ISIS Now Has Its Own Encrypted Messaging App; Doubt They'll Abide By Politicians' Demands For Backdoors

from the just-saying... dept

As law enforcement and politicians still keep pushing American companies to backdoor encryption, making the technology less secure and more dangerous for everyone, no one has explained how this will actually help in stopping terrorists from communicating secretly. Back in December, the Open Technology Institute released a paper that detailed how so many encrypted messaging systems were either open source or not controlled by US companies. It even took a WSJ report on the messaging apps that ISIS apparently was "recommending" to people and noted how most of them are not controllable by US laws:
And, of course, it should come as little surprise that some security folks are reporting that they've spotted a new secure messaging app that appears to have been created by ISIS itself:
ISIS has a new Android app for exchanging secure messages, joining another app that distributes propaganda and recruiting material, according to a counterterrorism network called the Ghost Security Group.
While the report notes that the app is "rudimentary" that doesn't mean it won't be improved over time. But, more importantly, it highlights that efforts to backdoor or undermine encryption on American companies certainly won't do a damn thing to stop ISIS from communicating securely. Yes, some will argue that ISIS' homegrown encrypted messaging apps are probably much more vulnerable to NSA cracking, but it still doesn't change the fact that demanding backdoors into US companies messaging systems won't magically lead to uncovering ISIS communications. It will just make Americans less secure.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: back doors, communications, encryption, going dark, isis, messaging


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 21 Jan 2016 @ 10:41am

    Well, if it's made by ISIS, you can assume it's probably secure. They could get a lot of funding by selling it to the public.

    link to this | view in thread ]

  2. identicon
    teknosapien, 21 Jan 2016 @ 10:56am

    See what happens when politicians

    See what happens when we open our mouths we bring attention to a potential issue to our enemies, and they've take steps to avoid getting caught. I'm guessing they never, ever thought about encrypting their messages until US government officials started bitching about it to the media. Way to go law enforcement for making us more un-safe with your rhetorical dribble and whining

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 21 Jan 2016 @ 10:57am

    deep packet decryption will determine what type of encryption is used and if its approved by the home land.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 21 Jan 2016 @ 10:57am

    ISIS are not the terrorists that worry the US politicians, but rather those who organise peaceful protests against their proposed laws. The SOPA style protests are what they wish to prevent, and TPP is coming up...

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 21 Jan 2016 @ 11:07am

    Network layers principle [was Re: ]

    deep packet decryption will determine what type of encryption is used and if its approved by the home land.
    In Networking 101, undergraduates learn about the layering principle in protocol stacks. You learn how to a higher-level protocol employs services from a lower layer to wrap its messages: TCP over IP to give an example.

    Any protocol designer (even an undergraduate!) should find it obvious that a bespoke-encryptation protocol message may be carried over a general-distribution-encryptation layer.

    If you're doing packet inspection deep enough to break through the approved-for-public-use encrypted layer, then what the fucking-fuck? The approved-for-public-use encrypted layer must not be worth a damn.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 21 Jan 2016 @ 11:10am

    Politicians better ramp up all the fear mongering for golden keys and back-doors everywhere to catch up. /s

    I wish we had an agency in the government who's responsibility was code breaking so we could tackle such a problem.

    link to this | view in thread ]

  7. icon
    sehlat (profile), 21 Jan 2016 @ 11:12am

    When encryption is outlawed, only outlaws will have encryption.

    I wonder why nobody ever thought of that.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 21 Jan 2016 @ 11:17am

    Don't be surprised when the politicians start demanding bans on foreign and open source software. When all you have is a hammer...

    link to this | view in thread ]

  9. icon
    sehlat (profile), 21 Jan 2016 @ 11:27am

    Re: See what happens when politicians

    I'm sure they thought of it before brain-dead politicans and others started whining about backdoors.

    After all, drones looking for you, and a willingness to kill everybody in your vicinity as long as they get you is a powerful incentive for secure communications and their continuous improvement.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 21 Jan 2016 @ 11:28am

    Re: Network layers principle [was Re: ]

    To make this just a little bit more accessible: Suppose that Alice is reading Techdirt, using a device connected to the 'net via WiFi. The end-to-end connection is HTTPS (HTTP over TLS). The point-to-point connection uses WPA2 (CCMP).

