back to article GCHQ pushes for 'virtual crocodile clips' on chat apps – the ability to silently slip into private encrypted comms

Britain's surveillance nerve-center GCHQ is trying a different tack in its effort to introduce backdoors into encrypted apps: reasonableness. In an essay by the technical director of the spy agency's National Cyber Security Centre, Ian Levy, and technical director for cryptanalysis at GCHQ, Crispin Robinson, the authors go out …

  1. Michael Jarve

    Quid pro quo, Clarice...

    If the government wants back doors for intercepting private communications, which they have in the past, without warrant, authorization, and against the law, they can offer something else, aside from “security” in return- uncompromising transparency. If someone has even a remotely legitimate reason to ask why they spied on so-and-so without warrant or authorization, they must provide a timely, well reasoned, and above all legitimate response or face the same dire consequences as their victims. Further, there must be sanctions for violating this principle, with real teeth- think multi- million dollar fines to the government, just as they would give The Face Book, Google, etc all. Ben Franklin, one of the founding fathers of my country famously said “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” This is as right today as it was then. The Brits may hold different views. Just remember that “....temporary safety...” more often becomes permanent in a nanny state.

    1. TheOldFellow

      Re: Quid pro quo, Clarice...

      Most Brits agree with you. It's just the rulers who don't. I am not talking about the elected misgovernment, but the deep perpetual misgovernment that lives in the Civil Service and the Old-Boys networks.

      We never had 'essential Liberty' to give up, it was never granted when the Crown passed it's open self-interest to the hidden deep-state.

      1. AndyS

        Re: Quid pro quo, Clarice...

        > ... the hidden deep-state

        OK, I was following you up to that point, but then... What is this, an Alt-Right US rag? Let me guess, Hillary runs this deep-state from a pizza parlour?

        Conspiracy theories don't do anyone any good. Adopting the same language as the nuts across the pond will do you no favours, any more than shouting "AM I BEING DETAINED" will get the police to take your civil liberties seriously.

        1. Anonymous Coward
          Anonymous Coward

          Re: Quid pro quo, Clarice...

          "OK, I was following you up to that point, but then... What is this, an Alt-Right US rag?"

          It is difficult, because there really is a hidden British state. The security services have kept files on Labour Prime Ministers. Secret policemen really have infiltrated harmless pressure groups in order to make them more extreme. Senior civil servants really do come from an extremely narrow range of backgrounds and, mostly, schools. The public school system really does discourage social mobility. It isn't left or right but fundamentally authoritarianism versus liberalism, with the system, including GCHQ, very definitely on the side of authoritarianism. Brexit makes it easier because then nobody is poking around asking awkward questions.

          Hillary Clinton really is part of the authoritarian wing of the US Democratic Party.

          The difficulty, given the sheer stupidity and lack of critical thinking of the average person, is how to create a better system.

          1. jmch Silver badge

            Re: Quid pro quo, Clarice...

            As mentioned in the article, it's a question of trust. GCHQ etc have broken their trust and if they want to rebuild it, more than empty words are required.

            In principle I am not against law enforcement having access to the communications of nasty people. BUT they need a warrant that is targeted at a specific person or small group of people, and limited in scope (what they are looking for) and time (limited to a few months and needs to go through full process to reauthorise). Also, to guarantee that the powers are not being abused, the intercept HAS to be done through the 3rd-party service provider (eg Whatsapp) not directly by GCHQ etc, and these providers need to be paid by law enforcement to provide their services, AND most importantly be allowed, nay, required, to publish frequently and in detail how many intercepts they are being asked to make. Plus any other safeguards as may seem necessary including truly independent external oversight and heavy penalties (including jail time) for abusers.

            Now, law enforcement might look at that list and say... but that's really restrictive... to which we reply THAT'S THE BLOODY POINT!!!

            1. John Smith 19 Gold badge
              Gimp

              " but that's really restrictive... to which we reply THAT'S THE BLOODY POINT!!"

              Correct. But then GCHQ probably does not think it's part of "Law enforcement" so those restrictions should not apply to them. They are charged with "security."

              Note the "Virtual croc clips" is one of those nice verbal analogies that is simple to understand and so comforting."

              It is in fact bu***hit.

              "End-to-end encryption."

              The clue is in the name.

              And the (mass?) snooping capability added to UK System X digital exchanges bumped up the cost compared to competitors.

              BTW I am not opposed to proportionate, targeted and justifiable surveillance. But the senior data fetishsts who run GCHQ (and their like minded friends in the Home Office and elsewhere) are.

            2. NonSSL-Login
              Thumb Down

              Re: Quid pro quo, Clarice...

              WhatsApp has already gifted the alphabet agencies a backdoor to their users chats via a new 'feature' which backs up your chats to Google drive (unsure about apple version) totally un-encrypted. You might disable backups but has the other end you are speaking too?

              Expect to see more of these crafty backdoor ways to your chats as well as interference with keys at the service provider end to give real time access/mirroring capabilities.

    2. DJO Silver badge

      Re: Quid pro quo, Clarice...

      Further, there must be sanctions for violating this principle, with real teeth- think multi- million dollar fines to the government, just as they would give The Face Book, Google, etc all.

      So you want to penalise the tax payers?

      Fining the government has zero effect as the money just comes from the exchequer, no, if you want sanctions then disbarment from public office, personal fines to (then ex) ministers, confiscation of property, tar & feathers might be a bit too far but the principle of pubic humiliation as punishment for crimes against the people they are supposed to serve is correct.

    3. Velv

      Re: Quid pro quo, Clarice...

      think multi- million dollar fines to the government

      Given the governments money is actually the people’s money this is a very bad solution. It needs to be jail time for the Directos and Managers (VPs) of the organisations involved.

      1. Michael Jarve

        Re: Quid pro quo, Clarice...

        In the US, at least, it would be a good option. If people were aware of their tax dollars being wasted in such a manner, they would vote the fools who support such a scheme (as proposed) out of office. Congress critters are, in their own way more vain than even the worst instagrammer, constantly trying to appease their supporters, and keeping an eye and a half on the polls (unless they’re going to retire, or run for another office). Look at how many times members of both parties flip-flop position on things based on popular sentiment in their district. “Not my tax dollars!” would certainly be the popular sentiment among conservatives, and liberals would invoke the fourth amendment. It almost, more or less, worked before after the Snowden revelations. In that case, though, there was only the carrot; now we need the stick.

        Things might be different in Blighty, where the House of Commons, (realative to our WhoRes) is so diluted they may not care. We have one Rep on average for every 1-million people, to put it in perspective- IIRC, Britain has something like 10 MPs for every million people.

    4. Cliff Thorburn

      Re: Quid pro quo, Clarice...

      To quote from the Guardian Michael Jarve -

      “Once you are the subject of unlimited surveillance, you’ve lost your ability to think freely”

      Henry Porter - Journalist and Writer

      So imagine being both the subject of unlimited surveillance and great game plays with daily death threat driver deliverables, combine this with an increasingly hostile environment, no income, blacklisted so you are unable to work, and increasing psychological torture, coercion and duress.

      What would a person do under such circumstances?, and imagine if such circumstances had carried on for a number of years?, 6 or more?, would such a ‘subject’ be the next Ed Sh eeran?, or Jump in the Yellow Submarine?

      I would suggest nothing more than a practical prisoner of war, or pet at home, when does a process become the next Stanford Prisoner Experiment?, one that perhaps would be better be dealt with by foresight as opposed to hindsight?

    5. Mark 65

      Re: Quid pro quo, Clarice...

