Any one that says think of the kids should lose their job and, oh wait Eric is leaving. Expect more BS to come out his lips. So because the cops are lazy and or can't doing their job I should lose my civil liberties ?
US Attorney Gen latest to roast Apple, Google mobe encryption
Yet another US official has played the "think of the children" card, taking Apple and Google to task for implementing stronger encryption policies in their mobile platforms. Outgoing Attorney General Eric Holder said that child predators could use the encryption settings in mobile platforms to evade authorities and hide …
COMMENTS
-
-
-
Wednesday 1st October 2014 19:35 GMT tom dial
Re: court-authorization
The overwhelming majority of all search warrants, including those for communication data, are authorized by ordinary state and county courts in ordinary criminal matters. Some, perhaps many, are kept secret until they are executed, and they almost never are issued in circumstances where the subject of the search is allowed to object ahead of time.
-
Wednesday 1st October 2014 21:03 GMT chris lively
Re: court-authorization
Yes, that is true. It's also true that such things come out as soon as a trial starts giving the accused a chance to review whether the warrant was legally issued and that the police properly executed it while restricting themselves to the items contained within it. This is to prevent fishing expeditions. (" Well Judge, we thought there was kiddie porn but it turns out that we found a spoon with spaghetti sauce on it that we think might be meth instead...")
The problem comes in from the FISC and FISA court's. They have no oversight. Worse they can do things such as force companies to provide any and all information they have for any and all of their clients. Apparently this is a common occurrence. For example, in 2013 FISC forced Verizon to provide all call detail records to the NSA on an ongoing and daily basis. Although believed to be true for a long time, we only know the details because of Snowden.
These courts commonly exceed what is normally allowed by the law. Further the various agencies such as the FBI routinely hide, or even flat out lie about where and how they came by their information, sealing it behind words such as "State Secrets" so that the accused has zero ability to mount a defense.
Besides calling attention to the daily spying on citizens whose only "crime" is to be alive, the only other thing a regular citizen can do is to ensure such spying isn't effective. Which means, at the very least, encrypted communications where possible. Because such things are usually beyond an average citizens ability to set up, encryption by default has to be the way to go.
The problem isn't those who are guilty. The problem is that the term "guilty" can (and does) change just as easily as the political landscape. The current administration has pursued political targets using the IRS, which is doing a bang up job trying to avoid congress. Meanwhile prior administrations have take similar actions or worse.
I do not want to be in a position where I wake up one day and am jailed for political reasons. That is the province of 3rd world countries and banana republics. It is not what the Land of the Free is founded on.
-
-
-
-
Wednesday 1st October 2014 02:57 GMT P. Lee
Actually he's correct
It does force the police forces to act in a way which can be tracked and monitored when they are looking for KP - which in turn means they need probable cause when they force Apple/Google to hand over data, rather than a dragnet which pulls in the whole internet. It makes their life harder. That's ok.
The existance of crime and difficult law enforcement is the price we pay for a free society.
-
-
Wednesday 24th December 2014 10:23 GMT gnasher729
Re: Actually he's correct
In earlier versions, Apple could, if they were handed over the phone and a search warrant in Cupertino, brute-force your passcode. (Your local Apple Store couldn't do it, and your local police couldn't do it either). This took about 1/10th of a second per passcode to check, so 15 minutes for the standard 4 digit passcode, but then you were always free to use an 8 or 12 or 20 digit passcode, or mixed numbers and letters, which at a rate of ten checks per second is uncrackable.
Nowadays we are told Apple can't do even that anymore. But whether that is true or false, a 10 digit passcode is impossible for them to crack.
-
-
-
Wednesday 1st October 2014 02:59 GMT Hargrove
One of my favorite quotes from Daniel Webster seems relevant.
“Good intentions will always be pleaded for every assumption of authority. . . . . There are men in all ages who mean to govern well, but they mean to govern. They promise to be good masters, but they mean to be masters.”
As for Eric Holder, the contrast between his highly visible reaction to Michael Brown's shooting and silence on Miriam Carey's tells us all we need to know about his intent.
-
Wednesday 1st October 2014 03:32 GMT JaitcH
Come on and cry, cry, cry me a river, cry me a river (Arthur Hamilton)
Now that Edward Snowden's revelations are finally bearing fruit, the world's biggest Peeping Tom is learning the price of what it did. You cannot trust any government.
Of course, GCHQ is even worse with minimal oversight and it's morals worse than a lawyer.
There is always CALEA but with all the encryption becoming available the Feds are fighting a losing battle, which is good.
-
Wednesday 1st October 2014 04:02 GMT btrower
fallacy of false choice
People who want to spy on you are presenting a false choice that either you give them what they want or you accept child predators.
Maybe they are just poorly informed or maybe they are dishonest. It is probably a bit of both. In any case, it is perfectly possible to have saturation monitoring of people that is only available when there is a genuinely pressing need.
If they cared about the children they would be promoting a system that entirely protects the privacy of all of us and that had a trustworthy mechanism to allow legitimate access and entirely disallow illegitimate access.
Give the keys to a variety of authorities and make it so that a significant subset of key holders is required to gain access.
