With loose cannons like this in the US legal system surely the EU have no option but to abandon the Privacy Figleaf forthwith. "Adequate"? Who do you think you're fooling?
Fine, OK, no backdoors, says Deputy AG. Just keep PLAINTEXT copies of everyone's messages
The US Deputy Attorney General has told business leaders that Uncle Sam won't demand mandatory backdoors in encryption – so long as companies can cough up an unencrypted copy of every message, call, photo or other form of communications they handle. Speaking at the 2017 North American International Cyber Summit in Detroit on …
COMMENTS
-
-
Tuesday 31st October 2017 07:43 GMT Anonymous Coward
surely the EU have no option but to abandon the Privacy Figleaf forthwith.
Why? Germany was once the European bastion of citizens rights, but even they've been backsliding on privacy, and all governments are thinking "wow, how can we get our hands on all our citizen's data?". The UK government love the idea, and are busy scraping all the data they can find already.
And where's the EU "Privacy Plan B"? There's hardly a series of robust European IT platforms to replace Microsoft, Google, Facebook et al, are there?
-
Tuesday 31st October 2017 10:02 GMT ratfox
Yep. Short of banning Google, Facebook and Microsoft from operating in Europe, the EU simply cannot guarantee the privacy of its citizens. The privacy shield or whatever they call it is a gigantic waste of time to support the legal fiction that they can enforce their own privacy laws without making the internet illegal.
-
Tuesday 31st October 2017 11:13 GMT EnviableOne
If there's a market one will appear, and I think if you look at the combined revenues of Microsoft, Google, Facebook et al that they run through Ireland, there is a market and the issues are not unsurmountable.
its been done before (i.e. Wiebo, Yandex, baidu, Alibaba etc) and with the mass of professionals in the EU there is likeley to be something wipped up quick.
-
-
-
-
-
-
Tuesday 31st October 2017 06:28 GMT Mark 85
Re: Ahem
I suspect is more that politics is where: a) those who can't walk and chew gum at the same time go; and b) it's the last refuge of the totally clueless. The more I read in the news, the more I realize it's also contagious and spreading rapidly around the world and infecting those in office everywhere.
-
Tuesday 31st October 2017 08:49 GMT Rich 11
Re: Ahem
Politicians are not necessarily clueless and only a minority are especially dim. When one of them is ambitious and sufficiently ruthless to achieve some of their ambitions, they start to think they really are clever instead of just moderately competent, and that their ideas must be right. Combine that with a strong belief in their own rhetorical brilliance and they think they can give speeches like this one, and convince everyone of the truth of their position.
Well, it's either that or they know they're talking bollocks but they'll get sacked for embarrassing their boss (and by extension their country) if they don't go out and try. The classic example of this was Colin Powell's speech to the UN outlining the evidence for Iraq's weapons of mass destruction and links to al-Qaeda, when he knew that Bush had already decided to go to war. You could almost see the shame dripping off him.
-
-
-
-
-
-
Monday 30th October 2017 21:58 GMT Anonymous Coward
Re: Who's to say whether the plaintext matches the cryptoed text?
@ InfiniteApathy
I don't think the guy would think that deep. He comes across as yet another clueless in a high place.
In Canada's de facto federal gov't, the people appointed to set up computer systems do not even have to know how to turn one on, some of them even admit they - to all intents and purposes - can't, but they do have to be fluently
bilingual(Quebecois) French. Oh, that's the important thing!I was dumbfounded when I listened to the broken English of the guy who oversaw the now defunct gun registry database. It was originally going to cost ninety million but turn into hundreds of millions then into what some estimate into the billions of dollars (approx. 2,000,000,000.00). He admitted he knew nothing of computers - but hey - he was fluently
bilingualFrench, which is all that matters to the Canadian de facto fed. gov't these days. There are only 10 million rifles in Canada, so that's $2000.00 per gun to register them in a database. A database that, it turned out, wasn't really reliable and didn't meet police expectations. 'So, then it got scrapped. Wow.-
Tuesday 31st October 2017 01:12 GMT drone2903 in Kanuckistant
Re: Who's to say whether the plaintext matches the cryptoed text?
