

At the time the BBC reported:

On the tape the bomber said: “Our words are dead until we give them life with our blood.

“I and thousands like me have forsaken everything for what we believe.”

He said the public was responsible for the atrocities perpetuated against his “people” across the world because it supported democratically elected governments who carried them out.

“Until we feel security, you will be our targets,” he said.

“Until you stop the bombing, gassing, imprisonment and torture of my people we will not stop this fight.

“We are at war and I am a soldier. Now you too will taste the reality of this situation.”

Muslim Council of Britain spokesman Inayat Bunglawala told BBC News:

“Mr Khan has allowed his hatred to distort his moral compass.

“However, this tape does serve to confirm that the war in Iraq and our policies in the Middle East have indeed led to a radicalisation amongst a section of Muslim youth.”

The same is happening now.  While it would be ridiculous to claim that the people slain in Paris somehow “deserved it”, it must be acknowledged that the terrorists – all French or Belgian citizens who had connections with ISIL – did see the French military action in Iraq and Syria as a provocation.

Corbyn can see the connection, and now his political rivals – in Labour and in other parties – want to use his honesty as another lever to undermine him.

giff-logo-small

CLICK FOR A SIM


free web stat


%d bloggers like this: