Britain’s Government Communications Headquarters (GCHQ) – the UK equivalent of the NSA – is calling on Apple and other tech companies to secretly add law enforcement agents to Messages chats, FaceTime calls and other forms of encrypted chat on demand.
The American Civil Liberties Union (ACLU) has said this would be like the recently-discovered FaceTime bug, only worse …
The ACLU revealed the proposal in a blog post.
The GCHQ recently proposed that government agents be able to inject hidden participants into secure messaging services. This proposal has come to be known as the “Ghost proposal.”
Written by GCHQ’s Ian Levy and Crispin Robinson, it recommends institutionalizing an untrustworthy user interface when the government wants to spy on a conversation.
“It’s relatively easy for a service provider to silently add a law enforcement participant to a group chat or call. The service provider usually controls the identity system and so really decides who’s who and which devices are involved — they’re usually involved in introducing the parties to a chat or call…. In a solution like this, we’re normally talking about suppressing a notification on a target’s device… and possibly those they communicate with.”
In short, Apple — or any other company that allows people to privately chat — would be forced to allow the government to join those chats as a silent, invisible eavesdropper.
GCHQ suggests that this approach could be a way around the end-to-end encryption debate. Instead of breaking strong encryption, companies would maintain it but backdoor in law enforcement agencies as secret participants.
The ACLU says this is a disingenuous argument, as it violates authenticity and renders encryption meaningless. It compares the proposal to the recently-discovered FaceTime bug.
The Ghost proposal institutionalizes a significantly worse user interface failure than Monday’s FaceTime flaw. With the FaceTime bug, the vulnerable user at least gets an alert about an incoming call to know that something is happening, even if the user interface is misrepresenting the situation and violating the user’s expectations. With the Ghost proposal, the user has no way of even knowing that something is happening that violates their expectations.
The ACLU also points out that the approach would have exactly the same problem as breaking strong encryption: any backdoor provided for use by the good guys would inevitably be discovered and exploited by the bad guys.
Photo: Evening Standard