The former head of GCHQ has called for an end to the government handling crises over WhatsApp, saying the platform might suit gossip and informal exchanges but is inappropriate for important decision-making.
Sir David Omand, who ran the UK intelligence service before becoming the permanent secretary of the Home Office and the Cabinet Office, criticised the way government was conducted in the pandemic and said future crises should be handled with “proper process”.
Not disagreeing, they shouldn’t use WhatsApp at all, but email is way less secure. Emails are easier to “hack” and if I remember right they were stored on her personal server so she personally keeps the data, a bit like how Trump was found with government documents in his personal belongings. WhatsApp is encrypted end to end and presumably (I hope) are used on gov work phones.
For me it’s more about the lack of controls on accessing and retaining data used in WhatsApp. It’s not stored on a central government system.
I don’t know if the gov have an official messaging app. But hearing all this in the news really sounds like people in gov are intentionally using WhatsApp as a means to keep conversations secret. Like everything else with this government, it stinks.
Email security is purely on how it’s done. If you want it end to end and encrypted at rest, there is the PGP email standard.
Government via WhatsApp is not acceptable. It’s a closed source app from a foreign for profit data-mining company. It should be a no brainer that it’s not acceptable.
I don’t think Hilary was using PGP to be fair.
Even if she was, it is a legitimate problem using non-gov email for gov business. Though the crazy thing is those calling to “lock her up” support politicians doing far worse.
Yeah totally agree. WhatsApp shouldn’t be used by government.
Email can be secure both sides, one side or neither. You can’t rely on it being secure.
If it’s PGP email, it’s as secure as the keys. If the keys can’t be kept secure, no system can be kept secure. You email whose public key you have and it requires their private key to read.
Were talking about somebody using their own personal email for work purposes. There’s absolutely no assurances on encryption their using. It’s a bigger risk than WhatsApp, although I again should say I agree WhatsApp shouldn’t be used either. Both options aren’t good but for slightly different reasons, in my opinion anyway.
Oh I’m not arguing it’s ok to use personal email for government business. I’m saying email can be secured.