She still wants a door though.
*ANY* door is a problem, since the effect is the same. A door is a door. It doesn't matter if it's a back door, side door or front door.
Democratic presidential front-runner Hillary Clinton has waded deeper in to the debate on encryption with the observation that “maybe the back door is the wrong door”. Speaking at a debate for Democratic candidates, Clinton was asked if she would legislate “to give law enforcement a key to encrypted technology”. Clinton's …
>*ANY* door is a problem, since the effect is the same. A door is a door. It doesn't matter if it's a back door, side door or front door.
Eh? What Vimes has just described is indistinguishable from running over your computer with a steam roller then throwing the remains into a volcano. There has to be *one* door, otherwise you are deleting your data instead of encrypting it. Perhaps you mean you just want a single door, but a door to which only you or your intended correspondent have the key?
I say that in a friendly way. If I come across as pedantic, it because the people who are against back-doors ( i.e. broken encryption) largely have facts and accuracy on their side - especially when compared to politicians!
She's flipflopped on ever issue that people seem to disagree with on. A very large part of her platform now resembles that of Bernie Sanders'. The reason for that is that a huge number of Americans support Bernie, but he doesn't have the Corporate backing that she does. Bernie has proven over 30+ years in politics that he is not for sale while Hillary's raison d'etre is to increase the Clinton Family Personal Wealth Portfolio by being yet another Corporate owned politician. Granted she's still better than any of the GOP Clown Car of Candiates.
Any weakening of security via backdoors or weakened encryption is a dare to others to find the weaknesses. They are likely to find weaknesses, whether the deliberate ones or others. Either you allow strong security, state of the art security techniques or all communications is essentially send plain text.
Remember we are talking about someone who rolled their own "secure" email server.
Somebody ought to remind the government to be careful what they wish for. They might just get it.
One U.S. official described it as akin to "stealing a master key to get into any government building."
...and said without any sense of irony too & a straight face too...
http://edition.cnn.com/2015/12/18/politics/juniper-networks-us-government-security-hack/
Why would they need to weaken encryption? They'd just need to make a law saying that gov must be able to access encrypted data. Services that offer end-to-end encryption with the server unable to decrypt the data would become illegal.
This seems to be the UK's answer as well in the IPB.
Services that offer end-to-end encryption with the server unable to decrypt the data would become illegal.
You know how some films used to use "Banned in <country x>!" as a badge of merit? I can see a similar thing happening with consumer security products.
Coming soon - The messaging platform the US government doesn't want you to know about!
That solution sounds good but the weakness is there must be a centralized storage of encryption keys for that to work. If one completely encrypts one's hard drive then one must provide a password, key file, etc. to decrypt the data. This is something that the presumably only the user knows. For a spookhause to decrypt a drive in this scenario they either guess the unlock information or brute force decrypt. Either could be time consuming.
About the only solution that might actually pass any reasonable muster is for the user to be served a warrant to unlock the drive so the police can rummage around. Any other system risks crippling security.
Something people seem to forget is 'the two key solution'.
One key unlocks the data.
The other one unlocks the data thus complying with the law but immediately starts a process burried in the HDD/SSD firmware to erase the data.
Spooks have been aware of this for years. After all, their agents would use it to stop the people they are spying on getting the data.
As with every solution there are weaknesses.
Thus the battle goes on, and on, and on
That solution sounds good but the weakness is there must be a centralized storage of encryption keys for that to work.
Not technically correct. There are a number of cryptographic primitives and protocols that can provide multi-party access with some degree of control besides central storage of the key per se.
There's the Clipper approach of including part of the key, asymmetrically encrypted, with the message, for example; a party with 1) the decryption key for the partial session key and 2) sufficient resources can recover part of the session key and then brute-force the rest.
There are backdoors in other components, such as the Dual_EC_DRBG backdoor; a party with access to the secret parameters can recreate the CPRNG stream and recover the session key that way. Similar approaches can be applied to other primitives.
There are key-splitting protocols. And so on.
I'm not advocating any of these approaches - I think the anti-crypto fear-mongering is a combination of pandering to panicking fools, ignorance, and innumeracy - but central key storage is not necessary. It's only one possible approach.
