WhatsApp Says It Would Leave UK If Government Tried to Weaken Encryption

[RickDEGH]

The U.K. is these days a banter for a lot of things, some deserving, but what this careless ceo or whoever made those comments about the U.K. being just 2% doesn’t understand is that, the 2% probably communicate with another 20% who are going to be forced to switch to rival apps to maintain communication. Diplomacy is such a thing. He’s being arrogant because of the position the U.K. is in now. I bet he won’t make those same comments about the EU or USA.

 

[makr]

It is totally irresponsible of social media companies who provide end to end encryption on their messaging platforms to allow criminal activity to be active on their platforms and say there is not much they can do about it because they would have to weaken their encryption to monitor if criminal activity is taking place on their platform and then to throw their toys out the pram when authorities come knocking on their door telling them they have to get their act together or else.

Nope

Use our tax to fight crime better, not by weakening privacy.

 

[Droid13]

The trouble with creating a backdoor is that you may find you are not the only one who knows where it is or who knows how to walk through it.

 

[Droid13]

Nope

Use our tax to fight crime better, not by weakening privacy.

Exactly. Find another way.

 

[laptech]

Typical government knee jerk response: “ban”.

99.99 percent of gun owners are law abiding, 0.01 percent commits crime - ban guns.

People use encrypted chat because of sense of safety and privacy, a fraction of a percent uses it for nefarious purposes - ban encryption.

Considering the amount of gun related incidents that occur in the US every year I would say it's more a case of 60% of guns owners are law abiding and i bet if the police released EVERY file they had the number of criminals using social media for it's encryption is a lot lot higher than you think it is.

 

[makr]

My solution is the governments solution. What's yours? Basically you want criminals to be able to go about their criminal activity unchecked. Same goes for everyone else who down votes me, all of you want criminals to go unchecked because none of you can come up with a viable solution that will deter criminals.

You both don't offer a solution. It's governments job to ensure we have both security and privacy.

 

[nt5672]

Usually anything Meta or Zuck gives me the ick, but in this rare case, I applaud their stance.

Wonder if Apple likes being out maneuvered by Meta on Security.

 

[segfaultdotorg]

This is not a fair analogy, IMO. One is about protecting people’s privacy, whereas replacing Apple’s old proprietary connector (Lightening) with a more universally adopted and more technically advanced one (USB-C) will actually benefit the customers, won’t it?

If Apple is unwilling to stand up for its right to use its own charging and data connector, do you think they are willing to go to the mat on a privacy issue, when they can just slip a backdoor into the iPadOS and iPhoneOS code and nobody would be the wiser?

 

[Kevin2055]

Finally a company have gut to say NO

 

[seek3r]

It's not like services like whatsapp can't comply with court orders, they control the endpoints at the edge so tap and trace type orders can be served, so this is basically purely a move by the UK to weaken online encryption to make mass dragnet surveillance easier, which is a pretty terrible goal. Good on WhatsApp for standing up against it

 

[seek3r]

It is totally irresponsible of social media companies who provide end to end encryption on their messaging platforms to allow criminal activity to be active on their platforms and say there is not much they can do about it because they would have to weaken their encryption to monitor if criminal activity is taking place on their platform and then to throw their toys out the pram when authorities come knocking on their door telling them they have to get their act together or else.

They control the endpoints and can and do comply with tap and trace type orders *right now* by using that access. What they don't do is expose private comms without a warrant, in a way that can be abused easily internally or from a breach by being able to easily read comms transiting over their network, or insecurely across the web to make dragnet surveillance easier. For that matter, even for services that dont enable that capability (including Signal) cops dont seem to have too much difficulty actually breaking into phones when the case warrants the resources. It's why the FBI withdrew their complaints against Apple the last time this came up in a major case in the US, they were able to get into the phone a difference way. And once you're in you can read anything decrypted at the edge (the phone).

For that matter *those* tools that enable breaking phones now are massive security problems, the CEO of Signal recently did a pretty impressive breakdown on how bad cellebrite's devices are security and data-integrity-wise using a unit he acquired.

Weakening encryption creates massive real security concerns that can and do get exploited without doing anything more to aid the goal you're talking about. And the surveillance and data capture such weakening enables is also a security vulnerability, it immediately becomes the biggest target surface around.

Do you *really* think you can create a backdoor such that somehow thousands of cops across dozens of agencies can access it but no bad actors can? Do you think there's no insider threat concerns with a tool that powerful? Do you think there's anything with perfect security? Even the NSA has had massive leaks of their tools.

Forgetting for a second about the ability of cops to abuse it, which we know can and does happen with current tools, weakening encryption creates a door that more than just law enforcement is likely to step through.

