- ‘Weathering With You’ blends fantasy and realism in a magical love story Saturday 6:18 PM
- Kidnapped teen used Snapchat to get rescued Saturday 4:35 PM
- What fans do and don’t want to see in future ‘Far Cry’ installments Saturday 4:26 PM
- Aaron Carter accused of stealing lion art for merch Saturday 3:10 PM
- Instagram’s hidden like counts were inspired by a ‘Black Mirror’ episode Saturday 2:06 PM
- Student says they were expelled for tricking teacher into making inappropriate TikTok Saturday 12:26 PM
- Space Force uniforms relentlessly mocked, memed Saturday 10:52 AM
- Man flamed after admitting he called police on Target employee over a toothbrush Saturday 9:10 AM
- Netflix’s ‘Vivir Dos Veces’ searches for a last chance at first love Saturday 8:00 AM
- Camila Cabello must do more about her racist history Saturday 6:00 AM
- Instagram and Facebook are reportedly blocking queer ads Friday 8:58 PM
- Review: Tyler Perry’s ‘A Fall From Grace’ is both nonsensical and utterly predictable Friday 6:48 PM
- Is Hulu censoring the Iran episode of Anthony Bourdain’s ‘Parts Unknown’? Friday 6:05 PM
- Trump admin celebrates Michelle Obama’s birthday by proposing rollback of her signature initiative Friday 4:01 PM
- TSA apologizes after agent grabs indigenous woman’s braids, says ‘giddyup’ Friday 3:28 PM
No matter what side of that debate you land on, however, it’s useful to keep an eye on how the world’s most infamous jihadist army is using encryption for security.
Whether you’re talking about white supremacists, jihadists, or democracy activists, extremist or subversive groups the world over—groups whose politics fall outside the mainstream and often against the powerful—have long been heavily invested in online security. This has driven U.S. officials like FBI Director James Comey to warn that terrorists and criminals are “going dark”–operating outside the reach of intelligence agents and law enforcement thanks to their use of encrypted communications.
In the last year, the Islamic State has found new ways to encourage more secure practices among their followers. The Afaaq Electronic Foundation (AEF), an arm of ISIS dedicated to “raising security and technical awareness” among jihadists, exists for the purpose.
“We recommend using encrypted and safe applications and open-source to maintain the privacy.”
In reaction to the news that WhatsApp recently enabled end-to-end encryption for its more than one billion users, AEF took to its usual propaganda channels (social media networks like Telegram and Twitter) to recommend against using anything either owned by Facebook, like WhatsApp, or whose code is hidden and closed-source, which would shield it from independent inspection for “backdoors” that could give government spies access.
“We recommend using encrypted and safe applications and open-source to maintain the privacy,” the techie-jihadis wrote.
The Islamic State’s current roundup of app recommendations is a listicle of seven encrypted apps from all over the world: Signal, Chatsecure, Telegram (with encrypted chat) SilentText, SilentPhone, LinPhone, and Surespot.
On one hand, this isn’t new. After last month’s Brussels terrorist attacks, AEF broadcast similar messages. But there’s no doubt that at least some jihadis and their supporters are now using these apps. The level of sophistication and popularity is another question entirely.
In Washington, D.C., a Senate bill is expected in the next week that will effectively ban strong encryption in the United States by requiring companies like Apple or Facebook to decrypt communications and other data for the government. A leaked draft of the legislation is already at the center of a political firestorm.
But would it stop ISIS from using these apps?
Likely not. Only two companies on that list (Open Whisper Systems, which develops Signal and whose technology powers the encryption enabled in WhatsApp; and Surespot) operate within the United States—meaning they would be subjected to U.S. law. SilentText and SilentPhone are Swiss-based creations. LinPhone is French.
In Switzerland, a political war over Internet privacy and encryption is being won by anti-surveillance forces. In France, backdoors in encryption have been repeatedly shot down by the ruling government despite multiple recent deadly terror attacks, a testament to how strong the opposition to the idea of weakening encryption is inside the country.
“Actually, until very recently, the U.S.A. was the ideal place to start a privacy-enhancing service or technology,” Joseph Lorenzo Hall, the chief technologist at the Center for Democracy and Technology, told the Daily Dot. “Our notions of free speech and the pro-innovator nature of our market tended to lay the groundwork for things like PGP [an encrypted email protocol].”
While the rest of the world wrestles with privacy and encryption thanks to violent groups like ISIS, the future of online security in America is being decided now in the halls of power—and, thanks to a largely free and robust Internet, from citizens connected in every corner of the United States.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.