FBI Director Uses January 6 Insurrection To, Once Again, Ask For Encryption Backdoors

from the FBI-really-needs-to-write-some-new-material dept

FBI Director Chris Wray needs to shut the fuck up about encryption.

Let me explain sum up:

For years, consecutive FBI Directors have claimed encryption is preventing law enforcement from doing law enforcement. And for years, public records, efforts by researchers, and court documents have shown encryption isn't much of an impediment to investigations.

Most importantly -- in the FBI's case -- the agency overstated the amount of locked devices in its possession for years while agitating for encryption backdoors. It turns out the FBI's "locked device" spreadsheet performed some faulty math, greatly misstating the number of locked devices in its possession. While the FBI said it has over 8,000 impregnable electronics allegedly preventing law enforcement from investigating crimes, the correct amount is expected to be less than a quarter of that.

That discovery was made in May 2018. The FBI has yet to provide an accurate count of these devices.

So. Shut. The fuck. Up.

Wray is shameless and incapable of shutting the fuck up, even after the agency admitted to Congressional oversight it really didn't know how many locked devices it had or how often encryption actually prevented investigators from investigating.

And yet, here's Chris Wray, leveraging the January 6th insurrection to complain about encryption yet again.

There doesn't appear to be any lack of open source data capable of aiding the FBI in its investigation of this event. Hundreds have already been charged for their participation in the raid on the US Capitol building.

This event has forced US law enforcement to admit domestic terrorism is an actual threat -- a threat propelled mainly by white extremists and others aligned with the pathetic ideal that white makes right. This threat includes far too many law enforcement officers, who have also aligned themselves with the same ideals. That's why it's been ignored for so long and that's why it's a much bigger problem now than it should be.

But here's what Chris Wray has chosen to focus on with his allotted testimonial time before the Senate: encryption. Wray says it's a "lawful access" problem. And he begins with what can only be considered an overstatement of the threat, considering the FBI has done nothing but overstate the problem for years.

The problems caused by law enforcement agencies’ inability to access electronic evidence continue to grow. Increasingly, commercial device manufacturers have employed encryption in such a manner that only the device users can access the content of the devices. This is commonly referred to as “user-only-access” device encryption. Similarly, more and more communications service providers are designing their platforms and apps such that only the parties to the communication can access the content. This is generally known as “end-to-end” encryption. The proliferation of end-to-end and user-only-access encryption is a serious issue that increasingly limits law enforcement’s ability, even after obtaining a lawful warrant or court order, to access critical evidence and information needed to disrupt threats, protect the public, and bring perpetrators to justice.

Yes, encryption can prevent "easy" investigative efforts. But it doesn't prevent investigations. Lots of data and communications can be obtained from service providers and cloud services that store copies of their own. There are at least a couple of vendors providing law enforcement with forensic tools that appear capable of pulling vast amounts of data from "locked" devices. And while it may be accurate to say the "problem" continues to "grow" given the increased deployment of encryption, the FBI has yet to honestly depict the problem it's already facing, so there's no way of quantifying this "growth" to judge its impact on investigations.

And Wray continues to be dishonest about what he wants. He wants encryption backdoors. But when asked directly, he'll claim he doesn't want backdoors. Instead, he wants a mythical form of encryption that is capable of protecting users from malicious threats but not government entities armed with a warrant.

The FBI remains a strong advocate for the wide and consistent use of responsibly managed encryption, encryption that providers can decrypt and provide to law enforcement when served with a legal order.

This sure sounds like a backdoor, but Chris Wray is in permanent denial.

We are not asking for, and do not want, any “backdoor,” that is, for encryption to be weakened or compromised so that it can be defeated from the outside by law enforcement or anyone else.

It's the everyone else who is wrong.

Unfortunately, too much of the debate over lawful access has revolved around discussions of this “backdoor” straw man instead of what we really want and need.

LOL. Get fucked, Chris. The reason no serious security professional agrees this is possible is because it isn't. A hole for law enforcement is a hole for anyone. Once providers start storing encryption keys for law enforcement, those encryption keys are a target for malicious hackers. Criminals who find the keys will do the same thing Wray is asking companies to do, bypassing encryption to obtain communications and personal data.

The only person trotting out straw men is the FBI Director, who appears to believe any counterargument is made in bad faith. His straw men may be uncaptured terrorists or dead kids or whatever, but they're still straw men, especially considering the FBI still has yet to provide an accurate count of encrypted devices in its possession.

And those are his straw men. Wray cites both terrorist attacks and child sexual exploitation as reasons to eliminate actually secure encryption. This ignores the FBI's willingness to radicalize people solely for the purpose of arresting them on terrorist charges. And it ignores the fact the FBI has -- on more than one occasion -- seized and operated servers distributing child porn in order to catch other child porn distributors. Whether or not we agree with the FBI's actions in these cases, it illustrates breaking encryption isn't the only way to address these problems.

Wray also claims the rest of the law enforcement community is suffering from the proliferation of end-to-end encryption.

Our state and local law enforcement partners have been consistently advising the FBI that they, too, are experiencing similar end-to-end and user-only-access encryption challenges, which are now being felt across the full range of state and local crime. Many report that even relatively unsophisticated criminal groups, like street gangs, are frequently using user-only-access encrypted smartphones and end-to-end encrypted communications apps to shield their activities from detection or disruption.

But this really hasn't been observed by anyone else but Wray. (And we know Wray can't be trusted.) The FBI has made constant noise about encryption. Local agencies -- despite having far fewer resources -- haven't said much publicly about encryption or its challenges, outside of the outsized racket whipped up by Manhattan DA Cy Vance. And Vance is no more trustworthy or credible than Chris Wray.

Chris Wray will take any chance given to complain about encryption and a lack of "lawful access." But he doesn't have facts or history on his side.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: backdoors, chris wray, encryption, fbi, going dark, january 6


Reader Comments

Subscribe: RSS

View by: Thread


  • identicon
    Anonymous Coward, 5 Mar 2021 @ 1:42pm

    Finding out about the January 6th insurrection mainly involved listening to president Trumps public proclamations. Admittedly they were sometimes difficult to understand, but that was not an encryption problem.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Mar 2021 @ 2:08pm

      Re:

      It also involved looking at publicly-posted Facebook and Twitter videos and photos. January 6th should be an example of how you don't necessarily need to break encryption. The dumbass insurrectionists proudly posted and boasted their crimes.

      reply to this | link to this | view in chronology ]

      • icon
        PaulT (profile), 7 Mar 2021 @ 11:00pm

        Re: Re:

        This. While you could make a (bad) argument that breaking encryption might somehow be necessary to prevent the attack by monitoring communications, there's no possible way that breaking it after the fact will give you more evidence about who was involved than the insurrectionists already proudly shared with the world on the day. Add to that the fact that most of the "planning" before the day was being done in full public view as well, and the whole argument would be a non-starter, even if they weren't lying about the fact that they're asking for a backdoor.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 8 Mar 2021 @ 1:55am

          Re: Re: Re:

          I wonder .. was their arrogance due to ignorance or because they thought it would not matter after they take over the world.

          reply to this | link to this | view in chronology ]

          • icon
            PaulT (profile), 8 Mar 2021 @ 2:13am

            Re: Re: Re: Re:

            It's a combination. There's certainly a lot of idiocy involved, but some seemed to believe that they would either find no resistance (the hilarious video of a woman shocked that she was pepper sprayed during the attack) or that it wouldn't matter because they would be pardoned after they "won", or would be let off by supporters in the new order (the "Q shaman" has voiced great shock that Trump didn't pardon him, I believe).

            More details keep coming out as these people are rounded up and having to face consequences for their actions, but they did seem to believe that they would not face any consequences.

            reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 8 Mar 2021 @ 2:04am

          Re: Re: Re:

          It's the standard gaping hole in the anti-encryption argument in that the same people who failed to do their jobs even with piles of data in front of them(whether because there was too much to wade through in time or in this case because others didn't care) really want you to believe that if they had even more data that would magically change, despite the fact that that would just magnify the problem that caused the original failure on top of handing the public to criminals worldwide by crippling the security that protects the public.

          reply to this | link to this | view in chronology ]

  • identicon
    David, 5 Mar 2021 @ 1:47pm

    What's particularly pathetic here

    is that there has been plenty of leadup. Because it was organised in the open. And the FBI, to its credit, put out pretty pinpointed warnings. It's just that nobody wanted to believe or hear them. And significant parts of the Trump administration were bending over backwards to ignore or play down the warnings.