    Eve is passively capturing the WiFi traffic.

    If Eve can identify that Alice is using TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, then GOTO FAIL.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 21 Jan 2016 @ 11:33am

    Re:

    > Well, if it's made by ISIS, you can assume it's probably secure.

    Rely on Mighty Isis? That is, at best, magical thinking.

    I'd much rather rely on Batman Encryption. Worst that happens is Things Blow Up, right?

    link to this | view in thread ]

  12. icon
    ECA (profile), 21 Jan 2016 @ 11:33am

    Anyone here?

    Ever watch NEWS from other nations??
    And generally find that it has LESS BS in it??
    EVEN the BBC, has better news about what the USA is doing in other countries, then WE HEAR about.
    There are Many nations that have TV broadcasts, even sponsored by the USA...that have better news then we get.

    link to this | view in thread ]

  13. identicon
    Anonymous Coward, 21 Jan 2016 @ 11:35am

    Re:

    whack the politician in the face?

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 21 Jan 2016 @ 11:42am

    Decoding ISIS app is done by

    VFVF app, obviously!

    Even Congress knows that rot13 is approved by NIST for top secret files stored in Chappauqua.

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 21 Jan 2016 @ 11:45am

    I'm sure if ISIS would just work together with the Comey and Silicon Valley, this will get straightened out to everyone's satisfaction.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 21 Jan 2016 @ 12:06pm

    Re:

    ISIS needs to think long and hard about their business model.

    link to this | view in thread ]

  17. icon
    Not an Electronic Rodent (profile), 21 Jan 2016 @ 12:16pm

    Gosh!

    Their own encryption? It turns out Mathematics works for everyone... who knew?

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 21 Jan 2016 @ 12:30pm

    Re:

    Double ROT Thirteen is probably more secure.

    link to this | view in thread ]

  19. identicon
    SpaceLifeForm, 21 Jan 2016 @ 12:36pm

    When encryption is outlawed...

    only outlaws will have compilers.

    link to this | view in thread ]

  20. identicon
    BigKeithO, 21 Jan 2016 @ 12:47pm

    Thanks Snowden! /s

    link to this | view in thread ]

  21. identicon
    Digitari, 21 Jan 2016 @ 12:59pm

    well..

    djfjgu urun ikj> Qxasp 19357



    (You figure it out)

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 21 Jan 2016 @ 1:04pm

    Re:

    I'm just waiting until someone hacks JP Morgan Chase and steals billions because of the 'invisible backdoor'.

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 21 Jan 2016 @ 1:12pm

    Re: Re: too big to fail

    This WILL happen at some point, and the government will just throw a couple hundred billion dollars at the "problem" that is too big to fail.

    The problems us little people have is that we don't think big enough, why bother with petty larceny when you can fleece the populace for billions AND get a handout from the government for doing it?

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 21 Jan 2016 @ 1:25pm

    And that's no surprise...

    Because while they use "terrorism!" as their reason for backdooring encryption, the real goal is so they can go back and read every citizen's encrypted communications post-facto when they want to dig up dirt on someone.

    The vocal politicians may not realize that is the real goal, but whomever is pulling the strings certainly does...

    link to this | view in thread ]

  25. icon
    DannyB (profile), 21 Jan 2016 @ 1:34pm

    Re:

    Shouldn't Google also share the blame? /s

    link to this | view in thread ]

  26. identicon
    Anonymous Coward, 21 Jan 2016 @ 1:35pm

    Re: Re:

    Ha... stealing billions of virtual dollars nets you approximately... nothing.

    This is why we've all moved to credit and debit cards... everything can be traced now, so nobody can move money without leaving a trail for the government to follow.

    link to this | view in thread ]

  27. icon
    Jeremy2020 (profile), 21 Jan 2016 @ 1:39pm

    It might matter more to the politicians if ISIS wasn't just used as a boogeyman to get backing to control American citizens

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 21 Jan 2016 @ 1:44pm

    Re: well..

    Hey, don't call me that!