      This is part of the classic 5-eyes bait and switch. Everyone starts complaining about encryption, terrorists, paedos, and other bogeymen du jour. Then they start talking about must-have access to encrypted comms. The IT community responds with outrage at the thought of breaking encryption. Cue various to-ings and fro-ings on each side about absolute need vs privacy and open access to criminals and despots. This goes on for some time. Then one of the 5-eyes agencies, normally the shitbags at GCHQ who (under the Snowden leaks) seem the worst of the bunch, come up with the solution they were likely after all along as a fall-back plan - namely to allow them to be inserted into encrypted conversations as an unseen fly-on-the-wall, thus preserving the encryption but tapping the information flow.

      This process needs to be looked at by all as a free-standing proposal rather than "as opposed to breaking encryption", at which point it will be seen to be equally as repulsive given we all know that they will extend it to "insert us into every chat automatically" via some secret court order.

  2. JohnFen

    Define "security"

    "it doesn't require app developers to scale back security on their existing software"

    This is only true if you're using an unusually narrow definition of "security". Correctly reporting who is taking part in a conversation is a security measure itself, after all.

    1. Shadow Systems

      Re: Define "security"

      Tell them that any modifications to public security methouds must be immediately & unilaterally mirrored to the government & military security methods. You want to be added to my otherwise secure conversation without my knowing? Then I want the same ability & "right" to do the same to that supposedly secure & scrambled phone on your desk. You want to listen in on my friends & I discussing how we hate your fucking traiterous asses, then we want the same capability to listen in on you discussing how you have been/currently are/plan to increase fucking us over. Don't like it? Neither do we.

      1. jmch Silver badge

        Re: Define "security"

        "Tell them that any modifications to public security methouds must be immediately & unilaterally mirrored to the government & military security methods"

        The usual question of quis custodiet ipsos custodes. Of course the problem with 'watching the watchers' is then who watches the watchers who are watching the watchers who are watching the watchers who are.... and so on ad infinitum.

        So in the end the solution to that problem is that the watchers are watched by whoever they are watching. Full reciprocity might be a dream, but... FOI requests that cannot be refused... full release of all government official data in 5 years, with even the most secret documents that have to be released after 10 years. The only guarantee of good behaviour is scrutiny. The cops etc believe this should only be applied to the plebs but it is far more appropriate for those in power

        1. Sir Runcible Spoon

          Re: Define "security"

          At the conceptual level, security *is* binary.

          It's only when you try to achieve that in reality that it falls short.

          It's a bit like trust. Conceptually that is also binary, you can either trust someone or you can't.

          In reality it's a bit more vague and it depends on what you are trusting someone for. Trusting a friend to return your car after borrowing it is one thing, trusting them to manage your bank accounts is another.

          So here we have GCHQ, a known abuser of trust, asking us to trust it again. In response I would like to quote a well known security maxim back at them..

          'Trust, but verify'. Until we have a cast-iron method of verification that their powers are not being abused then there simply cannot be any trust. At least not from those with a modicum of security training.

  3. Anonymous Coward
    Anonymous Coward

    GCHQ compelling the quiet modification of software is a nasty tool. I appreciate the necessity that they must feel for it, given the information they must deal with day in/day out, but no UK legislation granting such powers would likely contain the nuance to prevent mass surveillance. Any legislation feels like an inevitability, but it could further make certain jobs in Software Development carry new responsibilities that'd need the money to match the pain entailed...

    1. big_D Silver badge

      It is the most reasonable attempt yet, but I still see too many unanswered questions about security of the connection - again, if the government can get access with a warrant, what is to stop a hacker with access to the network from also listening in? There is too little information about how this should be implemented, without breaking things or allowing unauthorized parties (rogue admins, hackers) access.

      The solution itself is almost reasonable, but the checks-and-balances need to be in place first and auditable, before such a solution can even be thought of.

      They need to prove that they are trustworthy and, until now, they have only shown that they can't be trusted as far as you can throw GCHQ.

      1. Anonymous Coward
        IT Angle

        Unanswered questions..

        > It is the most reasonable attempt yet, but I still see too many unanswered questions about security of the connection

        I have some unanswered questions too.

        o How do I test the GCHQ interface? If I write a shiny new chat app, that is peer-to-peer, how do I test against an interface that doesn't yet exist? And if GCHQ intend to provide 'standard' interfaces, what happens if my app's design doesn't quite align with their standard interface?

        o Assuming GCHQ do eventually produce an interface that is dedicated to my app, or aligns with my app's modus operandi, then how do I retro-fit the changes back to existing sold copies without alerting users to a new version that they may choose not to install?

        o How will I prevent the users detecting a third data connection out of their device (cos it's peer-to-peer)?

        These can't be the only practical objections. Some more clarity on how GCHQ expect these issues to go away would be welcome.

        1. big_D Silver badge

          Re: Unanswered questions..

          o How do I test the GCHQ interface?

          That is for you to decide. You write the interface. You have to give them access on demand.

          o How will I prevent the users detecting a third data connection out of their device (cos it's peer-to-peer)?

          That is your problem, but it is your app, so you are in full control.

          1. Anonymous Coward
            Joke

            Re: Unanswered questions..

            > That is for you to decide. You write the interface. You have to give them access on demand.

            Ah, so if I write my app in two parts, one part is sold to the public and the other part is delivered to GCHQ to run so that they can eavesdrop. Wouldn't it be awful if the GCHQ part did coin mining at the same time. :-)

            1. bombastic bob Silver badge
              Meh

              Re: Unanswered questions..

              "Wouldn't it be awful if the GCHQ part did coin mining at the same time"

              Wouldn't be EVEN FUNNIER if the GCHQ part scanned their network for vulnerabilities, planted viruses, inserted various back doors, and uploaded suspicious content to WIKILEAKS?

              just a thought...

            2. DavCrav

              Re: Unanswered questions..

              "Wouldn't it be awful if the GCHQ part did coin mining at the same time. "

              Awful for you, sure. I mean, unless you like prison.

      2. John Smith 19 Gold badge

        "The solution itself is almost reasonable,"

        No.

        It looks almost reasonable.

        But it isn't.

        Who is not thinking "Yeah, I could write a script to automatically ask to join every conversation. No problem?"

    2. Anonymous Coward
      Anonymous Coward

      Forcing software modification

      Basically they are trying to do what the FBI tried to get Apple to do, but on a grand scale that would allow them to snoop anything they wanted. At least the FBI's "request" was to get into a single phone, though of course we all know the slippery slope that would have led to.

      Because there's no way the GCHQ would settle for having to request to be added to a conversation in real time, or even being automatically added to every conversation with a given end point. They might say that's what they want now, but eventually they'd say the process is too cumbersome and they need to be able to add themselves to any number of calls they want to at any time, because "what if there's an active threat in downtown London and we don't know who the suspects are, we need to be able to look at all calls in a wide area to find the one that's of interest to save lives".

      No matter what intelligence services propose for eavesdropping encrypted comms, even if it seems "reasonable" at first glance, there's always a slippery slope immediately behind it.

    3. bombastic bob Silver badge
      WTF?

      how can they do this [and keep the bad guys from doing the same] ?

      OK - demanding BOTH ends of encrypted conversation have a back door that's NOT a back door...

      W.T.F. ? (see icon)

      And how are you gonna stop THE BAD GUYS from taking advantage of it?

      And how are you going to PREVENT the bad guys from giving you the VIRTUAL FINGER and just doing encryption THEIR way and NOT telling you about it [until you try to back door them and it don't work] ???

      because bad guys don't care about obeying laws. Only honest people obey laws. Right?

  4. Wellyboot Silver badge
    Joke

    Trying reasonableness?

    It'll be the comfy chair next.

