Security Is A Spectrum

After a security issue was found in WhatsApp’s implementation of the Signal protocol

Recently, a security hole was found in WhatsApp Messenger’s implementation of the Signal protocol.

Signal is the messaging app created by Whisper Systems and it uses a fairly complex system of mostly throwaway encryption keys. If you reinstall the app for any reason, you lose all those keys. Because Signal is built for security above all else, it will warn all your contacts about this — and lock you both out until they confirm that this new installation is still you.

WhatsApp uses all the same code as Signal to deliver security, but does not have this warning by default, and will deliver messages without confirming keys. And it’s possible for Facebook (who own WhatsApp) to trigger the key rotation without you reinstalling, at which point they can in theory insert themselves as a middleman and the app won’t tell you. It also means that if I steal your sim card, I can pose as you on WhatsApp without anyone knowing. On Signal, I would have to convince your friends I was still you first.

Of course, in practice nearly everyone who isn’t Edward Snowden just accepts the new keys without question because it’s almost always fine and most people just don’t care that much about the security of their texts. Which is why WhatsApp aren’t planning to fix this backdoor: anyone who realistically ought to care about this was using Signal already because that’s what it’s for.

The problem is that people have this idea that some things are secure, and other things are insecure, and if someone finds an exploit in a secure thing then it becomes an insecure thing. And that’s just not true. Security is a spectrum. Some things, like talking in the pub, are totally insecure, and other things, like Signal, are really very secure. But nothing is totally secure. Anything can be hacked if you have a big enough computer. All modern security can do is make it harder — and after a certain point it’s not worth anyone’s bother to hack you and you call yourself secure. Where that point is depends a lot on what you’re doing. If you’re leaking NSA secrets then you shouldn’t be using WhatsApp any more, but if you’re just arranging a night out then you’re probably fine.

A good analogy is compression: Jpeg is great at compressing photos, but can’t do sound; MP3 will do sound but can’t to text; Gif is good for line drawings but lousy for photos. A file can’t just be compressed or uncompressed, it can be well compressed or badly compressed; and a compression format isn’t just good or bad, it’s good or bad for certain things in certain contexts. Security is the same: it’s not about picking A Secure Thing, you need something that will protect from the sort of threat you’re facing.

Gmail uses HTTPS, so people snooping on your network can’t read your email, but Google can, and therefore so can the FBI if they have the right warrant. Signal’s servers can’t decode your messages, and therefore the FBI would less need a warrant than a quantum computer to read your messages — but if you don’t have a passcode on your phone then your friends can still read them.

Signal is built for security first and usability second, and that means just sometimes a message won’t deliver or you have to click a box saying “yes, I trust this person”. WhatsApp is built for usability first and security second: it is only designed to be as secure as it can reasonably be made without inconveniencing you. There’s no point “fixing” this backdoor because if you need something more secure than WhatsApp is now, you should be using Signal.