We already have clear evidence that state entities such as law enforcement and the judiciary simply cannot be trusted to make such decisions on their own. Until they have a better argument than 'trust me' I do not want to give them the power.
-
Wednesday 1st October 2014 08:00 GMT SolidSquid
Re: fallacy of false choice
They already have a decent mechanism for this, they can get a court order to require access to materials they believe are stored on the device. It's the same rule as with safes and accountancy books, if they know it exists and have good reason to suspect it's in that location, they can get a court order with the threat of prison time if the court order isn't followed
The only thing this restricts is police cloning devices for later review during a stop and search. Currently the legal opinion of the police is that, if the device is on your person when stopped and they have reasonable suspicion of a crime (which is needed for the stop in the first place anyway), they can search it without a warrant. This makes that near-impossible to do, and means a lack of warrantless searching of any email accounts linked to that phone
-
Wednesday 1st October 2014 19:47 GMT tom dial
Re: fallacy of false choice
Police in the U. S. no longer are allowed to think that "if the device is on your person when stopped and they have reasonable suspicion of a crime (which is needed for the stop in the first place anyway), they can search it." The U. S. Supreme court ruled in two cases (Riley v. California and United States v. Wurie) that searching a cell phone requires a search warrant. There will be exceptions for special circumstances, but the general rule will be a warrant requirement.
Encrypting the data on the device is a way that owners can help the police in the proper carrying out of their duties.
-
-
Wednesday 1st October 2014 15:28 GMT Vector
Re: fallacy of false choice
"Give the keys to a variety of authorities and make it so that a significant subset of key holders is required to gain access."
How would you feel about a door to your house that had locks to which those same authorities had keys? There's lots of locks, so just one agency can't get in. Not only do you have the concern about official intrusion, but somewhere out there are a bunch of keys to your house that you have no control over.
These officials still fail to grasp that if there's any sort of backdoor, it will be exploited.
-
-
-
-
-
Wednesday 1st October 2014 16:26 GMT phil dude
Re: he has a point
An excellent point.
I feel though this is an unfortunate side-effect of the connected world. We are now seeing (alleged) crimes that were committed perhaps a long way from "home district", and displaced in time. The problem for law-enforcement models is that there is an assumption of co-location or at least conspiracy between criminals and crimes. Hence, organised crime works to diffuse activities so as not to cause a disruption in apparent lawlessness.
The US Supreme court has started some cogitation on the whole difference between searching a phone and searching the pockets of a suspect, and the fact that modern phones are intimately tied to personal data.
I am willing to bet, that there are other detection methods to "out" these intrinsically sick people rather than searching any phone at will - the risks of abuse to the population at large are simply too great.
Perhaps "thinking of the children" would be an easier sell from the Govt. if they didn't act like children of poor people were the problem.
P.
-
-
-
Wednesday 1st October 2014 14:20 GMT davemcwish
Re: Theresa May was playing the same card during yesterday's conference speach.
Yup they're all at it and incompetence from the plod and other agencies responsible in e.g. Rotherham and Doncaster is used to scare the public and unfortunately it works. I'm not suggesting that they are deliberately being incompetent but it's certainly helping the authoritarian case
-
-
Wednesday 1st October 2014 11:27 GMT a53
"When a child is in danger, law enforcement needs to be able to take every legally available step to quickly find and protect the child and to stop those that abuse children." I don't have a problem with law enforcement agencies using legal means to achieve their aims. I do have a problem with them treating me as guilty unless I can prove myself innocent. I have a problem when they feel they have a right to go fishing. I have a problem with big agencies entrusting the data they mined about me to big IT schemes, because of their track record on keeping it secure.I have a problem because my right to argue against any case they bring about me is nullified by them refusing to let me or my solicitor see their evidence. The top dogs seem to feel that they are above such laws and that they should only apply to the unwashed masses.
-
Wednesday 1st October 2014 19:39 GMT Old Handle
Even if they could be trusted to obey the law, what he's saying is totally unreasonable. "law enforcement needs to be able to take every legally available step". In other words, if it's legal, we must also make it possible. Would it be legal to remotely disable a suspected kidnapper's car? I'm sure it would. Therefore every car must have a remote killswitch.
-
-
Wednesday 1st October 2014 11:46 GMT Anonymous Coward
Get a Frikkin WARRANT!
Law enforcement needs to step back and read some existing law starting with my constitutional protections against illegal search and seizure. The very reason why people are encrypting taffic is due to the propensity for illegal search by the "Law".
Newsflash: When law enforcement breaks the law, they cease to have any legal standing. They become criminals that require censure and jail time.
Eric Holder is the most incompetent and political AG of any so far. He has an agenda that is blatantly reverse racist, selectively enforced laws, used politically motivated retribution against plaintiffs, etcetera.
On top of all that, the entire upper level of the US Federal legal system is corrupt and must be swept away by any new president. Those people also need to be banned from ever holding office again.
Only then will I trust anyone in the legal system.
-
Wednesday 1st October 2014 11:53 GMT Mk4
The enforcement agencies don't make the laws...