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 21 Jan 2016 @ 1:52pm

    Re: Re: Re: too big to fail

    This WILL happen at some point, and the government will just throw a couple hundred billion dollars at the "problem" that is too big to fail

    What you mean is that the government will throw a couple of hundred billion dollars of tax payers money at the problem.

    link to this | view in thread ]

  30. identicon
    Capt ICE Enforcer, 21 Jan 2016 @ 2:23pm

    No fear

    Citizens of the world. Do not fear the new encryption app that terrorist are using. We will rush thru and pass a law that will protect us.

    Proposed law: SNAFU-4BG&G Or Situation Normal, All Fucked Up for Bad Guys And Girls...

    - Starting immediately, all individuals who plan to do anything that would hurt the feelings of a 2 year old child, or animal, or imaginary friends, or Justin Bieber shall cease all actions which involve encryption. For websites that require encryption your password must be Password123! Failure to obey the law will result in a 3 tier fine.
    1st offense $25.00
    2nd offense $50.00
    All addition offenses will result in a fine of $75.00 and 6 hours of watching the Golden Girls.

    This will surely stop all individuals with bad thoughts.

    Capt ICE Enforcer
    President 2020

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 21 Jan 2016 @ 2:40pm

    Re: Re:

    Facebook should do something about this!

    link to this | view in thread ]

  32. icon
    JBDragon (profile), 21 Jan 2016 @ 2:53pm

    Re:

    That's why they have the Child Molester to fall back on!!! Have to protect the kids!!! Can't do that if you're phone and data is encrypted. Who these people are sending messages to? "Hey Bob, guess what? I just kidnapped a 6 year old boy and am hanging out at my cabin in the woods! Don't tell anyone now!"

    Darn if we just had a backdoor in that encryption that kids life would be saved!!! We'd be able to read that message and come and save the day!!! HAHAHAHAHA, Ya right, Who would do such a dumb thing? These politicians think everyone is just dumb. Maybe most are as they're in office!!

    Guess what, with a Warrant, in hand, shown to you, you have to Unlock your phone and let them in!!! That's the law!!! They just want to easily spy on everyone on everything looking for anything. Guilty of something or not. With NO warrant. Or some dumb abused warrant that just lets them get away with anything they want.

    link to this | view in thread ]

  33. identicon
    Anonymous Coward, 21 Jan 2016 @ 6:09pm

    Re: Re: Re: too big to fail

    Give a man a gun and he can rob a bank.
    Give a man a bank and he can rob the world.

    link to this | view in thread ]

  34. identicon
    Anonymous Coward, 21 Jan 2016 @ 6:10pm

    Re: Re: Re:

    How naive.

    link to this | view in thread ]

  35. identicon
    Anonymous Coward, 21 Jan 2016 @ 7:55pm

    Re: Re: Re: Re:

    I wanna see it happen like in the movies!

    link to this | view in thread ]

  36. identicon
    Mark Wing, 21 Jan 2016 @ 8:18pm

    None of this would've ever happened if Snowden hadn't created encryption. Now we have to build a golden battering ram.

    link to this | view in thread ]

  37. identicon
    Anonymous Coward, 21 Jan 2016 @ 8:43pm

    Re: Re: Re:

    I keep some money in my bank account (well most of it is a credit margin, don't have a single credit card) so I can buy bitcoins with interac e-transfer. When I graduated my bank was wetting their pants at offering me 125k credit margins....went with the 50k one, and the lowest I ever went was -4000. All this to say i'm in the positive, but just ever barely, because I withdraw my money, and will be doing so even more than before in the future.

    The rest is this plastic-paper mix that is still physical currency, saved right at home. Savings accounts are a joke if you're not depositing 25k in it minimum.

    link to this | view in thread ]

  38. identicon
    Anonymous Coward, 21 Jan 2016 @ 8:47pm

    Re: And that's no surprise...

    What's worse than backdooring encryption is removing it entirely.

    My friends who all did the scan-your-msn-messenger to get your facebook friends thing back in 08-09, and was forced to do so in '10 wasn't so bad when Pidgin with OTR XMMP chat worked with facebook contacts. Now that facebook doesn't allow XMMP protocol chat anymore, it can eat a dick, and I'll never install, even in a linux crossover box, facebook messenger.

    link to this | view in thread ]

  39. identicon
    Anonymous Coward, 21 Jan 2016 @ 8:50pm

    Re: Re:

    Take comfort that for a rare time Canada is worse, and can check your cellphone (make a copy of the drive even) at customs if they feel like it and you don't have a say. Cops can do that with everyone's phone.

    There's many reasons I never bought anything after the Blackberry that came out in 2012, 1) I like real keyboards 2) A hell lot of security reasons.

    link to this | view in thread ]

  40. identicon
    Anonymous Coward, 21 Jan 2016 @ 11:23pm

    Re: Re: Re:

    You miss the point that having such a backdoor is a positive boon to terrorists, because it gives an easy, simple point of failure.

    Plus, if you have this backdoor, then it's possible for that toi be abused to make it much more difficult to trace, as with the root access required by governmental backdoors, root gives you near limitless power over that server.

    link to this | view in thread ]

  41. identicon
    Tracey, 21 Jan 2016 @ 11:37pm

    watching

    I think that I do have a camera at my door only my room I rent is in the back with no lite but my neighbor has been on my step alot at night so I stay up to catch him but Isis is have sent me messages and call me the police have been notified but it will take care of it all this is grew information

    link to this | view in thread ]

  42. icon
    That One Guy (profile), 22 Jan 2016 @ 1:04am

    Bloodthirsty thugs? Yes. Lawbreakers? Why of course not!

    But, more importantly, it highlights that efforts to backdoor or undermine encryption on American companies certainly won't do a damn thing to stop ISIS from communicating securely. Yes, some will argue that ISIS' homegrown encrypted messaging apps are probably much more vulnerable to NSA cracking, but it still doesn't change the fact that demanding backdoors into US companies messaging systems won't magically lead to uncovering ISIS communications. It will just make Americans less secure.

    Nonsense, clearly after mandatory backdoors in encryption are rolled out, the next step is to make it so that using non-backdoored encryption is illegal. I mean, ISIS may be a group of pathetic butchers, with a habit of killing people that disagree with their thuggery, but surely they wouldn't break the law by continuing to use illegal encryption, right?

    Same with other criminals, sure they may break a few laws here and there, but if the government made using real encryption illegal, I'm sure they'd honor it, and stop there. "We may be willing to break other laws, but violating the law against encryption? That's one step too far!" would be the common response, of this I'm sure.

    link to this | view in thread ]

  43. icon
    Ninja (profile), 22 Jan 2016 @ 3:41am

    Re: Bloodthirsty thugs? Yes. Lawbreakers? Why of course not!

    That. Either people in the Government are beyond stupid or they aren't targeting ISIS as others mentioned up there. I'm not sure which is worse.

    link to this | view in thread ]

  44. identicon
    Anonymous Coward, 22 Jan 2016 @ 5:24am

    Re: Re:

    For once they would honestly deserve a bailout. It would be the professional bedwetters who would have caused it then.

    link to this | view in thread ]

  45. icon
    That One Guy (profile), 22 Jan 2016 @ 7:31am

    Re: Re: Bloodthirsty thugs? Yes. Lawbreakers? Why of course not!

    Between the two, mass idiocy vs dishonesty, I think I'll go with the latter.

    I can absolutely believe that a few of those involved are just that stupid when it comes to encryption, but too many people who should absolutely know better calling for crippling a key safety feature that protects the public under the guise of 'combating crime/terrorism'? No, that I do not buy.

    They aren't stupid, they're dishonest, and they're using the boogiemen to try and frighten people into undermining safety for their sake, not the sake of the public they claim their trying to 'protect'.

    link to this | view in thread ]

  46. identicon
    Wendy Cockcroft, 22 Jan 2016 @ 7:43am

    Re: Re: Re: Re: too big to fail

    LOL of the week!

    link to this | view in thread ]

  47. icon
    icarusthecow (profile), 22 Jan 2016 @ 8:22am

    So what they're saying is that open source is material support for terrorism, and that we should ban all open source cryptography tools... right? right!?!? that'll fix everything!

    link to this | view in thread ]

  48. icon
    klaus (profile), 22 Jan 2016 @ 9:25am

    Re: Anyone here?

    The BBC World Service is quite good. Also, mention the BBC to Rupert Murdoch and he starts frothing.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.