There is something about encryption that brings out the most difficult in writers. Because to most of them it is magical, they are always researching urgently for the proverbial guy behind the curtain, without knowing what to look for. Which may explain The Guardian recent bizarre attack on WhatsApp, which they alleged, wrongly, of having a backdoor. And security rights community began in rage.
To understand this story, why the Guardian was and is incorrect, why they were forced to walk back their original backdoor headline, and why security rights community is furious, youll requirement a bit situation. Sit down, my reasonablies, and let me tell you a bit infosec fable 😛 TAGEND
Once upon a era there was PGP, which stands for Pretty Good Privacy, and it was good and strong. So good and strong that after its builder, Phil Zimmerman, secreted its generator code 25 years ago, the American government opened a criminal investigation against him for arms trafficking.( The occurrence was eventually fell without indictment .)
For twenty years PGP was the gold better standards of assure messaging. The NSA could not break it. Edward Snowden exploited it. But it had serious shortcomings. For one, it needed forward secrecy; if your key was endangered, so was every meaning it has in the past encrypted. For another, key exchange was/ is at best challenging.
But the most difficult event about PGP, far and away, is that it is fiendishly user-hostile, so simply hardcore intruders ever really exploited it.( The Snowden disclosures were delayed due to a month because he couldnt find a way to contact Glenn Greenwald securely .)
Just as best available workout routine is not the Rocks but, rather, one that you will actually stick to, the most secure messaging organisation is something that you will actually use. Whether we like it or not, usability is an essential aspect of security interests . Any assure systems which pretend this is not true will neglect from disuse.
Enter Signal, a mobile( and Chrome plug-in) assure messaging organisation. It is fast, slick, sex, cross-platform, and battle-tested. It applies highly secure end-to-end messaging with a ratchet etiquette which provides perfect forward secrecy. It is the choice of technically sophisticated, security-conscious people around the world. It is not perfect. No organisation is perfect. Every organisation involves settlements. But Signal is the best available alternative.
However, most of the world does not use Signal. Most of the world expends SMS, Facebook Messenger, and, specially, WhatsApp which, until recently, was much less secure. So the roll-out of the Signal protocol to WhatsApp, which commenced two summers ago, was met with rejoicing. However, even though it exploited the same etiquette as Signal, the implementation was different. Its that difference which the Guardian, strangely and wrongly, called a back door.
For the grotty items meet A Trade-Off In Whatsapp Is Called A Backdoor by the EFF, There Is No Whatsapp Backdoor by Signal head honcho Moxie Marlinspike, WhatsApp Security Vulnerability by Bruce Schneier, and A look at how private messengers manage key changes by Tina Membe, to refer a few.
The crucial difficulty is that when the person youre talking to gets a new telephone, or re-installs the app, theres no way to be instantly assured that the new installing is them. In hypothesi, you should contact them over a different medium to corroborate they arent someone else pretending to be them; in a perfect world, you are able to use the tools Signal and WhatsApp provide to be mathematically certain of this. In tradition, though, essentially nobody does this.
Signal, which was built for technically sophisticated users, refuses to send any new letters to a person whose identity seems to have changed, until and unless you explicitly tell it to do so. WhatsApp, which had an install base of approximately a billion users, the great majority of them anything but technically sophisticated, when it rolled out the Signal protocol “ve decided that” doing so would confuse their users and effect speeches lost something, and that continuing to deliver letters was more important than doing users explicitly ensure their security.
Whether they were right to do so is a thing about which reasonable people are able to contradict. Again, all messaging systems imply defence settlements; and all messaging systems require that you trust individual, sometimes. The Guardian was my newspaper of choice when I lived in the UK, and Ive written for even fooling myself, but it is deeply irresponsible journalism had demonstrated that a complex accommodation with which some people contradict is a back entrance or a profound disguised vulnerability.
On one handwriting, WhatsApps implementation of the Signal protocol is less secure than Signals implementation. On the other, it is far more secure than their previous organisation and the only entity able to use this vulnerability to hack WhatsApp letters is WhatsApp itself, or an intruder who settlement WhatsApps systems. Additionally, as Schneier points out, its an attack against current and future letters, and not something that would allow the government to reach into the past. In that style, it is no more disturbing than the government hacking your mobile phone and speaking your WhatsApp speeches that way.
More to the point, though, WhatsApps users already have to trust WhatsApp. For all they actually, verifiably know, the app isnt implementing the Signal Protocol at all. They also have to trust Apple, Google, or whoever they downloaded the app from. They have to trust that no malware on their phone is registering their keytaps and taking unauthorized screenshots. They have to trust that the operating system provides the entropy the encryption algorithms need. You always have to trust individual . Its inevitable. Even if you gather PGP from scratch, you cant go over its code line-by-line to be certain its secure and even if you did, what about the kernel? What about the compiler?
Real security design is about navigating the compromises between usability and security, ascertaining the sophistication and menace example of your users, ending who you have to confidence and who you cant afford to. Signal does compromises too in particular, its use of your telephone number. Security design is a complex and equivocal exercise not made any easier by naive gotcha journalism that cant distinguish between an disputable accommodation and a backdoor.
This is not an abstruse, theoretical edition: this hurts and menaces real parties, en masse. Pronouncing Switch to Signal ignores the fact that most peoples contacts wont do so, so their de facto choice, if they need to communicate, is between WhatsApp and SMS and if you fear them off the former, you scare them into the unbelievably susceptible the weapons of the latter. Those at the Guardian responsible for this ugly mess have much to answer for. You dont is a requirement to take my message for it but you should take the word of this whos who of the security world-wide.