UK Prime Minister David Cameron is worried that people are encrypting their communications, and that he (and indeed, law enforcement agencies) can’t see what you’re saying.
“In extremis, it has been possible to read someone’s letter, to listen to someone’s call, to mobile communications… The question remains: are we going to allow a means of communications where it simply is not possible to do that? My answer to that question is: no, we must not.”
Cameron, who is seeking re-election in a few months time, thinks it would be a good idea to either make secure communication apps unlawful, or force them to contain a backdoor which the police and intelligence agencies could exploit.
Of course, if you spend any time thinking about it, you know that’s crazy. Cameron is living in cloud cuckoo land.
Firstly, how would apps be outlawed? What’s to stop any Tom, Dick or Harry downloading an app without a government backdoor from a website hosted overseas to run on his PC? What’s to stop a terrorist or paedophile downloading the source code of a secure messaging app, and compiling it on their computer?
The fact is that the only people who would be using the backdoored messaging platform would be the innocent, regular members of the public. Criminals would stay well clear and use alternative systems that guaranteed they didn’t have the police and GCHQ breathing down their necks.
Secondly, if a messaging service has a backdoor - what’s to stop “enemies” of the UK also exploiting it?
Whenever you put a backdoor in a system, there’s a danger that the wrong people will walk through it. If you make encryption weak and crackable, or incorporate a method by which supposedly secure messages can be accessed, that makes it weaker for *everybody* (yes, even the security services). It also means it becomes an attractive target for online criminals, fraudsters and foreign intelligence agencies too.
Are government departments and the military going to feel comfortable using messaging systems that they know can be compromised? Or is it one rule for them and another for the rest of us?
Thirdly, if it’s not a technical backdoor, but instead a method for the secure messaging vendor to extract communications at law enforcement’s request, that still opens enormous dangers.
The vendor could be careless with their security, or they could have rogue staff, or they could find the demands of hundreds of different countries demanding access to messages too much - and hanker for the old days where they didn’t know what people were saying in their private communications.
Finally, if uncrackable encrypted communications become outlawed, the UK can wave goodbye to ecommerce and becoming a major player in the digital economy. Who is going to want to do business with a country which cannot promise to keep corporate secrets secret?
Cameron is talking codswallop. Or as we say in ROT13 (which may be the strongest form of encryption we can get our hands on if this lunacy comes to pass) “pbqfjnyybc”. Utter “pbooyref”
However, I’m a law-abiding fellow, and I have no wish to get into any trouble.
So, earlier today I dropped a line to CyberStreetWise - HM Government’s website designed to “measurably and significantly improve the online safety behaviour and confidence of consumers and small businesses.” (a very noble aim I’m sure you’ll agree).
Hey @cyberstreetwise. Can you advise if I should be using end-to-end encryption or not? If so, is there a good one that has a govt backdoor?
— Graham Cluley (@gcluley) January 13, 2015
If I wanted to keep my backdoor open for David Cameron, which is the best messaging app I should use? I’m hoping someone can tell me in time for the election on 7 May 2015.
- Listen to this BBC radio punch-up over David Cameron’s surveillance backdoor
- David Cameron in ‘cloud cuckoo land’ over encrypted messaging apps ban - The Guardian
- Can the government ban encryption? - BBC News
- What David Cameron just proposed would endanger every Briton and destroy the IT industry - Boing Boing