    1. Michael Jarve

      Re: Trying reasonableness?

      True... many governments have stretched the definition to the breaking point. Some get caught out (extremely rarely), but that is where you have very ineffectual congressional oversight. At least in our case we have one senator, Ron Wyden, who is acting as a sort of canary and trying to alert people to an abuse of power; though at least ( not publicaly) it’s not as bad on this side of the pond.

      1. Yet Another Anonymous coward Silver badge

        Re: Trying reasonableness?

        The village bobby nodding to you as you walk down the street in public.

        GCHQ tracking everywhere you go, everything you buy or read online, everyone you communicate with, and everyone they talk to.

        It's all the same really - just a virtual village bobby.

        1. Mark 85

          Re: Trying reasonableness?

          No. This is more like the village bobby coming home with you and listening to everything you say and watching everything you do. See 1984 for where this is headed.

          1. Tigra 07
            Big Brother

            Re: Trying reasonableness?

            No. This is more like the village bobby coming home with you and listening to everything you say and watching everything you do. See 1984 for where this is headed.

            The government wants that bobby to sit in your bed and read all the communications you have with anyone, know what you're doing at all times, contacting at all times, watch TV with you, browse the internet with you. Be under no illusion, we live in a rapidly expanding 1984-esque police state.

        2. Geoffrey W

          Re: Trying reasonableness?

          @ Yet Another Anonymous coward

          Is my sarcasm detector malfunctioning in the opposite direction? I read that as sarcasm but down votes disagree with me.

          1. Yet Another Anonymous coward Silver badge

            Re: Trying reasonableness?

            The goal of el'reg is to make an ironic comment that ONLY gets downvotes

            1. Anonymous Coward
              Anonymous Coward

              Re: The goal of el'reg is to make an ironic comment that ONLY gets downvotes

              You should be downvoted for that!

              ...

              Unfortunately, I can't log in to vote (up or down), even though I can log in to comment. This is seriously spooky...

          2. James 51

            Re: Trying reasonableness?

            I can't remember the name of it off hand but there's another internet law about satire being mistaken for a serious position. Need something like the joke icon to prevent the misunderstanding.

            1. Norman Nescio Silver badge

              Re: Trying reasonableness?

              I can't remember the name of it off hand but there's another internet law about satire being mistaken for a serious position. Need something like the joke icon to prevent the misunderstanding.

              That'd be Poe's law:

              ...without a clear indicator of the author's intent, it is impossible to create a parody of extreme views so obviously exaggerated that it cannot be mistaken by some readers for a sincere expression of the parodied views.

          3. Teiwaz

            Re: Trying reasonableness?

            Is my sarcasm detector malfunctioning in the opposite direction? I read that as sarcasm but down votes disagree with me.

            Problem is the parallel existence of the internet of nutters alongside the real one, posting nonsense or naivety in all seriousness.

        3. bombastic bob Silver badge
          Unhappy

          Re: Trying reasonableness?

          next, they'll demand that loyal cops must be 'quartered' in your home. because, if you're not hiding anything, that should be ok too, right?

          wait... didn't something like that happen in the 1770's? Only it was soldiers. Yeah. There was an actual WAR fought over that, and other things.

          1. DavCrav

            Re: Trying reasonableness?

            "wait... didn't something like that happen in the 1770's? Only it was soldiers. Yeah. There was an actual WAR fought over that, and other things."

            No. The Quartering Acts specifically excluded people's private dwellings.

            The main reason the War was fought is that the Colonies wanted to be defended by England, but not have to pay anything towards that defence. They weren't happy with being taxed to pay for their own defence, so rebelled. Amusingly it's now Donald of Trump who is making that argument, but the other way round.

  5. Anonymous Coward
    Anonymous Coward

    If anyone from GCHQ is reading this - I have no sympathy for your current position. As a result of your past actions, the UK population now finds itself wanting to be kept safe from bad actors, but regarding GCHQ as being amongst the bad actors we want protection from. You've effectively turned yourselves into a state-salaried criminal gang. Were it down to me, I'd fire the bulk of you, cut the salaries of those remaining by ten percent, and make it clear to those remaining that any future blatant disregard of the law and unfettered snooping would result in serious personal fines and jail sentences for everyone involved in those actions. I'm well aware of the need for intelligence agencies to sometimes transgress societal norms - but only in limited circumstances. Damn you for taking the piss, breaching our trust and then having the gall to lie about it. Damn you for being a security service we are ashamed of, rather than proud of.

    1. streaky
      Black Helicopters

      I have sympathy but you're right the situation they're in is completely self-inflicted. They wanted to see all data all the time and when anybody found out - as was remarkably inevitable - the public were massively alarmed. Nothing has changed in GCHQ (and at the NSA, BND, others FWIW) since the events that led us to where we are now; without competent civilian oversight (there's civilian oversight, but it isn't competent) of what GCHQ are playing at with regards to what they're doing to perfectly innocent citizens minding their own business for a purpose that could easily be defined as "nothing good" long may it continue. I don't even see where competent oversight comes from by the way, they're never going to let people like me who _understand_ what the tools they use do and what the effect might be on national, personal and business security - as long as that remains true people like me are going to do everything we can to ensure they stay shut out of everywhere it matters. I've said it here before but their remit as defined in law is to protect the national security of the country, work in the interests of the economic well-being of the UK and support the prevention and detection of serious crime. Trawling comms of Joe Average minding his own business isn't that - in fact it plainly makes their job far far harder.

      I don't even have confidence that they're even restricting themselves to working within the rather open legal framework they're allowed to act.

    2. Yet Another Anonymous coward Silver badge

      But in the past GCHQ protected us from striking miners, investigative journalists, labour governments and the Bishop of Durham.

      Now they need our help to protect us from pedophiles and muslims

      1. Anonymous Coward
        Anonymous Coward

        GCHQ are still needed...to protect us from the reprisals from the people whom we’ve decided to destroy their countries. Retribution, who’d have thunk?

        Perhaps when Jezza wins and he stops all these mad wars and agitations we’ll finally get the long overdue peace dividends our citizens are crying out for? Or may be due to that very prospect, GCHQ will be helping to ensure Jezza doesn’t get elected?

    3. Keith 12

      Thank You Esme - very well said.

    4. the Jim bloke
      Unhappy

      Upvote for the sentiment

      but the historical experience with low paid '"security" forces is that they will use their position to supplement their incomes.

      Options include selling of data, using the company toolkit for 'weekend work', your usual assortment of bribery extortion and corruption, etc, etc...

      Somehow, they need to create a culture of integrity... no idea how

  6. Nick Kew

    Social Engineering

    Couched in a more convincing spiel, leaving the poor bugger no option ...

    Hello telco, this is GCHQ (honest guv). We urgently need to listen to those terrorists: they may be about to attack imminently. Yes of course they're terrorists: the Nether Blighty Sunday Cricket League is just a front! Yes, NOW, we can't wait while you complete all the red tape: that'll be too late, and your refusal to cooperate will be responsible for many deaths!

    1. ElReg!comments!Pierre

      Not really what they have in mind

      I don't think GCHQ plan to ask anything; they want "ghost" accounts able to slip in unnoticed, without the communication provider's authorisation: "We expect providers to validate that such an authorization is in place, but not try to independently judge the details of the case.". That means blanket pre-auth to bulk spying, no oversight or record-keeping needed, thankyouverymuch.

      1. ElReg!comments!Pierre

        Re: Not really what they have in mind

        (as for transparency, they most certainly plan to prevent "providers" from disclosing how and when such "ghost" accounts have been used)

  7. TJ1
    Thumb Up

    End-to-End and Open Source

    This is where open-source and end-to-end encryption strengths really lie.

