- Devin Nunes’ lawsuit with Twitter over parody accounts inspires more parody accounts Tuesday 7:53 PM
- Alexandria Ocasio-Cortez posts SpongeBob meme to diss Green New Deal adversaries Tuesday 7:23 PM
- Twitter blasts Benny Johnson over heinous Native American ‘socialist’ reservations take Tuesday 6:16 PM
- New Zealand arrests 2 for sharing video of mosque shooting Tuesday 4:44 PM
- ‘Queer Eye’ season 3 serves more frothy fun and cathartic realness Tuesday 4:30 PM
- Everyone is roasting this photo of Kourtney Kardashian in a bubble bath Tuesday 4:15 PM
- White House report has a lot of superheroes listed as interns Tuesday 4:06 PM
- Google to launch ‘Stadia’ cloud gaming service this year Tuesday 3:55 PM
- Amy Schumer addresses her ‘Growing’ pains in new Netflix special Tuesday 2:04 PM
- This Bitcoin tie is everyone’s favorite part of the Theranos documentary Tuesday 1:56 PM
- Trump’s social media guru gets suspended on Facebook Tuesday 1:51 PM
- YouTube time traveler says he saw a dinosaur—in the future Tuesday 1:47 PM
- Why is Netflix changing the viewing order for ‘Love, Death & Robots’? Tuesday 12:47 PM
- Elizabeth Holmes’ deep voice captivates and confuses the internet Tuesday 12:40 PM
- These cat purses have everything you need (including balls) Tuesday 12:22 PM
ISIS recommends list of secure-messaging apps amid heated U.S. encryption debate
There’s one major app that isn’t on the list.
No matter what side of that debate you land on, however, it’s useful to keep an eye on how the world’s most infamous jihadist army is using encryption for security.
Whether you’re talking about white supremacists, jihadists, or democracy activists, extremist or subversive groups the world over—groups whose politics fall outside the mainstream and often against the powerful—have long been heavily invested in online security. This has driven U.S. officials like FBI Director James Comey to warn that terrorists and criminals are “going dark”–operating outside the reach of intelligence agents and law enforcement thanks to their use of encrypted communications.
In the last year, the Islamic State has found new ways to encourage more secure practices among their followers. The Afaaq Electronic Foundation (AEF), an arm of ISIS dedicated to “raising security and technical awareness” among jihadists, exists for the purpose.
“We recommend using encrypted and safe applications and open-source to maintain the privacy.”
In reaction to the news that WhatsApp recently enabled end-to-end encryption for its more than one billion users, AEF took to its usual propaganda channels (social media networks like Telegram and Twitter) to recommend against using anything either owned by Facebook, like WhatsApp, or whose code is hidden and closed-source, which would shield it from independent inspection for “backdoors” that could give government spies access.
“We recommend using encrypted and safe applications and open-source to maintain the privacy,” the techie-jihadis wrote.
The Islamic State’s current roundup of app recommendations is a listicle of seven encrypted apps from all over the world: Signal, Chatsecure, Telegram (with encrypted chat) SilentText, SilentPhone, LinPhone, and Surespot.
On one hand, this isn’t new. After last month’s Brussels terrorist attacks, AEF broadcast similar messages. But there’s no doubt that at least some jihadis and their supporters are now using these apps. The level of sophistication and popularity is another question entirely.
In Washington, D.C., a Senate bill is expected in the next week that will effectively ban strong encryption in the United States by requiring companies like Apple or Facebook to decrypt communications and other data for the government. A leaked draft of the legislation is already at the center of a political firestorm.
But would it stop ISIS from using these apps?
Likely not. Only two companies on that list (Open Whisper Systems, which develops Signal and whose technology powers the encryption enabled in WhatsApp; and Surespot) operate within the United States—meaning they would be subjected to U.S. law. SilentText and SilentPhone are Swiss-based creations. LinPhone is French.
In Switzerland, a political war over Internet privacy and encryption is being won by anti-surveillance forces. In France, backdoors in encryption have been repeatedly shot down by the ruling government despite multiple recent deadly terror attacks, a testament to how strong the opposition to the idea of weakening encryption is inside the country.
“Actually, until very recently, the U.S.A. was the ideal place to start a privacy-enhancing service or technology,” Joseph Lorenzo Hall, the chief technologist at the Center for Democracy and Technology, told the Daily Dot. “Our notions of free speech and the pro-innovator nature of our market tended to lay the groundwork for things like PGP [an encrypted email protocol].”
While the rest of the world wrestles with privacy and encryption thanks to violent groups like ISIS, the future of online security in America is being decided now in the halls of power—and, thanks to a largely free and robust Internet, from citizens connected in every corner of the United States.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.