„Wicked problem“: Europol considers vulnerability exploitation to break encryption

At a conference hosted by the EU police agency, three ways to decrypt communications and storage media were discussed. One of the approaches was apparently pushed by the Bavarian State Office of Criminal Investigation.

For at least seven years, EU member states have been looking for ways to give their law enforcement agencies access to encrypted content. Time and again, the Council, which consists of the 27 governments, has stressed the importance of encryption for secure communications and supposedly ruled out backdoors. Like the EU Commission, the EU states instead relied on infecting mobile phones with governmental spyware to read encrypted messenger services. The encryption of seized devices or storage media, on the other hand, was planned to be broken with the help of supercomputers.

But now the establishment of a common vulnerability management is back on the agenda of European police and judicial authorities. Under the leadership of the EU police agency Europol, about 70 participants discussed a possible „EU policy“ in this area – for example, whether security vulnerabilities in software should not be reported immediately to the manufacturers, but should be exploited for the programming of state spying tools. This is according to the transcript of a conference of the „EU Innovation Hub for Internal Security“ published by the British civil liberties organisation Statewatch. At the end of a „Round Table on Encryption“, those responsible had assured that they wanted to tackle the „wicked problem“ at EU level. „„Wicked problem“: Europol considers vulnerability exploitation to break encryption“ weiterlesen