Slashdot Mirror

← Back to Stories (view on slashdot.org)

Snapchat, Skype Put Users' 'Human Rights at Risk', Amnesty Int'l Reports (cbsnews.com)

Posted by msmash on from the privacy-woes dept.

Shanika Gunaratna, writing for CBS News: Snapchat and Skype are falling short in protecting users' privacy -- a failure that puts users' "human rights at risk," according to a report by the organization Amnesty International. Snapchat and Skype received dismal grades in a new set of rankings released by Amnesty that specifically evaluate how popular messaging apps use encryption to protect users' private communications. In the report, Amnesty is trying to elevate encryption as a human rights necessity, due to concerns that activists, opposition politicians and journalists in some countries could be put in grave danger if their communications on popular messaging apps were compromised. "Activists around the world rely on encryption to protect themselves from spying by authorities, and it is unacceptable for technology companies to expose them to danger by failing to adequately respond to the human rights risks," Sherif Elsayed-Ali, head of Amnesty's technology and human rights team, said in a statement. "The future of privacy and free speech online depends to a very large extent on whether tech companies provide services that protect our communications, or serve them up on a plate for prying eyes."Microsoft's Skype received 40 out of 100. WhatsApp fared at 73, and Apple scored 67 out of 100 for its iMessage and FaceTime apps. BlackBerry, Snapchat, and China's Tencent did 30 out of 100.

21 of 47 comments (clear)

  1. Human rights? by Anonymous Coward · · Score: 3, Insightful

    You don't have any rights if you use a closed, proprietary communication system that reports directly to the US government.

    1. Re:Human rights? by Streetlight · · Score: 1

      Where are going to go? Please let us know when you get there.

      --
      In a time of universal deceit, telling the truth is a revolutionary act. George Orwell
    2. Re:Human rights? by Anonymous Coward · · Score: 1

      The day I turn 18

      Hey, I think I found one of the reasons why the level of discourse has dropped so sharply here in recent years.

  2. Signal not mentioned by beckett · · Score: 4, Informative

    Why didn't they compare the commercial offerings with Signal?

    It's GPLv3, offers encrypted messaging and voice calls, and when served with a subpoena, Open Whisper Systems was only able to provide a confirmation of a user's account, and the last time they had logged in.

    1. Re:Signal not mentioned by fbobraga · · Score: 2

      Very few people use Signal here, in Brazil (I can't understand why: I imagine is a publicity problem...)

    2. Re:Signal not mentioned by sirber · · Score: 4, Interesting

      I ran it a while. Had bugs, redphone crash and no way to disable it, installed version outdated that would stop working in 7 days, but no update available... I use Silence now, like Signal was before droping SMS support. No centralised server, no issues.

      --
      Be or ben't
    3. Re:Signal not mentioned by fbobraga · · Score: 1

      Signal support SMS (I use that all the time)

    4. Re: Signal not mentioned by Anonymous Coward · · Score: 1

      encrypted sms support was dropped

    5. Re:Signal not mentioned by johanw · · Score: 1

      You can use both, as I do. Silence is my default sms app, I don't use Signal for sms. I build Signal from source because I want a few changes in the product, like the encrypted backup back.

    6. Re:Signal not mentioned by johanw · · Score: 1

      Meh, I only use Skype because it's some kind of standard in buisiness environments. Had all kinds of login problems lately because I use an "old" Skype account and won't turn it into a Microsoft account. Now that WhatsApp introduced video calls in their beta version I think that's about to change soon around here.

  3. But... by MitchDev · · Score: 2

    ...aren't Snapchat and Skype free?

    Access to encryption is a right, but good software costs money, and is not a "right".

    1. Re:But... by Khyber · · Score: 1

      Signal and Tox do not do video worth a shit.

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    2. Re:But... by johanw · · Score: 1

      Viber does, and they recently introduced end to end encryption.

    3. Re:But... by MitchDev · · Score: 1

      So why complain about Skype and Snapchat, in the free department there are plenty of alternatives.

      It really just makes people come across as whiny entitlement bitches....

  4. Skype Doesn't Claim Otherwise by rsmith-mac · · Score: 3, Insightful

    I feel like Amnesty International has failed to put these various services in context.

    Skype makes no claims that it is an anti-government service. It is subject to and complies with Lawful Intercept in the US and other countries. You should not treat it any differently than the local telco, because that's all Skype is trying to be.

