Re So who do you believe thatThere's No Security Backdoor in WhatsApp, Despite Reports

["Dave Farber" <farber () gmail com>]

Begin forwarded message:

> From: Dave Burstein <daveb () dslprime com>
> Date: January 13, 2017 at 1:22:09 PM EST
> To: Dave Farber <dave () farber net>
> Subject: Re: [IP] So who do you believe thatThere's No Security Backdoor in WhatsApp, Despite Reports
>
> Dave
> I just read both articles twice. I'm not a security expert, but I think I see what's happening here.
>
> I believe the Guardian article was correct in the claim that Facebook could, sometimes read some encrypted messages, 
> using a feature included to deal with users switching SIM cards, etc. Depending on security settings, the user may 
> not even be aware of the switch. Facebook "cooperates with legal government requests." In England and probably other 
> countries, the security agencies can legally request just about anything. 
>
> The Guardian probably was misleading writing "Facebook and others," could intercept. The Guardian shouldn't have 
> called it a "backdoor" without qualifying the comment with "for Facebook & Governments." 
>
> It appears that no one could use this without Facebook's help. Governments presumably could get Facebook's help. It 
> would cost Facebooks $B's to be shut out of India or Russia, $10's of billions if it prevented them from China. I see 
> no reason to believe Zuckerberg would resist to the end that kind of pressure. Apple wouldn't; they just kicked the 
> New York Times out of the App Store in China. Google might, as evidenced by their willingness to exit China.
>
> Facebook's answer to Gizmodo was so misleading the author should not have written the story that way. Facebook denied 
> that this was a way for outsiders to crack What'sApp, which wasn't the Guardian's claim. But Facebook didn't address 
> the substantive claim in the article, that Facebook and the governments it cooperates with can intercept (some, 
> sometimes.) 
>
> For those concerned with government security agencies intercepting them - like the next potential Snowden - this is 
> significant. I'm not concerned, because I don't investigate security. I'm sure they do track me, if only because I 
> correspond with many internationally including a member of the Russian ITU delegation. That's because I report on 
> international telecom policy, which is driven by the United States doing everything in its power to prevent any 
> action that restricted the Freedom of the NSA to do what they do. (Besides, the guy looked and talked just like my 
> Russian born grandfather.)
>
> I believe that the multi-million dollar U.S. effort to prevent any ITU action on the Internet is driven by the 
> security aspects, not our desire to protect human rights. Fourteen members of the U.S. delegation to the ITU WCIT 
> were from three letter agencies (NSA, DOD, HSA ...) They weren't there to protect Freedom of speech. 
>
> I don't investigate security issues partly because I have no expertise, so there is nothing there for them to find. 
> It's mostly out of cowardice. I'll take on giant phone companies  or regulators in my work, but I'm not ready to take 
> on the security folk. 
>  
> (Side note: It is naive or disingenuous for anyone in the Internet control space not to acknowledge surveillance as a 
> primary driver. Most in D.C., including civil society types you and I know, give support to the U.S. led effort to 
> keep Internet governance away from all but a handful of trusted governments. I believe people like Vint Cerf are in 
> that fight because they fear government interference with rights like speech. But those concerned with rights do not 
> have the political power to oppose 2/3rds of the governments on the planet, who want some say on Internet rules now 
> set by the U.S. and allies.  
>
> Larry Strickling, the U.S. lead on this stuff, looked at me a few hours before the vote on the treaty at WCIT and 
> asked, "Do you want Russia and China to take over the Internet?" That's the elephant in the room on all the debates 
> on "Internet governance.")
>
> Dave Burstein
>
>
> > On Fri, Jan 13, 2017 at 11:53 AM, Dave Farber <farber () gmail com> wrote:
> >
> >
> >
> > Begin forwarded message:
> >
> > > From: Richard Forno <rforno () infowarrior org>
> > > Date: January 13, 2017 at 11:17:32 AM EST
> > > To: Infowarrior List <infowarrior () attrition org>
> > > Cc: Dave Farber <dave () farber net>
> > > Subject: There's No Security Backdoor in WhatsApp, Despite Reports
> > >
> > >
> > > There's No Security Backdoor in WhatsApp, Despite Reports
> > > http://gizmodo.com/theres-no-security-backdoor-in-whatsapp-despite-report-1791158247
> > >
> > > This morning, the Guardian published a story with an alarming headline: “WhatsApp backdoor allows snooping on 
> > > encrypted messages.” If true, this would have massive implications for the security and privacy of WhatsApp’s 
> > > one-billion-plus users. Fortunately, there’s no backdoor in WhatsApp, and according to Alec Muffett, an experienced 
> > > security researcher who spoke to Gizmodo, the Guardian’s story is “major league fuckwittage.”
> > >
> > > < - >
> >
> > Archives  | Modify  Your Subscription | Unsubscribe Now       
>
>
>
> -- 
> Editor, Fast Net News, 5GW News, Net Policy News and DSL Prime
> Author with Jennie Bourne  DSL (Wiley) and Web Video: Making It Great, Getting It Noticed (Peachpit)



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20170113132642:D2204944-D9BD-11E6-9F43-118CBDDDB970
Powered by Listbox: http://www.listbox.com