ISIS Now Has Its Own Encrypted Messaging App; Doubt They'll Abide By Politicians' Demands For Backdoors
from the just-saying... dept
As law enforcement and politicians still keep pushing American companies to backdoor encryption, making the technology less secure and more dangerous for everyone, no one has explained how this will actually help in stopping terrorists from communicating secretly. Back in December, the Open Technology Institute released a paper that detailed how so many encrypted messaging systems were either open source or not controlled by US companies. It even took a WSJ report on the messaging apps that ISIS apparently was “recommending” to people and noted how most of them are not controllable by US laws:
ISIS has a new Android app for exchanging secure messages, joining another app that distributes propaganda and recruiting material, according to a counterterrorism network called the Ghost Security Group.
While the report notes that the app is “rudimentary” that doesn’t mean it won’t be improved over time. But, more importantly, it highlights that efforts to backdoor or undermine encryption on American companies certainly won’t do a damn thing to stop ISIS from communicating securely. Yes, some will argue that ISIS’ homegrown encrypted messaging apps are probably much more vulnerable to NSA cracking, but it still doesn’t change the fact that demanding backdoors into US companies messaging systems won’t magically lead to uncovering ISIS communications. It will just make Americans less secure.
Filed Under: back doors, communications, encryption, going dark, isis, messaging
Comments on “ISIS Now Has Its Own Encrypted Messaging App; Doubt They'll Abide By Politicians' Demands For Backdoors”
Well, if it’s made by ISIS, you can assume it’s probably secure. They could get a lot of funding by selling it to the public.
Re: Re:
Re: Re:
Double ROT Thirteen is probably more secure.
See what happens when politicians
See what happens when we open our mouths we bring attention to a potential issue to our enemies, and they’ve take steps to avoid getting caught. I’m guessing they never, ever thought about encrypting their messages until US government officials started bitching about it to the media. Way to go law enforcement for making us more un-safe with your rhetorical dribble and whining
Re: See what happens when politicians
I’m sure they thought of it before brain-dead politicans and others started whining about backdoors.
After all, drones looking for you, and a willingness to kill everybody in your vicinity as long as they get you is a powerful incentive for secure communications and their continuous improvement.
deep packet decryption will determine what type of encryption is used and if its approved by the home land.
Re: Network layers principle [was ]
In Networking 101, undergraduates learn about the layering principle in protocol stacks. You learn how to a higher-level protocol employs services from a lower layer to wrap its messages: TCP over IP to give an example.
Any protocol designer (even an undergraduate!) should find it obvious that a bespoke-encryptation protocol message may be carried over a general-distribution-encryptation layer.
If you’re doing packet inspection deep enough to break through the approved-for-public-use encrypted layer, then what the fucking-fuck? The approved-for-public-use encrypted layer must not be worth a damn.
Re: Re: Network layers principle [was ]
To make this just a little bit more accessible: Suppose that Alice is reading Techdirt, using a device connected to the ‘net via WiFi. The end-to-end connection is HTTPS (HTTP over TLS). The point-to-point connection uses WPA2 (CCMP).
Eve is passively capturing the WiFi traffic.
If Eve can identify that Alice is using TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, then GOTO FAIL.
ISIS are not the terrorists that worry the US politicians, but rather those who organise peaceful protests against their proposed laws. The SOPA style protests are what they wish to prevent, and TPP is coming up…
Politicians better ramp up all the fear mongering for golden keys and back-doors everywhere to catch up. /s
I wish we had an agency in the government who’s responsibility was code breaking so we could tackle such a problem.
When encryption is outlawed, only outlaws will have encryption.
I wonder why nobody ever thought of that.
Don’t be surprised when the politicians start demanding bans on foreign and open source software. When all you have is a hammer…
Re: Re:
whack the politician in the face?
Re: Re:
I’m just waiting until someone hacks JP Morgan Chase and steals billions because of the ‘invisible backdoor’.
Re: Re: too big to fail
This WILL happen at some point, and the government will just throw a couple hundred billion dollars at the “problem” that is too big to fail.