But they would like to, and in some cases have or tried to (e.g. GCHQ IMHO). There is a constant drum-beat globally on this "paternal care of the people" idea. This is trying to, and in recent cases has, circumvented the accepted normal law making process. Trying to influence vendors seems to be yet another way to circumvent normal law making processes. I agree with many of the other comments, and I would really like to do something to help to stop this. Any good ideas? (orgs to send some cash to?)
-
Wednesday 1st October 2014 11:58 GMT Cipher
What laws?
When FBI director Comey says "...above the law.", I'm left wondering exactly what law he is referring to. Maybe Holder could elucidate on his way out...
IANAL, but I would think that the Fifth Amendment regarding self incrimination is in play here. Have they implemented Constitution 2.0 removing that pesky Bill of Rights?
Even sans Apple/Google's new encryption scheme, if a suspected pedo has encrypted pictures on his/her phone, what is the legal basis for forcing them to give up the keys?
If the only evidence of crime lies on a phone, the police aren't doing there jobs. They need to get out and find/stop this stuff in the non-digital world, where the crimes against children originate.
-
Wednesday 1st October 2014 19:52 GMT tom dial
Re: What laws?
In the matter of search warrants, Fifth amendment protections probably apply to smartphones (encrypted or not) to the same extent as they apply to file cabinets (locked or not). Probably not very much.
You don't have to give self-incriminating testimony, but probably are not allowed to conceal evidence of a crime.
-
Wednesday 1st October 2014 16:35 GMT Anonymous Coward
"It is fully possible to permit law enforcement to do its job while still adequately protecting personal privacy."
Then fucking do that, Eric. So far, your primary interest seems to be in waxing various poles in the law enforcement and intelligence communities, instead of protecting the rights of the citizenry.
And I heard about your retirement. On your way out, don't let the door hit ya' where the dog should of bit ya'.
-
Wednesday 1st October 2014 18:24 GMT My backside
Yeah, right!
So Holder said "It is fully possible to permit law enforcement to do its job while still adequately protecting personal privacy." No it is not. Law enforcement absofuckinglutely does not care about citizens' privacy. And we now owe a debt of gratitude to Edward Snowden for showing us exactly that!
Holder can go piss up a rope!
-
Wednesday 1st October 2014 19:58 GMT tom dial
"child predators could use the encryption settings in mobile platforms to evade authorities and hide illegal images and content on their devices from law enforcement."
They certainly could, and those with the least bit of smarts probably have been doing so for years. TrueCrypt, although no longer supported or recommended by its maintainers; dm-crypt, available for Android for three years or so and for Linux for about ten; and Bitlocker are not known to have vulnerabilities that either their producers or the government can use for circumvention. They probably have attained significant use within the porno and paedo community. The FBI director, and now the AG, are whining about something that will have little or no practical effect on criminal investigations.
Apple, for commercial and public relations reasons, is abandoning its capability to decrypt devices, something that was a bad idea at the beginning and looked much worse after the recent uproar over alleged universal government snooping. For the same reasons they, followed shortly by Google, made encryption the future default for those who lock their phones, nearly all of whom have no reason to care about government surveillance. This will have no effect on the great majority of those who have reason to hide data and have taken the small trouble to do so.
The government has ample capability to conduct surveillance when they need to.
-
-
-
Wednesday 24th December 2014 10:31 GMT gnasher729
Re: Think about this
The four number passcode on an iPhone _cannot_ be cracked in under a second.
The trick here is that the whole system is designed so that you can only try a passcode _on the iPhone that you want to crack_. You cannot use "the right hardware" which probably means expensive supercomputers, massive numbers of graphics card acceleration, to crack it. The only "right hardware" is the one iPhone that uses the passcode. And the checking algorithm is intentionally designed to take about 1/10th of a second per passcode.
Moreover, you can only check passcodes with software that is signed by Apple. So unless you handed the phone to Apple with a search warrant, all you could do is type in each passcode. And depending on security settings, after 10 wrong passcodes all data on the phone is deleted. (And Apple says they lost the ability to check passcodes as well).
You _could_ try to decrypt the actual flash memory, but that's 256 bit encryption with a different key for each file, so good look whatever supercomputer you are using.
-
-
-
Wednesday 1st October 2014 21:29 GMT Anonymous Coward
Not sure if enabling FDE by default will make much difference
Enabling fde encryption on android is only going to slow them down in most cases.
Since the master key is encrypted using the users screen lock password which is usually short and predictable (who wants to enter a long random string every time they unlock their phone?) which means they can gain access using dictionary attacks.
-
Wednesday 4th March 2015 03:22 GMT UNOwen
So spoketh Helen Lovejoy ...and now Eric Holder!
I love reading the Register - not only for the insight, but, The Register IS 'savvy.'
By this, I mean, The Register is the ONLY ... ANYTHING I can think of, off-hand, which has the guts to actually call it when it sees it- i.e., 'think of the children' - easily the most lame-brained, and over-used rhetorical tactic (if anyone reading this actually takes 'think of the children' seriously, and does not know the story of this declaratory phrase , read here; https://en.wikipedia.org/wiki/Think_of_the_children).
Thank you - for having guts - in an age of gutless-ness.