Facebook Plans on Backdooring WhatsApp
https://www.schneier.com/blog/archives/2019/08/facebook_plans_.html
This article points out that Facebook's planned content moderation scheme will result in an encryption backdoor into WhatsApp:
In Facebook's vision, the actual end-to-end encryption client itself such as WhatsApp will include embedded content moderation and blacklist filtering algorithms. These algorithms will be continually updated from a central cloud service, but will run locally on the user's device, scanning each cleartext message before it is sent and each encrypted message after it is decrypted.
The company even noted that when it detects violations it will need to quietly stream a copy of the formerly encrypted content back to its central servers to analyze further, even if the user objects, acting as true wiretapping service.
Facebook's model entirely bypasses the encryption debate by globalizing the current practice of compromising devices by building those encryption bypasses directly into the communications clients themselves and deploying what amounts to machine-based wiretaps to billions of users at once.
Once this is in place, it's easy for the government to demand that Facebook add another filter -- one that searches for communications that they care about -- and alert them when it gets triggered.
Of course alternatives like Signal will exist for those who don't want to be subject to Facebook's content moderation, but what happens when this filtering technology is built into operating systems?
The problem is that if Facebook's model succeeds, it will only be a matter of time before device manufacturers and mobile operating system developers embed similar tools directly into devices themselves, making them impossible to escape. Embedding content scanning tools directly into phones would make it possible to scan all apps, including ones like Signal, effectively ending the era of encrypted communications.
I don't think this will happen -- why does AT&T care about content moderation -- but it is something to watch?
EDITED TO ADD (8/2): This story is wrong. Read my correction:
https://www.schneier.com/blog/archives/2019/08/more_on_backdoo.html
π‘ @NoGoolag
#WhatsApp #fb #facebook #libra #why #backdoor #encryption
https://www.schneier.com/blog/archives/2019/08/facebook_plans_.html
This article points out that Facebook's planned content moderation scheme will result in an encryption backdoor into WhatsApp:
In Facebook's vision, the actual end-to-end encryption client itself such as WhatsApp will include embedded content moderation and blacklist filtering algorithms. These algorithms will be continually updated from a central cloud service, but will run locally on the user's device, scanning each cleartext message before it is sent and each encrypted message after it is decrypted.
The company even noted that when it detects violations it will need to quietly stream a copy of the formerly encrypted content back to its central servers to analyze further, even if the user objects, acting as true wiretapping service.
Facebook's model entirely bypasses the encryption debate by globalizing the current practice of compromising devices by building those encryption bypasses directly into the communications clients themselves and deploying what amounts to machine-based wiretaps to billions of users at once.
Once this is in place, it's easy for the government to demand that Facebook add another filter -- one that searches for communications that they care about -- and alert them when it gets triggered.
Of course alternatives like Signal will exist for those who don't want to be subject to Facebook's content moderation, but what happens when this filtering technology is built into operating systems?
The problem is that if Facebook's model succeeds, it will only be a matter of time before device manufacturers and mobile operating system developers embed similar tools directly into devices themselves, making them impossible to escape. Embedding content scanning tools directly into phones would make it possible to scan all apps, including ones like Signal, effectively ending the era of encrypted communications.
I don't think this will happen -- why does AT&T care about content moderation -- but it is something to watch?
EDITED TO ADD (8/2): This story is wrong. Read my correction:
https://www.schneier.com/blog/archives/2019/08/more_on_backdoo.html
π‘ @NoGoolag
#WhatsApp #fb #facebook #libra #why #backdoor #encryption
Forwarded from BlackBox (Security) Archiv
FBI warns about snoopy smart TVs spying on you
An FBI branch office warns smart TV users that they can be gateways for hackers to come into your home. Meanwhile, the smart TV OEMs are already spying on you
A recent #FBI #report warned #smart #TV users that #hackers can also take control of your unsecured TV. "At the low end of the risk spectrum, they can change channels, play with the volume, and show your kids inappropriate videos. In a worst-case scenario, they can turn on your bedroom TV's camera and microphone and silently #cyberstalk you," explained the FBI.
The risk isn't new. A few years ago, smart TVs from #LG, #Samsung, and #Vizio were #spying and #reporting on your viewing habits to their #manufacturers.
Today, the FBI is warning that "TV manufacturers and #app #developers may be listening and watching you." It added, "[A] television can also be a gateway for hackers to come into your home. A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the #backdoor through your #router."
That's true, but while there have been relatively few cases of hackers invading homes via their smart TVs, it's only a matter of time until they're watching and listening to you.
ππΌ Read more:
https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
An FBI branch office warns smart TV users that they can be gateways for hackers to come into your home. Meanwhile, the smart TV OEMs are already spying on you
A recent #FBI #report warned #smart #TV users that #hackers can also take control of your unsecured TV. "At the low end of the risk spectrum, they can change channels, play with the volume, and show your kids inappropriate videos. In a worst-case scenario, they can turn on your bedroom TV's camera and microphone and silently #cyberstalk you," explained the FBI.
The risk isn't new. A few years ago, smart TVs from #LG, #Samsung, and #Vizio were #spying and #reporting on your viewing habits to their #manufacturers.
Today, the FBI is warning that "TV manufacturers and #app #developers may be listening and watching you." It added, "[A] television can also be a gateway for hackers to come into your home. A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the #backdoor through your #router."
That's true, but while there have been relatively few cases of hackers invading homes via their smart TVs, it's only a matter of time until they're watching and listening to you.
ππΌ Read more:
https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv