Why The Government Shouldn't Break WhatsApp

  • Published on: 03 July 2017
  • Encryption backdoors - breaking WhatsApp and iMessage's security to let the government stop Bad Things - sounds like a reasonable idea. Here's why it isn't.

    A transcript of this video's available here: https://www.facebook.com/notes/tom-scott/why-the-government-shouldnt-break-whatsapp/1378434365572557/


    Filmed at the Cambridge Centre for Computing History: http://www.computinghistory.org.uk/

    Camera by Tomek: https://www.youtube.com/tomek

    Thanks to everyone who helped proofread my script!


    WhatsApp's privacy protections questioned after terror attack: http://www.bbc.co.uk/news/technology-39405178

    WhatsApp must be accessible to authorities, says Amber Rudd: https://www.theguardian.com/technology/2017/mar/26/intelligence-services-access-whatsapp-amber-rudd-westminster-attack-encrypted-messaging

    UK government renews calls for WhatsApp backdoor after London attack: https://www.theverge.com/2017/3/27/15070744/encryption-whatsapp-backdoor-uk-london-attacks

    Investigatory Powers Act: http://www.legislation.gov.uk/ukpga/2016/25/contents/enacted

    India is 'ready to use' Blackberry message intercept system: http://www.bbc.co.uk/news/technology-23265091

    Revealed: how US and UK spy agencies defeat internet privacy and security: https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security

    Councils secretly spied on people walking dogs and feeding birds for five years: http://metro.co.uk/2016/12/26/councils-secretly-spied-on-people-walking-dogs-and-feeding-birds-for-five-years-6345051/
    [This is basically a rephrase of https://www.theguardian.com/world/2016/dec/25/british-councils-used-investigatory-powers-ripa-to-secretly-spy-on-public with a better headline]

    Poole council spies on family over school claim: http://www.telegraph.co.uk/news/uknews/1584713/Poole-council-spies-on-family-over-school-claim.html

    Security services missed five opportunities to stop the Manchester bomber: http://www.telegraph.co.uk/news/2017/05/24/security-services-missed-five-opportunities-stop-manchester/

    Reuters reference to "500 active investigations": http://www.reuters.com/article/us-britain-security-manchester-plots-idUSKBN18L1H0

    AP: Across US, police officers abuse confidential databases: https://apnews.com/699236946e3140659fff8a2362e16f43/ap-across-us-police-officers-abuse-confidential-databases


    I'm at http://tomscott.com
    on Twitter at http://twitter.com/tomscott
    on Facebook at http://facebook.com/tomscott
    and on Snapchat and Instagram as tomscottgo
  • Runtime : 11:11
  • tom scott tomscott the basics encryption whatsapp imessage public key private key encryption backdoor backdoor end-to-end encryption investigatory powers act computer science


  • Tom Scott
    Tom Scott   2 years ago

    This is the first video from "The Basics", a series of three pilot computer-science videos I'm putting out in the next couple of months. This one's opinionated; one's explanatory; and one demonstrates coding. It's been a while since I've done this sort of thing -- thanks to the folks who helped proofread my scripts!

  • The book without a name Dreams or a wise to grow.

    One bad person. Makes the world look bad. We all have ideas. As People steal our ideas. To app ideas. To personal writing. To many ideas. I wanna build. Is it amazing how Instagram. Shows you ads you just looked at shopping. Tom I got ideas. Just need a team.

  • Julian Barber
    Julian Barber   1 days ago

    they shoud also include backdoors in DRM content too, seeing as someone could use it to hide malicious communications to eacth other maybe

  • Michael Hemingway
    Michael Hemingway   2 days ago

    Honestly a government backdoor doesn't sound like a good idea even in a single sentence.

  • c182SkylaneRG
    c182SkylaneRG   2 days ago

    The 9/11 hijackers in the United States were reported to the FBI several times in the months leading up to those attacks, and were dismissed by the FBI as "not worth their time". (They were taking flying lessons at a flight school in Florida, but ONLY wanted to know how to fly straight and level, which is the easiest and most mind-numbing aspect of flying, and the LAST thing that anyone who takes flying lessons actually wants to learn)."Those who sacrifice liberty in the name of security deserve neither liberty nor security".

  • ResortPC
    ResortPC   3 days ago

    It’s not that I have nothing to hide it’s that the government doesn’t need to know that I don’t have anything to hide. In reality your government grabs as much possible information as they can about you. Whatsapp is a block that they hate

  • malenotyalc
    malenotyalc   3 days ago

    "Encryption Back Doors" I saw this in the thumbnail and thought this was how to convince a partner that isn't into anal sex into doing it - and liking it!

  • jethro bodean
    jethro bodean   4 days ago

    Think Promis Software Scandal, ZOG, Maxwell family, et al.

  • Peter Anon
    Peter Anon   5 days ago

    My country can't seem to balance a deficit, and won't admit to many issues regarding torture and illegal warfare. Overall, they do a good enough job and certainly protect my life from many foreign interests, but to say I trust their competence and integrity would be going overboard. Giving them skeleton keys to my private information is not something I would consider reasonable, though maybe us colonials are in a different state...

  • flowApot
    flowApot   6 days ago

    Anyone else was disturbed by that very high frequency that played throughout the whole video ?

  • Some dude
    Some dude   1 weeks ago

    Being part of an illegal bacon trading ring sounds freakin' awesome, tbh.

  • D Carbs
    D Carbs   1 weeks ago

    Am I the only one that thought having a back door at all was UNreasonable, even before the explanations? You can just see where the abuse would come from!

