'Google and Apple criticise GCHQ eavesdropping idea' diff viewer (0/1)

This article is from the source 'bbc' and was first published or seen on May 30, 2019 15:12 (UTC). It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at https://www.bbc.co.uk/news/technology-48458710

The article has changed 2 times. There is an RSS feed of changes available.

Previous version 1 Next version

Previous version 1 Next version

Version 0	Version 1
Google and Apple criticise GCHQ eavesdropping idea	Google and Apple criticise GCHQ eavesdropping idea
2019-05-30 15:12:24 UTC	2019-05-31 11:14:23 UTC (about 20 hours later)
~~A proposal by ~~the~~ UK security agency GCHQ to eavesdrop on encrypted messages has been ~~strongly~~ criticised by ~~big~~ tech firms and rights groups.~~	A "hypothetical" proposal by UK security agency GCHQ to eavesdrop on encrypted messages has been criticised by tech firms and rights groups.
Google and Apple were among 47 firms to sign an open letter, saying it was a "serious threat" to trust and security.	Google and Apple were among 47 firms to sign an open letter, saying it was a "serious threat" to trust and security.
~~The GCHQ plan would ~~effectively~~ ~~mean~~ ~~that~~ a ~~copy~~ of ~~every~~ encrypted ~~message~~ ~~would~~ be ~~sent~~ to ~~the~~ ~~security~~ ~~services.~~~~	The GCHQ plan would mean, in some circumstances, security services got copies of encrypted messages.
The technique resembled the way that GCHQ currently used wiretaps to listen to unencrypted chat, said the agency.	The technique resembled the way that GCHQ currently used wiretaps to listen to unencrypted chat, said the agency.
Silent copy	Silent copy
The plan for a so-called "ghost protocol" was first floated by the UK National Cyber Security Centre's technical director Ian Levy and GCHQ's chief codebreaker Crispin Robinson in November 2018.	The plan for a so-called "ghost protocol" was first floated by the UK National Cyber Security Centre's technical director Ian Levy and GCHQ's chief codebreaker Crispin Robinson in November 2018.
The proposal was intended to add to the debate about strongly encrypted messaging systems that security services have struggled to break.	The proposal was intended to add to the debate about strongly encrypted messaging systems that security services have struggled to break.
Instead of asking for encryption systems to be weakened so they can be cracked, the plan would instead copy messages and send the duplicate on to a third recipient.	Instead of asking for encryption systems to be weakened so they can be cracked, the plan would instead copy messages and send the duplicate on to a third recipient.
That other recipient would be able to read the message because they possessed a key corresponding to the one with which it was encrypted.	That other recipient would be able to read the message because they possessed a key corresponding to the one with which it was encrypted.
	The ghosting system would only be used in "exceptional circumstances" to gather information about suspects, said the discussion paper about the technology.
In their letter, rights groups, industry bodies and tech firms said the idea would "violate" important human rights principles.	In their letter, rights groups, industry bodies and tech firms said the idea would "violate" important human rights principles.
Signatories include Google, Apple, WhatsApp and Microsoft as well as Big Brother Watch, Privacy International and the Center for Democracy and Technology.	Signatories include Google, Apple, WhatsApp and Microsoft as well as Big Brother Watch, Privacy International and the Center for Democracy and Technology.
The letter said that implementing GCHQ's idea would require changes that "undermine user security and trust" and potentially introduce vulnerabilities into messaging systems.	The letter said that implementing GCHQ's idea would require changes that "undermine user security and trust" and potentially introduce vulnerabilities into messaging systems.
"The overwhelming majority of users rely on their confidence in reputable providers to perform authentication functions and verify that the participants in a conversation are the people they think they are, and only those people," said the letter.	"The overwhelming majority of users rely on their confidence in reputable providers to perform authentication functions and verify that the participants in a conversation are the people they think they are, and only those people," said the letter.
"GCHQ's ghost proposal completely undermines this trust relationship and the authentication process," it added.	"GCHQ's ghost proposal completely undermines this trust relationship and the authentication process," it added.
It would also threaten privacy and free speech, wrote the signatories.	It would also threaten privacy and free speech, wrote the signatories.
In response, Mr Levy said its idea was "hypothetical" and intended as a "starting point for discussion".	In response, Mr Levy said its idea was "hypothetical" and intended as a "starting point for discussion".
He added: "We will continue to engage with interested parties and look forward to having an open discussion to reach the best solutions possible."	He added: "We will continue to engage with interested parties and look forward to having an open discussion to reach the best solutions possible."