Law Enforcement's Nemesis -- WhatsApp -- Is Also Law Enforcement's Best Friend

from the love/hate-as-needed dept

WhatsApp: a tool for evil.

David Cameron announced early last year that it was "unacceptable" that all communications could not be intercepted and read by intelligence services and law enforcement agencies. He stopped short of calling for a ban but strongly hinted this would be addressed in the Snooper's Charter.

This followed the head of the UK's GCHQ throwing both terrorism and child porn into the mix while vocally handwringing about encrypted communications -- portraying tech companies as callous accomplices of child abusers and jihadists.

In Brazil, WhatsApp was blocked and a Facebook executive arrested for refusing to hand over identifying information on its users.

And here in the US, the FBI has been dropping sealed hints that the popular messaging app may be the next recipient of one of its infamous All Writs orders.

Meanwhile, over in Belgium, it's law enforcement that's benefitted the most from the platform's existence. (h/t Frederic Jacobs)

"There were no orders and nobody really knew what to do. The mobile phone network was also out of order. Fortunately, Whatsapp worked. Without this app we we could not communicate at all," federal police spokesman Peter De Waele said as quoted by the media outlet.
Very handy, that. When cell infrastructure goes down, WhatsApp stays up. What law enforcement hates and fears because it can't capture readable content in transit is also useful when all hell breaks loose. Kill it off because you fear the unseen communications and you're going to end up hurting yourself.

As for Belgian law enforcement, they're likely not as fearful of WhatsApp's encryption as others. WhatsApp played a key part in a terrorist plot last summer -- but one that was disrupted by Belgian law enforcement.
According to Gaspard Sebag from Bloomberg, the European law enforcement in a joint effort with the FBI are monitoring the use of the popular messaging platform WhatsApp.
“Investigators said earlier they had detained 16 people in the anti-terror raids after working with U.S. authorities to monitor suspects’ communications on WhatsApp Inc.’s messaging service.” states Sebag.

The Belgian law enforcement raided two separate groups operating in Ostend and Louvain, and according various sources the messages exchanged on WhatsApp allowed the investigators to trace the group.

At the time I’m writing, Facebook who acquired WhatsApp, declined to comment the events, but security experts speculate that there is something wrong in the implementation of WhatsApp end-to-end (E2E) encryption started in November.
And even if the flaw is no longer present, intelligence/law enforcement agencies still have other options:
It seems that even if the messages are protected by the encryption implemented, the FBI or NSA are able to gather metadata on the server side that could be used to link WhatsApp users. The analysis of metadata allowed law enforcement to identify the network of the alleged suspects.
Not quite the monster Cameron, et al. have portrayed it as. And it's a great backup plan for those times when regular communication channels just aren't working.

Filed Under: brussels, communication, encryption
Companies: whatsapp


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 28 Mar 2016 @ 10:47am

    Let's be clear. And this comes from the official media: the Belgium strikes happened because the Belgian police (and the EU intelligence services) were touching their balls with both hands and both feet instead of doing their job.

    They knew already who to catch, where they were and what to do. Actually, Belgium was a fucking fortress regarding surveillance, due to the Paris strikes a year before and other issues.

    And yet, the terrorists could kill thirty plus people, not due encryption, or due people shutting up their mouths and not reporting them.

    But because the police were fiddling with their thumbs.


    And you know what? That now the PNR is going to get a smooth sailing because "think of terrorism". And they will hop on the wagon to introduce new surveillance laws into place.

    As if surveillance laws were thought to combat terrorism. They are made to combat citizens, not terrorists.

    reply to this | link to this | view in chronology ]

  • icon
    DannyB (profile), 28 Mar 2016 @ 10:47am

    Don't bad guys use burner phones?

    This followed the head of the UK's GCHQ throwing both terrorism and child porn into the mix while vocally handwringing about encrypted communications -- portraying tech companies as callous accomplices of child abusers and jihadists.
    Don't bad guys use disposable mobile phones?

    It seems like it might be the mobile phone companies that are callous accomplices of child abusers and jihadists. Shouldn't they be monitoring (aka, listening in on) all mobile phone calls in order to prevent their networks from being used by bad guys?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Mar 2016 @ 11:06am

    > When cell infrastructure goes down, WhatsApp stays up.

