ISIS's Encrypted Messaging App Isn't Real; But Backdooring Encryption Still Won't Help The NSA

from the be-real dept

So we recently reported on a claim that ISIS had been spotted making use of their very own encrypted messaging app, and highlighting how totally useless US laws requiring tech companies to backdoor encryption would be in that situation. However, it turns out that we should have been a lot more skeptical of the original report, coming from a single sourced security company. Over the years, we've learned that single-sourced security company claims are often highly suspect, and designed much more to get attention or increase FUD, than based on any real issue. The good folks over at Daily Dot are now reporting that this encrypted messaging app doesn't really appear to exist, and their investigation is pretty thorough and fairly convincing. Just like the claims that ISIS had a "training manual for encryption," this claim appears to be false.

That said, it still doesn't mean that ISIS is actually relying on encrypted apps that would be opened up by a US legal change requiring encryption backdoors. As we noted in our last post, research from the Open Technology Institute showed that almost all the popular encrypted communications app that were named as being used by ISIS were either open source or not maintained by a US company, meaning any such law would be basically meaningless to ISIS folks trying to communicate.
And given the open source nature of many of those apps, it wouldn't be surprising at all to find out that, eventually, someone forks an existing project to create a separate one relied on by ISIS. And none of that would be impacted by US laws anyway. So the only impact would be on weakening the safety and security of Americans who rely on encryption every day to keep themselves safe.

Filed Under: backdoors, encryption, going dark, isis, messaging

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Anonymous Coward, 29 Jan 2016 @ 10:37am

    Just backdoor the encryption already!

    This going dark "problem" is flipping simple to fix.

    1. Create a "secure" messaging application that has a hidden back door.
    2. Infiltrate ISIS, share secure messaging app with them.
    3.Release news articles about how this new messaging app that ISIS is using is uncrackable.
    4.Pat yourself on the back for a job well done

    Maybe step 3 is whats really going on here?

    This is not that difficult to pull off, everyone trusted TrueCrypt until the people behind it said its insecure.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.