@Stephen Battleware
Yes I am sure that was the problem.
Not the fact the scope was badly define by the fed's procuration, changed countless times while the basic system was build, the govt sponsor was replaced after 4 months, the new one (political appointment) rejected everything that was done because could not understand it, rebaselined on his own definition of what should be delivered and change the main supplier ( and that happened 3 times: new sponsor, baseline and main supplier in 14 months, while the grunts were still developping with the old specs) and the mainframe specs were also modified after delivery (twice).
Yes, I do have some inside info about that mess, should you ask.
Merci
-
This post has been deleted by its author
-
-
Tuesday 31st October 2017 08:56 GMT Pen-y-gors
Re: Who's to say whether the plaintext matches the cryptoed text?
@Stephen Battleware
"I was dumbfounded when I listened to the broken English of the guy who oversaw the now defunct gun registry database."
You may well be right in this specific instance, but ability to speak fluent English is not a pre-requisite for knowing anything about technology, and vice-versa. I suspect many of the top Russian, Chinese and Nork hackers may well be less than fluent in English, but it doesn't impact on their technical skills
-
Tuesday 31st October 2017 12:14 GMT Hans 1
Re: Who's to say whether the plaintext matches the cryptoed text?
@Stephen
Situation: Bloke employed by gov to set up computer systems does not know how to set them up. Bloke comes from the French-speaking part of the country.
Your interpretation: Bloke got the job thanks to his fluency in French.
Well, maybe, maybe not ... there are more than enough highly trained computer professionals that master Canadian French in Canada.
More like, he got the job because, well, he must be somebody's mate, cousin, neighbour or something ... Shit, read the article again, here we have another guy who does not know what he is talking about ... A gov generally employs the alcoholics or nietsnut (Dutch, google is your friend) that have "connections" and that private enterprise has deemed useless, even for top brass positions.
-
Tuesday 31st October 2017 15:39 GMT Anonymous Coward
Re: Who's to say whether the plaintext matches the cryptoed text?
Since fluency in French is a requirement for most such Federal Jobs being educated and trained in the expertise required makes Stephen's interpretation more likely to be correct.
For non-Canadians, and those many Canadians willfully ignorant of Canada, less than 20% of Canadians are French speaking. Outside of one province French is spoken less than many other languages. Languages in more use by Canadians in other provinces include Chinese languages, German, Tagalog and Punjabi. In BC over 8% speak Chinese fluently or at home, less than 2% speak French.
Yet it is those few French that hold special status when it comes to federal jobs.
The Federal Government estimates that more than 40% of positions in the federal public service require French Language skills and increasingly, fluency in French. Bilingualism has become an obvious plan to further concentrate power in the hands of those in the East, particularly those in Quebec and most importantly those French in Ottawa the Federal capital.
Canada has three branches of government, the Court, the Senate, and the House. Of those only the House is elected, the rest are filled by appointment, most often by a Prime Minister from a single province, you guessed it, French Quebec. The single province of Quebec is disproportionately represented in Federal systems. With 22% of the population has 33% of the seats on the Court and is pushing for all other members of the Court to be fluent in French or educated in French. It is an obvious attempt to further concentrate power into the hands of the French Elite in Canada.
Canada has many languages but one minority language is being used to disenfranchise the majority of bilingual Canadians who are not French.
Which is why Stephens observation is far more likely to be correct than any claims suggesting Federal jobs and contracts are awarded based first on ability and second the applicant being French. Even the Federal government makes it clear that being French is the first requirement, both in the application process and in their many statements on bilingualism in Canada.
-
-
-
Monday 30th October 2017 21:27 GMT Dazed and Confused
what part of end to end doesn't he understand
> so long as companies can cough up an unencrypted copy of every message, call, photo or other form of communications they handle.