Um, unfortunately that would make all Internet services illegal, since any fule can encrypt anything before sending it. That is what "they" simply don't want to understand because it is so inconvenient: bad people will use strong crypto whatever the law says. Weakening crypto *only* hurts the law-abiding or the very stupid.
Services that offer end-to-end encryption with the server unable to decrypt the data would become illegal.
How, where & when something can be decrypted is just as important as to how strongly it was encrypted in the first place. In that regard any demand to drop end-to-end encryption is effectively an attempt to weaken encryption.
I think they thought of that, and then realized that anyone who cares would simply use a non-US (or UK) service. The end result of back-dooring all US communications/encryption services will be that those US companies will lose a potentially substantial portion of their international business. They might even lose US based business if those companies chose to use foreign providers.
The Manhattan Project (like the Apollo Project) was about engineering a way to realise the theoretically possible. Only idiots think a sufficiently big project can manage the not theoretically possible (let alone the theoretically not possible) and only liars would suggest it could if they suspected otherwise.
The political elite seem to be, almost to a person, fools or frauds.
I think @mycho is correct here.
Hilary is on the horns of a dilemma here, she's massively indebted to Wall St, the very corporations who need strong encryption, but the military and Law enforcement agencies are politically powerful and determined to have access, so she'll need to find a way of convincing business that it's in their interests to let Government have access to our stuff.
I'm not sure how she'll manage it, but that will be her aim.
This is just the period of the process when she pretends that ordinary voters have a stake in this.
Once she has her hands on the levers of power, she'll have to decide which side she owes more to.
"This is just the period of the process when she pretends that ordinary voters have a stake in this."
She never mentions ordinary voters in her quoted statement. Ordinary voters don't figure in her reasoning, which makes it clear that they simply don't matter to her. She knows she's on the Democrat end of a two-party oligarchy masquerading as a democracy, so the only voter danger she has to concern herself with is ensuring said voters don't go for Trump - which doesn't seem like a hard ask. It's not like the voters have any other choice that has any chance of gaining power.
So the only stakeholders she can see in this discussion are the TLAs and Silicon Valley - the likes of you and I don't enter into it. She made that clear when she said, "...something that would bring the government and the tech communities together to see they're not adversaries."
Us little people being adversaries to the big boys in that equation? Not even a blip. And she's not even trying to hide the fact.
"Hilary is on the horns of a dilemma here, she's massively indebted to Wall St, the very corporations who need strong encryption, but the military and Law enforcement agencies are politically powerful and determined to have access, so she'll need to find a way of convincing business that it's in their interests to let Government have access to our stuff."
I don't think she has much dilemma at all, no. Hilary's gonna do what she always does and side with whoever has the deepest pockets.
This has two functions - one, she tempts Silicon Valley money by playing to their fears about what encryption-busting will do for their exports, and two, she's offering them a huge carrot in the form of this 'Manhattan-type project' - which just needs to be a really, really, really expensive supercomputer, preferably one that can keep ahead of the Chinese for another decade or so.
There's no unbreakable encryption which is feasible to use - no, one time pad doesn't count as feasible - so you just need something big enough to do the math ridiculously quickly. She's telling Silicon Valley both that they can keep their encryption credentials clean, and that she'll also throw them a trillion dollars of government cash (I'd say 'taxpayer money', but the US doesn't use taxpayer's money anymore - it uses Chinese loans instead) to build an encryption-busting machine.
I'm willing to bet that if we take a look at the donations for the Clinton Campaign, she's gonna pick up all the tech giants in short order now.
I've got an idea for a better Manhattan Project.
Get all the techies and Silicon Valley together. Bake encryption into every protocol. Develop and deploy new, stronger encryption methods that can resist classical and quantum computing. Shore up Tor and set up more nodes.
"Develop and deploy new, stronger encryption methods that can resist classical and quantum computing."
I'm not sure that is really feasible, until everyone themselves has quantum computers. I'm not much of an expert on quantum computers, but more or less, we are heavily reliant on some sort of complexity problem to make encryption work, at least public-key encryption.