    Open-source means experts in the field have the ability to test via reproducible builds that any binaries match the source code, and that the source code does not allow unauthorised parties.

    End-to-End encryption and Perfect Forward Secrecy (correctly implemented) can properly protect against a communications provider (MITM) being able to add a party to the 'conference'.

    1. MacroRodent

      Re: End-to-End and Open Source

      Exactly. It is not proper end-to-end encryption, if someone can silently add a middleman or a "virtual crocodile clip".

  8. Herby

    Trading "liberty" for "security".

    One once said that if you do that, you deserve neither.

    I've got the Yo-Yo...

    I've got the string...

  9. Tom 64

    NO.

    Just F--- off with this nonsense, and don't slam the door on the way out.

    The UK authorities already have far too many draconian powers, they don't need this.

  10. FuzzyWuzzys
    Facepalm

    Give 'em an inch....

    You know the rest.

    1. JimboSmith Silver badge

      Re: Give 'em an inch....

      The blokes will call it six and the women will just laugh.

  11. cantankerous swineherd

    "The service provider usually controls the identity system" - this is a problem, yes.

  12. cantankerous swineherd

    next up, gchq issue tender notice for 60000000 pairs of virtual crocodile clips.

  13. Potemkine! Silver badge

    The crocodile promising to become vegan.... ROTFL.

    Lies and deception are the basement of any intel operation.

  14. SNAFUology
    Devil

    Give everybody free....

    Internet,

    Secure Mail,

    Chat,

    Games channel,

    Sex.......

    Well er maybe not that but, you get the idea...

    and you can then insert yourself wherever you like; ooooh.

    Um your listening device, er...

    Try again; You can bug whoever you want, given you play nicely.

  15. Anonymous Coward
    Big Brother

    Room 101--but now with a view!!

    Thanks for your kind offer, spooks. However, if my career may be riding on protecting the information in my business communications, I will stick with the existing ability to ID and remove call attendees and email recipients.

  16. Voland's right hand Silver badge

    Somebody is not reading carefully

    service provider to silently add a law enforcement participant to a group chat or call,"

    The emphasis here is on GROUP

    This is DIFFERENT from normal legal intercept of encrypted communications and it is an organized version of the Turkish scenario. That is how Turkey successfully managed to deal with the coup 2 years ago. The plotters thought GROUP chat secure. It ain't - all it takes is for one compromised participant and all messages are visible.

    This is also PRESENTLY IMPLEMENTABLE. Most usual suspects like Telegram for example implement GROUP chat by holding the private keys for the channel. So in fact they technically can provide the "crocodile clips" at present so there is no backdoors, no violation of laws of nature and no "this is impossible" here. In other words, the crocodile under the party hat is smiling all the way to the bank.

    That does not need to be the case technically. The providers can be just the mediator leaving the private keys with the channel participants. Granted, this has a number of scalability problems, but none of them is in the realm of "impossible to overcome". At that point we are back to square one.

    1. Velv
      Big Brother

      Re: Somebody is not reading carefully

      A group can be as few as two.

      By that rationalisation the service provider can add the third person to any conversation.

      1. david 136

        Re: Somebody is not reading carefully

        In the logical sense, that's true, but in a practical sense things designed with N=2, always, are quire different from those that are built for N >= 2. You either have a connection to a multiplexer of some kind, or you don't.

      2. Voland's right hand Silver badge

        Re: Somebody is not reading carefully

        A group can be as few as two.

        By that rationalisation the service provider can add the third person to any conversation.

        If it is set-up as a group call or group chat as understood and implemented by the like of Telegram - yes. They make a technical difference between a group call and a person to person call.

        As you correctly noted, that does not need to be the case and it is a knife which cuts both ways. It can cut the way you described or it can cut in a way where group calls are set-up so that there is no way to add legal intercept to them (the latter is harder).

    2. amanfromMars 1 Silver badge

      Re: Somebody is not reading carefully

      Read carefully, please ..... of an embarrassment of riches for universal sharing

      The providers can be just the mediator leaving the private keys with the channel participants. Granted, this has a number of scalability problems, .... Voland's right hand

      When Mentor, there be No Scalability Problem for Future AIdDriver Access to Raw Hard CoredD Source. ..... Immaculate BasICQ Current Input/Output.

      The Question then is with Whom and/or What to Share Everything and to What Crashing End and New Clearer Beginning. :-) .... Just to make Perfectly Sure the Ends Always Justify the Means and AIMemes with ESPecial IntelAIgents Engaged in ... well, any Advance on Heavenly COSMIC Play Leading Ways Eternally Thankful to Simply Follow the Immaculate Construction of Other Worldly Instruction/Celestial Extra Terrestrial Guidance.

      Are there any Exceptionally Outstanding Global Operating Devices Offering the Facility and Utility their Services for Future Proprietary Intellectual Property Deployment and Parallel AIdDevelopment of Exceptionally Outstanding for Global Operating Device System Default.

      For Another Start in an Altogether Fundamentally Different Beginning is where IT is now at, whenever Never Beta Tested Before/TS/SCI. And that Future has Options Plenty and Derivatives Galore in Store for Wheelers and Dealers/Market Makers and Breakers.

  17. Milton

    Self-serving loss of perspective

    If avoiding the arrival of a Maverick missile depends on your crypto, you're most likely not relying upon any of the standard P2P encrypted apps, because you know (a) every effort will have been made, using nation-state resources, to compromise them, and (b) you die if you trust third parties.

    So my question to seemingly backward-looking spooks—who are so full of their self-righteousness and -importance that they apparently cannot even understand why a free democracy must have strong civil liberties if it is even to deserve to exist: and are, therefore, perhaps nowhere near as clever as they think they are—are fairly simple ones.

    1. Have you, comfortable suited eavesdroppers, acquired an algorithm which can with more than 50% reliability identify large, dirty, noisy images which have very low-order, low-density steganography within them? How many of the 2,000,000,000 images shared every day are you managing to identify as having secret content? To the nearest ten?

    2. Have you access to any reliable method of breaking a modern encryption standard such as AES256, or Blowfish or similar? What would be your success rate against messages, even allowing a crib phrase, of say 2kB in size? (Quite enough for decent Atrocity-Time-and-Date instructions.)

    3. Alternatively, have you managed to compromise the world's open-source codebase of crypto algos so that no one, not even the designers, will notice? So that none of the world's several million competent coders could write a homebuild, effective crypto app?

    4. Have you found a method of ensuring that Black Hats cannot access two computing devices with encrypted drives (whether tiny phone or workstation), one of which is never, ever connected to the net?

    5. Have you found a way of ensuring that the BHs can't run whatever software they like on these devices?

    Given that the answers are most certainly No, No (<1:1x10^6), Not a Chance, No and No, isn't it true that actually, sigint is pretty much uesless against a well-disciplined, intelligent, well-equipped enemy (i.e. the very kind you should be most worried about)?

    Isn't it true, in fact, that against your most serious adversaries, you need to infiltrate, blackmail, cajole, observe, corrupt, befriend, compromise—what we, back in the day, used to call humint: a version of tired old plodding shoe leather and nasty, grubby risks? Have you considered how many Arabic speakers you could recruit for the cost of Latest Billion Dollar SuperSexy MegaHarvesting Computer? (You know, the one that pointlessly stores petabytes of innocent civilians' data obsessively logging shopping habits, personal interests, porn preferences and extramarital dalliances)?