Ere, the whole point of end to end encryption is that it's encrypted at the senders end and it's decrypted at the receiving end. Those pesky companies in the middle don't get a look in. That's the whole point.
-
Tuesday 31st October 2017 12:23 GMT Hans 1
Re: what part of end to end doesn't he understand
Ere, the whole point of end to end encryption is that it's encrypted at the senders end and it's decrypted at the receiving end. Those pesky companies in the middle don't get a look in. That's the whole point.
Ere, the whole point of end to end encryption is that it's encrypted at the senders end and it's decrypted at the receiving end. Those pesky companies in the middle don't get a look in. That WAS the whole point BEFORE.
TFTFY
The whole point now is to store some text that idiots will think is the decrypted message, for every encrypted message sent. So, in essence, extracts from "Persian Letters" should do, I think ...
-
Monday 30th October 2017 21:43 GMT TrumpSlurp the Troll
One good thing
Possession of both the encrypted text and the matching plain text should help them work out the encryption key.
For whatever good that would do them (since they already have the plain text).
Did he just say that it is fine to lock the front door as long as you leave all the windows open?
Not the back door, obviously. He knows that would be wrong.
-
Tuesday 31st October 2017 20:40 GMT Vector
Re: One good thing
"Did he just say that it is fine to lock the front door as long as you leave all the windows open?"
No, what he's really saying is the locksmith must hand over copies of all keys made with annotations as to the location of each lock.
That is my biggest gripe in all of this. Law enforcement really wants to circumvent due process by serving warrants on the manufacturers and service providers instead of the target of their investigations. Data stored on my device (encrypted or not) is mine and any attempt to access it should come through me!
-
Monday 30th October 2017 22:44 GMT dan1980
"I simply maintain that companies should retain the capability to provide the government unencrypted copies of communications and data stored on devices, when a court orders them to do so."
So what does this really mean?
For the moment, let's ignore companies and individuals storing their own information on their own equipment and focus on what these proposals are focussed on: online 'cloud' providers and mobile device/software vendors which store and transmit data on behalf of end users.
The upshot is that Rosenstein's proposal would prevent such companies from offering real 'zero knowledge' encryption either in transit or at rest.
Rosenstein (and the rest of the mob around the world) know full well that asking companies to store the plaintext copies is unacceptable and I am sure they know why that is the case. This is not a serious proposal: it is simply a doubling-down on their stance: they demand access to plaintext so if the providers won't agree to facilitate decryption, they must store data in such a way that it doesn't require decryption.
It is not a clueless attempt at a compromise: it is an ultimatum.
-
Tuesday 31st October 2017 00:06 GMT Anonymous Coward
Not only do I think you're right, I think it's similar to the reason the UK Government kept harping on about not making end-to-end encryption illegal.
They weren't making it illegal - they were planning on making end-to-end encryption impractical instead. (i.e. the first time any of the authorities asked for a decrypted version of a message and they couldn't provide it, they'd be prosecuted. Which isn't the same thing as making it illegal)
-
Tuesday 31st October 2017 11:26 GMT dan1980
Absolutely.
They (all of them) know that there has been - at least this time - enough of a stigma built up around the concept of a 'back door' and at least some education on the utility, necessity and ubiquity of encryption for day-to-day processes.
Thus, they are reframing the conversation by focusing on discussion of obtaining information legally authorised via a valid warrant. No 'snooping' you see? Nothing nefarious or clandestine. Nothing to abuse or worry about: just familiar, uncontroversial warrants to help catch pedos and terrorists and murders and drug barons and rapists.
The public knows warrants - those are the things the trustworthy officers and agents on The Bill or CSI arrive with in the denouement when the forces of good triumph over the villain.
That's all our governments want: to allow those always upright exemplars of civil service to enforce the law and protect us. But the tech companies don't care about protecting us, you see; they are trying to protect the terrorists and the paedophiles instead!
Those men and women in blue know who the bad people are and they know what they've done but Apple and Microsoft and the rest won't let them bring the dangerous criminals to justice.
