TOP-SECRET GCHQ documents reveal that the intelligence agencies accessed the email and Facebook accounts of engineers and other employees of major telecom corporations and SIM card manufacturers in an effort to secretly obtain information that could give them access to millions of encryption keys.
This news made a number of people upset, but after studying it for several weeks and trying to consider the macro effects to regular end users and corporations I have reached a contrarian point in my analysis.
Who cared? Nobody (enough)
Sure the implications are published and are known, but who ever considered their cell phone encrypted and secure mobile device? I don’t think any consumer ever had that feeling and most professionals that WANT security in their communications use special precautions – such as the Black Phone.
So, if nobody expected it, demanded it, and the feature was primarily used to help billing than what SHOULD happen moving forward?
- The primary lesson here is that our assumptions must be revisited, challenged, valued, and addressed at the base level of service providers
- Second, businesses that depend (if they ever did so for instance on mobile device encrypted communication) on such safeguards – must pay for it
I would be interested in others points of view on the lessons forward. I have spent a good deal of time coordinating with leaders in this space and believe we can make a difference if we drop the assumptions, hopes, and focus on actual effective activities.
Helpful links on the Black Phone by SGP: