Law Enforcement's Nemesis -- WhatsApp -- Is Also Law Enforcement's Best Friend
from the love/hate-as-needed dept
WhatsApp: a tool for evil.
David Cameron announced early last year that it was "unacceptable" that all communications could not be intercepted and read by intelligence services and law enforcement agencies. He stopped short of calling for a ban but strongly hinted this would be addressed in the Snooper's Charter.
This followed the head of the UK's GCHQ throwing both terrorism and child porn into the mix while vocally handwringing about encrypted communications -- portraying tech companies as callous accomplices of child abusers and jihadists.
In Brazil, WhatsApp was blocked and a Facebook executive arrested for refusing to hand over identifying information on its users.
And here in the US, the FBI has been dropping sealed hints that the popular messaging app may be the next recipient of one of its infamous All Writs orders.
Meanwhile, over in Belgium, it's law enforcement that's benefitted the most from the platform's existence. (h/t Frederic Jacobs)
"There were no orders and nobody really knew what to do. The mobile phone network was also out of order. Fortunately, Whatsapp worked. Without this app we we could not communicate at all," federal police spokesman Peter De Waele said as quoted by the media outlet.Very handy, that. When cell infrastructure goes down, WhatsApp stays up. What law enforcement hates and fears because it can't capture readable content in transit is also useful when all hell breaks loose. Kill it off because you fear the unseen communications and you're going to end up hurting yourself.
As for Belgian law enforcement, they're likely not as fearful of WhatsApp's encryption as others. WhatsApp played a key part in a terrorist plot last summer -- but one that was disrupted by Belgian law enforcement.
According to Gaspard Sebag from Bloomberg, the European law enforcement in a joint effort with the FBI are monitoring the use of the popular messaging platform WhatsApp.
“Investigators said earlier they had detained 16 people in the anti-terror raids after working with U.S. authorities to monitor suspects’ communications on WhatsApp Inc.’s messaging service.” states Sebag.And even if the flaw is no longer present, intelligence/law enforcement agencies still have other options:
The Belgian law enforcement raided two separate groups operating in Ostend and Louvain, and according various sources the messages exchanged on WhatsApp allowed the investigators to trace the group.
At the time I’m writing, Facebook who acquired WhatsApp, declined to comment the events, but security experts speculate that there is something wrong in the implementation of WhatsApp end-to-end (E2E) encryption started in November.
It seems that even if the messages are protected by the encryption implemented, the FBI or NSA are able to gather metadata on the server side that could be used to link WhatsApp users. The analysis of metadata allowed law enforcement to identify the network of the alleged suspects.Not quite the monster Cameron, et al. have portrayed it as. And it's a great backup plan for those times when regular communication channels just aren't working.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: brussels, communication, encryption
Companies: whatsapp
Reader Comments
Subscribe: RSS
View by: Time | Thread
They knew already who to catch, where they were and what to do. Actually, Belgium was a fucking fortress regarding surveillance, due to the Paris strikes a year before and other issues.
And yet, the terrorists could kill thirty plus people, not due encryption, or due people shutting up their mouths and not reporting them.
But because the police were fiddling with their thumbs.
And you know what? That now the PNR is going to get a smooth sailing because "think of terrorism". And they will hop on the wagon to introduce new surveillance laws into place.
As if surveillance laws were thought to combat terrorism. They are made to combat citizens, not terrorists.
[ link to this | view in chronology ]
Don't bad guys use burner phones?
It seems like it might be the mobile phone companies that are callous accomplices of child abusers and jihadists. Shouldn't they be monitoring (aka, listening in on) all mobile phone calls in order to prevent their networks from being used by bad guys?
[ link to this | view in chronology ]
If the cell infrastructure goes down, how do WhatsApp clients still have connectivity? Does Brussels have widespread open wifi?
[ link to this | view in chronology ]
Re:
Maybe not widespread but enough open points to hardwired services to maintain connectivity. If I'm reading right WhatsApp avoids using cel and SMS networks/protocols unless no other connection options exists.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
What about Google Hangouts or other apps?
Conversations
All signals, like messages, are encrypted over an HTTPS connection with 128-bit encryption, using TLS 1.2. The connection is encrypted and authenticated using AES_128_GCM. The key exchange mechanism is ECDHE_ECDSA.
and
Audio and video
To improve audio and video quality, Hangouts calls use a direct peer-to-peer connection when possible, instead of routing through a server.
Audio and video in Hangouts are encrypted using SRTP. Video is AES_CM_128_HMAC_SHA1_80, and audio is AES_CM_128_HMAC_SHA1_32 (128-bit AES encryption and SHA-1 HMAC for authentication).
When you dial a phone number from a Hangout, audio is encrypted until it reaches the carrier network. But telephone carriers are responsible for the audio within carrier networks
I'm not a security expert, but it seems messages using Hangouts are end-to-end encrypted over Wi-Fi and possibly over cell networks. I believe that's also the case for Gmail as messages are stored encrypted on Google's servers. Whether decryption of these Google products messages can be done by others, I don't know. Others should comment.
The possibility of detecting members of a connected web of terrorists by just knowing their messaging connections should one or more persons in the terrorist web is a known terrorist is a fascinating possibility. This suggests the authorities need to leave at least one known terrorist at large for awhile to complete the web while keeping an eye on the connected individuals. Burner phones may be a problem in this scenario, though.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Access to user metadata not enough?
Haha... Of course not.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]