    So what would have been gained if the FBI had focused on decrypting devices rather than spelling out what was in the open? It would just have detracted from the scope of what was about to happen, because it would have made it appear like an isolated effort. Zoe Lundgren just put together 2000 pages of public social media postings from congresspeople actively helping with structuring the insurrection. This will go exactly nowhere because nobody wants it to go anywhere.

    reply to this | link to this | view in chronology ]

  • icon
    That One Guy (profile), 5 Mar 2021 @ 1:54pm

    Except for that way. And that. Oh, and that...

    Curse that encryption, with it in place there was just absolutely no way at all to predict that a bunch of people who had already shown themselves to be deranged and easily manipulated, and who had been fed a lie for months about how the country was going to be stolen from them if they didn't Do Something could be whipped up into a mob and try to stop the election from being finalized.

    Nope, no way at all, clearly this was all encryption's fault and the only reasonable response should be to hand the entirely of the US public to criminals worldwide by crippling encryption because surely then the government will be able to spot and stop deranged lunatics before they do something like that again.

    reply to this | link to this | view in chronology ]

  • identicon
    Annonymouse, 5 Mar 2021 @ 2:15pm

    On the other hand

    Is there any way to actually punish this guy for being a traitor to his oath and the citizenry in general?

    reply to this | link to this | view in chronology ]

    • identicon
      David, 5 Mar 2021 @ 2:53pm

      Re: On the other hand

      The oath is on the Constitution, and the Constitution does not have a lot to say about the details of privacy and encryption because those were not nearly anywhere an issue of that scale at the time the Constitution was written.

      You'd have to consult the spirit of the Constitution, and nobody swears an oath on that.

      In other words, those are pompous words, and while it is perfectly legitimate to feel betrayed by those in the government pressing for things to move in that direction, they are not moving outside of the scope of their oath.

      If the feeling of betrayal is universal enough, it might get condensed into the large majorities necessary to make it into constitutional amendments. However, given the current divisive character of society and its representatives in Congress, such majorities seem quite more out of reach than they might have been at one time.

      So get your message out to your representatives. Anything else is mainly venting.

      reply to this | link to this | view in chronology ]

    • icon
      Thad (profile), 5 Mar 2021 @ 3:41pm

      Re: On the other hand

      No. Stop asking.

      reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    icon
    cynoclast (profile), 5 Mar 2021 @ 2:42pm

    insurrection lol

    An 'insurrection' where they had more American flags than weapons.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Mar 2021 @ 2:43pm

    And still there's the issue that if people weren't using smartphones, none of that encrypted evidence would exist anyway. So yeah, shut up. You have more potential evidence, not less.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Mar 2021 @ 4:24pm

      Re:

      Hell they don't even need any cracking to exploit it - just good ole fashioned prisoners dilemma would get those already doomed opening up for deals to get concurrent instead of consecutive sentencing.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Mar 2021 @ 2:53pm

    We would have gotten away with it too if it wasn’t for those meddling backdoors.

    reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 5 Mar 2021 @ 2:58pm

    BUT BUT BUT THE REAL CRIME IS HIDING ON THE DARK WEB!!!!!!

    Its not like there are completely publicly accessible places where you can find out the next round of Q BS being hatched.
    Oh no... it is all done in secret in the background.

    Considering they still haven;t explained how much they are taking in already and how effective its been at anything other than an after action report saying yep we missed all the planning for this, what is there to gain?

    They can not show a single case where encryption let the bad guys get away.
    They can not show a single case where encryption kept them from knowing the event was coming.
    They can not show that this is anything but a desire to limit our rights that little bit more so people who exhibit wrongthink can be stalked & and FBI handler injected into their orbit so they can home grow another 'terrorist' providing material support to isis via a $20 amazon gift card.