Our politicians have learnt their lesson. They avoid talking about the process of getting the data they want and instead plead the case of the data itself, claiming agnosticism about the technical issues.
They are doing an end-run around all the complaints and consequences.
-
-
-
-
Tuesday 31st October 2017 08:43 GMT Doctor Syntax
Re: Lots of criminals in here
OK, unwanted triumphalism. Please post here, in plain text, all your banking details: bank name, account number, login credentials, same for any Amazon, eBay, PayPal and any other financial or trading accounts you have. Also, if you log into any work computers, post your login names and passwords. And also for Twatter, Farcebook and anything else.
After all, you're not a criminal and YOU HAVE NOTHING TO HIDE. But first, go and read the T&Cs of all those accounts and also read up on what the https:// in the forum (inter alia) URL means.
-
-
Tuesday 31st October 2017 14:13 GMT Sir Runcible Spoon
Re: Lots of criminals in here
unlike the angry teenage edgelords on the other side of this argument
Must troll harder. C-
Caring about the future and not wanting it to be full of boots on my face, forever, does not make one an 'edgelord'. Methinks thou doth protest too much.
PS Assuming that is your real password, which I doubt, you've probably broken this sites' T's&C's.
-
-
-
-
Wednesday 1st November 2017 03:58 GMT dan1980
Re: Lots of criminals in here
Whether you've got something to hide or not really revolves around a big question: "from whom?"
There is information about me that I am happy for the government to have; it is necessary and I think it helps keep everything working well. They need to know my financial and employment details to asses my tax obligations, for example.
Likewise my doctor knowing my medical information. It is to my benefit that he knows my medical history (though I strongly believe this should be 100% in the patient's control, should they wish it) and I am likely to get a more accurate diagnosis and more relevant, effective care if I provide it.
That doesn't mean, however, that I am happy to have any of that information stored in plaintext and (more) vulnerable to being stolen because, while I don't want to "hide" it from the those who need it, I most certainly want to "hide" it from spammers and scammers and identity thieves.
That said, there is PLENTY I want to "hide" from the government because it is, quite simply, absolutely none of their business and I shouldn't have to justify my right to privacy.
-
-
Wednesday 1st November 2017 09:29 GMT mr_souter_Working
Re: Lots of criminals in here
"Some people refuse to grow up and accept the world as it is." - sounds like a pretty accurate description of all the government wonks that want bloody idiotic things like secure end to end encryption for users, and plaintext copies of everything those users send/receive.
-
-
-
Tuesday 31st October 2017 23:09 GMT Doctor Syntax
Re: Lots of criminals in here
"I have nothing to hide"
You must have given that one password is no information at all. Either that or you make no use of online facilities at all.
It's also possible that you haven't read the T&Cs of any online services you use because unless they were written by teenagers they'll forbid you from disclosing log-on credentials. Even if you don't see the significance of hiding stuff yourself you'll find yourself contractually bound to hide it nonetheless and bound by people who do see that significance. You will actually be helped in this, in spite of yourself, by the fact that these days any competently provided remote log-in will use an encrypted link.
Finally, you should reflect that some of us have spent years investigating crimes and really don't see why TPTB should facilitate the commission of crimes by having sensitive material flying around in plaintext. We're also well aware that those who are already intending to break laws are not going to be inconvenienced by being provided with more laws to break when they choose some non-govt-sanctioned communication system.
-
-
Tuesday 31st October 2017 12:08 GMT 0laf
Re: Lots of criminals in here
My usual questions in reply to that sort or nonsense is -
Do you have a lock on your bathroom door? Do you have curtains (drapes) or blinds on your home windows?
Why? what are you doing in there that needs to be covered up.
If I've a legitimate right to take a shit in peace or walk around my own house bollock naked with the curtain drawn then I've a right to send an electronic letter with some confidence that it won't be opened.
Police and government have laws and methods to circumvent my bog door and curtains when they have a legitimate interest in doing so. As they do with electronic communications.
