Hillary Clinton Wants A 'Manhattan Project' For Encryption… But Not A Back Door. That Makes No Sense

from the politics is dumb dept

In the Democratic Presidential debate on Saturday night, Hillary Clinton followed up on her recent nonsensical arguments about why Silicon Valley has to “solve” the problem of encryption. As we’ve noted, it was pretty clear that she didn’t fully understand the issue, and that was even more evident with her comments on Saturday night.

Here’s what’s clear: she’s trying to do the old politician’s trick of attempting to appease everyone with vague ideas that allow her to tap dance around the facts.

First, she proposed a “Manhattan-like project” to create more cooperation between tech companies and the government in fighting terrorism. The Manhattan Project was the project during World War II where a bunch of scientists were sent out to the desert to build an atomic bomb. But they had a specific goal of “build this.” Here, the goal is much more vague and totally meaningless: have tech and government work together to stop bad people. How do you even do that? The only suggestion that has been made so far — and the language around which Clinton has been echoing — has been to undermine encryption with backdoors.

However, since that resulted in a (quite reasonable) backlash from basically anyone who knows anything about computer security, we get the second statement from Clinton that she doesn’t want backdoors.


“Maybe the back door isn’t the right door, and I understand what Apple and others are saying about that. I just think there’s got to be a way, and I would hope that our tech companies would work with government to figure that out.”

No, she clearly does not understand what Apple and others are saying about that. Just a week or so ago, she insisted that Apple’s complaint about it was that it might lead to the government invading users’ privacy, but that’s only a part of the concern. The real concern is that backdooring encryption means that everyone is more exposed to everyone, including malicious hackers. You create a backdoor and you open up the ability for malicious hackers from everywhere else to get in.

So, she’s trying to walk this ridiculously stupid line in trying to appease everyone. She wants the security/intelligence officials to hear “Oh, I’ll get Silicon Valley to deal with the ‘going dark’ thing you’re so scared of,” and she wants the tech world to hear “Backdoors aren’t the answer.” But, that leaves a giant “HUH?!?” in the middle.

It seems to come down to this: None of the candidates for president appear to have the slightest clue how encryption or computer security work and that allows them to make statements like this that are totally nonsensical, while believing that they make sense.

The issue, again, is that what they’re really asking for is “Can you make a technology where only ‘good’ people can use it safely, and everyone else cannot?” And the answer to that question is to point out how absolutely astoundingly stupid the question is. Because there’s no way to objectively determine who is “good” and who is “bad,” and thus the only possible response is to create code that really thinks everyone is “bad.” And to do that, you have to completely undermine basic security practices..

So this whole idea of “if we just throw smart people in a room, they’ll figure it out” is wrong. It’s starting from the wrong premise that there’s some sort of magic formula for “good people” and “bad people.” And without understanding that basic fact, the policy proposals being tossed out are nothing short of ridiculous.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Hillary Clinton Wants A 'Manhattan Project' For Encryption… But Not A Back Door. That Makes No Sense”

Subscribe: RSS Leave a comment
196 Comments
That One Guysays:

However, since that resulted in a (quite reasonable) backlash from basically anyone who knows anything about computer security, we get the second statement from Clinton that she doesn’t want backdoors.

Not quite. She still wants broken encryption, she just wants to call it something else.

Maybe the back door isn’t the right door, and I understand what Apple and others are saying about that. I just think there’s got to be a way, and I would hope that our tech companies would work with government to figure that out.”

That’s not ‘backdoors in encryption are bad’, that’s ‘holes in encryption are good, but because of the backlash I’ll ask for them by another name’.

It seems to come down to this: None of the candidates for president appear to have the slightest clue how encryption or computer security work and that allows them to make statements like this that are totally nonsensical, while believing that they make sense.

As I’ve noted before, and will continue to note: She and others who make the same claims absolutely do know that they’re asking for the impossible, they simply don’t care.

The only way they might not know is if they’ve intentionally kept themselves willfully ignorant on the subject, and that’s not any better.

That One Guysays:

Re: Re: Re: Re:

Some? I guarantee you that there are vastly more criminals that would use security holes for their own gain, at the cost of the public, than there are criminals that are currently hiding behind encryption that the police and/or government can’t catch as a result.

Crippling encryption to catch criminals is like chopping off someone’s arm to deal with a paper-cut. The proposed ‘solution’ is massively more damaging than the ‘problem’.

Anonymoussays:

Re: Re: Re:2 Re: Re: Re: Re:

Ahh, so some government backdooring VPNs on Juniper ScreenOS devices is perfectly okay? (link) Perhps your bank is using Juniper firewalls to communicate between branch offices as per SOX guidelines and now your account is compromised by anyone with knowledge of that hack. I’m sure they will admit to putting the backdoor in place and bankrupting you…

That One Guysays:

Re: Re: Re:2 Re: Re: Re: Re:

Hmm, so it isn’t, not sure how I got turned around into thinking that it is.

However, the core point stands, adding built in security vulnerabilities to deal with a minuscule problem is a colossally foolish and counter-productive idea. The number of criminals that evade the police and/or government via encryption are tiny in comparison to the number of crimes prevented by encryption. Better security is always going to be a good thing for the public, and if it makes the jobs of the police and government more difficult than they want it to be, tough.

PaulTsays:

Re: Re: Re:2 Re: Re: Re: Re:

“Anyone that uses it for things they want kept private is a moron.”

That, by the way, would be you.

Oh, you might not mean to, and you probably don’t even know that’s what you’re doing. But, even if you don’t personally use the internet for anything other than posting anonymous comments on forums, the places you bank, shop, work and deal with in any way almost certainly uses some form of encryption over the internet. Huge amounts of modern business is only possible because of online encryption, and very few of those businesses are doing so on their own private dedicated connections.

Which is part of the reason why this is such a big issue. Even if you’ve never used a VPN, SSH shell or SSL login in your life, your safety will be compromised.