  • Rose_LC 5
    Rose_LC 5   1 weeks ago

    I didn't understand a single word spoken in this video but it was good

  • Shadow Of Light
    Shadow Of Light   1 weeks ago

    This is just like the 9/11 theory. The twin towers attacks were staged to give the US a reason to go to war in the Middle East. They probably didn’t state the attack, but maybe the government are using this tragedy to get more access into our lives through security theatre.

  • tommy karrick
    tommy karrick   1 weeks ago

    This is probably the best I’ve ever heard this put, I’ve always felt like it was wrong on so many levels but couldn’t express it in words until now

  • SwordGalMantis
    SwordGalMantis   1 weeks ago

    Umm wait why I'm hearing some weird static in the background?

  • Quinton Neal
    Quinton Neal   1 weeks ago

    Holy crap what a great video. Very informative. Definitely subscribing

  • Autergame
    Autergame   1 weeks ago

    so like china chasing people with cameras?

  • Jadi
    Jadi   2 weeks ago

    Please on these videos can you remove the high pitch noise from it. It's all I can hear when I'm watching. Probably because of the crts I'm assuming

  • Conceptual Conspiracy

    Very grateful you're brave enough to post a video like this. I see a lot of channels getting completely shadow banned, if not entirely deleted because they talk about something similar. Keep up the amazing work.

  • Thomas Busse
    Thomas Busse   2 weeks ago

    My experience is the FBI usually wiretaps innocent people who are threats to organized crime. It then uses these wiretaps to create entrapment scenarios to take the innocent people out.

  • kasa
    kasa   2 weeks ago

    I'm personally very concerned about security and privacy on internet, but at the same time I think limiting anonymity is not necessarily bad thing. Both ideas ofc conflict a bit, but as more of out lives move to internet and things we do on internet have more real consequences, there should also be more accountability.

  • Leftover Enchilada
    Leftover Enchilada   2 weeks ago

    Backdoors are about be abused by hackers and read our messages not just governments

  • Rick Harold
    Rick Harold   2 weeks ago

    No broad backdoors should be used. However, I've worked with encryption and here is an easy solution.There are various derivations with public keys and or AES.Phones are powerful enough to do these encryptions easily.1. do the normal end-to-end encryption SAME as today2. separately take each message and a. encrypt with a public key of What'sApp company ( or whoever) b. encrypt with a public key assigned to the user account sending the message c. generate a public key daily for a user and encrypt with that. This limits scope of the user data and key. d. lastly encrypt with a public key of a firm who's job is meant for auditing, certificate or key management "Audit Firm X". But not What'sApp in this case. send the message to the server with the account id/date in plain view but the data encrypted with a.-d.The message encrypted with the a.-d. method cannot be seen by one organization. You need a warrant from the govt. to be sent to What'sApp and "Audit Firm X" to even get to the message and the warrant can limit the daily key scope.You could add encryption of the daily keys themselves as well using "Audit Firm X" or another firm Y so it keeps those locked down again without a warrant.Anyway, some variation of this will make the data available to the govt when needed assuming they have the WARRANT and prevents one organize from exposing information.

  • importedmusic
    importedmusic   2 weeks ago

    You are either naive or stupid if you believe GCHQ haven't broken WhatsApp.

  • Marco Venustus
    Marco Venustus   2 weeks ago

    Next video in my channel: why the government shouldn't exist

  • Xano Trevisan Kothe
    Xano Trevisan Kothe   2 weeks ago

    A few years ago it was common in Brazil for some shitty local judge to request Whatsapp messages and Fb say "It is not possible" and then the judge would simply force the ISPs to block whatsapp ¬¬

  • Korben
    Korben   2 weeks ago

    No government can be trusted...period! A large number of the real world "bad things" that occur are conducted by the organs of power.

  • Charmaine Eng
    Charmaine Eng   3 weeks ago

    excellent video Tom! Really appreciate having this kind of PSA that I can share around with folk who don't seem to understand why this is a problem. The whole argument against "nothing to hide, nothing to fear" is especially helpful.

  • Moshe Hefetz
    Moshe Hefetz   3 weeks ago

    10:00 I think the idea is more about emotionally unstable people or individuals who just don't think things through enough. The one problem is they people say things all the time that don't mean anything

  • L Shannon
    L Shannon   3 weeks ago

    “That’s all assuming the back door doesn’t get abused by folks with personal grievances”

  • Patricia M
    Patricia M   3 weeks ago

    We need to be able to spy on the CIA, NSA, FBI, etc. They have decades of ugly ugly criminality to keep dark. Who has been responsible for the ruthless, pointless, but profitable, slaughter of millions since WW2? (Not your average student pilot with a boxcutter, lolz.)

  • Andrew Stalker
    Andrew Stalker   3 weeks ago

    “And you watching this probably have nothing to hide and nothing to fear from your government.”Me watching it, having things to hide: well, I maybe wouldn’t go that far.

  • Graham Elliott
    Graham Elliott   3 weeks ago

    The government's ordering ISPs to assist them in making copies of the data that flows about the internet, is the biggest glaring hole in public VPN security. A state or legal entity need only subpoena the business entity for the keys to your data, and they already have a copy.So it means little if those actors are of concern to you, that ___ 'trusted' VPN service 'does not save your data'. Someone else does. The only VPN I feel you can really trust is one you build yourself (can do this for 50 bucks by using OpenWRT routers, its not a perfect solution but its much better than trusting a business entity that definitely won't put themselves at risk of going out of business to protect your data).But if you must use those business entities for your 'proxy roulette' VPN service, use them to connect to a ToR node.