Tech
Privacy, power, and encryption: why end-to-end security matters | Computer Weekly
Privacy is not a modern invention; it is part of the human condition of trust, dissent, and intimacy. Every society has developed ways to communicate beyond the reach of power: whispered conversations, sealed letters, coded language.
The need to keep secrets is equally as important among the powerful – governments, more so than individuals, have jealously guarded their own secrets, even as they seek to uncover the secrets of others. What is new is neither the need nor desire for private communication but the current power of the observer.
We now live in what some have termed a “golden age of surveillance,” in which governments, corporations, and adversaries possess the technical capability to monitor human interaction at unprecedented scale. In this era of pervasive digital connectivity, most digital interactions leave a permanent, searchable trace, and the need to protect sensitive information has become critical.
End-to-end encryption (E2EE) is therefore not a technical abstraction or ideological indulgence; it is the most effective defence against unauthorized access to private communications in a fully networked world. As digital communication continues to evolve, the risks of interception scale with it.
Why E2EE matters
E2EE preserves data confidentiality by masking data from unauthorised users and ensuring that only the intended recipients, with a decryption key, can access the data. Using cryptography, E2EE transforms readable plaintext into unreadable ciphertext on the sender’s device, keeps it encrypted during transmission, and decrypts it back into its original form only when it reaches its destination and is decoded with the correct key. It is widely used by governments and corporations and is becoming increasingly common among individual users, reflecting its status as the prevailing standard for data security and privacy.
The most common use of E2EE is for secure communications on mobile and online messaging services. It is also widely used by password managers to protect users’ passwords; for data storage purposes to ensure that data is protected when it is stored and when it is transmitted between devices or to the cloud; and for file-sharing purposes, including peer-to-peer file sharing, encrypted cloud storage, and specialised file transfer services.
Using E2EE means that no one else, including the service provider facilitating the communications, has access to the unencrypted data without consent. If it were to be intercepted, the data would appear to third parties as random, unintelligible characters.
As the service provider facilitating the communications does not have access to the unencrypted data due to E2EE, it is unable to provide it to any third party. That includes governments and law enforcement agencies that criticize E2EE as an obstacle to investigations while at the same time relying on and demanding the strongest available encryption to protect their own systems. Thus, the debate over E2EE is not about balancing privacy and security. It is about whether governments can demand systemic insecurity while insisting on absolute security for themselves.
The risks of ‘exceptional access’
“Exceptional access” is the term used to describe the mechanism for enabling government access to encrypted communications. Different governments take different approaches to the methods they use to seek exceptional access. While the intentions behind exceptional access may be noble, facilitating such mechanisms in E2EE communications can create more problems than it seeks to solve.
The creation of government-mandated security vulnerabilities, commonly known as backdoors, into E2EE services jeopardizes the security and privacy of global communications. Once a backdoor is built, no one can guarantee that only the authorised third party will have access to it. Malicious actors will try to use such backdoors to enter and decrypt communications that are intended to be secure on the endpoints and only accessible to the sender and recipients. It is for this reason that the world’s leading providers have avowed publicly never to do so.
Third-party exceptional access mechanisms in which a copy of a user’s decryption keys are held by a “trusted” third party for potential future use by the government are at present fraught with insurmountable technological and security issues. Industry, backed by the vast majority of relevant experts, is saying that it’s simply not possible to have E2EE where a third party holds a key. It defeats E2EE’s central premise and is a deliberate breach of the security guarantee that E2EE provides.
Any kind of repository where providers are forced to store the keys would become a treasure trove of a target for attackers – especially so for sophisticated state actors who, as we have repeatedly seen, are adept at breaking into worldwide telecommunications networks and critical infrastructure.
Why encryption is not an existential threat to law enforcement
In any event, governments have for decades warned of the existential threat posed by encryption and on the grim possibility of “going dark.” But they have not gone dark, and there exist other means by which governments can get valuable data. Metadata remains available. Enhanced investigative means and other investigative tools are ever evolving and becoming more sophisticated.
Governments should be careful about what they wish for. In seeking to fetter E2EE, they may drive the very actors whose data they most need away from mainstream providers, most of whom have long-standing collaborative relationships with law enforcement. In doing so, they will lose the ability to gain the data they can still obtain notwithstanding the use of E2EE – or, worse, they will undermine the very technology on which they also rely.
At this stage of technological development, there exists no meaningful way to grant governments “exceptional access” to encrypted communications without deliberately engineering systemic vulnerability into the digital infrastructure on which billions of people, institutions, and governments themselves depend.