    If the cell infrastructure goes down, how do WhatsApp clients still have connectivity? Does Brussels have widespread open wifi?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 28 Mar 2016 @ 11:21am

      Re:

      ...If the cell infrastructure goes down, how do WhatsApp clients still have connectivity? Does Brussels have widespread open wifi?...

      Maybe not widespread but enough open points to hardwired services to maintain connectivity. If I'm reading right WhatsApp avoids using cel and SMS networks/protocols unless no other connection options exists.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 28 Mar 2016 @ 12:11pm

        Re: Re:

        Ok, that makes sense. I was hoping the answer would be like something out of a Cory Doctorow novel - a point-to-point mesh networking protocol that works phone-to-phone with only a portion of the mesh having WAN connectivity.

        reply to this | link to this | view in chronology ]

    • identicon
      joe, 3 Apr 2016 @ 10:12am

      Re:

      Mobil wifi

      reply to this | link to this | view in chronology ]

  • icon
    AmericaWhereAreYou (profile), 28 Mar 2016 @ 11:20am

    If the terrorists were writing letters(pen, paper, mail.) would there be a push to open all letters?

    reply to this | link to this | view in chronology ]

  • icon
    streetlight (profile), 28 Mar 2016 @ 11:45am

    What about Google Hangouts or other apps?

    According to Google's web site:

    Conversations

    All signals, like messages, are encrypted over an HTTPS connection with 128-bit encryption, using TLS 1.2. The connection is encrypted and authenticated using AES_128_GCM. The key exchange mechanism is ECDHE_ECDSA.

    and

    Audio and video

    To improve audio and video quality, Hangouts calls use a direct peer-to-peer connection when possible, instead of routing through a server.

    Audio and video in Hangouts are encrypted using SRTP. Video is AES_CM_128_HMAC_SHA1_80, and audio is AES_CM_128_HMAC_SHA1_32 (128-bit AES encryption and SHA-1 HMAC for authentication).

    When you dial a phone number from a Hangout, audio is encrypted until it reaches the carrier network. But telephone carriers are responsible for the audio within carrier networks

    I'm not a security expert, but it seems messages using Hangouts are end-to-end encrypted over Wi-Fi and possibly over cell networks. I believe that's also the case for Gmail as messages are stored encrypted on Google's servers. Whether decryption of these Google products messages can be done by others, I don't know. Others should comment.

    The possibility of detecting members of a connected web of terrorists by just knowing their messaging connections should one or more persons in the terrorist web is a known terrorist is a fascinating possibility. This suggests the authorities need to leave at least one known terrorist at large for awhile to complete the web while keeping an eye on the connected individuals. Burner phones may be a problem in this scenario, though.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Mar 2016 @ 12:14pm

    Say it with me: Encryption Saves Lives!

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Mar 2016 @ 12:36pm

    let's face it, the various governments dont want anyone able to communicate, certainly in private, with anyone else! all they do is complain about messaging apps and encryption but are only too glad that both exist when they have lost their methods of communication! it's basically like just about everything today. governments want everything and us to have nothing. they want to be able to punish people drastically for the most minor 'crime'. stop people from getting any information about the governments or the people in government and spreading it around the globe whilst very conveniently ignoring the fact that they are supposed to be in office for the people, not for themselves!!

    reply to this | link to this | view in chronology ]

  • icon
    Tom Mink (profile), 28 Mar 2016 @ 12:55pm

    Access to user metadata not enough?

    As law enforcement and intelligence agencies monitor connections between suspects to establish cause for investigation (and membership no fly lists, detention, even assassination) does that mean that access to communications content will lead to exonerations and a greater evidence threshold for government sanctions against individuals? If you're the perfectly innocent cousin of a terrorist suspect and at most you've discussed lasagna recipes you'd be off the hook, no?

    Haha... Of course not.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 28 Mar 2016 @ 6:23pm

    when you have law enforcement and their supporters going out of their way to kill off something that will only hold corrupt cops accountable, it is the time to start making an exit strategy.

    reply to this | link to this | view in chronology ]

  • identicon
    horchata, 29 Mar 2016 @ 4:59am

    reply to this | link to this | view in chronology ]

  • identicon
    Feruhlphox, 29 Mar 2016 @ 7:59pm

    Start using Signal - it's encrypted when the receiver has the app too.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.