nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

Break crypto to monitor jihadis in real time? Don't be ridiculous, say experts

Former gov.UK advisor Rohan Silva branded 'utterly clueless'

By John Leyden, 6 Jun 2017

Calls by a former special advisor to ex UK Prime Minister David Cameron to allow the circumvention of end-to-end encryption to monitor terrorist suspects have come under fire from security experts.

Rohan Silva, government policy consultant turned co-founder at Shoreditch-based tech incubator/workspace startup Second Home, appeared on BBC Radio 4's Today programme (segment starts at 1:19.20; requires presence in the UK) to argue that law enforcement needed real time access to communications of those on the terrorist watch list.

The tech industry is "not engaging" with policy makers and pushing end-to-end encryption for profit ("worries about customers switching elsewhere") rather than principle, according to Silva.

Silva argued that end-to-end encryption was introduced by services such as WhatsApp and Apple iMessage in the time after 2014 solely due to customer concerns about mass surveillance that had been prompted by leaks of spy documents by Edward Snowden, the ex-NSA sysadmin.

Jennifer Arcuri, a co-founder of cyber-security Hacker House, who debated with Silva on Today, pointed out that any government backdoor would necessarily weaken the security of an encrypted comms channel. "If you allow one backdoor for government, you've no idea who else is accessing or listening," she said.

The government has the capability to hack phones. It is possible to monitor and surveil people, argued Arcuri, who added that the authorities simply need to obtain a warrant under existing surveillance law – namely, the Investigatory Powers Act.

Silva asserted that terrorists responsible for recent atrocities in Paris 2015 and more recently in April in Stockholm - "insofar as we can tell" - were using encrypted comms.

"Even if you try to hack into someone's device, you can't tell what's going on within those apps," he claimed.

Security experts were quick to say Silva was dead wrong on this point. It's a foundational principle of infosec that once hackers have malware running as root on a device they'll normally be able to steal encryption keys and monitor communications. Keys held on a secure element might be safe - but that's not the scenario in play with WhatsApp or Telegram message exchanges.

Silva clarified that he was not in favour of "banning encryption" but wants the tech industry to "lean in" and partner with law enforcement to offer real-time interception.

"The government has actually came forward with reasonable proposals that for up to 6,500 radicals or extremists real-time monitoring of communication would be allowed," he said. "Having a different approach for those on a watch list is something that is proportionate, reasonable."

Silva is not in favour of banning encryption, arguing it ought to be preserved for electronic banking. Instead he wants some sort of deep packet inspection surveillance capability that industry - rather than government - should pay for.

"It's a shame you're not seeing Mark Zuckerberg or the founders of Google flying in and really engaging. The British government is still having to deal with public policy people here in the UK."

The former policy wonk - whose performance on radio this morning was criticised as "clueless" by some - previously used his Evening Standard column, normally used for banging the drum for the London tech scene, to argue that law enforcement need real time access to communications (extract below).

What’s needed is not a clampdown on encryption — after all, it’s essential for financial transactions and the modern economy... the Home Office has developed sensible proposals that require a judge to give permission before real-time communications can be monitored — ensuring that suspected terrorists can be stopped before it’s too late, while also protecting against the mass surveillance that the public is worried about.

In the wake of last weekend's London Bridge terror attack, prime minister Theresa May claimed that tech firms are creating "safe spaces" for extremist ideology to thrive. Other UK cabinet ministers have called for tech companies to do more to help authorities in the fight against terrorism.

Media commentators and others have questioned calls for greater bulk surveillance and greater encryption controls in the wake of the London Bridge attack. Nobody is talking about putting restriction on hiring vans and buying knives, so the policy focus of whether or not terrorists used encrypt comms to conspire among themselves is puzzling.

Two of the suspects were known to the authorities and ought have been the targets of control orders and travel restrictions. Admittedly, this easy to say say with the benefit of hindsight.

One of the London Bridge attackers, Khuram Butt, 27, was in a documentary about UK jihadists and known to police. Butt appeared in a Channel 4 documentary, called The Jihadis Next Door, that aired last year and focused on a group of Islamist extremists allied to the jailed preacher Anjem Choudary. Another individual featured in the documentary, Abu Rumaysah, skipped UK bail and fled to Syria. He is suspected of being a British jihadi who appeared months later in an Isis execution video.

Another London Bridge attacker, Youssef Zaghba, was on a watch list issued by Italian authorities who stopped him travelling to Turkey because of suspicions he was bent on joining Isis in Syria. They also alerted their British counterparts when Zaghba moved to London. ®

The Register - Independent news and views for the tech community. Part of Situation Publishing