Lies, Damn Lies and “Secure” Messaging Apps
Last March 6th, Zuckerberg described in a long blog post a new fresh course for Facebook, our troubled “social digital master”, to provide its 2 billion users with unprecedented privacy of personal communications.
A “digital equivalent of the living room”, in his own words, to be delivered by merging its Messenger, WhatsApp and Instagram messaging apps and strengthening their security. His promise echos similar unfulfilled promises by Steve Jobs in 1984, to save us from an Orwellian future, and Richard Stallman in 1983, when he launched the Free and Open Source Software Movement. Same promise of mobile apps like Signal and Telegram.
But can even a perfectly secure app enable the meaningful and responsible exercise of our constitutional rights to privacy, freedom of speech, freedom of assembly in cyberspace?
Such promises are completely impossible because an app can never be more secure than the device it runs on, while even the most secure mobile phones, such as an iPhone or a Samsung Knox, is regularly hacked and hackable even by researchers or teenage hackers, as we learn repeatedly on a monthly basis.
Nearly all commentators, except for rare comments by digital rights organizations, have failed to recognise Zuckerberg plan is impossible. The New York Times for example thinks his business model is missing, while the EFF, the World leading digital rights organization, thinks it could all work with a third-party audit entity.
But truth is that even if their apps were perfectly secure - which is likely impossible - they would be extremely far from delivering on their promise. In fact, the security an app can not be is limited to the security of the device it runs on. And that security is “utterly weak” as Snowden noted. Even the most secure portable device out there, the iPhone, is regularly hacked by even mid-level hackers. (And also compromisable at scale at low marginal cost via public and private programs AI-powered descendants of NSA FoxAcid, NSA Turbine and Hacking Team RCS).
A Sea of Lies
Though impossible to realize, Zuckerberg promise may well be able to sell this plan to a majority of people because of the astounding amount of deceptions and misconceptions surrounding the issue.
At root there is a wide natural uncoordinated alignment of interests of several actors that produces a wild overstatement of the privacy provided by secure apps and secure devices, even on the face of a continuous barrage of revelations of government programs and systems vulnerabilities. These actors includes security agencies, happy to induce mid-level criminals to abuse such IT so that they can intercept them, secure messaging IT providers, happy to overstate the security of their wares, and cybersecurity journalists, often parroting the above, and looking for news even where there is none.
Is a Digital Private Sphere Impossible?
At first, Facebook replaced public streets, squares and shopping malls, and the smaller fragmented online spaces of the first year of the Internet, with a single de-facto digital public sphere, a gigantic digital shopping mall with 24hrs surveillance cameras at every corner. More recently, it bought its way into domination of personal and social messaging by buying off Whatsapp and Instagram, and implementing strong encryption technologies.
Facebook now claims to be setting out to create the “digital equivalent of the living room”, a digital transposition of what was the constitutionally guaranteed private sphere. They claim it will not only be secure, but secure even against hackers and governments, while also mitigating criminal abuse, and simply by integrating, enriching and further securing its Whatsapp, Instagram and Messenger messaging apps.
But that is impossible, as we discussed about. If after we learned that even Bezos and Trump can’t access a way to privately communicate with their personal associates, Facebook can still credibly claim to become the new privacy champion just by making their messaging apps more secure, it means that the level of deception on digital privacy is way beyond guard-level.
At TRUSTLESS.AI and our Trustless Computing Association, we are building nothing less than that very “digital equivalent of the living room” or a “digital private sphere” that Zuckerberg promised but will never be able deliver, even if he wanted to.
In order to build the “digital equivalent of the living room” you need a new device that will seamlessly integrate with the “digital public sphere”, but is nevertheless separated by a physical wall, just like in the physical World we expect our living room to be separated by a wall from public urban spaces.
We are building a sort new parallel human computing universe around a 2mm-thin device that seamlessly brings radically-unprecedented privacy and security to our private digital life and e-banking, by eliminating the need to rely on unverified trust in anything or anyone.
Initially for private banks and their ultra-high net-worth and corporate clients - that will carry it in custom wallets and phone cases - our Seevik Pod will then embedded in the back of a 5mm-thin top-brand flagship Android smartphone, to bring digital freedom to millions.
We achieve such levels of security via an uncompromising zero-trust approach down to CPU design and fabrication oversight - and a transparent solution to the need for legitimate in-person lawful access - as validated by a new ultra-resilient independent Trustless Computing Certification Body, promoted by our non-profit arm.
It will come in the form of a Seevik Pod a new standalone 2mm-thin touch-screen device, that will become the default backscreen of tens of millions of Android phones, complementing our digital public sphere with a vibrant and secure private sphere.