Once such vulnerabilities exist, they cannot be confined to the well-intentioned or the lawful; they become available to hostile states, criminal actors, and anyone capable of exploiting them. The consensus among technologists and security experts is unequivocal: E2EE either works for everyone, or it is broken for everyone. Governments may continue to warn of impending darkness, but the greater danger lies in demanding insecurity by design – an outcome that would fundamentally undermine trust, resilience, and the security of the global communications ecosystem.
Prego, the pasta sauce company, is getting into hardware with a device that sits on your table and records dinner conversations. No, this isn’t April Fools’.
The Connection Keeper is a round puck that houses two microphones for recording around the table. The recorder was developed in partnership with StoryCorps, the 20-year-old nonprofit that has recorded conversations with more than 720,000 people about their lives.
The Connection Keeper is more of a publicity stunt than a readily available product. Fewer than 100 will be made. The pucks look more like a tuna can than what you’d associate with the pasta sauce brand—small and meant to be tucked aside so as not to attract attention. The whole goal here, Prego and StoryCorps say, is to advocate for keeping people off their phones during dinner.
“Everything now is AI, and everyone has their phones on the table,” says Elyce Henkin, a managing director of StoryCorps studios and brand partnerships. “It interrupts the conversation and the flow. We wanted to get rid of that and go back to the basics and have everyone talking to each other.”
The pucks come packaged with cards inspired by StoryCorps, designed to prompt conversations between family members. Some are aimed at kids; some are aimed at parents or other family members.
The device doesn’t record automatically. Press a button, and the device begins recording CD-quality audio. Push the button again to stop. It records all the audio on a 16-GB microSD card that can hold up to eight hours of audio at a time. Those recordings can then be saved on a StoryCorps microsite or the family’s own storage. There is no cloud connection, no Wi-Fi, and no artificial intelligence features whatsoever.
The more communal element of the project is that StoryCorps will allow users to share their recordings on its website (or keep them private). Anything that has been voluntarily shared will also be physically preserved as a recording along with the larger StoryCorps collection within the US Library of Congress.
Prego is a US company, named after the Italian word for “you’re welcome.” I’ll tell you this from experience growing up in an Italian-American extended family: The Connection Keeper is going to have a hell of a time keeping track of a conversation at a table full of loud uncles and your wine-drunk grandma, who all talk at the same time.
“I think it’s how a lot of families are,” Henkin says. “What StoryCorps does is that it reminds us of our similarities and the humanity that’s in us all, even though we are all different. I imagine that if someone were to go through and listen to the collection, there would be rowdy moments, and there would be kids laughing and moms saying, ‘Don’t eat with your mouth full.’ That’s all part of the truth of it.”
Bose’s QuietComfort Ultra 2 earbuds are the best noise-canceling earbuds you can buy. Right now, they’re $50 off, which matches the best price we tend to see outside of special events like Black Friday and Cyber Monday. If you want to wait until November, they might hit $200 again, but otherwise $250 is a very fair deal—especially since they pop back up to $300 regularly. The discounted price applies to all five color options, including Black, Deep Plum, Desert Gold, Midnight Violet, and White Smoke (another rarity, as usually only the vivid colors go on sale).
Sometimes you just need to quiet the world. Whether it’s to play 10 hours of Coconut Mall on a loop to help you lock in and meet your Friday deadlines (thanks to my colleague Julia Forbes for that suggestion); muffle the crying babies, sniffling neighbors, and mysterious, potentially concerning clunking noises on an airplane; or to help you better appreciate the mix on Space Laces’ Vaultage 004 EP, active noise cancellation makes a huge difference to your listening experience.
The Bose QuietComfort Ultra 2 earbuds also have some of the best active noise cancellation you can find. They sound great out of the box, thanks to a custom sound profile based on the shape of your ears, but you can customize the EQ by using the app. The app also allows you to tweak touch controls and spatial audio.
The battery life lasts for about six hours, or 24 with the charging case. And while the noise cancellation can’t be beaten, these also have a pass-through feature called Aware mode, which filters in outside noise but smooths the loudest bits. That means you’ll be able to hear what’s going on, but you won’t be startled. True-crime podcast listeners, this one’s for you.
In fact, just about the only drawback we can find is that these might not be ideal for folks with super-small ears. Otherwise, they’re great all around, with solid call quality, excellent sound overall, and a sleek aesthetic. We think they offer good value at full price, so an extra $50 off is especially nice.
If you’re in the market for new headphones, but these don’t exactly fit what you’re looking for, we have plenty of other recommendations. Check out our guides to the Best Wireless Earbuds, Best Headphones for Working Out, Best Noise-Canceling Headphones, and Best Open Earbuds for additional hand-tested picks.
On November 16, 2021, Matthew Ziburis sat in his car in a residential neighborhood in the Bay Area stalking an “enemy,” as he put it. A veteran of both the US Army and Marine Corps, Ziburis had previously served in Iraq. But on this mission, he was working at the behest of China’s government. The targets that autumn day were American citizens: Arthur Liu and his teenage daughter, Alysa.
Arthur’s personal story was an exemplar of the American Dream. As a university student, he took part in the 1989 pro-democracy movement in China. After the crackdown at Tiananmen Square that year, he fled to the United States, settling in California. Arthur poured a small fortune and an equal amount of energy into molding Alysa into a figure skating phenom. As a national champion at age 13, she bantered along with Jimmy Fallon on The Tonight Show, and was at the time on track to represent America at the Winter Olympics the following year in Beijing.
Ziburis was surveilling the Liu home when he called Arthur, falsely claiming that he was a member of the US Olympic Committee who needed to discuss upcoming travel to Beijing, Arthur says. Ziburis was adamant that Arthur fax him copies of his and his daughter’s passports as part of a travel “preparedness check,” Liu tells WIRED. This struck Arthur as odd. In his many years dealing with sports bodies, he had never fielded such a request. Alysa’s agent did not respond to a request for comment.
Ziburis’ surveillance of Arthur and Alysa Liu that November day five years ago was just one episode in a bizarre saga that spanned from California to Beijing, touched New York City mayors and members of the US Congress, and has seen two people plead guilty and two more awaiting trial.
Unbeknownst to Ziburis, as he sat outside Aurthur and Alysa’s Northern California home, he too was being watched.
Ziburis had allegedly been dispatched to Northern California by Frank Liu, a self-styled fixer in the Chinese community from Long Island, New York, who was in turn receiving orders from a person in China named Qiang Sun. According to US authorities, Sun was working at the behest of the Chinese government. A concerned private investigator who once worked for Frank Liu had alerted the FBI to Frank’s escapades and was assisting authorities. Law enforcement was already on to Ziburis by the time he arrived. Anthony Ricco, Ziburis’ lawyer, did not respond to requests for comment.
Officers watched as Ziburis surveyed Arthur’s home and visited his law office. The heavy-set man sulking around Arthur’s office also caught the attention of a neighbor, who approached Ziburis and asked him if he needed help, Arthur says. Apparently concerned, the FBI called Arthur to warn him that Ziburis was heading to his home. By then, in part because of the harassment, Arthur and Alysa were boarding a plane to fly out of California. “It was like a movie,” Arthur says.
Alysa’s showing in Beijing in 2022 was disappointing. Burned out, she retired from the sport. Then in February, after returning to the ice after a two year hiatus, Alysa became the first US women’s figure skater to win Olympic gold since 2002—intentionally without her father by her side.
Despite her much-publicized complicated relationship with Arthur, Alysa’s success—punctuated by her signature pierced smile, racoon-tail dye job, and palpable joy for her sport—has reignited interest in the long-running case of transnational repression against her and her father. Human rights advocates and researchers have documented in recent years the lengths Beijing has taken to suppress critical voices, even those residing abroad or whose perceived transgressions date back decades.
Germany’s BOSS secures landmark Australian Open partnership
PCB imposes one-year PSL ban on Dasun Shanaka over contractual breach
Prego Has a Dinner-Conversation-Recording Device, Capisce?
-
Fashion4 days agoFrance’s LVMH Q1 revenue falls 6%, shows resilience amid Iran war
-
Sports1 week agoThe case for Man United’s Fernandes as Premier League’s best
-
Entertainment1 week agoPalace left in shock as Prince William cancels grand ceremony
-
Business1 week agoUK could adopt EU single market rules under new legislation
-
Entertainment5 days agoIs Claude down? Here’s why users are seeing errors
-
Fashion1 week agoEnergy emerges as biggest cost driver in textile margins
-
Sports1 week agoLamar Jackson hits back at critics with faithful message on social media
-
Tech1 week agoA Lot of Shops Won’t Fix Electric Bikes. Here’s Why