    Isn't it true that your gasping appetite for code-breaking is actually peripheral grandstanding, with a big dose of laziness? That the appeal of sitting cosily in your pyjamas, sipping cocoa and reading Ahmed's email, is rather selfishly idle? That while you are begging for ever more budget, power and self-importance to spend on ever bigger aerials and computers, your neglect of the difficult, gritty, risky business of humint is most likely killing people?

    You can sip cocoa at the keyboard, and yes, we need a few of those; but if you weren't so deep into deluded self-serving groupthink about crypto, you'd understand that if you were doing your jobs properly, you'd be risking your lives drinking gritty tea in a dusty back street somewhere far away. Not quite so appealing, eh?

    One wonders whether GCHQ and NSA and their Five Eyes ilk have really been so dim and unself-aware as to fall into one of the oldest of psychological traps: for them, owning a hammer, every problem becomes a nail. It certainly sounds that way.

    1. Robert D Bank
      Pint

      Re: Self-serving loss of perspective

      Back of the net Milton

    2. Wellyboot Silver badge

      Re: Self-serving loss of perspective

      @milton

      Your opening sentence suggests that field agents are very much in use. (Finding reliable humans is a completely different matter) and I'll agree with the bulk of your comment.

      My 2p worth.

      (a) it took 30 years before any of the tens of thousands of Bletchly workers spilled the beans on being able to crack the most technologically advanced countries code system faster than the intended receiving station. and that the sig-int alone was tracking individuals of interest.

      (b) we know there are many acres of computer racks doing the same job now.

      (c) the black budget for all this is immense, as is the willingness to try anything that sounds workable.

      So I'd suggest the answers for 1 & 2 are much nearer 'Yes' especially for the sig-int tagged ones.

      1. Anonymous Coward
        Anonymous Coward

        Re: Self-serving loss of perspective

        @milton

        1. The "nearer Yes" answers may be correct for published crypto (PGP and so on). But what about the possibility that someone is using a private cipher BEFORE the text enters some public system or another? A book cipher comes to mind (see https://en.wikipedia.org/wiki/Beale_ciphers for an example....it gives you an idea about what's going on, even if the Beale papers are a hoax).

        2. Even if GCHQ is actually listening to real time conversations (whether point-to-point or group), what if the conversations are conducted using pre-agreed code words? A recent NFL program showed quarterbacks instructing the team with actor's names -- Halle Berry was one of the calls!

        *

        So...here's a real book cipher example....readers feel free to publish the plain text.

        *

        630A92D4421135721B7F4360C322EF2690D16A92

        6DB9E013793D05E0650E746412C8393E561032A9

        3541103386229D309E2F73C4E5A8383EB9F41960

        3B6B610FEA724FE5C98D3110E02C066BDCB50875

        52BB42F527380975B473146F60959449B4C72648

        451EB425136643B519436A88D1B5B517D820BC5F

        57EEB7489154F4C2668934F842163B3DE2F4ECFF

        0F977308A16A6156AE70035263D187465D5248C0

        011F3417C52BA3A67C10663AC0428304C0E3DE13

        117701A23041BB51EF510D59143BE1194964D9DE

        0DCAC4359865BC9661486579E568465641F49615

        148F633852109410F97A23B760B25F62CC6520E8

        346C047EA13C90502E27678FA745FD07FB6490BD

        0FE9B135B41CB2C21E303FA060CA1E58CD036FEB

        1. Anonymous Coward
          Anonymous Coward

          Re: Self-serving loss of perspective

          The "nearer Yes" answers may be correct for published crypto (PGP and so on). But what about the possibility that someone is using a private cipher BEFORE the text enters some public system or another? A book cipher comes to mind

          ----------------------------------------------------------------------------------------------------------------------------

          Book ciphers are inherently insecure. They were cracking them before computers existed. Today, with computer support, they probably wouldn't last 20 minutes.

          The only secure crypto is published, open source, based on critical parameters, protocols, and algorithms; not influenced by those who want weak crypto. (Unless you are a nation state with thousands of cryptographic experts doing all the development and reviews in house).

          Without the review processes of code, protocols, algorithms, and key parameters there is a very large probability of producing flawed or weak systems or implementations. Creating good crypto is hard, even for smart professionals. Consider the hash Apple made when it tried to create its own cryptographic library, even using known protocols and algorithms. Even with constant review and oversight, changes in mathematical techniques or further analysis can turn up flaws that need to be addressed. Seemingly innocuous changes in any aspect of a cryptographic system can create an unsuspected flaw.

          The Beale cipher does not actually follow the most common model for book ciphers, which involve picking a page, then often a line, then a word or other element, or by picking a page, and then a word or other element. In particular, this makes different editions or printings different ciphers unless the exact page layout and page numbering is preserved... an advantage, particularly if you can use an obscure printing or reprint of a work. That still doesn't make a book cipher fit for serious use.

      2. A.P. Veening Silver badge

        Re: Self-serving loss of perspective

        "So I'd suggest the answers for 1 & 2 are much nearer 'Yes' especially for the sig-int tagged ones."

        I am afraid you overlooked the advances in cryptography made over the intervening years. And with all due respect to the Bletchly workers, even at the time Bletchly Park was operating, a large part of its success was due to failures in the correct implementation of cryptography.

    3. Anonymous Coward
      Anonymous Coward

      Re: Self-serving loss of perspective

      More to the point, the dangerous terrorists etc whom the security services claim to be trying to catch are unlikely to be using the same generally available chat apps as Joe public, unless they are pretty dumb terrorists. This is just a smokescreen so they (the security services) can continue to spy on ordinary citizens.

  18. Anonymous Coward
    Anonymous Coward

    "They also promise to get back to a time where the authorities only use their exceptional powers in limited cases, where a degree of accountability is written into spying programs, and they promise a more open discussion about what spy agencies are allowed to do and how they do it."

    lol just lol to all this.

    Was there ever a time when they used "their exceptional powers in limited cases".

    If anyone truly believes this get in touch, because boy do I have a deal on a bridge that you don't want to miss out on.

  19. Roland6 Silver badge

    But they already have "virtual crocodile clips"

    Going on the Snowden disclosures, the agencies can already attach "crocodile clips" to the Internet and capture the raw packet streams/conversations, just as they could with the analogue telephone. If the call was encrypted they either had to crack the code or place eavesdroppers in handsets so they could pick up the unencrypted call.

    Thus what is being asked for isn't a virtual crocodile clip but for an eavesdropping circuit built into the handset, complete with the apparatus necessary to exploit it without having to actually pay a visit.

  20. CAPS LOCK

    <Ring ring> Hullo, Crispin here at GCHQ. Could you please use this backdoored software...

    ... Me: Hullo Crispin, as I'm a terrist and pedrofile I'll have to say no thank you.

    Crispin: We'll make it the law.

    Me: OK, I'll use it then. Goodbye.

  21. Tigra 07
    Trollface

    Like Whatsapp?

    GCHQ was added to chat

    GCHQ was removed from chat

    GCHQ was added to chat

    GCHQ was removed from chat

    GCHQ was added to chat

    GCHQ was removed from chat

  22. MJI Silver badge

    I thought they could crack most encryption.

    So why are back doors required?

    Or is it a front to hide the fact they can break encryption?

    1. Tigra 07
      Pint

      Re: I thought they could crack most encryption.

      They asked for front doors - but were refused, magic keys - also refused, backdoors - also refused, holes in the tunnel or weakened encryption - refused, banned encryption - an obviously stupid idea. Now they want magic crocodile clips. They're all the same thing - magical thinking.

    2. phuzz Silver badge

      Re: I thought they could crack most encryption.

      It's unlikely that 'they' can crack most encryption if it's implemented properly. Your PGP encrypted mail will stay entirely private, instead they'll just use some off the shelf malware to get a screen grab after you've decrypted it.

