Senate Given The Go-Ahead To Use Encrypted Messaging App Signal

from the feinstein,-burr-will-continue-to-use-AOL-chatrooms dept

Certain senators have repeatedly pushed for encryption bans or encryption backdoors, sacrificing personal security for national security in a move that will definitively result in less of both. Former FBI Director James Comey's incessant beating of his "Going Dark" drum didn't help. Several legislators always managed to get sucked in by his narrative of thousands of unsearched phones presumably being tied to thousands of unsolved crimes and free-roaming criminals.

It will be interesting if the anti-encryption narratives advanced by Sens. Feinstein and Burr (in particular -- although others equally sympathetic) continue now that senators can officially begin using an encrypted messaging system for their own communications.

Without any fanfare, the Senate Sergeant at Arms recently told Senate staffers that Signal, widely considered by security researchers and experts to be the most secure encrypted messaging app, has been approved for use.

The news was revealed in a letter Tuesday by Sen. Ron Wyden (D-OR), a staunch privacy and encryption advocate, who recognized the effort to allow the encrypted messaging app as one of many "important defensive cybersecurity" measures introduced in the chamber.

ZDNet has learned the policy change went into effect in March.

If this isn't the end of CryptoWar 2.0, then it's at least a significant ceasefire. Senators are going to find it very hard to argue against encrypted communications when they're allowed to use encrypted messaging apps. It's not that legislators are above hypocrisy. It's just that they usually allow a certain amount of time to pass before they commence openly-hypocritical activity.

This doesn't mean the rest of the government is allowed to use encrypted chat apps for official communications. Federal agencies fall under a different set of rules -- ones that provide for more comprehensive retention of communications under FOIA law. Congressional communications, however, generally can't be FOIA'ed. It usually takes a backdoor search at federal agencies to cut these loose. So, members of Congress using an encrypted chat app with self-destructing messages may seem like the perfect way to avoid transparency, but it's the law itself that provides most of the opacity.

If encryption's good for the Senate, it's good for the public. There's no other way to spin this. Even Trump's pro-law enforcement enthusiasm is unlikely to be enough to sell Congress on encryption backdoors. With this power in the palm of their hands, they're more apt to see the benefits of leaving encryption un-fucked with.

Filed Under: encryption, end to end encryption, messaging, senate, signal

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Anonymous Coward, 20 May 2017 @ 8:17pm

    Re: A question for you enryptions theoreticians

    The reason I ask is I imagine a different kind of computer architecture altogether. Right now, when data moves out of the CPU, it must pass through a LOT of translations. For example, PCIe data is protected by one form of CRC (if I remember) on the way to the network adapter. The network adapter may use CRC or ECC (or something else) to protect it over the network wire. Then the storage adapter uses something else to protect it over the storage wire. Then the storage controller uses something else to protect it on the media. Then the whole thing is reversed, and you can only hope that nothing went wrong on the way back. Replace this with YOUR OWN Error Correcting Code, right in the CPU. Now, no matter who abused your data, or how much, you can both detect it and correct it, inside the CPU, right next to your application. This would allow things like "overclocking" everything, since you can now both detect and correct errors everywhere. It removes the requirement for protection everywhere else while allowing the user choose his own level of protection and encryption appropriate for his application. It is a fundamentally different computing architecture (IMHO) and leverages current technology in the CPU to protect real application data while simultaneously simplifying everything else. The Chinese could manufacture disk drives, for example, because they don't need a complex ECC design in the drive. They don't need a complex manufacturing process to verify the media. Close (in terms of correctness) becomes good enough, since errors can be both detected and corrected by the application, not a whole chain of unknown devices. And encryption is free.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.