them intertubes be dangerous
Yep its a good thing the US owns math too so now evil encryption can only be used by the US government. Good luck talking Huawei and Xiaomi into going along with the plan. Idiots.
Senators on both sides of the political divide in the US support the idea of forcing American tech firms to cripple their encryption systems so that the cops and Feds can snoop on people at will. On Wednesday, FBI director James Comey told both the Senate Judiciary Committee and the Senate Intelligence Committee how device …
"Ignorance trumps maths."
Indeed. It's pitifully obvious that the lawmakers and the goon from the FBI don't have a clue as to how encryption works.
You're not going to get anybody (including the terrorists, paedophiles etc.) to use "backdoored" encryption. They'll know it's "backdoored" because it will be closed source.
All hard encryption has to be open for inspection and scrutiny if it's going to be used.
The maths is fairly trivial and common knowledge to anybody who has studied maths at degree level:
http://cacr.uwaterloo.ca/hac/
The FBI goon and the senators don't know that no matter how many laws they pass, you're still not going to be able to factor prime numbers and break encryption.
Yet these bozos are tasked with protecting us from terrorism? God help us.
>>Indeed. It's pitifully obvious that the lawmakers and the goon from the FBI don't have a clue as to how encryption works.
>>You're not going to get anybody (including the terrorists, paedophiles etc.) to use "backdoored" encryption. They'll know it's "backdoored" because it will be closed source.
I don't think you're looking at this the right way. If the FBI gets congress to pass a law requiring "backdoors" into encryption then the next logical step is to automatically jail anyone using encryption that can't be broken. Then the data/message doesn't matter as they could just lock up anyone of interest for as long as they wanted. They could even go further and force companies to automatically decrypt all incoming messages and forward ones that can't be decrypted (along with sender and recipient details) to the Justice Dept. After all, if you don't want someone else to be able to read your message you must be a terrorist, amirite?
-----------
On a different note, (tinfoil required) the more stories like this I read the more I wonder if the US/UK/France etc are actually funding ISIS in order to prop up a boogey man to help pass laws making it easier to enforce total control over their own citizens. I'm actually far more scared of what my government could potentially do with where this is heading than of any foreign terrorist.
*anonymous not because I don't think they can find out who I am but rather as a simple statement that I am sick and tired of having my every thought monitored.
On a different note, (tinfoil required) the more stories like this I read the more I wonder if the US/UK/France etc are actually funding ISIS in order to prop up a boogey man to help pass laws making it easier to enforce total control over their own citizens
<passes out tin foil hats> Possible but not openly. The daesh make a pile of money from selling oil from the captured oil fields. Someone's obviously buying it. If we were serious about taking them out, we'd bomb the crap out of the pipelines and pumping stations for those fields.
It's funny how these goons ignore the experts saying it can't be done with a simple belligerent response 'but it *must* be done, how is your problem!'.
It's also funny that they never seem to want to address the primary source material for creating extremist fundamentalists - US foreign policy.
OK, kidz, let's stop the pussyfooting and get alley shiv real. The globalist Illuminati state capitalist monopolist fascist occult brahminic druid oligarchy is at the end of its hierarchical pyramid-shaped tether in an era of lateral connectivity peer to peer cross-talk high data throughput which outflanks their propaganda info dictatorship. Their time is running out and they know it. It is absolutely necessary for them to implement a martial law police state pronto and Assange, Snowden & the recent Chinese takedown of the OPM database has them in a state of blind "Jade Helm" hysteria. Again, time is not on their side and if the angelic hacker battalions can nudge their initiatives to the point of ineffectiveness, harass and harry their various Battles of the Bulge while x-raying their control apparats and posting them on YouTube, we got a good chance at a takedown knockout neck snap sequence. Watch this video because it makes them shit their pants:
https://www.youtube.com/watch?v=Dq9yjt_JbWs
Terrorists will be easily able to subvert any government instituted program. Well, perhaps the more intelligent ones. Any of these using normal encryption deserve to have their panty-bombs popped.