One-time pads are 100% secure, so there is already something that defeats all attempts at breaking. But to be useful, the encryption key often needs to be delivered in plaintext, so we should assume that the attacker can always encrypt. Now here's the problem: more or less, anything that it is easy for a classical computer to do, it is easy for a quantum computer to undo. That is a massive lie, technically, but for non-technical discussion it will suffice. So if you want your classical computer to make the encryption, a quantum computer can break it.
Once everybody has quantum computers then the field gets re-levelled, but the first good quantum computers *will* pwn all classical algorithms that are not based on randomness in some way.
"but the first good quantum computers *will* pwn all classical algorithms" -- DavCrav
I thought that (a) there already exist quantum-computing resistant algorithms and (b) that the speed-up offered by, e.g. Shor's Algorithm is not so vast that it cannot be realistically kept at bay for a while by using (maybe much) bigger key sizes with classical encryption.
I thought that (a) there already exist quantum-computing resistant algorithms and (b) that the speed-up offered by, e.g. Shor's Algorithm is not so vast that it cannot be realistically kept at bay for a while by using (maybe much) bigger key sizes with classical encryption.
You are correct, and DavCrav is wrong. This has been explained ad nauseum in this forum and elsewhere.
The current state of "post-quantum cryptography" isn't great, in that the publicly-proposed methods all have one drawback or another, but it's a popular area of research and the techniques will only get better. More importantly, even if and when practical QC gets powerful enough to attack keys of reasonable length - which does not appear to be happening anytime soon - it remain far out of reach for all but state-level actors for the foreseeable future, and will be too limited to be used against all but the most valuable targets.
The simple fact is that most encrypted data isn't worth much. Encryption just has to push it above the level of low-hanging fruit.
This might be a solution in matters of domestic criminal activity, provided the warrant was served on a party that possessed a copy of the key. In that case they might be able to persuade the key holder to provide access to the encrypted material by presenting it as the preferable alternative to various contempt of court punishments.
Otherwise, they are asking, in principle, for something they never have had in practice: a way to access messages encrypted using methods they do not know and keys that they do not have and which those who do will be reluctant to disclose and possibly unavailable for interrogation and possible punishment. Lack of that capability and its successful circumvention have been a consistent thread in political and military history for several thousand years, probably about since the invention of written communication. It is a "nice to have" but never has been, is not, and probably never will be, a "must have."
... let's take five minutes and imagine a near future, a speculative fiction. Let us imagine a near-future in which the whole idea of encryption is irrelevant.
A future in which encryption doesn't matter because so much cctv and drone video footage is collected that the location and behaviour of every citizen is known in real time. In such a scenario the authorities would learn very little from reading (broken) encrypted messages over what they already knew by observing subjects directly.
If this fictional authority has a MagicTechnolgyMachine that stopped all bombs from exploding or guns from firing, it wouldn't need to read the emails of any potential terrorist.
that's flawed on a number of levels.
Firstly encryption would still need to be broken to prove intent.
Secondly I forget the stat but something like 75% of the currently installed CCTV camera's not suitable for use as evidence due to poor quality or poor maintenance or poor storage of the recorded data. There is no reason to suppose that will change in the near future.
"Secondly I forget the stat but something like 75% of the currently installed CCTV camera's not suitable for use as evidence due to poor quality or poor maintenance or poor storage of the recorded data. There is no reason to suppose that will change in the near future."
Three important words: chain of custody. CCTV can, and has been doctored, and as this becomes easier the evidence will become less admissible.
Ever read AE Van Voitgt Anarchictic collossus?
Quoting the Verge :
http://www.theverge.com/2015/12/19/10628208/hillary-clinton-back-door-debate
"Democrats have strange ideas about the internet, too. At tonight's ABC News presidential debate, candidates offered a number of vague, borderline-illiterate thoughts about technology, especially Hillary Clinton. It all started when ABC gave her an inane prompt, characterizing encryption as a "terrorist tool used in the Paris attacks." In response, Clinton suggested that, instead of breaking encryption, the US should launch a "Manhattan-like project" to "bring the government and tech communities together" so that law enforcement can "prevent attacks."
