Encryption backdoors - breaking WhatsApp and iMessage's security to let the government stop Bad Things - sounds like a reasonable idea. Here's why it isn't.
A transcript of this video's available here: https://www.facebook.com/notes/tom-scott/why-the-government-shouldnt-break-whatsapp/1378434365572557/
Filmed at the Cambridge Centre for Computing History: http://www.computinghistory.org.uk/
Camera by Tomek: https://www.youtube.com/tomek
Thanks to everyone who helped proofread my script!
WhatsApp's privacy protections questioned after terror attack: http://www.bbc.co.uk/news/technology-39405178
WhatsApp must be accessible to authorities, says Amber Rudd: https://www.theguardian.com/technology/2017/mar/26/intelligence-services-access-whatsapp-amber-rudd-westminster-attack-encrypted-messaging
UK government renews calls for WhatsApp backdoor after London attack: https://www.theverge.com/2017/3/27/15070744/encryption-whatsapp-backdoor-uk-london-attacks
Investigatory Powers Act: http://www.legislation.gov.uk/ukpga/2016/25/contents/enacted
India is 'ready to use' Blackberry message intercept system: http://www.bbc.co.uk/news/technology-23265091
Revealed: how US and UK spy agencies defeat internet privacy and security: https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security
Councils secretly spied on people walking dogs and feeding birds for five years: http://metro.co.uk/2016/12/26/councils-secretly-spied-on-people-walking-dogs-and-feeding-birds-for-five-years-6345051/
[This is basically a rephrase of https://www.theguardian.com/world/2016/dec/25/british-councils-used-investigatory-powers-ripa-to-secretly-spy-on-public with a better headline]
Poole council spies on family over school claim: http://www.telegraph.co.uk/news/uknews/1584713/Poole-council-spies-on-family-over-school-claim.html
Security services missed five opportunities to stop the Manchester bomber: http://www.telegraph.co.uk/news/2017/05/24/security-services-missed-five-opportunities-stop-manchester/
Reuters reference to "500 active investigations": http://www.reuters.com/article/us-britain-security-manchester-plots-idUSKBN18L1H0
AP: Across US, police officers abuse confidential databases: https://apnews.com/699236946e3140659fff8a2362e16f43/ap-across-us-police-officers-abuse-confidential-databases
I'm at http://tomscott.com
on Twitter at http://twitter.com/tomscott
on Facebook at http://facebook.com/tomscott
and on Snapchat and Instagram as tomscottgo
This is the first video from "The Basics", a series of three pilot computer-science videos I'm putting out in the next couple of months. This one's opinionated; one's explanatory; and one demonstrates coding. It's been a while since I've done this sort of thing -- thanks to the folks who helped proofread my scripts!
Tom Scott Thank you for this video. I know it’s old, but I’m really glad someone is speaking up about this. As someone who could be banned from some countries purely for things I have discussed online, I appreciate it.
Thanks for the bit about 'I have nothing to hide'! I keep trying to explain this to people who splash their entire life all over the internet and people don't get it. But I didn't realise WhatsApp was actually that secure. I just assumed Facebook was reading along every word and saving every photo sent. Intersting info, this.
"nothing to hide nothing to fear" is a really stupid argument. Just because I don't have anything illegal on my phone/in my chat history what ever, doesn't mean I don't have anything deeply private or embarrassing on it
Laws are not always for the people. Encryption is something I have always used for personal file storage. Within the US it is legal for them to force you to use Biometric methods to gain access to your electronic devices and accounts. However should you need a novel worth of input to mount an encrypted drive it is not likely any data on such will fall into anyone's hands.
reminds me of Person of Interest... insanely, crazy good show. starts like average detective and ends like sci fi... well, come to think of it, finale of PoI is likely prequel to Matrix. i do not remember details, smth like two AIs fighting - but result was... i do not remember. if not specified, then lo and behold: matrix has you. :)
let's see, do i have sth. to fear, from a government, that creates false flag attacks, that kill innocent people to take away more freedoms from me, well...
maybe having proper encryption to protect oneself from a psychopath evil government isn't such a bad idea... hm :D
How could anyone trust anything made/owned by Facebook?
I’d love to see Apple just say NO, ok we won’t sell iPhones in your country. See if you get re-elected after everyone with an iPhone can’t use it and nobody can get the next iPhone, etc. Call their damn bluff. Countries like Ireland let apple get away with not paying taxes just to have them located there... they’re not banning iPhones.
Imagine this backdoor being used in ukraine or mongolia by Ethnic terror groups to isolate multinational couples for execution, or used by intelligence agencies of collapsed governments to track down people who may have served in a specific operation, it's not just a threat to the global public it's a threat to people in any position, that may have a loved one back home they contact through social media while they served in any situation (Military, intelligence, medical aid, disaster relief, anti-terrorisim, are just a few examples ) somehow or any number of issues, it's a good idea on paper but not in practice.
This was an interested topic, I'm watching this in 2019 and I look forward to seeing more videos like this one.
One major thing you said that I agree with because I was thinking the same thing was that creating a backdoor by certain government in country will not only affect that country but also every other countries involved in using an end-to-end encryption service like WhatsApp.
Every government agency needs to Back off and let people have their privacy, to spy on people to "counter terrorism" is like me taking your credit information and selling it to people so it can not be stolen
Strange, few seem to get this is not something new. Most dont even know one of the main intentions of why computers were made public. It was not for your pleasure if you did not know, at least not yours alone anyway. Its kind of like saying how do you prove a criminal did this or that, if no one seen the crime. I know forensics, yada yada yada crosses your mind no doubt but im making an old school reference there. I get the whole concept of oh Im shocked some corporation of gov or whatever would dare spy on you. But again do you really grasp the hidden part of why the computer was made public to the masses, most dont. As I said this is nothing new, and by the time you actually grasp what I said here, or what others like the guy in the video is saying, well your way way behind the times, and most have no idea they even are. Almost nothing digital now days is private in the sense you might like to think. But this brings us back to does it even matter, because by the time you get it, and then start to think oh no this could be bad, well like I said its been going on for a long time already and your still ok right. Just saying to those who can read between the lines. This is nothing new or just starting, those in power and control been planning things before you even imagined the concept of such, and things are always put into play way before that even.