PaulTsays:

Re: Re: Re:2 Re: Re: so uhh....

“Law enforcement is already allowed to tap phones and search mail/packages.”

Yet, they manage to do so without demanding backdoors that would allow others to listen to phone calls and intercept mail from people they are not currently investigating.

Do you see the difference? They’re not merely asking for the ability to listen to phone calls, they’re asking for every phone to do this automatically for anyone who asks.

Anonymoussays:

Re: Re: Re: Re:

so because asshole hackers exist, law enforcement shouldn’t be able to tap into internet communications?

According to you, law enforcement already can tap into Internet communications, by means of using “asshole hackers”.

I am glad that you are in agreement that further weakening security, to increase the number of asshole hackers, is unnecessary.

Matsays:

Re: Re: Re: Re: Re: Re:

The problem: Even with that line of protections, if the communication is end to end encrypted (SSL/TLS for instance), all you get is scrambled nonsense. If a third party can defeat the encryption in anything resembling real time (what is being asked for), then the encryption isn’t worth being used as someone else will figure out the same breakhole. Because encryption isn’t magic, it’s math. And you can’t make a reversible math algorithm that only works for one group.

Anonymoussays:

Re: Re: Politicians and absolutes

Politicians are negotiators. To a negotiator “impossible” is not usually an absolute; instead meaning “long and costly solution” ergo “a Manhattan Project”.
There is no bargaining stance that they can assume for or against the absolute of encryption where they leave the table with a win. They can only mitigate eventual failure through the strategies we keep seeing; keep rephrasing the problem, “we did everything we could”; transfer the failure, “if only those smart people at the tech companies would try harder” and “it’s not my fault – they didn’t try hard enough”.

Anonymoussays:

Re: Re: Re: Re: Re: Re: There already is an Encryption Manhattan project

If any “state sponsored organisation” do operate completely rogue, it would most likely exist under the US national security complex and likely in conjunction with NSA. The effects from such a digital organisation would be indistinguishable from hackers/NSA. Thus, the relevance of knowing it would be limited.

Anonymoussays:

Dear Hillary, the object of encryption is is keep a conversation private between the senders and recipients of messages; and if any other party has the means of reading those messages, the encryption system is broken. Giving governments the ability to read messages where they are not an intended recipient means that the encryption system is broken.
You have just has a hissy fit over someone gaining access to information you thought was private, so why are you objecting to people wishing to keep their data private.

That One Guysays:

Re: Re:

And for even longer than that, people have been able to have private conversations outside of hearing of the police. Just because the police and government really want to be able to listen in on everything, doesn’t mean they have the right to it.

If, as could be argued to be the case, technology advances to the point where people are able to communicate over the phone with the same level of privacy that they would enjoy talking in-person at a private location, then too bad for those that want to listen in, the privacy and security of the public trumps the police and government’s desire to spy.

Anonymoussays:

Re: Re: Re: Re:

“And for even longer than that, people have been able to have private conversations outside of hearing of the police.”

They still can.

“technology advances to the point where people are able to communicate over the phone with the same level of privacy that they would enjoy talking in-person at a private location, then too bad for those that want to listen in”

No. you wanting to break the law via technology doesn’t usurp the government’s obligation to protect me from you.

Anonymoussays:

Re: Re: Re:3 Re: Re: Re: Re: Re:

My tax dollars at the municipal, state and federal level are most certainly being paid to protect me from you.

Ahhh, the land of the free and the home of the chicken shit cowards like you. Ready to piss way freedom and make a police state because you’re scared.

Grow a set of balls, coward.

Anonymoussays:

Re: Re: Re:5 Re: Re: Re: Re: Re: Re: Re:

I find cowards like you unpleasant. They’re a disgrace to all the men and women who bravely fought and are still fighting for this country.

Keep paying someone else to protect you because you don’t have a working set of testicles. I’m sure they love your tax dollars.

Anonymoussays:

Re: Re: Re:10 Re: Enough strawmen to fill up a dozen fields.

Hmm, you’re confused. It says ‘Anonymous’ because I’m not a member of this site. But the reality is that Mike knows exactly where I’m posting from and who I am.

The guy posting that he has no problem with wiretaps but says “no way” on encryption busting? Just like most everyone here, he just doesn’t want to get busted for his torrenting addiction.

Chronno S. Triggersays:

Re: Re: Re:13 Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

You have a bank account, right? You’re an upstanding citizen (OK, I’m making an assumption there), so I’m sure you do. You are aware that if encryption is broken, you don’t even have to be on the Internet to have your account information stolen? Banks use VPN encryption to transfer data between offices and other banks. Break encryption, that information is no longer secure. You suddenly find your account balance $0.

Do you telecommute to work? Go to the doctor’s office? Use a credit card? All of that stuff and far, far more rely on secure communication. Break that and everything you know falls apart around you.

Constantly hiding under the “Copyright Infringement” banner just shows you have absolutely no idea of the horrors you’re calling for.

Gwizsays:

Re: Re: Re:13 Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

So you think Congress is going to listen to the demographic that is known for flouting laws?

Not sure what demographic you are referring to, but, it surely isn’t the audence here at Techdirt:

49% over the age of 35 (74% over age 25)
61% earn over 50k/year
72% college educated

Source: https://www.quantcast.com/techdirt.com

Anonymoussays:

Re: Re: Re:11 Re: Re: Enough strawmen to fill up a dozen fields.

The government) can certainly try to break whatever encryption I may be running.

Given the number of people using it, and the processing power required to brute force it, I don’t think it’ll scale well, but again – please go for it!

I love it when stupid people try stupid things, fail, and then keep trying. It makes me smile.

That One Guysays:

Re: Re: Re:11 Re: Re: Enough strawmen to fill up a dozen fields.

Nonsense, you could easily comment using your real name, don’t even need to create an account for that. And if the only reason someone could desire privacy is to hide criminal actions, as you have implied multiple times now, clearly you are trying to hide your criminal actions by refusing to provide your real name.