Citizens will not know what they are using but will probably trust that their bank transactions are safe. These new programs (backdoors, master keys) will make sure that the transactions are not safe - and that any criminal/state master lock-smith can use the same backdoor or master key.
Terrorists will be easily able to subvert any government instituted program
These clueless politicians only need to look at recent history. This is Bruce Schneier writing for CNN a few years ago:
The terrorists use an even simpler method of "encrypting" their phone channels. When they meet they swap phones between all and sundry. True, it doesn't do anything about voice recognition, etc., but it sure frustrates the heck out of "Where's Bob the Terrorist" routines at the NSA. At least for a while. So long as the swaps occur inside the NSA's information/decision loops (faster than identification v. phone), their good. Low tech but it works. Unfortunately, if the phones are swapped with non-terrorists (civilians) and NSA doesn't key to that "fact," civilians get droned.
This post has been deleted by its author
You laugh but I have never seen another American spout that just plain arrogant and dangerous American exceptionalism bullshit who has lived overseas for any amount of time (and wasn't there to kill the locals). Realizing God (existence questions aside, speaking metaphorically) is not an American is an important first step towards getting along with other nations.
Considered American tech companies sell globally, forcing them to install backdoors will force them to move outside the US or their customers will leave like rats from a sinking ship.
This is not even mentioning the effect should the NSA lose the key or even the precedence of a government forcing a company to install a backdoor for them. Just imagine America squealing if it was China demanding this?
I respectfully disagree. The pain came after the Snowdon revelations, and has been ongoing. This is posturing; so that when the demands are rejected, the US can say "Look, there's no back door, guys. Buy our stuff (smiley face emoticon)".
Then the NSA snigger, rub their hands, and continue with business as usual while the rest of the world pumps money into California.
Trebles all round, as they say.
Don't whinge about strong encryption: it is useful for commerce and trade and hence helps to pay your salary.
* Banning encryption is akin to forcing people to shout rather than whisper to maintain a secure channel.
* Subverting it is also stupid and will come back to bite you, for <waves hands> reasons.
Why not fall back on the classic tools of the trade: Intelligence and intelligence. Don't forget, you still get to see the streams (OK: TOR makes that tricky) and can generate inferences - mmm metadata.
You will have me take what I perceive as decent encryption from your cold dead hands, should I get sufficiently riled (unless I can find a decent ali foil milliner)
For now: fuck off.
This really ought to be embarrassing for the participants; the fact it clearly isn't makes it even more terrifying and painful. Anyone who knows what on earth they're talking about is reduced to sitting on the sidelines offering up their opinion, which will be be totally ignored, while the people on the planet least qualified to discuss the issue at all (and least mentally equipped to understand why this is so) edge their way towards enacting their prejudice laden decision, clearly having decided that its the other side of the argument who are scaremongering (or with this lot, like as not "Commies").
I'm reminded for the nth time of how deep this particular sewer of idiocy actually goes, thinking back on Andy Burnhams remark circa 2007ish that we should force people to register every email address with the government. Since he seems to be in pole position to become Labours latest talent free retard in chief, he can join Call Me Dave in ensuring we fully contribute to a real transatlantic partnership of complete mediocrity in screwing up one of the more important issues on the current agenda.
It's impossible to properly articulate the utter disgust and contempt I feel for these people.
Ok.. they want either weaker encryption or the keys kept safely. Much like the OPM information? Hmm... Basically, we have folks in charge of things who don't have a clue and only know how to fear-monger for the benefit of the press.
I do believe Wyden is right about the "why" and his view of the solutions being proposed.
No, Mark 85, we have a group of folks who have been told that their professional political lives will end abruptly unless they mandate these changes. It's the people that control their lives that are (self-)important here. You know, that (class) group that provides all those campaign donations and are (rightfully) terrified (which is terrorists' objective) about being on the receiving end of an attack. No one is going to terrorize anybody in the Central San Joaquin Valley here in California, which is where I'm living (unfortunately!). New York City? Oh yeah! London? Ditto. Etc.
It's us uppity serfs, worldwide, that are the problem. Pre-broken encryption is (one of) the hammer(s) to put us down.