This is just an effort to bypass the checks and balanced they have to go through for traditional surveillance to try to treat electronic as something different.
-
-
Monday 30th October 2017 22:51 GMT Anonymous Coward
Compression.
I can compress one paragraph in to one word.
"I simply maintain that companies should retain the capability to provide the government unencrypted copies of communications and data stored on devices, when a court orders them to do so."
= Fuckwit
Not sure I'll make much money out of that particular algorithm, but I'm sure it could be worth incorporating in to compression systems as it seems to crop up quite frequently.
-
Tuesday 31st October 2017 00:26 GMT Anonymous Coward
Metadata -> Data
So, assuming that agency X request details, only having metadata and approach A: Alice's IP connected to port 25 at Bob's IP and sent a stream of TLS encrypted stuff.
OK so port 25 should imply email (SMTP) and X gives a precise date and time and A keeps logs and mail archives and keeps precise time.
There are at least six assumptions in the above short paragraph, each of which needs to be proven to ensure that the data provided really matches the request. I can make the example really complicated without even sweating. I wonder why key escrow or (state sanctioned) direct cracking etc are considered more desirable as routine policy by .gov?
-
Tuesday 31st October 2017 02:22 GMT Long John Brass
OFFS
"I simply maintain that companies should retain the capability to provide the government unencrypted copies of communications and data stored on devices, when a court orders them to do so."
When passed through google translateI want a pony, I want a pony ... waaaaaaaaaa ... I want a pony
I think it's time to seriously re-frame this debate for the average meat sack in the street; Something that they will understand.Deputy Attorney General Rod Rosenstein; US Deputy Voyeur demands that the US govt is granted even more powers to peek into the bedrooms of all citizens, to record everything going on and keep those recording forever.
-
This post has been deleted by its author
-
-
Tuesday 31st October 2017 02:49 GMT veti
Let's look at that quote again:
"I simply maintain that companies should retain the capability to provide the government unencrypted copies of communications and data stored on devices, when a court orders them to do so."
I don't see any demand there to store the plaintext. Merely "the capability" to produce plaintext on demand. I.e. the encryption key.
A lot depends on what he means by "companies". If he's talking about ISPs or hosting companies, then - yes, he's an idiot and we've made only slight progress. But if he simply means that if an employee of "XYZ Inc", acting in their official capacity and using company channels, sends an encrypted email, then a court should be able to demand a decrypted version from the company - that doesn't seem unreasonable to me.
-
Tuesday 31st October 2017 07:14 GMT dan1980
@veti
That's the problem - he is OF COURSE talking about (and specifically about) hosting companies and ISPs and also mobile vendors and developers.
That has always been the focus: the data transmitted, hosted and controlled by these third parties. It's never been about the data stored on a random person's home laptop or a corporation's e-mail server.
Accessing that data requires the authorities to actually approach the owner of the data because the owner controls where and how it is stored.
Accessing data a user stores in Dropbox or Gmail is different, however, in that this data may, in theory, be accessed remotely without the knowledge of the subject. It can be collected en masse and sifted for relevance post hoc.
THIS is what they want and has more in common with 'tapping a phone' than executing a search warrant. With a search warrant, the authorities have to actually go and obtain the data (or at least the hardware) physically while tapping a phone allows them to eavesdrop - to spy on - the target unknown.
What these agencies are asking for is actually even MORE than tapping a phone because the stored data and communications of the digital world are frequently historic and so one can sift through for previous wrong-doings.
Will this help them catch criminals and threats? Quite possibly. Is it proportionate? I don't believe so. It's open to MASSIVE abuse, MASSIVE oversteps and puts EVERYONE - man woman and child - at significant risk due to the inevitability of weaknesses in process, technology and execution, not to mention the weakness inherent in those in charge of it all.
If the justification is that it will make everyone a bit safer from the terropedos then why stop there? Install cameras and microphones in everyone's houses and cars and offices, all fed back to the government.