I dont understand why everyone is so concerned about government reading their messages, see browsing history etc. Why do you even want to keep that a secret? Are you planning a terrorist attack? What are you doing that requires to be secretive
The one week I spent in London was rather disturbing because it seemed like there never was a street without a camera. I saw cameras everywhere not just at train stations or very important spots. Do people from the UK enjoy being watched all the time? Does it solve so many crimes people just shrug their shoulders?
Cant we use third party apps to encrypt the messages that we sent to WhatsApp that will encrypted again(by WhatsApp) then delivered to the other person and decrypted (by WhatsApp)then a third party app ill decrypt it again so no one can listen?
"If you have nothing to hide, you have nothing to fear" does imply "I have done nothing wrong so lets remove privacy" and is stupid as saying "if you have nothing to say, then let's remove freedom of speech".
Everytime i see someone arguing over privacy they go with the same old moral arguments, and vilifying any other povs to the point i wonder if most actually imagine companies and governments all interested in the minutae and particulars of their lives- not entirely far from the truth but overly exagerated.
Then i see this. Conscise, to the point, and heck i can't believe that after watching hours of videos on the subject you still brought one or two points i hadn't heard before. Amazingly well put.
That simple explanation of how encryption and public-private keys work was awesome!
And those algorithms are free and open for any coder to use - and there are many, many coders that would know how to use them. As such if criminals really wanted to, if they themselves didn't know how to code it up, they could easily find someone who could quickly make them a bespoke end to end encryption app, there would be no way for a government to know it even existed, let alone neutralize it.
Here's an idea to make this work: If a government party gets a legal wiretap, they generate a public/private keypair and force WhatsApp to install the public key secretly on the subjects phone. All messages the subject 'sends' are encrypted twice, once of the person it intended for and once for the agency each with a different key. Each message the suspect receives will also get reencrypted with the public key and send to the agency. WhatsApp can monitor how long the agency has a legal wiretap and automatically remove the second encryption when it runs out. The agency can only monitor the messages send and received during the wiretap and because it's keys are generated especially for this wiretap no keys are shared between wiretaps of different persons.
It does mean that WhatsApp needs to modify it's code to let the second encryption take place in the background as well as accommodate the extra traffic between the subjects phone and the agency but it is a reasonable compromize.
"As long as you keep your private key secret..." But is this really possible? Is there any way to keep anything 100% secure?
It isn't, because if enough people are working to breach that security, there is a near certain possibility that someone will try something those who created the security device never thought of.
Why to use necryption then, the principle of cryptography is make data safer, hiding it at plain sight, with a backdoor that principle is broken. Politicians are socyopaths looking for power, they dont understand/care about technology.
How would they stop competent criminals from using RSA cryptosystem algorithms written in Java... while never using a private key on a computer with direct internet access? It would just affect incompetent criminals (and a few innocent people).
the "if you have nothing to hide, you have nothing to fear" argument can be debunked simply by asking "What's your bank account number then?"
But you hide your pin number because you don't want everyone to steal all of your wealth, this works with information as well, buying & spending habbits.
Thick Columbian Webcam Girl Plump Latin chick in her lingerie waiting to get dirty for you. Pretty Panties Latina Woman Holding Tits Sexy panties on this lovely lady. Big Tits Argentina Beauty Young babe with large breasts getting wet in a roof top hot tub overlooking the ocean. Chubby Young Latina Teasing Carolina Munoz posing in her panties and sheer blouse for some arousing pictures. Latina Sex In Jail Sexy ass young milf sucks and fucks for some leniency. Jean Cutoffs Busty Latina Strips To Finger Tasty gal removes shorts and panties to slide her fingers inside. Fingering Her Hairy Latina Pussy Video shows this chesty gal at home stripping and banging her furry hole. Latina Booty Girl Fucked Sexy ass Giselle Humes is picked up for a sucking and fucking. Latina
Teen In Socks Masturbates On Table Sweet girl removes her black booty shorts fingers and toys slick pussy. Big Boobies Nude Latina Arousing busty young women posing naked in her home for some pics. Teddy Teasing Columbian On Cam Chesty amateur gal from South America ready to play on her webcam. Kitchen Stripping Latina Coed Sexy young woman with a great body strips down for us to enjoy it more. Thong Panties Latina Mexican mix amateur gal teases in her undies and bra. Hairy South American Lesbians These two Latin gals with furry beavers enjoy each other. Amateur Latin Girl Strips Slipping off her bra and panties to lick her own tits and shown shaved twat. Naughty Latina Girl Touching Arousing petite strips naked to part and touch her shaven pink. Lovely Nude Actress Paz De La Huerta View Herself In The Mirror Sexy Spanish nude celebrity posing on screen. Homewrecking Babysitters 2 DVD Scene That sweet tiny tits eighteen year old Latin blonde wants it bad and gets it good. Latina In Holiday Lingerie Teasing on her webcam in a sexy little red outfit. Fingering Her Hairy Pussy Busty amateur gal from Columbia strips naked and two fingers herself on video. Latina In Stockings In the bedroom a raven haired Latin woman slips off panties to fiddle with her pussy. Small White Bikini Teen Latina Lusty nineteen year old South American girl teasing in her swimsuit. Big Titties Chubby Latina in the backyard stripping down so she can toy her twat.