 

[seek3r]

If Apple is unwilling to stand up for its right to use its own charging and data connector, do you think they are willing to go to the mat on a privacy issue, when they can just slip a backdoor into the iPadOS and iPhoneOS code and nobody would be the wiser?

They've been pretty steadfast in avoiding it so far, and that's been court tested

 

[ghanwani]

They won’t. If they did, it would incentivize people and all their contacts to use a different app.

 

[seek3r]

They won’t.

I'd bet on them absolutely leaving the UK if this were forced on them as a condition of staying. Other problems aside they'd risk losing *way* more users outside the UK than the ones they'd lose in it by leaving. I also suspect staff would walk. If I were required to implement that kind of breakage of encryption on the platforms I work on, and I would be one of the of the folks who would be asked, I would quit. I could find other work that wouldnt require me to create massive security vulnerabilities that would absolutely become my headache down the line. I imagine the engineers at WhatsApp feel the same way.

 

[markfc]

Matt Hancock won’t stand for this 😂

 

[yellowbunny]

You know you are living in a failing (and increasing fascist) country when Meta is in the right on something 🙈

 

[ghanwani]

I'd bet on them absolutely leaving the UK if this were forced on them as a condition of staying. Other problems aside they'd risk losing *way* more users outside the UK than the ones they'd lose in it by leaving. I also suspect staff would walk. If I were required to implement that kind of breakage of encryption on the platforms I work on, and I would be one of the of the folks who would be asked, I would quit. I could find other work that wouldnt require me to create massive security vulnerabilities that would absolutely become my headache down the line. I imagine the engineers at WhatsApp feel the same way.

If they lose people in the UK they will risk losing all their contacts that reside outside the UK and it will set up a chain reaction. What is more likely is using different encryption for calls between different countries.

 

[Scoob Redux]

The UK and US have been attempting to undermine the encryption on iPhones for years and Apple has refused.

Apple didn't refuse. They developed CSAM technology to undermine privacy and help the U.S. government surveil citizens. They only abandoned it after overwhelming public outcry. Make no mistake, Apple was firmly sided with government tyrants, they just has to backtrack when public scrutiny demanded.

 

[Shirasaki]

It is totally irresponsible of social media companies who provide end to end encryption on their messaging platforms to allow criminal activity to be active on their platforms and say there is not much they can do about it because they would have to weaken their encryption to monitor if criminal activity is taking place on their platform and then to throw their toys out the pram when authorities come knocking on their door telling them they have to get their act together or else.

Welcome to China.

 

[seek3r]

Apple didn't refuse. They developed CSAM technology to undermine privacy and help the U.S. government surveil citizens. They only abandoned it after overwhelming public outcry. Make no mistake, Apple was firmly sided with government tyrants, they just has to backtrack when public scrutiny demanded.

They refused to unlock the phone in the terrorism case, which is a completely different issue. And yes, public outcry did kill the scanning they proposed, which is how public outcry should work on stuff like this, but that wasnt an encryption issue, which is what we’re discussing here. In fact pictures at the time were already explicitly not e2e encrypted at the time - now they can be, Apple’s actually introduced even more secure encryption since. They listened.

 

[ghanwani]

Apple didn't refuse. They developed CSAM technology to undermine privacy and help the U.S. government surveil citizens. They only abandoned it after overwhelming public outcry. Make no mistake, Apple was firmly sided with government tyrants, they just has to backtrack when public scrutiny demanded.

I don’t think it was because of outcry. It probably didn’t work as expected causing too many false positives.

 

[kesenwangs]

i dont think Apple lowered the privacy in UK on their systems
What are you talking about? In fact Apple did set this trend

Apple did much the opposite in China tho, I don’t think they’re referencing the UK in particular.

 

[coolfactor]

That is some STRONG leadership, very proud of WhatsApp right now! Contrast that with Apple's WEAK leadership, kowtowing to the EU USB-C requirement.

To be fair, Apple has dragged their heels on keeping the Lightning connector equal with USB-C in terms of data transfer and charging speeds. If Lightning cables were equal or superior in those regards, there wouldn't be as much drive for USB-C.

That said, I have had endless problems with Lightning ports, but none with USB-C, much to my disappointment. I was a huge Lightning fan before I had much experience with USB-C. Now I see which one is technically and reliably superior.

 

[seek3r]

That is some STRONG leadership, very proud of WhatsApp right now! Contrast that with Apple's WEAK leadership, kowtowing to the EU USB-C requirement.

You legit dont see a difference between a law that explicitly weakens security and privacy protections and one that defines charging plug standards?

 

[visualseed]

If they lose people in the UK they will risk losing all their contacts that reside outside the UK and it will set up a chain reaction. What is more likely is using different encryption for calls between different countries.

Technically WhatsApp is banned in Russia and I haven't lost a single Russian contact.