It seems anyone moderately knowledgeable about encryption is saying Hildabeast is a loud-mouthed moron proving Mark Twain's observation - "It is better not to speak and have people think you are a fool than to speak and remove all doubt."
It seems anyone moderately knowledgeable about encryption is saying Hildabeast is a loud-mouthed moron proving Mark Twain's observation - "It is better not to speak and have people think you are a fool than to speak and remove all doubt."
It seems that this applies not only to her but everyone else running for the job. They're all spouting nonsense. The scary part is that they are all spouting is the "fear" and "terrorists" cards for which "they" have the solution and so far, they've all been inane.
You can't make terrorists use the encryption that western governments can access. The encryption they can't access is already out there.
If they got Apple, Google, and Facebook to use "side door" encryption, smarter terrorists would avoid iPhones, Android and Facebook and communicate using methods that allow them to use today's encryption. That won't be uninvented because something else comes along.
But of course that wouldn't matter, they'd eventually catch some dumb terrorists who were communicating with WhatsApp and declare the program a success. And either point to something else as the reason they missed other attacks carried out by smarter terrorists, or say the tech world needs to figure out how to put the Genie back in the bottle!
The non-suspicious way to add back doors to your system is to encourage the creation of bug doors. Once a system reaches a certain level of complexity, mistakes will just happen. And the more mistakes and bugs happen, the more likely it is that those will be exploitable. Just invest into code reviews and there you go, back doors for free and everybody can easily claim they did it on purpose.
Doing this is comparatively easy, encourage complexity increasing ideas like the Stroustrup-like OOP, discourage simple solutions to trival problems. Eventually you will raise a generation of "Poetterings".
A nice side effect is that the "market" for software will become more monopolized. Having a highly complex logging system means that it becomes harder to re-implement it.
Doing this is comparatively easy, encourage complexity increasing ideas like the Stroustrup-like OOP, discourage simple solutions to trival problems. Eventually you will raise a generation of "Poetterings".
That's a definition of "eventually" of which I was not previously aware.
"Doing this is comparatively easy, encourage complexity increasing ideas like the Stroustrup-like OOP, discourage simple solutions to trival problems. Eventually you will raise a generation of "Poetterings""
That's old hat, the Java boys are leading the way with stuff like Spring & Dependency Injection. I've already seen backdoors injected that way by the hundred... ;)
Cue much head-scratching from the Devs who can't work out why their rigorously unit-tested code isn't behaving the at run time... Ironically they used DI to force themselves to write testable code which enabled the vulnerabilities that they couldn't unit test for...
I hear you can get them from the Weapon Shops of Isher. Van Vogt seems to be having a good day.
If we want to start a major project, maybe we could work on reducing the number of criminals and terrorists. A pilot study could involve reducing the number of terrorists and criminals that are employed by the US and UK governments.
Its pretty clean the encryption they are worried about is communications. Data on disks is a sideline in comparison. Next, although everyone talks ISIS, the reality is, and the FBI and the rest well understand, they have just as many threats from homegrown Christian or just pain nutter terrorists as external ones. This will, and always will, be about the local population. It isn't about stopping the next Paris attack.
We already have the ironic spectacle of one part of the government inventing and popularising a secure and untraceable communication system to further its operations, and another spending great effort to subvert it again.
In the end, real terrorists resort to notes passed from hand to hand, and one time pads. No Manhattan project can solve a one-time-pad. Demands for weakened or backdoor'ed encryption are a solution to a problem that only uses existing encryption because of convenience. If it is not possible to use common encrypted channels operationally, terrorists simply move to other methods. Methods for which current meta-data analysis probably have less traction - making the job of the security agencies harder, rather than easier.
Your post has, well, some issues.
>This will, and always will, be about the local population. It isn't about stopping the next Paris attack.
The Paris attacks were committed by the local population. Belgians (local-ish) and French nationals.
>In the end, real terrorists resort to notes passed from hand to hand, and one time pads
No, they just get on with their attacks fast enough that they're not stopped. The Paris attackers, who were pretty "real," did not use encryption. Nor have most other recent attackers, either Islamic or other.