So come now, either back up you assertion that only criminals desire privacy by providing your real name, refuse to provide your real name, and in so doing admit that you’re doing so to hide your criminal activity, or retract the claim, and continue to post anonymously.

That One Guysays:

Re: Re: Re:13 Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

No. you wanting to break the law via technology doesn’t usurp the government’s obligation to protect me from you.

I have no interest in the government not being able to do its job just so you can hide your torrenting habit.

Just like most everyone here, he just doesn’t want to get busted for his torrenting addiction.

So you think Congress is going to listen to the demographic that is known for flouting laws?

Now then, your personal information if you would. Or are you really going to claim that your multiple instances of responding to people objecting to broken encryption by insisting that they’re doing so to hide illegal activity isn’t an argument that the only people desiring strong encryption are criminals?

Either provide your personal information as you said you would, or admit that despite your responses so far people can object to broken encryption for valid reasons that have nothing to do with wishing to hide illegal activity.

That One Guysays:

Re: Re: Re:15 Re: Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

Option C it is then, dodge and deflect while admitting neither. Yeah, I suppose expecting honesty from you with regards to your own comments was a bit unrealistic on my part.

To save time, I’ll just copy/paste the last part until you answer it(and if anyone else wants to do the same, have at it).

Either provide your personal information as you said you would, or admit that despite your responses so far people can object to broken encryption for valid reasons that have nothing to do with wishing to hide illegal activity.

Anonymoussays:

Re: Re: Re:16 Re: Re: Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

“people can object to broken encryption for valid reasons that have nothing to do with wishing to hide illegal activity.”

Of course people can, and do object to that; your mom, for example.

It’s just that most commenters on Techdirt, yourself for example, are torrent addicts, and that is why they’re sweating encryption laws.

Chronno S. Triggersays:

Re: Re: Re:17 Re: Re: Re: Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

“your mom, for example.”

“It’s just that most commenters on Techdirt, yourself for example, are torrent addicts”

OK, at this point this guy is most definitely a troll. He knows everything he’s saying is a lie, he’s just doing it to get under everyone’s skin.

Chronno S. Triggersays:

Re: Re: Re:19 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

“My thoughts on this are the same as many others.”

Yeah, other trolls like Angry Dude and Avarage Joe. You’re just another in a long line of people intentionally antagonizing other commenters by false accusations, insults, and dragging the discussion off topic.

The truth has outlived those trolls, it’ll outlive you.

Anonymoussays:

Re: Re: Re:18 Re: Re: Re: Re: Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

Or, he’s not a troll, and just a gutless coward, who can’t feel safe unless he’s got law enforcement to protect him (despite the lack of obligation they have for protecting him – that other thing he’s glossed over).

Fearful of, well, everything where he’s funneling federal, state, and municipal tax dollars to law enforcement so that he can be safe in his closet, under a blanket, firmly grasping his assault rifle, waiting for, something.

Mike Masnicksays:

Re: Re: Re:17 Re: Re: Re: Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

It’s just that most commenters on Techdirt, yourself for example, are torrent addicts, and that is why they’re sweating encryption laws.

You seem overly paranoid about torrenting. Weird.

I’ve actually never used BitTorrent myself. Don’t even have any BitTorrent clients on my computer. And I’m quite worried about encryption issues. It’s got nothing to do with copyright stuff, and everything to do with privacy.

Do you always project so much on people who actually know what they’re talking about when you get into arguments?

Ryunosukesays:

Re: Re: Re:17 Re: Re: Re: Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

do you have ANY sort of information to back that claim up?

Techdirt isnt about torrenting, if you ever read … well ANY post whatsoever

Techdirt deals with copyright law, and technology mostly, but also cyberlaws.

you sir, just made yourself look like a fool… at best, at worst, you just made yourself look like a politician.

That One Guysays:

Re: Re: Re:17 Re: Re: Re: Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

Called on your dishonesty and you respond with a ‘You mother’ insult I see. Clearly expecting honesty or maturity from you was unrealistic of me.

As for your repeated baseless assertions, you really need to stop projecting so much. Just because you cannot help but torrent anything and everything that catches you eye, doesn’t mean the rest of us engage in similar practices.

PaulTsays:

Re: Re: Re:17 Re: Re: Re: Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

“It’s just that most commenters on Techdirt, yourself for example, are torrent addicts”

…and will the citation for this be forthcoming at any point? Rhetorical question, of course, since you are a pathological liar.

Is your life really so pathetic that you have to lie about people you’ve never met? I know it’s easier that addressing reality, but it’s not healthy to live so much time in a fantasy world.

Anonymoussays:

Re: Re: Re:14 Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

Eh? Nothing to hide at all. That’s why I have no problem with law enforcement accessing internet communications with a warrant.

I have no problem them getting my name, address, phone number and any other info under those same conditions.

Now if only TOG hadn’t made up a quote, he could have gotten the same. But now he’ll need a warrant 🙂

That One Guysays:

Re: Re: Re:15 Re: Re: Re: Re: Re: Re: Enough strawmen to fill up a dozen fields.

Now if only TOG hadn’t made up a quote, he could have gotten the same. But now he’ll need a warrant 🙂

Not so, I don’t need to provide anything more than I already have, or wouldn’t anyway were you honest enough to own up to your own words.

You implied, multiple times, that the only reason someone could desire privacy and/or protest against breaking encryption was to hide criminal actions. I called you out on it. You then said:

I’ll post my name, address and phone number just as soon as you find this quote in one of my posts.

I did so by posting several examples where you implied without any subtlety at all that the reason people were objecting to breaking encryption was to hide illegal actions, giving you the option to either admit to being wrong, admit to being a criminal, or stand behind your claims and provide your personal data. You dishonestly dodged again, choosing instead to respond with a grade-school level ‘your mother’ insult.

If you’re going to lie, at least realize that people are able to read what’s been posted, and adjust your lies accordingly. Claiming ‘I haven’t said X’, when people can simply scroll up and see that you absolutely have for example is not the best way to dishonestly defend your position.