-
Tuesday 31st October 2017 12:25 GMT Anonymous Coward
too late
they already have microphones in your home, they are called mobile phones, unless you have a samsung/philips tv then they can watch you siliently on the web cam in the tv , car /offices ditto , mobile phones car kits . It's funny in a way that the tin hats where right all along , whats funnier is that wrapping said phone in said tin hat will prevent the monitoring at least online, nothing to stop them from monitoring and recording to said device until the device is back online to upload it's goodies , perhaps we need to start installing analog switches to webcams/ microphones , not some software mechanism that can be covertly enabled but a physical switch to disconnect said microphone or web cam. then just for good measure scrap windows 10 , total privacy abortion that it is .
-
Tuesday 31st October 2017 12:30 GMT Marcus Fil
@veti
uh, except that companies have rules about ageing out old data (emails etc.) to prevent
future embarrassment in courtexcessive on-going storage costs.Perhaps the answer is for companies to offer goverments an encrypted 'cc' of all traffic, but retain the relevant keys until they see the court order. That way the governments get the bill for working out how to store and retrieve an eye-watering daily deluge of corporate 'HR' messages, dull telecons, bad jokes, links to cat videos, etc.,etc, etc. and then match their 'intelligence' with the right source at the right time to ask, nicely and legally and very specifically, for the right key. Here, Mr Fed, have your monkey back ..and I wonder how long you'll keep it once you know how much it costs to feed and water.
-
-
Tuesday 31st October 2017 08:38 GMT Christian Berger
What a wonderfull diversion...
... let's all argue about encryption done by proprietary systems to divert from the much more real thread of "metadata".
The contents of a phone call or a text message are relatively hard to process, and even simple measures like using code words can make the job much harder.
"Metadata" is much more valuable as it is easy to process by computers. You can easily find out the graphs of interaction and therefore find out social networks.
-
Tuesday 31st October 2017 08:48 GMT Anonymous Coward
Meanwhile the bad guys are chattering away in plaintext
but no one's looking.
After all, that stupid Amazon review where the reviewer wasted precious screen space complaining about the delivery driver rather than the product in question may have been an irritation to you.
But to Mischa, Pavel, and Abdul, it was confirmation that the goods are in place.
-
Tuesday 31st October 2017 08:52 GMT 0laf
Maybe we should just give the government everything. Every event, every key stroke every opened file and every change in the file. I wonder how much data your average desktop would produce, now scale that up to every PC, laptop, tablet, phone, IOT in the country plus every server, router switch etc.
Now turn that data fire hose at the government and see how they like it.
-
Tuesday 31st October 2017 12:30 GMT Hans 1
Now turn that data fire hose at the government and see how they like it.
They'll love it, RedHat, Suse, Ubuntu, HP, Dell, Lenovo etc will love it also, remember, since gov functions on "tax dollars" (unlimited supply), money TAX PAYERS pay, they will just purchase the required hardware to process the data ... so your income tax (among others) will grow exponentially.
-
-
Tuesday 31st October 2017 08:56 GMT Doctor Syntax
"Many cyberattacks are directed by foreign governments. When you are up against the military or intelligence services of a foreign nation-state, you should have our federal government in your corner,"
I am not a US citizen or resident. The federal government is a foreign government as far as I'm concerned*. For me this is a cyberattack by a foreign nation-state.
Freudian slip? I typed cynerattack.
*This is probably a very difficult concept for any US politician or government lawyer to understand as they don't seem to be aware of their own borders except when they want everywhere in the US to be within 100 miles of them
-
Tuesday 31st October 2017 11:57 GMT Anonymous Coward
At least us Saffers have one up on the rest of you yoofs, yobs, curmudgels, gherkins and tsar bombas - our details was recently published on a leaked database. Fun.
So.
Who's up to write a nice piece of code that'll convert your plaintext copy into goatse art? I'm sure they'll appreciate it a lot as they'll rifle through plaintext copies of your email trying to find out whether you really shagged the Boss's secretary...