"He recounted that the FBI had encountered situations where they were thwarted by encryption, but couldn’t provide details on either the numbers of such cases ..."
If it's important, why aren't they keeping track/count of them; especially with the Senate committee hearings appearances?
ISIS doesn't even DO the US, why is used to justify dumbfucked western politicians' and bureaucratic operators' (who "don't know anything") brainfarts?
So help me $DEITY, I feel a very strong urge coming on to do $BAD_THINGS to all those disgusting trough-fed swine.
Just hearing "Feinstein" (D-Surveillance) makes me barf. That dumb bitch who never found the courage to whine about anything during the Bush era because it could damage her career or some redneck might beat her up is like a caricature out of a class B movie.
Fsck, now they just need get the "liberals" aboard because the rainbow-colored multi-cultural black guy who can Do No Wrong currently in charge is all for listening in and it's GAME OVER, MAN, GAME OVER!
. . . a robust debate to determine exactly how much funding should be assigned to the important task of squaring the circle*.
That said, we are talking about someone from a state where the watermelon is the official vegetable.
Apparently, the sponsor of that bill (one Senator Barrington) declared that, while the watermelon was indeed a fruit, it was "also a vegetable because it's a member of the cucumber family". He was apparently unaware or unconcerned that the cucumber is indeed a fruit too and only really (informally) classed as a vegetable because it is savoury, like the eggplant (which is also, of course, a fruit).
While this is all very amusing, it seems irrelevant until you get to the good quote:
"The controversy on whether watermelon is a fruit or vegetable has been officially decided by the Oklahoma legislature."
Okay, so it may have been a bit tongue-in-cheek and designed to garner publicity for the state's watermelon growers but the idea that an act of government can trump an independent, botanical fact is, I feel, somewhat relevant to the issue at hand.
The truth is that the watermelon's status as a fruit or vegetable is not a controversy, any more than the the earth's age is. Those who know what they're talking about are pretty clear on the matter, just as security professionals are pretty clear on this issue.
The troubling (though hardly novel) take-away is that our collective politicians seem to believe that independent experts' advice and experience and even the facts they explain should be considered secondary to their own uninformed intuition and lay-person opinions and beliefs.
D'you know what?
Let's assert, by government fiat, that 0.9999.... is in fact not equal to 1. That'll solve that 'controversy' too.
* - Hmmm . . . while checking if the correct term was 'squaring a circle' or 'squaring the circle', I found that they would be beated to the glorious punch, anyway: Indiana Pi Bill.
At least I think so. It seems quite unlikely that the US Congress, most members of which are functionally clueless about the matter, would pass legislation criminalizing use of encryption by private citizens or limiting the algorithms and protocols they are allowed to use. They also probably are quite smart enough to realize that such a law, if enacted, will at most allow police to harass those who choose to ignore it, as the criminals, terrorists, and citizens engaged in legal activity but annoyed by such cheek will do; as I shall do.
In the end the law enforcement officials will have to rely on courts to issue warrants and cooperation of the recipients of such warrants subject, possibly, to punishment for contempt of court or prosecution for obstructing an investigation.
"Maybe it's too hard, but this country wasn't made up of people who said 'It can't be done'."
No, you're quite correct director: the US wasn't made by people who said "it can't be done".
It was, however, 'made' by people who refused to surrender their rights to a government that took and took. It was made by people who resolved to give up their safety and security to fight for their freedom. It was made by people who would rather lay down their lives than their liberties.
On which side of that struggle would you be standing? How would you treat Samuel Adams and the other Sons of Liberty, rebelling against the practices of an oppressive government? How the British would have loved to monitor all their communications, expose their meeting places, unravel their plans and identify and capture their members.
Or was it a different country you were thinking of?
In fairness, Comey and others taking essentially the same position are not requesting anything at variance with the US Constitution or later Supreme Court decisions concerning search and seizure or privacy. They are asking for development of a technical capability that will allow them to execute properly issued search warrants for data that may be encrypted, as they can for data in tangible form that is in a locked building or file cabinet.