    Congress lives in a bubble... up until they heard the people beating on the doors of Congress they never thought anyone would dare do that, but even now not all of them are willing to say it was bad.

    Our country almost had legislators murdered on the street b/c 1 asshole convinced them the election was stolen & he never provided a single fucking fact. But they were ready to kill Pence for not violating his oath... and somehow CPAC can have these people show up to keep spreading the lies & keeping the horde amped up b/c they fear that orange man might turn on them.

    Orange man is willing to burn it ALL to the ground so long as he can say he won, 500k dead to stick it to blue states & they still can't even suggest perhaps he made mistakes.

    This is only going to get worse as the assholes keep stoking the fears that the dems are gonna replace you & force you to learn Chinese. Campaign lies are one thing but these are elected officials using their offices to spread rumors and unrest to keep the country destabilized so they can hold onto power & gain more.

    We need to get rid of all of them on both sides....
    the idea that $1400 going to someone making "too much" in year 2 of a pandemic when they've done fuck all for us shocks the conscious. Hell more than half the aid was setup so states could fuck around, make it impossible for people to get help then keep the money for themselves... gee those systems to get help were labyrinths where everyone was eaten by a grue.

    But hey... those poor suffering corporations who needed bailouts to stay in business managed to buy back stock while still firing workers they promised they woudl keep.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 5 Mar 2021 @ 3:14pm

    Do you think encrypting everything will lead to maximum privacy? When we talk about encryption, should we be making a clear distinction between privacy and secrecy? Many techno-libertarians (or self-professed, don't want to generalize) think that a maximal stand on encryption is necessary to maintain a free society. It sort of spring from the 2nd amendment argument of citizens directly rebelling against a tyrannical government. We need to maintain complete secure lines of communication that cannot be breached by the government, so that if the government turns authoritarian, then we as citizens can organize in secrecy to overthrow it. Please! As if that would ever happen. Have a look around, see places like Hungary, Poland, the Philippines, and Turkey, which were once democratic but now authoritarian leaders pretty much control the national governments. Do you think that happened because the opposition didn't have encrypted communication tools? If you want to make an analogy to the past, compare today's messaging services to phone calls and mailed letters. The government could tap phone lines with a court order, and mail was more secure, though they could intercept those too. Of course, you had public phones that were harder to tap. Why shouldn't it be the same now? Shouldn't the government be able to use court orders to 'tap' phone messaging services? Sure, there will always be encryption, like public phones, but why make it easier for criminals to hide. We don't need encryption for privacy. Do you encrypt letters that you mail? Or, do you trust the postal service to not open and read every piece of mail, and keep records of each letter that you send and receive? Encryption and privacy are two different issues, do not confuse the two. One has to do with keeping other people's noses out of your business. The other has to do with keeping secrets. In case you do not understand, we cannot have a civil society based on secrets. Democratic societies have to operate in the open and transparently (the reverse of authoritarian regimes). Look at the protests in Myanmar, people getting shot in the streets. Who's hiding and who's fighting out in the open? It's the military generals hiding behind the anonymity of the state, using the police and military forces to suppress the public. Or the situation in Belarus; do you think the opposition would have succeeded in toppling Lukashenko if only they had encrypted communications, or if the opposition leaders could have kept their agenda and intentions secret and could organize secretly? The leaders of the opposition are out in the open fighting for a free society. Another case: Novalny. If you want to stand up and be counted, you do it where everyone can see.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Mar 2021 @ 3:31pm

      Re:

      Shouldn't the government be able to use court orders to 'tap' phone messaging services?

      To enable that means the encryption is broken, that is people other than sender and receiver's can read the messages. All financial transactions, and most software upgrades also depend on encryption. There is a certainty that broken encryption will be used by criminals for their own purposes, who will also be able to use existing strong unbroken encryption for their own security.

      That is encryption backdoors pose serious risks to law abiding citizens who use it, while exposing them to criminals who will use unbroken encryption to protect themselves.

      reply to this | link to this | view in chronology ]

      • icon
        Norahc (profile), 6 Mar 2021 @ 6:13pm

        Re: Re:

        Shouldn't the government be able to use court orders to 'tap' phone messaging services?