Mike Masnicksays:

Re: Re: Re:11 Re: Re: Enough strawmen to fill up a dozen fields.

But the reality is that Mike knows exactly where I’m posting from and who I am.

I actually have no idea who you are. I could dig your IP address out of the files, but I haven’t and I don’t know anything more about you other than you seem woefully uninformed about encryption.

So feel free to enlighten us.

PaulTsays:

Re: Re: Re:11 Re: Re: Enough strawmen to fill up a dozen fields.

“The guy posting that he has no problem with wiretaps but says “no way” on encryption busting? Just like most everyone here, he just doesn’t want to get busted for his torrenting addiction.”

Meanwhile, outside of your fantasy world, what people are actually talking about are the vital technologies used by banking and virtually every other kind of business to keep financial and private information safe.

It’s sad, really. We’re talking about undermining every sector of the modern world, and all you people can think about is whether people are getting MP3s. You can’t stop lying about people even on unrelated conversations. But those strawmen keep you from realising what’s happening in the real world, I suppose…

Chronno S. Triggersays:

Re: Re: Re:9 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

Despite what anyone thinks about the government and it’s trustworthyness, you keep forgetting (probably intentionally)that it’s physically impossible to give the good guys a way to monitor encrypted traffic without giving the bad guys the same ability.

If anyone brings up that point, you tend to not ever respond.

Anonymoussays:

Re: Re: Re:6 Re: Re: Re: Re: Re: Re: Re: Re:

I find cowards like you unpleasant. They’re a disgrace to all the men and women who bravely fought and are still fighting for this country.

And all without pay! Doesn’t cost us a cent. That’s amazing!

Keep paying someone else to protect you because you don’t have a working set of testicles. I’m sure they love your tax dollars.

If they could just find someone to protect us for FREE like the military does!

Anonymoussays:

Re: Re: Re:5 Re: Re: Re: Re: Re: Re: Re:

One of the things I enjoy so much about this whole encryption debate is that at the end of the day pro-spying people can bitch all they want but it doesn’t matter.

If I encrypt my communications and don’t tell anyone the key and no one else figures it out, unless they spend an insane amount of time bruteforcing they’ll never get what I encrypted. If they make it so everyone has to use a backdoored algorithm people will just encrypt with something that hasn’t been backdoored.

There isn’t really a law against math so they won’t be able to stop people from creating new non-backdoored encryption. If they make non-backdoored encryption illegal… well I’d really like to see them try to enforce that.

Pro-Surveillance people should probably get a better understanding of how technology actually works before trying to win impossible battles. It might make them look a little less silly too. ^.^

Chronno S. Triggersays:

Re: Re: Re:3 Re: Re: Re: Re: Re:

I can’t find it and I don’t remember enough detail to search for it. Can someone link this asshole the article about the court case stating the Police don’t have to stand between anyone and harm?

The government is not required to protect your ass. You’re on your own.

That One Guysays:

Re: Re: Re: Re: Re: Re:

They still can.

Unless you’re using an electronic device to communicate, at which point both you and them are insisting that no, you are not allowed any privacy.

No. you wanting to break the law via technology doesn’t usurp the government’s obligation to protect me from you.

Nice strawman, but no, you don’t get to sacrifice my privacy and security just so you can enjoy a false sense of security.

Sorry to break it to you, but the rights of people to privacy, and the security protecting countless aspects of their life(banking, email, health information) are both vastly more valuable than your sense of security and the government’s voyeuristic fetish.

Mike Masnicksays:

Re: Re:

For almost 100 years via a warrant, law enforcement has been able to tap telephones. And they should be able to do the same with internet communications.

You are, apparently, totally unaware of how a cost-benefit analysis works, huh?

The issue here is not just the ability to tap internet communications. If it were just that, I don’t think many would complain. Tapping phone is mostly possible to only be limited to law enforcement. But that’s not the case with internet communications. Because it’s software based, and because of the nature of encryption, opening up a backdoor puts everyone at significant risk. The “benefits” are much smaller than the “costs.”

Your simplistic “well we do it for telephones” misses the point in a huge way.

Chronno S. Triggersays:

Re: Re: Re: Re: Re: Re:

Care to actually elaborate on your oh so unclear response?

All telephone communication goes through one of a few central hubs, so tapping the communication securely is relatively simple.

Encrypted communication does not go through any central hubs thus cannot be tapped into in that way. The only possible way is to create a security flaw in the encryption and thus destroy everything because you’re afraid.

And don’t get the wrong idea. If these assholes get what they want, it will be found by or leaked to the wrong people and you, along with everyone else, will be harmed by it.

Anonymoussays:

Re: Re: Re: Re:

I think you have to read between the lines. The police would like a master key for all encryption, but that’s just not possible or even desirable (outside of law enforcement circles).

What is possible and likely to happen is that Apple and Google will add a second public key to phones that they will use when presented with a court order to do so. This is basically analogous to the access law enforcement currently has with the current phone system and that has mostly worked ok.

I think that’s a pretty reasonable compromise and returns us to how things were a few years ago when Apple would brute-force phones when ordered to do so by a court.

That One Guysays:

Re: Re: Re: Re: Re: Re:

This is basically analogous to the access law enforcement currently has with the current phone system and that has mostly worked ok.

Except for the fact that it really hasn’t.

To save you some time, the link above leads to an article talking about how the police were accessing phones without warrants to such an extent that it reached the US Supreme Court, which thankfully came down on the side of the public in saying that no, they are not allowed to search a phone without a warrant. If they can’t be trusted to respect the public’s privacy, then they have no-one to blame but themselves when the public and tech companies step in to protect their own privacy.

I think that’s a pretty reasonable compromise and returns us to how things were a few years ago when Apple would brute-force phones when ordered to do so by a court.

