White House Realizes Mandating Backdoors To Encryption Isn't Going To Happen
from the option-1-please dept
Over the last few months, I’ve heard rumblings and conversations from multiple people within the Obama administration suggesting that they don’t support the FBI’s crazy push to back door all encryption. From Congress, I heard that there was nowhere near enough support for any sort of legislative backdoor mandate. Both were good things to hear, but I worried that I was still only hearing from one side, so that there could still be serious efforts saying the opposite as well. However, the Washington Post has been leaked quite a document that outlines three options that the Obama administration can take in response to the whole “going dark” question. And the good news? None of them involve mandating encryption. Basically, the key message in this document is that no one believes legislation is a realistic option right now (more on that in another post coming shortly).
That’s big!
The document’s three options can be summarized as follows:
- Option 1: Do the right thing, admit that backdooring encryption is a bad idea and dumb, and stand up for real cybersecurity by saying that more encryption is generally good for society. This will make lots of people happy — including civil liberties folks and the tech industry, and it will also do more to protect the public. It will also help the most with many foreign countries in showing that the US isn’t just trying to spy on everyone — though it may piss off a few countries (mainly the UK) who have doubled down on backdooring encryption. Also, it will undermine China’s plan to backdoor encryption as well. Let’s call this the right option.
- Option 2: Yeah, we know what the right thing to do is, but we’ll take a half-assed approach to it to try to appease the FBI/law enforcement folks and not come out nearly as strongly against legislation. We’ll say there’s no legislation, but we’ll at least leave the door open to it. In private, we may still push tech companies to backdoor stuff. This will anger lots of folks, but maybe (the administration believes) some civil liberties types will think it’s enough of a win to celebrate. Then we pretend that we can hold some sort of “discussion” between people who disagree.
- Option 3: We totally punt on the issue and don’t really say anything. If we do say something, we say that this issue needs a lot more discussion and study (just like people have been saying for the last year). In other words, endless cryptowars with no end in sight.
Clearly, Option 1 is the only sensible option, and the report lays out some pretty strong arguments for why coming out against backdooring encryption would be good. It would actually make the tech industry much more willing to work with the government in productive ways, rather than stupid, privacy and security-destroying ways. It would actually better protect the public and it would stop authoritarian regimes from using our own language against us to break encryption. The cons are basically that law enforcement might whine about it. Well, the administration actually says that it “provides no immediate solution to the challenges that the expanding use of encryption poses to law enforcement and national security” but given that law enforcement still hasn’t done a good job showing this is a real problem, that’s not really a big deal.
In fact, law enforcement is still relying on made up ghost stories rather than any real evidence that encryption is a problem.
So, now the big question is which option the administration will choose. Will it stand up and take leadership on this issue (Option 1), thereby actually protecting Americans? Or will it do a variety of half-assed measures believing that it has to support “both sides” or some crap like that? From the leaked report, it appears that if it chooses either Option 1 or 2, the White House will make a public statement on the matter within the next few weeks.
Filed Under: backdoors, cybersecurity, encryption, going dark, james comey, obama administration, white house
Comments on “White House Realizes Mandating Backdoors To Encryption Isn't Going To Happen”
Admit that they were wrong? They are more likely to stop supporting the IS than choose Option 1.
Depends on which side you're looking at
From the government/LEO perspective, Option 3 makes the most sense.
Keep saying “It needs a lot more thought” while quietly pushing tech companies for backdoors and buying more time to hack exploits for the current generation in-use encryption.
Option 3
The governments best option. Not the peoples, but the governments.
Re: Option 3
Exactly. Not just that, but it specifically refers to legislating. The government doesn’t need to. They can just have a “regulatory body” like the EPA write a Regulation requiring back doors. Violate it and you’re charged with Attempt to Defraud the United States of America (had a co-worker charged with that for taking asbestos out of his OWN house).
governments best option. Not the peoples, but the governments
if this govt weren’t an embarrassment to the founding fathers, what’s best for the people would also be best for the govt.
The problem with Option 1
The major problem with Option 1 is that it undermines forward looking efforts to move the US to be more of a police state. Option 1 is almost an admission that there is little to be afraid of, at a time when the government needs people to be afraid.
Look at the model of some of the countries that we were fighting in the previous century. In one such country almost half the population was employed to spy on the other half. How would that work with Option 1? From what I seem to observe, the US in this century wants to change into the type of countries that the US was fighting in the previous century.
Funny, I consider that bad news. Mandating (high-quality) encryption on a wide scale would irritate the NSA, FBI, etc. It would have incidental benefits related to disrupting petty crime, too.
Vote 1, but either option is a joke.
Option 1 is obviously the one they should select in any case, but it shouldn’t be celebrated or seen as the pinnacle of civil liberties; it should simply be common sense.
They knew it was a dead run looong before this (unless they are quite stupid, they should have seen it from the start).
The only reaction they deserve is a shrug of the shoulder and a “well of course they did that, it was quite obvious!” from the people and tech industry.
I don’t want to be a cynic or paranoid, but it just seems like such an obvious tactic: Preassure to gain devastating powers and feel the wind. Even if people are awake enough to protest, good will is gained and less eyes are on the “much less devastating” powers that have previously sparked outrage.
I am not going to pat the dog for not mauling my face, when it took a bite out of my arm.
Re: Vote 1, but either option is a joke.
So when is this dog to be tested for rabies?
For those not in the know the test is forensic in nature.
all/most current public hacks seem to be for lack of encryption and security rather than for the encryption not having backdoor. lets table the backdoor talk until everything actually uses encryption if most data is in plain text the whole issue is moot. better yet lets take all the money that would be spent on this and put it into educating computer security engineers
What's The Point With Encryption?
if you are going to weaken encryption, what is the point of encryption? The U.S would become an International laughing stock. A very good way to destroy the tech industry. Which governments are you going to share your back doors with? I’m sure China & Russia will demand the keys to prevent terrorist attacks in their countries. What encryption is the DOD going to use when China & Russia have back doors into all encryption?
Need I go on with how spectacularly insane this idea is?
Are you aware that if they had the capability (or rather, attitude) to pick the Option 1 it would mean that there is a sensible and honest administration there?
Considering the US administrations over the years and that the results of them are things like ACTA, TPP, TiSA, TTIP, SOPA/PIPA, COICA and others, making such assumptions is like asking Santa to bring you a unicorn (pony sized, of course).
And well, I talk about the US, but I’d say this applies to most (if not all) world governments.
I predict the final argument will be… but, but terrorists; encryption; think of the children; public safety; and finally, it’s for your own good/protection.
Oh, I forgot pedophiles! You have to cram pedophiles in there somewhere during the frontdoor / backdoor / sidedoor / open window encryption debate.
You forgot the most obvious place: in the middle of it.
Expectations of Official Betrayal.
“…the White House will make a public statement on the matter within the next few weeks.
Oh shit!
That means the next CIA orchestrated terrorist attack has to occur within the next few weeks…. Hope its not in my town.
—