The problems us little people have is that we don’t think big enough, why bother with petty larceny when you can fleece the populace for billions AND get a handout from the government for doing it?
Re: Re: Re: too big to fail
What you mean is that the government will throw a couple of hundred billion dollars of tax payers money at the problem.
Re: Re: Re: too big to fail
Give a man a gun and he can rob a bank.
Give a man a bank and he can rob the world.
Re: Re: Re:2 too big to fail
LOL of the week!
Re: Re: Re:
Ha… stealing billions of virtual dollars nets you approximately… nothing.
This is why we’ve all moved to credit and debit cards… everything can be traced now, so nobody can move money without leaving a trail for the government to follow.
Re: Re: Re: Re:
How naive.
Re: Re: Re:2 Re:
I wanna see it happen like in the movies!
Re: Re: Re: Re:
I keep some money in my bank account (well most of it is a credit margin, don’t have a single credit card) so I can buy bitcoins with interac e-transfer. When I graduated my bank was wetting their pants at offering me 125k credit margins….went with the 50k one, and the lowest I ever went was -4000. All this to say i’m in the positive, but just ever barely, because I withdraw my money, and will be doing so even more than before in the future.
The rest is this plastic-paper mix that is still physical currency, saved right at home. Savings accounts are a joke if you’re not depositing 25k in it minimum.
Re: Re: Re: Re:
You miss the point that having such a backdoor is a positive boon to terrorists, because it gives an easy, simple point of failure.
Plus, if you have this backdoor, then it’s possible for that toi be abused to make it much more difficult to trace, as with the root access required by governmental backdoors, root gives you near limitless power over that server.
Re: Re: Re:
For once they would honestly deserve a bailout. It would be the professional bedwetters who would have caused it then.
Anyone here?
Ever watch NEWS from other nations??
And generally find that it has LESS BS in it??
EVEN the BBC, has better news about what the USA is doing in other countries, then WE HEAR about.
There are Many nations that have TV broadcasts, even sponsored by the USA…that have better news then we get.
Re: Anyone here?
The BBC World Service is quite good. Also, mention the BBC to Rupert Murdoch and he starts frothing.
Decoding ISIS app is done by
VFVF app, obviously!
Even Congress knows that rot13 is approved by NIST for top secret files stored in Chappauqua.
I’m sure if ISIS would just work together with the Comey and Silicon Valley, this will get straightened out to everyone’s satisfaction.
Re: Re:
ISIS needs to think long and hard about their business model.
Gosh!
Their own encryption? It turns out Mathematics works for everyone… who knew?
When encryption is outlawed...
only outlaws will have compilers.
Thanks Snowden! /s
Re: Re:
Shouldn’t Google also share the blame? /s
Re: Re: Re:
Facebook should do something about this!
well..
djfjgu urun ikj> Qxasp 19357
(You figure it out)
Re: well..
Hey, don’t call me that!
And that's no surprise...
Because while they use “terrorism!” as their reason for backdooring encryption, the real goal is so they can go back and read every citizen’s encrypted communications post-facto when they want to dig up dirt on someone.
The vocal politicians may not realize that is the real goal, but whomever is pulling the strings certainly does…
Re: And that's no surprise...
What’s worse than backdooring encryption is removing it entirely.
My friends who all did the scan-your-msn-messenger to get your facebook friends thing back in 08-09, and was forced to do so in ’10 wasn’t so bad when Pidgin with OTR XMMP chat worked with facebook contacts. Now that facebook doesn’t allow XMMP protocol chat anymore, it can eat a dick, and I’ll never install, even in a linux crossover box, facebook messenger.
It might matter more to the politicians if ISIS wasn’t just used as a boogeyman to get backing to control American citizens
Re: Re:
That’s why they have the Child Molester to fall back on!!! Have to protect the kids!!! Can’t do that if you’re phone and data is encrypted. Who these people are sending messages to? “Hey Bob, guess what? I just kidnapped a 6 year old boy and am hanging out at my cabin in the woods! Don’t tell anyone now!”