No, it isn’t. Any security hole, whether you call it a ‘master key’ or ‘second public key’ is available for the ‘good guys’ and ‘bad guys’ alike to use, because there is no way for the security to tell the difference. Therefore the less security holes in general the better off the public will be, and if that makes it difficult for the government and/or police, that’s just too bad for them.

Just because it was an option to force companies to break the security of their devices to allow access to the police/government in the past does not mean that they are owed that ability perpetually.

Anonymoussays:

Re: Re: Re:2 Re: Re: Re: Re:

I used to think in exactly the same terms that you have outlined. I’ve recently shifted my opinion. Change is coming. Maintaining the nothing-can-decrypt-phones line isn’t tenable. So, what is the smallest compromise you would be willing to make? For me, it’s that every phone encrypts the master key with the user’s password and the manufacturers public key. Individual phones can be decrypted with a warrant but bulk real-time decryption isn’t happening.

That’s what I most strongly object to — the bulk collection of data. Sucking all data up with no probably cause is waaaay over the line (IMHO) and I would hope is a violation of the 4th amendment. Targeted decryption is reasonable and clearly not a violation of the 4th amendment. It would grant law enforcement similar, but slightly weaker abilities than what they currently have with land lines.

What I would like to ask politicians that are promoting much weaker privacy protections is this: when the PRC presents Apple with a valid court order demanding the decryption of some communications that had an endpoint in the US (possibly a politician or a dissident or an engineer), do they comply? The answer is clearly “yes they do”. The weakened technology will affect the US government as well and they have to accept that.

Chronno S. Triggersays:

Re: Re: Re:3 Re: Re: Re: Re: Re:

So, one key to unencrypt all phones of a specific manufacturer? One key that can be copied infinitely and can’t be returned to the manufacturer? One key that becomes a vary large target for all hackers out there?

Like the HDDVD encryption key? How long did that take to crack? How often does Blu-Ray have to change their encryption keys?

Anonymoussays:

Re: Re: Re:4 Re: Re: Re: Re: Re: Re:

one key to unencrypt all phones of a specific manufacturer?

No. One private/public pair per handset. The public key on the handset, the private key held by Apple or Google. That would cover the vast majority of phones out there.

And it would be nothing like encryption used in video players. Those things put the private key in the hardware and rely on obfuscation and technical barriers to keep it secret.

Chronno S. Triggersays:

Re: Re: Re:5 Re: Re: Re: Re: Re: Re: Re:

So you’re saying that there should be one central database holding the passwords for each and every device out there? As much as there is wrong with what you’re saying, there’s one giant flaw that even those who don’t understand encryption should be able to see:

You’re still making one central target to crack everything.

The biggest advantage of encryption is it’s decentralization. Crack one device and you don’t crack everything. But with your idea, crack Google or Apple’s database and you’ve got everything. And it wouldn’t take a master hacker, all it would take is one lazy/malicious/mistaken employee.

This, of course, assumes that the government would even allow a database like that to exist outside of their control.

And why are we even bothering? Smart criminals will never be caught by this. ISIS has their own encryption now, drug dealers use burner phones (and they don’t even bother with encryption), smart criminals would just use the not intentionally flawed software we already have. Stupid criminals already incriminate themselves. Why make everyone else less secure?

Anonymoussays:

Re: Re: Re:6 Re: Re: Re: Re: Re: Re: Re: Re:

There already is one target to crack everything for most phones – Apple or Google.

For example, Apple’s messaging app sends encrypted encrypted messages but if you could crack Apple, you could silently add a foreign key to the transaction and the user would never know (the encryption keys are managed entirely by Apple).

You already are trusting Apple and Google. I think they can be trusted to manage keys (the certainly know how to do so).

> Smart criminals will never be caught by this.

That’s ok. There are enough dumb criminals to keep law enforcement busy for a long, long time. There’s no perfect solution and looking for a single, magical solution is foolish.

Change is coming. I answered what the minimal compromise I think is reasonable. If the solution is forced on tech companies via legislation, it’s going to be much, much worse than simply adding the ability to unlock a device.

Anonymoussays:

Re: Re: Re:7 Re: Re: Re: Re: Re: Re: Re: Re: Re:

You already are trusting Apple and Google. I think they can be trusted to manage keys (the certainly know how to do so).

However, the government (who clearly has network security issues – see “OPM hack”) is trying to tell them what to do.

So no, it’s not a matter of trust with Google/Apple – it’s them taking direction from someone with a shitty track record.

Anonymoussays:

Re: Re: Re:8 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

However, the government (who clearly has network security issues – see “OPM hack”) is trying to tell them what to do.

That’s exactly why the big tech companies should start talking about the compromises that least impact normal users. Installing a public key that can be used when presented with a court order is the least problematic solution that I can think of. If the tech companies don’t start, legislation will tell them what they have to do and that would be the worst outcome.

Anonymoussays:

Re: Re: Re:9 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

…the least problematic solution that I can think of.

That still doesn’t address the single point of failure you’re creating, nor the ramifications of what happens when the key(s) are compromised.

The companies keep saying it can’t be done, yet the government insists that it can. Since they’re so sure, the onus is on the government to create a working model/proof of concept. Not Apple or Google – they have a profit motive and shareholders to be responsible to.

If the tech companies don’t start, legislation will tell them what they have to do and that would be the worst outcome.

In other words, legislate that 2+2=5?

Anonymoussays:

Re: Re: Re:10 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

That still doesn’t address the single point of failure you’re creating

The tech companies are already a single point of failure. They are pushing stuff to your phone all the time.

> In other words, legislate that 2+2=5?

No, they will pass legislation that gives law enforcement everything without regard to the harm it does to people and businesses in the US.

Going dark on a mass scale won’t be allowed to happen. What’s a compromise that you could live with? I already trust Google and Apple, so for them to have a way to unlock my phone doesn’t change much (it goes back to how things were a few years ago).

I can still install 3rd party secure messaging apps just like I could use a scrambler on my phone line to secure my conversations.

Anonymoussays:

Re: Re: Re:11 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

No, they will pass legislation that gives law enforcement everything without regard to the harm it does to people and businesses in the US.

And if it’s all encrypted anyways, nothing will change. They’ll still have collected everything, and will still not have the processing power to decrypt it all.

Nothing changes.

Anonymoussays:

Re: Re: Re:11 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

What’s a compromise that you could live with?

I don’t need to compromise. I have encryption, and choose to use it to make my communications private.

Law enforcement has the ability to collect it, and with enough processing power, possibly decrypt it within my lifetime.

They already have exactly what they need. What they should be lobbying for is to change how time works. I think they’d have a better shot of making a 30 hour day instead of getting any backdoor to pass.

Chronno S. Triggersays:

Re: Re: Re:7 Re: Re: Re: Re: Re: Re: Re: Re: Re:

You’re confusing two different things. You’re talking about local encryption and communication encryption at the same time and getting confused.

Google’s chat encryption is not end to end, it’s from your PC to the central server and from the other PC to the central server. The government doesn’t need to crack encryption to get that information.

Google chat and Apple chat are not secure systems, we all know this.

Local encryption is something else entirely. If I encrypt a file on my phone, say a password list, there is no central server between me and the file. I expect that file to be secure. At least as secure as the software used to encrypt it, not some unrelated, uninterested third party. I expect my communication with my bank to be as secure as the bank, not some unrelated, uninterested third party. Google should not have access to this information.

The government doesn’t want access to Google chat, they want access to everything encrypted. Your compromise will never be enough for them because they already have it.

Anonymoussays:

Re: Re: Re:8 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

Google chat and Apple chat are not secure systems, we all know this.

I don’t know how Google Chat works, but Apple details their security model in their iOS security white paper and it is end-to-end encrypted. Apple can’t see the messages.

> Your compromise will never be enough for them because they already have it.

No, they don’t. Recent iOS devices and some Android devices are still secure, even to Apple and Google.

Chronno S. Triggersays:

Re: Re: Re:9 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

Didn’t know that, but it helps my point, not yours.

Why does Apple have end to end encryption for their chat service? Think about that for a second, why would they spend that much effort into creating that? Is it to help the criminals stay under the radar? Or maybe because Apple knows that keeping everything in a central repository is a stupid idea.

Your compromise will end up like the 6 strike compromise the ISPs put in place. Utterly worthless yet still being ratcheted up. ISPs should have stood their ground and Google and Apple should as well.

Anonymoussays:

Re: Re: Re:10 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

Why does Apple have end to end encryption for their chat service?

Two big reasons:

1) It’s fantastic for marketing. Their chief rival makes money by mining everything you do on the device for advertising purposes (that’s a cynical view, but somewhat correct). It makes sense to zig where their rival zags.

2) It saves them a lot of money. When they are presented with a court order saying “reveal the contents of this”, an intern can prepare the response: “sorry, but due to technical limitations, there’s no possible way to comply”.

Change is coming. It’s the perfect climate right now for anti-privacy legislation to be passed. It’s important that tech companies (and communities like this one) get involved.

Many in this community are holding the position that they are unwilling to cede any privacy protections to law enforcement. It’s a principled position to hold for sure, but when there’s no compromise to be made, none will be offered. That’s how you end up with terrible legislation that makes everybody a criminal.

Anonymoussays:

Re: Re: Re:11 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

Many in this community are holding the position that they are unwilling to cede any privacy protections to law enforcement.

Primarily because it’s been well documented that law enforcement can’t be trusted.

Question for you, if I may…why does law enforcement absolutely need this? Exactly how many people are flying under the radar and causing random acts of violence, where they now must be suspicious of EVERYONE?

And if that’s the case, and everyone needs to be treated with suspicion, then inevitably, some of those suspicious people WILL end up in law enforcement…what in your solution will prevent THEM from also exploiting the TSA key, I mean, master encryption key?

Anonymoussays:

Re: Re: Re:12 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

And if that’s the case, and everyone needs to be treated with suspicion

Does the fact that your landline is easily tapped imply that you are under suspicion?

> what in your solution will prevent THEM from also exploiting the TSA key, I mean, master encryption key?

Transparency and real oversight would be a good start. If all law enforcement decryption requests are eventually made public, it would be easier to spot abuse.

I think that’s why it’s important for this community to get involved. If legislators hear law enforcement say “tech companies must be made to comply with a court order demanding decryption” and hear tech companies say “under our current set up, that’s not possible”, then it’s easy to predict what will happen: CALEA for mobile phone companies with no reasonable limits, oversight, or transparency.

We can stand around here and pretend that any ability to decrypt is the same as not encrypting at all in the first place (which is ridiculous), or get involved and give up as little ground as possible.

Anonymoussays:

Re: Re: Re:14 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

If you choose to communicate securely, you can do so.

For secure messaging my favorite app is Threema.

Law enforcement doesn’t want to make it impossible to communicate securely (they need that too), they just don’t want it to be the default.

Anonymoussays:

Re: Re: Re:13 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

or get involved and give up as little ground as possible.

How much ground will the government take? It will enough to ensure that they and their corporate buddies cannot be easily challenged.
Terrorists know enough to keep their planning secure, while a local neighbourhood trying to organize replacement of their politician; or a group trying to organize a protest against an unjust law, or against a corporation ruining their environment, are easily disrupted if their communications can be monitored.

Anonymoussays:

Re: Re: Re:13 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

Transparency and real oversight would be a good start.

Let that happen first, then come back. But since that is never going to happen,

If all law enforcement decryption requests are eventually made public, it would be easier to spot abuse.

Eventually. Forever minus a day. Kind of the opposite of the “transparency” you were just promoting. You’re already being self-contradictory.

I think that’s why it’s important for this community to get involved.

In case you hadn’t notice, it is.

it’s easy to predict what will happen: CALEA for mobile phone companies … blah blah blah

CALEA already applies to mobile phone companies. Nice try.

