Following the news about WhatsApp backdoor to encryption proposals made by Vera Jourova, Wieland Alge, General Manager EMEA at Barracuda Networks commented below.
Wieland Alge, General Manager EMEA at Barracuda Networks:
“EU Justice Commissioner Věra Jourová has said that the European Commission will propose new measures in June to make it easier for police to access data on internet messaging apps like WhatsApp.
While she hasn’t yet revealed exactly what these measures will look like, the idea of the legislation is that they will allow law enforcement authorities to demand information from internet messaging apps.
But in practice, how will this actually work? In my opinion, it’s not viable for messaging apps such as WhatsApp to add a backdoor, because as it currently stands, WhatsApp itself can’t read its users’ messages.
WhatsApp implemented end-to-end client-side encryption, where the sender encrypts the message with the receiver’s public key. Therefore, only the sender and recipient are able to decrypt the message, and even WhatsApp can’t view the message even if it wanted to.
From a security perspective, a “backdoor” by definition is a vulnerability that can provide undesirable access. Asking them to add a backdoor is equivalent to asking them to alter their entire end-to-end encryption protocol, which would require them to significantly reduce the level of security and privacy they currently offer all of their users. An alternative approach would be for police to subpoena the end-user’s device and read the messages on the device itself.
Part of WhatsApp’s appeal is in the level of security they provide with the end-to-end encryption, as well as data privacy and secure data transmission. If WhatsApp removed this, terrorists and/or criminals would most likely simply switch to a different service that offers end-to-end encryption, while the rest of the hundreds of millions of WhatsApp’s users would be less secure and have much weaker privacy guarantees.
As it’s not terribly difficult to implement end-to-end security, so if WhatsApp implemented a backdoor, terrorists could simply build their own secure system that would allow them to hide their communications.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…