FBI warns iPhone and Android users: Switch to WhatsApp, Facebook Messenger and Signal apps

FBI warns iPhone and Android users: Switch to WhatsApp, Facebook Messenger and Signal apps

Last week, the FBI warned iPhone and Android users to stop texting and instead use an encrypted messaging platform. The news made headlines worldwide as cyber experts urged smartphone users to switch to fully secured platforms – WhatsApp, Signal, Facebook Messenger. But the FBI also has a serious security warning for US citizens who use encrypted platforms: These apps need to change, they say.

While China has denied any involvement in the ongoing cyberattacks on U.S. telecommunications networks, calling it a “pretext to denigrate China,” government authorities are clear that Salt Typhoon hackers linked to China’s Ministry of State Security infiltrated multiple networks and stored both metadata and compromised actual content.

ForbesApple’s surprise iPhone update – Green bubbles end next week

Encrypting content is certainly the answer, and the FBI’s advice to citizens seemed clear: “Use a cell phone that automatically receives timely operating system updates, responsibly managed encryption, and phishing-resistant MFA for email, Social media and collaboration tool accounts.”

What was missing from almost all reports about the Salt Typhoon was the precise warning from the FBI. “Responsibly managed” encryption is a game-changer. None of the messaging platforms that cyber experts and the media have urged SMS/RCS users to switch to are “responsibly managed” under this definition.

The FBI has now expanded on its warning last week, telling me that “law enforcement supports strong, responsibly managed encryption.” That encryption should be designed to protect people’s privacy and also managed in a way that U.S. American technology companies can provide readable content in response to a lawful court order.”

There are only three end-to-end encrypted messaging providers that matter. Apple, Google and Meta – although Signal offers a smaller platform favored by security experts. These are the “U.S. technology companies” that the FBI says should change platforms and policies to “provide readable content in response to a lawful court order.”

This does not mean that the FBI or other authorities have direct access to content, but rather that Meta, Apple and Google should have the means and keys to provide content if ordered by a court. At the moment this is not possible, police chiefs and other authorities describe the situation as a “dark situation” and want that to change.

The responsibility for enforcing this change lies with public opinion, with users. FBI Director Christopher Wray warns: “The public should not have to choose between safe data and safe communities. We should be able to have both – and we can have both… Gathering the evidence – the evidence – is becoming increasingly difficult because so much of that evidence is now stored in the digital realm. Terrorists, hackers, child predators and more use end-to-end encryption to hide their communications and illegal activities from us.”

This is a dilemma. Apple, Google and Meta make a virtue of their own lack of access to user content. For example, Apple assures that “end-to-end encrypted data can only be decrypted on your trusted devices where you are signed in with your Apple account.” No one else can access your end-to-end encrypted data – Not even Apple – and that data remains safe in the cloud even in the event of a data breach.”

“Unfortunately,” Wray said, “this means that the FBI and our partners often cannot obtain digital evidence, even when we have a rock-solid legal process – an arrest warrant issued by a judge based on probable cause – which is what it is “It’s getting harder for us to stop the bad guys…The reality is that we have a completely unfettered space that’s completely outside of lawful access – a place where child predators, terrorists and spies hide their communications and “We can operate with impunity – and we have to find a way to deal with this problem.”

The dilemma is whether Google or Meta or even Apple does If you have the keys like before, the end-to-end encryption enclave goes away. How would users feel if Google could access their currently encrypted content on demand/desire? This is both about distrust of big technology companies and trust in law enforcement. And while the argument goes one way in the US and Europe, as always, the same technical backdoors would exist in the Middle East, Africa, China, Russia and Southeast Asia, countries with a different view of privacy and government surveillance activities.

The FBI has essentially already warned users not to send messages on Google and Apple’s own platforms – full encryption doesn’t work across platforms. This makes Meta the world’s leading provider of cross-platform, encrypted messaging, with WhatsApp and Facebook Messenger each having a user base in the billions.

In response to last week’s warning from the FBI and its push for “responsibly managed” encryption, Meta told me that “the best way to protect and secure people’s communications is with end-to-end encryption. “This latest attack makes this incredibly clear and we will continue to make this technology available to people who rely on WhatsApp.” Signal has not yet provided a response. What is clear, however, is that the big technology companies still have no desire to make such changes. And they have shown that they are willing to fight to protect encryption, even if it means withdrawing from countries or even regions.

But the USA is different – and for this technology the USA is home. This debate will change precisely when public opinion changes. Politics is fraught with risk without changing public opinion, and there are no signs of such change yet. Users want security and privacy. End-to-end encryption has become an important issue for iPhone and Android. It’s increasing – as we saw with the recent Facebook Messenger update – and isn’t going down.

US Deputy Attorney General Rod Rosenstein first pushed for “responsible encryption” in 2017 under the first Trump presidency. “Encryption is a fundamental element of data security and authentication,” he said. “Essential to the growth and prosperity of the digital economy and we as law enforcement have no intention of undermining this.”

However, Rosenstein warned that “the emergence of ‘guarantee-proof’ encryption presents a serious problem…The law recognizes that legitimate law enforcement needs may be more important than privacy concerns.” Our society has never had a system in which evidence for criminal wrongdoing went completely undetected… But that’s the world that tech companies are creating.”

In response, EFF said Rosenstein’s “call for ‘responsible encryption’ is bad and he should feel bad…” The DOJ has said they want to have an “adult conversation” about encryption. That’s not it. The DOJ must understand that secure end-to-end encryption is a responsible security measure that helps protect people.”

ForbesNew Android Spyware Warning – Delete All These Apps Now

The argument against “responsible encryption” is very simple. The content is either safe or not. “A backdoor for everyone is a backdoor for everyone.” If someone else has a key to your content, your content is exposed and at risk, regardless of the policies protecting its use. That’s why the security community puts so much emphasis on it – it’s viewed as black and white, as binary.

Seven years later, the debate has not changed. And in the U.S., Europe and elsewhere, 2025 appears to be the year another crisis occurs.

Leave a Reply

Your email address will not be published. Required fields are marked *