Anonymoussays:

Re: Re: Re:14 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

CALEA already applies to mobile phone companies.

No, it doesn’t. Right now Apple doesn’t have to provide surveillance hooks to law enforcement and that’s precisely what is being pushed for. Phone companies aren’t allowed to buy telecom gear unless it has surveillance capabilities. Soon, they may not be allowed to activate handsets unless they too have surveillance capabilities.

I trust Apple more than I trust AT&T or Verizon. If somebody is going to have to manage keys (and I really think that’s where we are headed), I want Apple to do it. That’s really the bottom line of everything I’ve been saying.

In the little Techdirt bubble, that’s an insane thing that everybody hates, but among the general population, it’s entirely sensible. You may have noticed that people really don’t give a shit about privacy. Most don’t worry about adblocking or trackers, they give up their demographic info for a chance to win a car, they are happy to fill out a survey to get a free sandwich, or apply for a credit card to save 5% on today’s purchase. Privacy isn’t a big deal, but security is. They are scared about terrorists even though the probability of being hurt or killed by terrorists is about as likely as being killed by a shark. Generally, people may not like their city or state police, but they are mostly happy with the FBI, the CIA, and they LOVE every branch of the armed forces.

PaulTsays:

Re: Re: Re:15 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

“I trust Apple more than I trust AT&T or Verizon. If somebody is going to have to manage keys (and I really think that’s where we are headed), I want Apple to do it”

Well, trust is only part of the issue here. Even if you trust the ability of a company to manage the security, you’re talking about introducing a single point of failure that cannot be repaired. Mistakes happen, and Apple have been compromised in the past. Not only that, but you won’t be able to pick and choose. This isn’t just an argument about your mobile handset, it’s about encryption in total. If Apple are forced to do this for your phone, others you trust less will need to do it for their systems too. Some of whom you will not know are involved, because you don’t know the backend of every business you interact with and you don’t know who’s managing those keys.

“You may have noticed that people really don’t give a shit about privacy.”

Until it’s compromised or there’s real negative effects from a breach. People not interested in the subject have a hard time understanding future implications, but tend to have stronger opinions when it actually affects something they can see.

“Most don’t worry about adblocking or trackers, they give up their demographic info for a chance to win a car, they are happy to fill out a survey to get a free sandwich, or apply for a credit card to save 5% on today’s purchase.”

This is all true. However, basic demographic info (much of which is public anyway) is rather different from what’s being requested here. If someone doesn’t mind giving away their email address for some free crap, that doesn’t mean they’d agree to hand over live access to their phone conversations and financial transactions. There’s different levels of importance to consider here.

Also, those people do demand that data be protected even as they’re handing it over. They’ll give their email, address or phone number over for a free sandwich, yes, but they also demand that junk mail and unsolicited phone calls can be avoided. The suggestions so far don’t seem to involve any protection once a compromise happens with keys.

“Privacy isn’t a big deal, but security is. They are scared about terrorists…”

Privacy and security often go hand in hand. Perhaps instead of whining about a “bubble” on a site that understands these things, you’d be better off explaining to less savvy users why those terrorists would potentially be able to access these backdoors. You’d be amazed how quickly their opinions can change.

Part of the issue is not that people don’t care about their privacy, it’s that they’re not educated in the subject enough to know why it matters to their security. of course, the reason why they’re scared of terrorists is they also don’t know how rare such attacks are, but just because they’re misinformed in one area that’s not an excuse to misinform them in another.

Anonymoussays:

Re: Re: Re:16 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

So what’s your prediction for what things look like two years from now? Does the tech community successfully fight off government overreach, or does some poorly written rider get attached to a budget bill that mandates phone companies activate only handsets they can unlock? Or is there some third possibility?

PaulTsays:

Re: Re: Re:17 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

“Or is there some third possibility?”

There’s plenty of other options. Not least because what you seem to be missing is that this isn’t just about mobile phone communication but encryption as a whole. For some reason, you seem to be intent on trying to simplify the whole issue to 2 companies. Despite the fact that there would be more than that involved even if this was only about mobile handsets.

I can’t tell the future, but I can tell you that letting people get away with the ignorant comments described in the article without comment is certainly not going to lead us anywhere positive. I can also tell you that breaking encryption will lead to people you don’t want to give access to having full access. Unless you have a solution that doesn’t involve putting such a back door in, which you’re failed to suggest so far. Sorry, the idea of an extra private key doesn’t count, that’s still a back door no matter how much you trust Apple.

PaulTsays:

Re: Re: Re:19 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

Figures… Just as you try to reduce the entire argument to 2 companies, you can only conceive of 2 options for the future. You ignore the rest of my comments, but hone into the parts you can try to wave away with some simplistic misunderstanding.

There’s an entire spectrum of possibilities, ranging from a long political and legal battle to fight against any such requirement, to tech companies giving in but having to agree to increasingly draconian demands, to a major attack on existing vulnerabilities proving that encryption is absolutely necessary, to discovering some fundamental existing vulnerability that makes the whole demand moot.

But, we can’t deal with huge numbers of possible outcomes based on what we can guess. We can only realistically address the suggestion being made. When you consider the entire landscape rather than whatever handy false dichotomy you can dream up, the predictable consequences are not good.

PaulTsays:

Re: Re: Re:13 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

“Does the fact that your landline is easily tapped imply that you are under suspicion?”

No, but then a landline is not factory set to be tapped by whoever requests it without any other intervention.

“Transparency and real oversight would be a good start”

How would that stop non-government entities from using the key, which you’ve now blocked by law from being re-secured?

“We can stand around here and pretend that any ability to decrypt is the same as not encrypting at all in the first place (which is ridiculous)”

That might be what you think they’re saying. What others are actually saying is that once you create a master key, it works for everyone who wishes to use it. Which is the same as not encrypting at all to those people who have the key.

