While Apple may have given in to demands from the Chinese government to remove VPN apps from its app store there, it does generally take a strong stand on encryption. It uses end-to-end encryption for both iMessage and FaceTime, and resisted pressure from the FBI to create a weakened version of iOS, describing it as too dangerous.
The British government wants to ban end-to-end encryption altogether, arguing that it hampers the work of the security services. Support for Apple’s position – and opposition to that of the British Home Secretary – has now come from an unlikely source …
In a BBC Radio 4 interview cited by Gizmodo, the former head of the Security Service (more commonly known as MI5) has said that while strong encryption does make their job harder, it is the lesser evil. Jonathan Evans said:
I’m not personally one of those who believes we should weaken encryption, because I think there is a parallel issue which is cybersecurity more broadly. Whilst, understandably, there is a very acute concern about counter-terrorism, it’s not the only national security threat that we face. And I think the way cyberspace is being used by criminals, and by governments, is a potential threat to the UK’s interests more widely – and it’s very important that we should be seen and be a country where people can operate securely. And that’s very important for our commercial interests, as well as our national security interests, so encryption is very positive.
MI5 is responsible for domestic counter-intelligence and security. Evans was Director-General of MI5 until 2013.
Evans also spoke about the risk of unsecured Internet of Things devices.
As our vehicles, air transport, our critical infrastructure is resting critically on the internet, we need to be really confident that we have secured that because our economic and daily lives are going to be dependent on the security we can put in to protect us from cyber-attack.
VPN apps encrypt traffic between a user and the server, ensuring that not even your ISP can see which sites you are visiting or what you are doing there. It is, however, important to choose one that doesn’t keep logs to ensure that it is not doing its own snooping.