All the recent noise about encryption is down to 2 things. Firstly, the "something must be done" brigade (including Donald Trump banning & tracking Muslims and closing down the internet at the extreme end). Secondly, the ongoing target of total mass surveilance, that the NSA / GCHQ et al are up to. The first will have no impact on terrorism. The second is just using it as an excuse.
The point was - the US isn't going to stop the Paris attacks. France might, but the US won't. Hillary allowing the FBI to decrypt US communications does not help stop ISIS wreak havoc half way across the planet, despite the implication it does. Indeed, they don't need to use encryption. Like I wrote, a note passed hand to hand will do. Or if they really are worried, a one time pad, either for the note, or for an electronic communication.
Hi All
I offer the below as our thoughts on politicians (plagiarised)
A South African Story:
While stitching a cut on the hand of a 75 year old farmer, whose hand was caught in the squeeze gate while working cattle, the doctor struck up a conversation with the old man.
Eventually the topic got around to politicians and their role as our leaders.
The old farmer said, "Well, as I see it, most politicians are 'Post Tortoises'.'
Not being familiar with the term, the doctor asked him what a 'post tortoise' was.
The old farmer said, "When you're driving down a country road and you come across a fence post with a tortoise balanced on top, that's a post tortoise."
The old farmer saw the puzzled look on the doctor's face so he continued to explain. “You know he didn't get up there by himself, he doesn't belong up there, he doesn't know what to do while he's up there, he's elevated beyond his ability to function,and you just wonder what kind of dumb arse put him up there to begin with."
Best explanation of a politician I've ever heard.
How about we require all manufacturers of door locks, safes etc to provide a "master key" to the FBI (or whoever) so that they can just come and have a look whenever they want.
And how about you, Ms Clinton start the ball rolling by handing over copies of the keys to your house, car and that safe deposit box you think no-one knows about?
Maybe the solution to this is to show these people the episode of the 'Big Bang Theory' where the ladies are arguing about how 'only the worthy' can wield Thor's Hammer and asking who decides "Who's worthy?". How can a hammer decide?
It might bring the discussion down to a level they can comprehend.
Dear Government,
Please leave me alone. I am not, was not and will never be part of ISIS or any other extreme "terrorist" organisation thereof. I am wholly against the practices of aforementioned and any other bastards, arseholes and fuckwads.
I will continue to use encryption. Not as a means to hide any wrong doing on my behalf but as a means to protect myself from you and your clandestine secretive bullshit I neither requester or voted for.
Kindly refrain from fucking me and my fellow citizens about because of your own fear and loathing for us. Understand that you lose votes and power because of your own actions not because the electorate are ignorant or misunderstanding.
Best regards
The Internet
P.s. please bear in mind that we the internet hold the power to fund a kickstarter campaign to finance any old random person to boost them into a seat of power and people will buy in for a laugh should the current level of voter apathy continue to increase.
It is only a matter of time.
Apropos . . . why are the vast majority of Hillary pics airbrushed to remove wrinkles, change the eyes, and otherwise make her look , umm, "better"?
Lying about one's appearance leads me to believe one might -just may be - lying about other things. After all, it's not as if we don't already have huge volumes of evidence demonstrating her talent for doing so. Though, in my opinion, she's not all that good at it. For much else, either.
If a friendly government has the key and the keys get jacked by an unfriendly , we're simply all screwed.
They got a bunch of what if's in their scenario .. but they always assume the government's defenses can't be penetrated and aren't ,which we all know is bullshit. So a) how can our friendly governments can tell us it's all fine the secret is safe with them ? i call total absolute bullshit on this and hence i must totally back tight encryption without backdoors.
She wants to know the secret behind the Green Door
Green Door by Jim Lowe
Midnight, one more night without sleeping,
Watching till the morning comes creeping.
Green door, what's that secret you're keeping?
There's an old piano
And they play it hot behind the green door;
Don't know what they're doing
But they laugh a lot behind the green door.
Wish they'd let me in
So I could find out what's behind the green door.
Knocked once, tried to tell them I'd been there;
Door slammed, hospitality's thin there.
Wonder just what's going on in there.