      Maths doesn't lie.

    3. JohnFen

      Re: I thought they could crack most encryption.

      They can't crack high-quality encryption. Well, they can, but doing so takes an enormous amount of time and effort, so they can't do it in an across-the-board way.

      1. phuzz Silver badge

        Re: I thought they could crack most encryption.

        "They can't crack high-quality encryption. Well, they can"

        If anyone has even a theoretical attack on, say, PGP, I'd be interested to hear about it.

        Certainly there are still systems that use out-dated and cracked encryption (eg A5/1 used in GSM phones), but your average SSH session is so close to being unbreakable that hacking into one of the endpoints is the easy/only option.

        1. JohnFen

          Re: I thought they could crack most encryption.

          "If anyone has even a theoretical attack on, say, PGP, I'd be interested to hear about it."

          Here you go. This is both a bit dated and a very brief overview, but talks about people's success in cracking PGP encrypted messages. http://www.pgp.net/pgpnet/pgp-faq/pgp-faq-security-questions.html

          The summary: There are regular competitions to crack PGP messages, and it's rare that someone doesn't win. However, the time and resources required are pretty huge, so the methods aren't actually useful in practice unless there is a single target worth throwing a ton of resources at, and even then you're only going to crack one message at a time. Cracking things like SSH sessions aren't a practical threat, but cracking encrypted data at rest is (if you and/or one or two files are of extreme interest).

          As is noted in that link, cracking is something that is possible -- but if you want to crack PGP, you're really better off going with other methods (subvert the end points, brute force the passphrase, etc.). PGP is not technically uncrackable at all, but for the vast majority of people, it's reasonable to treat it as if it were.

          That's why it's called "pretty good privacy" and not "perfect privacy".

  23. Anonymous Coward
    Anonymous Coward

    And again ....

    I guess they're allowed to wish for such things. However, even in the days of *real* crocodile clips, it was possible to make a telephone conversation unintelligible - isn't that what the "scramblers" that secret services were all using up till the 90s ?

    Personally, I think this is just a way to sneak the phrase "crocodile clips" into the narrative so that it's not too long before REAL crocodile clips are bought back.

    Incidentally, either someone there isn't doing the job they're paid for, or they've missed the chat apps which round-robin messages to build a group header before encrypting or decrypting. You can't add or remove a participant without changing the hash, and alerting the group, as messages start garbling.

    1. RancidOrange

      Re: And again ....

      Right now, if you are party to a group chat you just get notified if a new member joins. There's no mention of the hash being updated - that happens behind the scenes. In the GCHQ scenario, their account would be silently added, any message informing everyone of a new member suppressed and, as now, no mention of the hash being updated. Or am I missing something?

      1. Anonymous Coward
        Anonymous Coward

        Or am I missing something?

        Yes.

        Person A initiates a chat with person B. Session keys are generated which produce a 3rd unique secret key that's the combination of A secret key and Bs public key, plus Bs secret key and As public key.

        If C wants to join the session key needs to be regenerated to include combinations of Cs secret and public keys.

        Impossible to eavesdrop unless you possess all actors secret keys. Also impossible to spoof a message only trusted actors can generate a meaningful message.

        Very heavy on key management, but nothings for free.

        By all means. clip on those virtual crocodile clips - but all you'll "hear" is static.

        By the way, the first rule of spy shit is to assume your channel is compromised anyway. So even your plaintext shouldn't be intelligible (I think UK government ministers have a head start here). So a successful eavesdrop will only pick up chatter about how cold it is this time of year, and how someone is looking forward to Spring in March .....

    2. Anonymous Coward
      Anonymous Coward

      Re: And again ....

      I once knew someone who was of interest to the authorities.

      When he sent letters he used to tape the envelopes, which often used to arrive still taped but with the hairs that were formerly under the tape now missing.

      He sent one letter with one of those Christmas Sellotape designs, in the summer, with the message on the back "now find some of this." Of course it (a) never arrived and (b) was completely harmless.

      As you say, there will be plenty of IT equivalents.

  24. Boris the Cockroach Silver badge
    Big Brother

    And just how does this

    protect us from terrorists when the event is already pre planned and just needs the 'go' signal with a time

    for example....

    E.mail

    <from: Religious nutgroup leader>

    <to : All>

    The swallow flies north in winter, but the coconut does not migrate.

    1. Killfalcon Silver badge

      Re: And just how does this

      At least in theory, they want to snoop on the planning stages. You may say "they can just plan offline", but, well, there's a reason the drones keep hitting weddings 'by mistake': HumInt is tracking when suspects meet, and calling in the hellfires if they think there's enough Target in the collateral.

      That sort of thing (which, IMO, is probably some manner of war-crime) strongly discourages personal meetings. So SigInt has to try and fill in the gaps. Your average bomb-maker isn't going to roll their own crypto, but they're happy to use one of the off-the-shelf ones that the Five-Eyes types complain about not being able to crack.

      To be clear: I have some sympathy for the aims! Terrorists are bad. Child abuse rings, also bad.

      But the NSA, GCHQ and pals took a calculated risk by violating the privacy of millions, and the dice didn't work out for them. Nobody held a gun to their heads and said "you must spy on your own citizens, en mass, on dubious legal grounds". This is their screw-up, and it'd be nice if they took the consequences like adults.

      1. Anonymous Coward
        Anonymous Coward

        Re: And just how does this

        You've missed the point, they were spying on their enemies, (ie the public) rather than the really bad guys.

        It appears nothing has changed. Lessons have still not been learnt...

    2. batfink
      Mushroom

      Re: And just how does this

      Message received, Oh Great Leader Boris. Operations will commence at once.

      And congratulations on using such an innocent channel as El Reg to issue the order...

      1. amanfromMars 1 Silver badge

        Definitely not innocent when dancing to Loony Toons

        And congratulations on using such an innocent channel as El Reg to issue the order... .... batfink

        An innocuous channel is more APT and truthful, batfink, with guilt being attributable via the eye of the beholder with ignorant and arrogant support for exploding shenanigans and fast failing 0day ventures/FCUKd Up Serial Narratives.

        And who's saying the 77th Brigade are not deployed for special instruction/virtual mentoring and remote control monitoring here?

    3. The Central Scrutinizer

      Re: And just how does this

      The elephant rides at midnight.

      1. Boris the Cockroach Silver badge

        Re: And just how does this

        Quote

        The elephant rides at midnight ???

        You got the wrong group mate, this is the syndo-cryptic revolutionary party(Leninist), you want the Free radicals of Marxist-Hofferists (Trotskyist) , they communicate over on the Daily mail forums.

        Where the ravings of a bunch of loons and splitters would never be noticed....

  25. Dan 55 Silver badge
    Meh

    Hard pressed to see what's changed

    Apart from re-phrasing "backdoor" to "virtual crocodile clips", it's still exactly the same thing...

  26. Anonymous Coward
    Anonymous Coward

    MITM

    Not sure how a virtual paperclip can be added quietly on end to end encrypted comms. If they were able to do a man in the middle intercept of traffic between 2 people then it could be used to MITM attack other things (web traffic, payment traffic etc). Most algorithms and approaches stop MITM, so they'd need to hack the source or target instead (or terminate the encrypted traffic at a proxy) but the receiver would then see it in the clear and not encryoted..

  27. Norman Nescio Silver badge

    Misdirection

    While everyone is arguing over encryption backdoors, the Signals Intelligence Agencies are successfully misdirecting people, as you would expect.

    Snowden made it quite clear in the Q&A session hosted by The Guardian in 2013 that:

    Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.