    1. Re:Skype Doesn't Claim Otherwise by fuzzyfuzzyfungus · · Score: 2

      While I would very much like to see improvements in the security of these services; it's also worth remembering that the 'alternative' is usually either POTS or cellular, provided by the local monopoly and/or cozy-cooperator-with-the-state.

      That doesn't diminsh the fact that, when doing communications software on a global scale, something that counts as 'eh, bug' in silicon valley may involve a one-way trip to the basement of the interior ministry for a bunch of users somewhere; but secure communications is something where the 'default' option is somewhere between 'completely useless' and 'actively hostile'. Phone networks were never built with privacy or security(aside from anything needed for billing purposes) in mind; and they've since sprouted all manner of surveillance tools.

      Just shrugging and saying 'Meh, the other guy is worse." isn't a good excuse; but it is worth remembering that people considering it to be a bug or vulnerability when eavesdropping succeeds is a pretty new feature.

    2. Re:Skype Doesn't Claim Otherwise by mugurel · · Score: 1

      That's a straw-man. Amnesty International's is not arguing that these services should be anti-government, just that they come with basic precautions to ensure that communications that are meant to be private are actually private.

      To put it as a car-analogy, I think Amnesty envisions (end-to-end) encryption in messaging being standard, a bit like safety belts are standard in a car.

  5. Re:I sympathize with AI, but... by mugurel · · Score: 2

    only 10% of Tor users are journalists, human rights activists, etc. A bit more than half use it to hide illegal activities.

    (Yes, TFA is about messaging, but the whole "we must save encryption to protect the downtrodden" meme is just bogus.)

    You got it backwards. To make your point about bogus, you should look at the percentage of journalists, human rights activists, etc. being Tor users, not the other way round.

  6. Dangers of compromised communications by khz6955 · · Score: 1

    "activists, opposition politicians and journalists in some countries could be put in grave danger if their communications on popular messaging apps were compromised."

    It would help if the communications were not funnelled through Skype headquarters in north America and the encryption keys only resided on the client devices.

  7. Enjoy been collected on by AHuxley · · Score: 1

    So use that fact if your in the press. Plant lots of fiction based on your past reporting to bait or misdirect the nations tasked with illegal domestic collect it all.
    If the brand was part of PRISM and was happy to decrypt for the US gov over the years keep mentioning that for free.
    PRISM https://en.wikipedia.org/wiki/...

    If you write on political issues, fill your messages with stories about contacts, news from new whistleblowers, about new emerging and past political intrigues.
    Part of the tech media? A new free crypto that actually works as designed without a US trapdoor or backdoor designed in. That a select few in the press have been allowed to see but not mention yet is great bait.
    Free OS security apps that can find zero day gov malware and track back its origins. Be super creative and push the limits of tech fiction.
    Walk around areas of a city where it would be expected to meet with a mil/gov worker and keep the phone like device powered on.
    Fake notes in a cafe and send then back "encrypted" details your office and residence in real time. Be very creative.
    Make the brands popular messaging app collection irrelevant for both tracking and content. Give the tracking hardware and software to friends for a different walk or drive around.
    You still have freedom of expression, freedom of the press and the freedom after speech. So be creative and help fill the tasking systems.
    Be seen near any local protests, walk, carry a big old dslr, park locally to get your license plate near any event. If a chat down is induced by walking around in public, record it and put it on youtube with a lot of other first amendment audit videos.

    The method in all this is to go from interesting member of the press or an interesting person to the security services to been very, very boring.
    Got off their "Interesting People” list by using US device and software with junk encryption to flood illegal domestic collection with plain text fictional junk.
    Illegal domestic collection only works if the product is good, the people been tasked are very real and can be sorted and tracked.
    Go from a security risk to a risk to keep in any database due to all the fiction that clogs up domestic tasking.

    --
    Domestic spying is now "Benign Information Gathering"
  8. Good enough for the CIA by UberVegeta · · Score: 1

    politicians and journalists in some countries could be put in grave danger if their communications on popular messaging apps were compromised.

    Skype was good enough for the CIA to be discussing top-secret operations in real time when they were filming Homeland, so it ought to be secure enough for anybody.

    --
    I knew I needed to stop reading Slashdot and finish my PhD when I started to miss articles by Bennett Haselton.