-
Tuesday 31st October 2017 12:27 GMT gnasher729
Here is a suggestion: Companies could store this information with breakable encryption. Here’s the message, here’s the code that can decrypt it on some cloud servers at a cost of $250,000. Per message.
So the government can read messages from terrorists if they want to, it all their money wouldn’t be enough to just read all the spam that I receive.
-
Tuesday 31st October 2017 13:21 GMT Anonymous Coward
Ransomware infected computers
"the FBI warned him ransomware infects more than 100,000 computers a day around the world"
Lets blame the Google App Store :)
-
Tuesday 31st October 2017 13:55 GMT Anonymous Coward
CEOs reluctant to report hacking attacks
"He said that some CEOs had told him that they were reluctant to report hacking attacks to the authorities."
Mr. Rosenstein doesn't appear to be aware of this. Historically such incidents would have been reported to a Computer Emergency Response Team CERT, run out of some university. At least it was until Homeland Security got involved. I mean what's the point of reporting hacking incidents to the Feds, they can't even protect their own stuff.
-
Tuesday 31st October 2017 15:12 GMT spellucci
Dear Mr. Rosenstein
Here is what I wrote to Mr. Rosenstein today.
Dear Deputy Attorney General Rosenstein,
You made an important case for public/private partnership in your remarks to the 2017 North American International Cyber Summit. At the end of your remarks, however, you undermined the credibility of your message by asserting, without proof, that it is possible to have strong encryption that is both secure and available to law enforcement, and that the challenges involved are simply engineering ones.
I was taught in school that ignorance of the law is no excuse. Likewise, ignorance of the fundamentals of encryption does not excuse the fallacy in the both-secure-and-available claim. If authorized individuals can access an encrypted message, then so can unauthorized individuals. Please do not set policy based on the false assumption that this issue can be somehow worked around by engineering. This is not an engineering problem and does not have an engineering solution.
-
Tuesday 31st October 2017 15:18 GMT elgarak1
I said it before: Mr. Rosenstein is in denial of the true state of things.
Here's the fact: Anyone can encrypt their own files with (practically) unbreakable encryption. The tools are out there, sometimes built in OSs, and even if they weren't, the math and algorithms are out there to be used (one can self-teach enough coding in short time. It's not that hard).
What this means is that one CANNOT catch criminals that are smart enough easier by outlawing encryption – i.e., the planners, the masterminds, the ones who run the show behind the scenes, the ones who you want to catch.
Because you cannot make "encryption" a criminal act on the same level as the criminal acts those people want to hide – murder, terrorism, child porn etc. To illegally encrypt will always be the lesser crime compared to anything else.
For us non-criminals, these attempts at stupid lawmaking are easy to fight: Encrypt the hell out of everything. Even the most trivial piece of data.
-
Tuesday 31st October 2017 19:43 GMT Ken Mitchell
Good for the Goose, Good for the Gander
I support Rosenstein's proposal with two amendments.
1. Only to be used for terrorism or national defense issues. MANDATORY 10 years in prison for any government official who abuses this.
2. ALL government officials are subject to the same surveillance in order to detect and deter government corruption.
-
Wednesday 1st November 2017 03:08 GMT sloshnmosh
Blah Blah
"Rosenstein prefaced his suggestions with dire warnings about the effects of online crime. Since January 1 last year, there has been an average of 4,000 ransomware "attacks" a day, up 300 per cent on the previous year, he claimed, and said the FBI warned him ransomware infects more than 100,000 computers a day around the world.
In other scary news, Rosenstein warned that botnets – commandeered internet-of-things devices – could end up crashing large chunks of the internet. Speaking of crashing, he also warned that hackers could launch devastating attacks against autonomous cars that could leave passengers injured or killed."
He forgot to mention:
Terrorist safe haven Blah Blah
Think of the children Blah Blah
We're all going to die Blah Blah
(I shamelessly stole this comment from another El Reg member on another thread because it fit so well)