    My emphasis on 'properly implemented'. While the algorithms used by various applications may well be theoretically secure, many implementations are flawed. Good luck in finding a cpu that doesn't have a built in back door ( Intel ME, AMD Secure Technology, VIA C3 "God Mode", ARM TrustZone*) , and, if on a mobile phone, doesn't have a baseband modem with proprietary 'binary blob' firmware which can be updated over the air by service providers that also has access to main memory (and therefore decryption keys). In addition, there are poor random number implementations, and overly bloated libraries with an indefinite number of flaws (OpenSSL) that have multifarious leaky side-channels. It is very strongly suspected the SigInt agencies actively try and influence standards setting committees to subvert and/or make implementations complex and prone to bugs so that groups like the NSA's Tailored Access Operations (TAO) have a range of implementation flaws to work with (See also BULLRUN. Easily obtainable secure end-points for communications do not exist. While everybody argues about the security of data in transit, little attention is paid to the security of end-points, which is a situation I expect the SigInt agencies are very happy with.

    It should not be necessary for me to point out I am against terrorism and/or child abuse. That said, as a society we appear to have a hard choice to make: gain the ability for select groups of people in authority to intercept communications between terrorist and/or child abuse conspirators (that ability also subject to abuse and subversion) ; or retain the ability for innocent people to have private conversations. It appears we cannot have both. I suspect that in the long run we will lose privacy. If you look at the use of social media, the cultural norms around privacy have changed hugely in a short period of time, and I would not be surprised for people in the future to make the explicit choice of living in a panopticon, partly justified on the basis of security and for the sake of the children, but mainly simply because it becomes normal to do so, and anyone desiring privacy would be regarded as a misfit.

    *Note that a lot of this technology is justified by its use in DRM for media use. Secure channels for playing digital media, etc; and also its use in easing management of large organisations' IT estate. Trusted Computing is about third parties being able to place what they regard as their content on 'your' computer and control it such that you can't do with it what you like - that is they trust 'your' computer to do what they want. Great for Hollywoood and corporate IT departments; and coincidentally great for SigInt agencies.

  28. Anonymous Coward
    Anonymous Coward

    Virtual crocodile clip?

    This is Britain we're talking about. Shouldn't it be a virtual bulldog clip?

    1. Killfalcon Silver badge

      Re: Virtual crocodile clip?

      I thought bulldog clips were the big wide things you use for paper: crocodile clips being the narrow pointy ones?

      Unless this is one of those quirky etymology things where nothing makes and sense, which wouldn't be that surprising *gestures vaguely at the English Language*

      1. david 136

        Re: Virtual crocodile clip?

        Bulldog clips have short jaws, used to avoid short circuits on nearby things. Typically sed in large size for jump start/car charging cables.

        Alligators have long jaws, for fine things with some risk of shorting nearby. Good for punch down terminal blocks or relay racks.

  29. phuzz Silver badge
    Facepalm

    "because the tapping would be at the vendor level, it would be hard for hackers and other malicious actors to exploit the same approach."

    Ok, sure. Even if we believe the above, there's still two parties that have just been granted access to our communications:

    There's the vendor itself, and if you think (eg) Facebook wouldn't try to use it's access in order to make money then you're pretty naive.

    Then there's all the low level workers, both at the vendor and at GCHQ, who now have access to everyone's chats. So now they can check up on their possibly cheating spouse/their ex/that hotty from down the road/some random celebrity/our Kevin's gran's aunt's cousin Sherryl etc.

    I'm not sure how keen the security services would be on (eg) some contractor at Snapchat selling details of the Queen's messages to the tabloids, or a blogger getting hold of the texts the PM sends to her husband either.

    1. the Jim bloke
      Joke

      re: our Kevin's gran's aunt's cousin Sherryl

      Does our Kevin have a different gran to the rest of us?

      And what would be the correct name for a Grans aunts cousin ? (besides "Sherryl")

      1. IanRS

        Re: re: our Kevin's gran's aunt's cousin Sherryl

        Gran: up two generations (mother of mother, or mother of father)

        Aunt: up another generation then across to a sister

        Cousin: shared grandparents, so up two then down two along a different branch of the family tree.

        Total: Up five, down two.

        So a common ancestor exists five generations up from the starting point, two up from the end point.

        Take the lowest number: two, which implies cousin (three would be 2nd cousin, 4 = 3rd cousin, etc)

        Take the generation difference: three.

        Final result: Cousin three times removed, aka Sherryl.

  30. Anonymous Coward
    Anonymous Coward

    I had my mail "monitored" once, many years ago - mail would arrive a week late and badly resealed. It was never a problem, information was always passed in open text coding and I don't believe that anyone ever noticed. Encrypt it and people get interested, use plain text and nobody cares if you appear to be just chatting ... please bring orange manual back tomorrow.

    Who needs a weatherman to know which way the wind blows?

  31. adam payne

    While advocating for "open and honest conversations between experts that can inform the public debate about what’s right,"

    I don't need you to tell me what is right, I can make up my own mind thank you.

  32. John Latham

    The End

    If I'm using a WhatsApp mobile app written by WhatsApp and distributed as a binary, I really only have WhatsApp's word that there are only two ends to the conversation, not three. There's nothing to stop them relaying messages to a third party using any one of a number of mechanisms, which may or may not be able to be exposed by traffic monitoring or decompilation of the binary.

    The lesson in all this is that if you want to assure yourself of secure end-to-end communications, you have to control at least your own "end", preferably separating the two concerns of encryption/decryption and transmission of the message such that those concerns can be handled by different pieces of software.

    I assume that sensible terrorists whose lives depend on communications security don't rely on blind trust of tech companies and apply defence in depth, or hide in clear sight communicating using LOLcats, Youtube comments, or whatever.

    Which in turn suggests that GCHQ can only ever hope to capture idiots and/or people who don't think they are doing anything wrong.

    1. Wellyboot Silver badge

      Re: The End

      If you're using WhatsApp the conversation may well have only two ends, but the rest - who, where, when, for how long, while also doing what - will be very multi-party.

  33. Anonymous Coward
    Anonymous Coward

    nobbled anyway

    I support the means to snoop on terrorists, sellers of vice, drugs, arms, etc. I just draw the line at the charter that gives them the right to snoop on journalists. You only need to look at the way Trump is trying to destroy the reputation of most media outlets in the USA and replace them with a government propaganda system to see that an authoritarian government, voted into power in the UK would have carte blanche to discover all critical journalists and lock them up, like we see reported about other countries around the world. Mainstream newspapers have already reported previous prime ministers mis-using these government powers to snoop on journalists in the past.

    I don't mind going after people who are posing as journalists while trying to get and sell state secrets. That would be spying, after all.

    Its a bit like a company trying to achieve monopoly by destroying the means of competitors to advertise. Therefore the removal of free journalism is a means to un-democratic authoritarian government, which is precisely what the charter to snoop on revolutionaries and terrorists is trying to avoid.

    Oh and just as NIST nobbled the randomness (and therefore mathematical security) of RSA, they also nobbled EC to reduce the number of allowable curves. That was reported in El Reg some time back.

    1. Anonymous Coward
      Anonymous Coward

      Re: nobbled anyway

      Indeed.

      So then we need to ask, at what point do the people trying to subvert democracy become "enemies of the people"?

  34. Spanners Silver badge
    Flame

    Security is not the only binary condition

    Something is either secure or it is not. Someone is either pregnant or they are not. You are either keeping to the speed limit or you are not. The weather may not be binary - it is only raining a little or that is a "strong" wind.

    Is "alive" binary? I think that one is for philosophers and the like. I think people used to think so but now, we hear of people being dead and then brought back so maybe this is what our spooks are thinking of.