Darn if we just had a backdoor in that encryption that kids life would be saved!!! We’d be able to read that message and come and save the day!!! HAHAHAHAHA, Ya right, Who would do such a dumb thing? These politicians think everyone is just dumb. Maybe most are as they’re in office!!
Guess what, with a Warrant, in hand, shown to you, you have to Unlock your phone and let them in!!! That’s the law!!! They just want to easily spy on everyone on everything looking for anything. Guilty of something or not. With NO warrant. Or some dumb abused warrant that just lets them get away with anything they want.
Re: Re: Re:
Take comfort that for a rare time Canada is worse, and can check your cellphone (make a copy of the drive even) at customs if they feel like it and you don’t have a say. Cops can do that with everyone’s phone.
There’s many reasons I never bought anything after the Blackberry that came out in 2012, 1) I like real keyboards 2) A hell lot of security reasons.
No fear
Citizens of the world. Do not fear the new encryption app that terrorist are using. We will rush thru and pass a law that will protect us.
Proposed law: SNAFU-4BG&G Or Situation Normal, All Fucked Up for Bad Guys And Girls…
– Starting immediately, all individuals who plan to do anything that would hurt the feelings of a 2 year old child, or animal, or imaginary friends, or Justin Bieber shall cease all actions which involve encryption. For websites that require encryption your password must be Password123! Failure to obey the law will result in a 3 tier fine.
1st offense $25.00
2nd offense $50.00
All addition offenses will result in a fine of $75.00 and 6 hours of watching the Golden Girls.
This will surely stop all individuals with bad thoughts.
Capt ICE Enforcer
President 2020
None of this would’ve ever happened if Snowden hadn’t created encryption. Now we have to build a golden battering ram.
watching
I think that I do have a camera at my door only my room I rent is in the back with no lite but my neighbor has been on my step alot at night so I stay up to catch him but Isis is have sent me messages and call me the police have been notified but it will take care of it all this is grew information
Bloodthirsty thugs? Yes. Lawbreakers? Why of course not!
But, more importantly, it highlights that efforts to backdoor or undermine encryption on American companies certainly won’t do a damn thing to stop ISIS from communicating securely. Yes, some will argue that ISIS’ homegrown encrypted messaging apps are probably much more vulnerable to NSA cracking, but it still doesn’t change the fact that demanding backdoors into US companies messaging systems won’t magically lead to uncovering ISIS communications. It will just make Americans less secure.
Nonsense, clearly after mandatory backdoors in encryption are rolled out, the next step is to make it so that using non-backdoored encryption is illegal. I mean, ISIS may be a group of pathetic butchers, with a habit of killing people that disagree with their thuggery, but surely they wouldn’t break the law by continuing to use illegal encryption, right?
Same with other criminals, sure they may break a few laws here and there, but if the government made using real encryption illegal, I’m sure they’d honor it, and stop there. “We may be willing to break other laws, but violating the law against encryption? That’s one step too far!” would be the common response, of this I’m sure.
Re: Bloodthirsty thugs? Yes. Lawbreakers? Why of course not!
That. Either people in the Government are beyond stupid or they aren’t targeting ISIS as others mentioned up there. I’m not sure which is worse.
Re: Re: Bloodthirsty thugs? Yes. Lawbreakers? Why of course not!
Between the two, mass idiocy vs dishonesty, I think I’ll go with the latter.
I can absolutely believe that a few of those involved are just that stupid when it comes to encryption, but too many people who should absolutely know better calling for crippling a key safety feature that protects the public under the guise of ‘combating crime/terrorism’? No, that I do not buy.
They aren’t stupid, they’re dishonest, and they’re using the boogiemen to try and frighten people into undermining safety for their sake, not the sake of the public they claim their trying to ‘protect’.
So what they’re saying is that open source is material support for terrorism, and that we should ban all open source cryptography tools… right? right!?!? that’ll fix everything!