Saw an eyeball peeping
Through a smoky cloud behind the green door;
When I said "Joe sent me"
Someone laughed out loud behind the green door.
All I want to do
Is join the happy crowd behind the green door.
Midnight, one more night without sleeping,
Watching till the morning comes creeping.
Green door, what's that secret you're keeping?
Green door what's that secret you're keeping?
Green door!
I think Mrs. Clinton is referring to the fact that it has been pointed out that real-world end-to-end encryption systems, like the Apple one, already have a front door by virtue of their design. Let me explain.
Each device (phone, tablet, PC, etc) generates a public/private key pair. The private key must never leave the device, but the public key is stored up in the cloud.
Alice sends Bob a message. Her messaging client grabs Bob's public key, encrypts the message with it, and sends it. It can only be decrypted by Bob's device. OK so far.
Now the real world intrudes. Bob has multiple devices. There is no really secure way for them to share a private key, so each device generates it's own key pair. Alice's software does not know which device Bob will use to read the message, so it must encrypt multiple copies of the message payload using Bob's several public keys. This multiple-key capability is the front door.
All that Apple (or anyone else running PKI for end-to-end encryption) has to do is quietly add an NSA-generated public key to Bob's list. The NSA can now read every message that Bob receives. They can do this to selected users or to everyone.
Of course, we can circumvent this by manually using PGP and exchanging public keys by email, but that is quite beyond the vast majority of users, who find the concepts of public key encryption hard to grasp. The automated version is what actually gets used.
This is a good suggestion from Clinton, because there *are* other solutions than "encrypt all the stuff so no matter what circumstance it can never ever be looked at" or "give 10,000 spooks access to everything everyone does and says".
This essay by Vinay Gupta explains the context, and gives examples such as a jury-based system where data could be decrypted but only if a genuine random jury approves.
http://vinay.howtolivewiki.com/blog/other/taking-a-crack-at-a-practical-system-introducing-the-escrownym-3004
There is a *long* way to go here both technically and philosophically, and a project to do so makes total sense.
"This essay by Vinay Gupta explains the context..." -- Francis Irving
Your source appears to explain a specific and clever solution that can be used by people who want to cooperate (e.g. to share encrypted video to avoid liability for copyright infringement whilst still providing a decryption path for e.g. identifying the source of banned content). We wouldn't need a big project to work out how to do this as the article you quote already contains a solution!
The people that the powers-that-be are constantly pointing to as the threat which justifies mass surveillance are both able to use non-compliant cryptography and to hide the fact that they are doing so with steganography and other counter measures. It doesn't matter if you invent a new system that keeps all the good guys happy --- because the bad guys will ignore it.
The ignorance of the people in charge, heck ALL the people, is astounding.
Mass surveillance has two equally compelling purposes for the deciders: (1) keep tabs on everyone to see to it they don't get out of line (militarizing the police was ancillary to that, leaving us with a disorganized and disordered mob pretending to be an occupying army); and (2) gather business intelligence that can be analyzed by their financial advisers (as I've said before, no one was listening in on Angela Merkel to find out if she was aiding terrorists -- what they really wanted to know was if she was aiding Volkswagen).
With most of the public either proudly ignorant or blissfully unaware of the true depth of their ignorance, there's little hope of stemming the tide. Those of us in tech will play along because we're well paid to -- at least when we're not being targeted in the extortion plot du jour.
A simpler life off the grid would be nice. No more 3 AM calls that the SAN went away so now all 1,000 hosts in the data center need to be manually restarted (including all those 10 year-old Oracle databases). No more weekends scrubbing the family's Windows PCs clean of the latest, probably state-sponsored, malware. Cut the cord for real, retreat to the travel trailer with a pile of movies transcoded to mp4 and a couple of fishing poles for the catfish down by the canal at dusk.
Let's face it, these idiots don't want our help -- and they don't deserve it.
Just walk away. Let the whole edifice break down from neglect and incompetence.
It would be sort of the same way that retired legionaries on the frontier reacted when the barbarians started pouring south over the Danube.
Step back and fade away. The industrialized world has made their own bed, now they can sleep in it.