The counterarguments now do not differ much from those of a couple of decades ago against use of the Clipper and Capstone chip implemented systems, Schneier summarized them decently in 1996. It would be difficult to implement such a system, although the Clipper and Capstone implementation weaknesses do not prove impossibility; in practical terms it would be impossible to enforce against those of most concern; and it would expose everyone to compromise of the escrow database. So, as was true then, we should not bother. Law enforcement officials sometimes will be stymied by use of encryption and have to attain their goals without the encrypted information.
@tom dial
What you are saying - in your first paragraph - is largely the line that politicians want us to swallow. It sounds reasonable enough but it completely paves over all the ways data on Internet-connected servers, or traversing the Internet* is different from the more conventional targets of 'search and seizure'.
The fact is that modern technology and storage and communication changes the situation in ways that would have been not only unimaginable but unintelligible to the people and lawmakers at the time of the Constitution, with Volta's crucial work not occurring until 10 years after the relevant 'safegaurd' Amendments, and not a single one of the signers lived to see a working electrical telegraph system, with Madison missing it's invention by two years and it's use by 20.
But even in the late 19th century, with fast, cheap, long-distance communication a practical reality, the concept of MASS transmission of all kinds of information - of photos, of music, of entire libraries, of banking data of all kinds, telemetry of vehicles - was well over a century away.
Could those who devised the Fourth Amendment really conceive of a device that could store every piece of information about you and every communication and that could not only store that information but catalogue it, index it, search it, cross-reference it, copy it and display it, and could do so taking up no more space than satchel?
Mass, effortless and instantaneous creation, transmission and storage of information changes things fundamentally - to a point where the old concepts and standards and laws are not suitable for dealing with this vastly different world we now inhabit.
Or any link that is not completely private and secured, physically.
"Could those who devised the Fourth Amendment really conceive of a device that could store every piece of information about you and every communication and that could not only store that information but catalogue it, index it, search it, cross-reference it, copy it and display it, and could do so taking up no more space than satchel?"
Probably not, but they would not have hesitated to say that a government search of such a device would require a warrant issued "upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched and the ... things to be seized." And they almost surely would have said the same about communications passed between two such devices.
so the outer layer is the Gov mandated Encryption with the backdoors.
Then inside that are two or three layers more of non backdoored encryption.
with message that when eventually decoded says simply 'UpYoursNSA'.
Meanwhile, the world will have moved on to other forms of encrypted communication.
"this country wasn't made up of people who said 'It can't be done'."
"insisted that American innovation could find a solution."
Just make some vague patriotic sounding statements, and anyone who disagrees with you is Unpatriotic!
Dear Director Comey, perhaps you could demonstrate how trivially easy it is to do the impossible just by being patriotic? Go stick your head up your arse.
Dear Director Comey, perhaps you could demonstrate how trivially easy it is to do the impossible just by being patriotic? Go stick your head up your arse.
I think that it's already there... or maybe it's up a certain President's arse or perhaps some lobbyists arse. These guys (NSA, CIA, FBI) seem to be in lockstep and they are taking their marching orders from someone....
Microsoft would move to Canada (or wherever) rather than be unable to sell their OS to any country other than the US because noone would want it. It would be business suicide and they owe it to their shareholders not to do it and the same goes for almost all tech companies.
Let them bleat about it for another two years. It will come to nothing. Tech company bosses are big political funders too.
I see little evidence of 'bright people' in either the current debate or any of its recent predecessors. If they were, they would presumably be proposing something that wasn't catastrophically stupid just in case they actually got their way. Or was the whole Clipper debacle just an expensive PR exercise as well?
The problem with clueless politicians like this, is we all know it is not possible to achieve in practice.
So instead they will pressure companies to put in back doors and using the laws that make it illegal to tell the truth, they'll pollute a computers software in some other way.
You might love your PC or Mac, but even with FOSS we are all screwed if the Govt can legislate the building of dysfunctional computers.
The only ray of hope is the Govt is not that competent, but we are still all *paying* for this abuse...
P.