People who build their own chat software from source code they can inspect won't be too bothered by this approach, either. On the surface at least, this seems like a reasonable compromise that app developers could get behind. Plus, they reason, the big plus is that it would be hard to scale up to mass surveillance levels, and it wouldn't undermine encryption. And, because the tapping would be at the vendor level, it would be hard for hackers and other malicious actors to exploit the same approach. To GCHQ's mind, this is a perfect solution: it doesn't require app developers to scale back security on their existing software, beyond crippling the user interface and notifications, natch. The key thing here, no pun intended, is that agents would be added to a chat just like any another conversation partner, with the correct public-private key exchanges, except there would be no notification and no way to spot or inspect the spies' public keys. And the companies would in turn refrain from improving their current systems, or making public key verification more visible and user friendly. The spy agencies would be allowed to order a company to silently add government snoops to conversations, presumably turning off any notifications that alert users to the fact that a new person has been added to the chat, or an existing one changed. Rather than crack or weaken the underlying cryptography, the spies want to warp the software and user interfaces wrapped around it to let them silently eavesdrop on conversations. In effect, the super-snoops are proposing that they be allowed to subvert a cornerstone of encrypted apps – public key verification – to eavesdrop on conversations, and that the companies that develop the apps turn a blind eye to it. And it would be "no more intrusive than the virtual crocodile clips that our democratically elected representatives and judiciary authorize today in traditional voice intercept solutions and certainly doesn’t give any government power they shouldn’t have." Such an approach would retain strong end-to-end encryption but introduce "an extra 'end' on this particular communication," they argue. "The service provider usually controls the identity system and so really decides who's who and which devices are involved – they’re usually involved in introducing the parties to a chat or call." Extra end-run
"It's relatively easy for a service provider to silently add a law enforcement participant to a group chat or call," they argue.
0 kommentar(er)
