Profile picture
Mustafa Al-Bassam @musalbas
, 7 tweets, 3 min read Read on Twitter
Ian Levy of GCHQ has released an essay on how law enforcement should get access to end-to-end encrypted communications. Here is the critical bit to pay attention to.

They're proposing to exploit the fact that users don't verify each other's public keys, and inject bad keys.
We've been fortunate enough to not have a global active adversary that is willing to manipulate packets on a large scale, so end-to-end encrypted chat systems didn't have to focus much on the key verification problem. That looks like it's going to change:
In light of this, user-friendly key verification is going to be increasingly important, as will systems such as Key Transparency which make it so that any misbehaviour on the part of the server in key management will be publicly detectable, even if users don't verify keys.
This is the type of notification from WhatsApp for example that Levy is likely talking about suppressing, and also any notifications that would inform you when a new device has been added to your account.
Here is what Levy also said earlier this year in relation to identity systems in end-to-end encryption messaging apps. Thread from earlier this year:
Link to original essay: lawfareblog.com/principles-mor…
Also these notifications would be surpressed under GCHQ's law enforcement access proposal:
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Mustafa Al-Bassam
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!