        That depends. Do you believe the government should be able to use a court order (often times ex-parte and under seal) to make you decrypt a snail mail letter between you and a family member that you've written in a code that only you two know? Or do you believe in privacy, security, freedom and the 4th Amendment?

        The government never had access to this type of information before and grew addicted to it in the days before encryption was necessary. Now they're acting like an addict trying anything they can to keep feeding their addiction.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 5 Mar 2021 @ 4:38pm

      Re:

      Transparency applies to /governments/ - nobody would call GDR a transparent society or the Statsi agents of transparency.

      Governments keep loads of secrets for self-serving purposes. We might as well quit while we are ahead as civil society already cannot exist by your own words. Just as well - it never really existed anyway.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Mar 2021 @ 6:50am

      Re:

      Paragraphs ... who needs 'em?

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Mar 2021 @ 6:02pm

      Re:

      Encryption isn't just for keeping stuff away from governments, you know. That's a backdoor argument.

      reply to this | link to this | view in chronology ]

    • icon
      Bluegrass Geek (profile), 7 Mar 2021 @ 6:49am

      Re:

      Look at the protests in Myanmar, people getting shot in the streets. Who's hiding and who's fighting out in the open? It's the military generals hiding behind the anonymity of the state, using the police and military forces to suppress the public.

      What are you smoking? There's nothing anonymous about the coup in Myanmar, the military is brazenly attacking people out in the open. The generals are known. You're not making a coherent argument, you're just spouting "encryption bad."

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2021 @ 4:24am

    look like we got a another billy boy "barr"

    oh...great another 4 years of this encryption crap!
    when will government learn WE THE PEOPLE want encryption and privacy!

    reply to this | link to this | view in chronology ]

  • icon
    Upstream (profile), 6 Mar 2021 @ 7:40am

    Legality v Morality

    Wray says it's a "lawful access" problem.

    Ignoring the impossibility of "selective" backdoors, and ignoring Chris Wray's idioticly repetitive insistence on same, there is still a real problem with the repeated insistence on needing "lawful access" to people's private communications.

    While something may be permitted, or not prohibited, by law, does not make that something the right, or morally acceptable, thing to do. The frequent disconnect between legality and morality always needs to be taken into account when government types start talking about things like "lawful access."

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 7 Mar 2021 @ 2:11am

      Just because it's legal to smash your own hand with a hammer...

      Going back a number of years to the Snowden 'leaks' I believe it was John Oliver who noted regarding the NSA's actions 'We're not accusing you of breaking the law, we're just a little creeped out that you didn't have to'.

      Both in the US and elsewhere we've seen what happens when the government is able to snoop around at will and that's before you factor in crippling the security that protects hundreds of millions of people and huge parts of society and the economy.

      reply to this | link to this | view in chronology ]

  • icon
    nasch (profile), 6 Mar 2021 @ 10:05am

    Let me sum up:

    Just want to let you know I see what you did there and I like it.

    The only person trotting out straw men is the FBI Director, who appears to believe any counterargument is made in bad faith. His straw men may be uncaptured terrorists or dead kids or whatever, but they're still straw men

    That's not a straw man, unless he is claiming his opponents are in favor of terrorism and dead kids. It's scaremongering.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Mar 2021 @ 11:32am

    I imagine they already have backdoors and are wanting to use the data in court, also parallel construction is too much work.

    reply to this | link to this | view in chronology ]

  • identicon
    Tin-Foil-Hat, 12 Mar 2021 @ 8:58pm

    How about no?

    Are they really that stupid? Encryption exists in many forms and outside of their jurisdiction.

    Users are depending on the default security settings and options set by the phone or service provider.

    Who will you make your demands to when users start using alternatives?

    Be careful what you wish for. I'll get my popcorn ready for the "unintended" consequences. They certainly aren't unknown consequences. How many years have these requests (demands) been made?

    When an agency believes they are entitled to violate constitutional rights as often as this one does, maybe it's time to disband the agency and assign their role elsewhere.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads
.

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.