Edgar Cervantes / Android Authority
TL;DR
- In response to the Salt Typhoon hack, two high-ranking FBI officials have said Americans should be using encrypted chat apps.
- Previously, the FBI has tried to get keys to access encrypted chats during investigations.
- The bureau’s stance on encryption has changed in recent years, but it’s still interesting to hear it encourages people to use encryption while simultaneously wanting to break it whenever it deems that necessary.
In October, United States government officials discovered a massive breach of telecommunications equipment owned by Verizon, T-Mobile, AT&T, and others. Officials pointed to the hacking group Microsoft has nicknamed “Salt Typhoon” as the team responsible. Given that Salt Typhoon has alleged ties to the Chinese government, the breach was seen as a significant problem. Even now, government agencies are unsure of when — or even if — the situation will be totally remediated.
Yesterday, US officials conducted a news call that touched on the hack (via NBC News). On the call, two Federal Bureau of Investigation (FBI) agents — a senior official who asked not to be named and Jeff Greene, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA) — said that Americans should be using encrypted chat apps precisely because of targeted attacks such as this one.
“Our suggestion, what we have told folks internally, is not new here: Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication. Even if the adversary is able to intercept the data, if it is encrypted, it will make it impossible,” Greene said during the call.
FBI officials are saying ‘adopt encryption’ out of one side of their mouths and saying ‘we want to be able to break encryption’ out of the other.
This encouragement is sound advice, but still feels weird coming from the FBI. History is littered with situations in which the FBI has pressured chat app developers to break encryption in order to help with an investigation. In 2016, for example, the bureau tried to pressure Apple into breaking iPhone encryption during its investigation of the 2015 San Bernardino mass shooting. Apple refused because helping the FBI break into one iPhone would weaken the safety of every other iPhone. Eventually, the FBI broke into the iPhone using other methods.
Over the years, though, the FBI has softened its stance against encryption. It now has an official policy that states, “The FBI is a strong advocate for the wide and consistent use of responsibly managed encryption.” However, it still wants to be able to access encrypted information when needed, which doesn’t make any sense. Something is either encrypted or it’s not.
Regardless of its mixed-up ideas on how encryption works, Salt Typhoon’s recent hack should encourage everyone to adopt as much encryption as they can. The last thing you want is your private communications to fall into the wrong hands.
Android users have a ton of terrific options for encrypted chat apps.
On Android, encrypted chat apps include WhatsApp, Telegram, and Signal. These apps are always encrypted regardless of who you communicate with. Google Messages, the default texting app on most Android phones, also features encryption through the RCS protocol, but not for all chats. For example, if you communicate with another person using Messages, that chat will be encrypted, but if you chat with someone using a different app, encryption will break, and you’ll default back to the insecure SMS/MMS protocols.
Just recently, Apple adopted RCS in iOS 18, allowing iMessage users to have encrypted chats with Google Messages users for the first time.