    "You were secure, then we did stuff. We finished and now you are secure again."

    My systems are secure when nobody that I do not chose to can get into them. a banks system that I use is secure when nobody but me and the bank can get into my records,. If I feel the need to communicate privately, it is not secure or private if my conversation is monitored. If the method of monitoring involves back doors or virtual crocodile clips, the system will not only be secure but, in the future this information will be available to everyone from 419 scammers to the US health industry.

    1. Adrian 4

      Re: Security is not the only binary condition

      Funny you should mention banks.

      My (now former) bank recently asked me to agree a change in their T&Cs to allow them to share personal details with unspecified third parties for the purpose of fraud prevention. When pressed, they stated that the third party was the bank's own fraud department but refused to put that in the declaration.

      I doubt that it's unusual. Presumably someone noticed that the clause wasn't in the original T&Cs and GDPR required them to put it in.

  35. Anonymous Coward
    Anonymous Coward

    No one is stopping them...

    Putting actual crocodile clips on my mobile. What they do want however is impossible.

  36. Alan Hope

    If GCHQ could already use ghost accounts to access our encrypted comms then this is EXACTLY the sort of request and discussion they would want in the public domain... an easy way to feed us the notion that currently we can use these apps freely and securely for our deepest darkest secrets.

    1. Anonymous Coward
      Black Helicopters

      You missed the used of the black helicopter icon. Not saying that as a criticism of your point (In fact, have an upvote!), just saying that the black helicopter would be a fitting icon given your post.

  37. Reality_Ccheque

    "They also promise to get back to a time where the authorities only use their exceptional powers in limited cases, where a degree of accountability is written into spying programs..."

    No problem! Get back to us when IPA 2016 has been repealed.

  38. Anonymous Coward
    Anonymous Coward

    Crocodile Clips

    I always called them alligator clips, took me a moment to figure out what the bot the story was about. Are croc clips one of those blightly words?

    1. Wellyboot Silver badge

      Re: Crocodile Clips

      >>> always called them alligator clips, took me a moment to figure out what the bot the story was about. Are croc clips one of those blightly words?<<

      Yes indeed, Crocodiles have always been far more prevalent than Alligators to us brits, especially after 1776 :)

      1. Anonymous Coward
        Black Helicopters

        Re: Crocodile Clips

        Good, patriotic American alligators would never offer their participation in the NSA & Friends encroachment on the rights of fellow citizens....Unless the alligators recognized that the leadership of the 5 Eyes agencies were in fact their fellow-reptilian lizardmen overlords....

      2. Anonymous Coward
        Anonymous Coward

        Re: Crocodile Clips

        When you're up to your neck in alligators, it's hard to remember that your initial objective was to drain the swamp.

        That explains a lot ;)

  39. Stevie

    Bah!

    As shown in the next slide, the Virtual Crocodile Clips are attached to the Virtual Nipples and Virtual Scrotum, before applying several thousand Virtual Volts to the other ends of the Virtual Wires, after which it is usually only a matter of time before decryption is complete.

  40. Jamie Jones Silver badge
    Happy

    Canaries...

    We'll end up with the more caring providers avoiding gagging orders like this:

    ** admin has joined chat**

    Hi. Just to let you know we've not added anyone to your conversation. Bye.

    ** admin has left chat**

    One minute later:

    ** admin has joined chat**

    Hi. Just to let you know we've not added anyone to your conversation. Bye.

    ** admin has left chat**

    One minute later.....

    1. Anonymous Coward
      Anonymous Coward

      Re: Canaries...

      Like AA patrol men used to salute to alert drivers to a bizzie speed trap around the corner.

  41. onebignerd

    If the Governments will use the same encryption algorithms for state secrets that they back door to survial the public and which is verifiable to oversight and to the people, I will support it. With all their insistence that it is safe, lets see them step up.

  42. Anonymous Coward
    Big Brother

    All your base belong to us.

    My company uses Zscaler cloud proxy and we dropped a cert onto every PC so the SSL break/inspect doesn't cause a problem. But when you look at the info on every HTTPS session its the Zscaler cert which is shown, confirming the man in the middle is operating.

    I assume end points could be compromised so that plausible certs can be inserted for any protocol using SSL/TLS, allowing transparent bresk/inspect, topped off with PAC file/DNS jiggery pockery to direct all traffic to GCHQ.

  43. karlkarl Silver badge

    I think a government *should* be allowed access to whatever they want.

    Unfortunately, we often don't have governments. What we have is a corrupt bunch of absolute criminals masquerading as a government.

    I am sure they understand when I keep all of my communication encrypted and avoid sleezy crap such as whatsapp and other consumer crap. They do the same after all whilst they discuss their next criminal activity.

    1. Jamie Jones Silver badge

      I don't. I see where you're coming from, but nooooooooooooo.

      Governments aren't our masters, they are there to do our collective bidding.

      Why should even "good" governments get to see whatever they want?

      What happenned to good old police work in solving crimes? You never had dragnet bugging of the local pub etc...

  44. urlybird

    subverting the apps seems like more work

    than is strictly required.

    it seems far easier to catch the required data straight from the keyboard/IME.

    https://m.youtube.com/watch?v=G7gN9cRUUwo

    voice data can be caught through the convenient babelfish type translation services.

    my2p

  45. Anonymous Coward
    Anonymous Coward

    The greater the power entrusted to a few, the greater the need for that trust to be earned. Surveillance powers were originally granted during wartime to combat the threat of foreign spies, they were never intended to be used for policing the public.

    To gain political power involves some amount of dishonesty, false promises, bought loyalty etc., for the honest would struggle to convince (not deceive) a majority. Yet these are the people ultimately entrusted with surveillance powers who exercise judgement using this information.

  46. RDW
    Black Helicopters

    Direct (Current) approach

    In other news, CIA interrogators are pushing for the use of 'actual crocodile clips' on the nipples of suspected terrorists.

  47. Arachnoid

    Sounds more like Citizen over watch

    There is nothing to stop sophisticated "bad guys" writing and distributing their own communication application even as they are reputed to do these days, use "game chat" to pass messages. Neither of option will give authorities any chance of accessing the intelligence they seek.

    1. amanfromMars 1 Silver badge

      Re: Sounds more like Citizen over watch

      There is nothing to stop sophisticated "bad guys" writing and distributing their own communication application even as they are reputed to do these days, use "game chat" to pass messages. Neither of option will give authorities any chance of accessing the intelligence they seek. .... Arachnoid

      Amen to them apples, Arachnoid.

      I wonder if when intelligence access is denied do they come asking to buy what they seek from Not Illegitimate Sources or Private Pirates?

      1. Cliff Thorburn

        Re: Sounds more like Citizen over watch

        I wonder if when intelligence access is denied do they come asking to buy what they seek from Not Illegitimate Sources or Private Pirates?

        It might help if good old fashioned face to face discussion in secure spaces and private places could occur amfM, as opposed to current failed arms length laborious mundane matrix offerings, it must be said.

  48. Anonymous Coward
    Anonymous Coward

    It doesn't matter if it's a broken encryption algorithm, or a broken implementation, broken is broken.

    There is no way to keep other actors from using the same back doors.

    The only thing I can't tell is the balance between naive hubris (we can keep anything we want secret) and narcissitic indiference (we don't care how universally compromised it is, as long as we can moniter and archive everything).

    That's before you look at the problems with the 'authorities' having illegal access to every part of your existence.

  49. marknzl

    Which Government?

    If Chat vendors make provision for the UK and US to intercept conversations, then surely the same function must be offered to all governments when its a matter of "National Security"?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like