Chronno S. Triggersays:

Re: Re: Re:11 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

That’s what it comes down to isn’t it. Person A is right and set a line in the sand. Person B is vary wrong and set their line in the sand. If person A steps over their line, they step into the wrong. But person B wants to compromise. Just step a little into the wrong, just a toe, I promise I won’t pull you further in.

One would think we would have learned better by now.

Anonymoussays:

Re: Re: Re:12 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

I don’t think that’s a bad analogy.

I think the lesson that we should have learned by now is that if we don’t get involved, we get terrible, unbalanced, overreaching legislation. Decrypting a phone they capture is one thing, the real time decryption of all communications is another. Granting the first doesn’t give them the second thing.

Everybody has their own line in the sand. Mine is untargeted surveillance. I have no problem with narrowly scoped spying but bulk data collection of everybody is too much.

That One Guysays:

Re: Re: Re:13 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

Decrypting a phone they capture is one thing, the real time decryption of all communications is another. Granting the first doesn’t give them the second thing.

Assuming a ‘central repository’ of decryption keys as you’ve suggested several times so far, if they can do the first, they can do the second(and if they can’t do it for whatever reason now, just give it a few years). The only way to keep them from doing the second is to keep them from being able to do the first.

Not to mention, as has been demonstrated time, and time, and time again, they always want more. Give them the ability to do A now, and it’s only a matter of time before they’re insisting that, because Terrorism, they absolutely need the ability to do B, C, and D as well(assuming they even ask).

They want to search a phone? Get a warrant, and present it to the owner of the phone to unlock. Don’t want to do either of the above? Then no search allowed.

PaulTsays:

Re: Re: Re:13 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

“I have no problem with narrowly scoped spying but bulk data collection of everybody is too much.”

Here, I think you actually agree with people. The problem is simple – the solution you are calling for eventually hands the ability for bulk data collection from anyone, government and civilian, with no way to take it back.

Anonymoussays:

Re: Re: Re:14 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

No, it doesn’t do that. If you use an iPhone or an Android device you are already trusting Apple or Google. Google is basically doing bulk data collection (with user consent and for the benefit of that user). Apple could, but they have a different business model. Asking either of them to hold a key for you isn’t a huge further step as you are already dependent on them for much of your security.

The government can’t directly force Apple or Google to implement interception capabilities. What they will do (this is a guess) is pass a law prohibiting mobile network operators from accepting devices that lack that capability. They already require the network gear to have that capability (CALEA) and so I think it could be argued that requiring the same capability in the handsets is logical (from a law enforcement perspective).

Apple and Google would have no choice but to build that in and hand over the keys to the network operators. For me, that’s basically the worst case scenario because I do trust Apple and Google, but have zero trust in AT&T, Verizon, Sprint, or TMobile.

PaulTsays:

Re: Re: Re:15 Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re: Re:

“If you use an iPhone or an Android device you are already trusting Apple or Google”

There are far more than 2 companies involved here, and more than mobile phones. I mean, Google don’t even manufacture their handsets’ hardware and 3rd party Android devices can patch the OS at any time. So, wherever you expect the decryption to happen, you’re looking at way more than 2 vectors. Yes, that also means that carriers may have the keys as well.

I can see where you’re coming from, but so long as you continue to oversimplify the realities of the situation, you’re going to be arguing something other than what’s being discussed. Any security is only as good as its weakest link, and you’re demanding that at least one be weakened further.

PaulTsays:

Re: Re: Re:7 Re: Re: Re: Re: Re: Re: Re: Re: Re:

“There already is one target to crack everything for most phones – Apple or Google.”

Yes, if you want to massively over-simplify things. Bear in mind we’re not just talking about phones here, nor are we just talking about consumer level devices.

But, you know what people at both of those companies spend a lot of their time doing ? Fixing flaws that allow people to crack their devices. What’s you’re supporting here is not only introducing numerous extra vulnerable points, but making sure that nobody is allowed to fix them. Ensuring that once that target has been compromised, it is never allowed to re-secure their devices.

Do you see the problem yet?

“That’s ok. There are enough dumb criminals to keep law enforcement busy for a long, long time”

So, you support handing smarter, more organised criminals the tools to operate unhindered because some dumber people will get caught? Do you even understand what you’re saying here?

“Change is coming. I answered what the minimal compromise I think is reasonable”

If you think that’s reasonable, you don’t understand the issue.

Anonymoussays:

Re: Re: Re:5 Re: Re: Re: Re: Re: Re: Re:

So the one key pair would be stored in a centralized location, and be completely impervious to attack – like the OPM database holding all the information for those having security clearances?

Not for nothing, if they can’t keep what they have safe, I don’t see why they get MORE information to not keep safe. Seems like they don’t deserve that privilege.

That One Guysays:

Re: Re: Re:3 Re: Re: Re: Re: Re:

So, what is the smallest compromise you would be willing to make?

None whatsoever.

If you’ve got one person saying ‘I don’t think it’s a smart idea to play russian roulette’, and another person saying ‘I think it is a smart idea to play russian’ roulette, there is no room for compromise. The first person is right, the second person is wrong, and it’s not in any way reasonable for the first person to give any ground, ‘compromise’ or not.

In the case of security and encryption, you either have encryption that works, and is secure for everyone, or you have encryption that doesn’t work, and is secure for no-one. Those are the only two options. There is no room, at all, for ‘compromise’ when it comes to encryption. It either works or it doesn’t, that’s it.

For me, it’s that every phone encrypts the master key with the user’s password and the manufacturers public key.

Creating a ‘master key’ rather than a ‘golden key’. Well, I guess you changed the name, that’s got to count for something, right?

No, no it doesn’t.

No matter what you call it, a security vulnerability is a security vulnerability, and not something to be desired or deliberately introduced.

Individual phones can be decrypted with a warrant but bulk real-time decryption isn’t happening.

Right up until someone gets the master key and uses that. If the system you are envisioning allows for individual real-time decryption, then it also allows for bulk real-time decryption, it’s simply a matter of resources. And even if it doesn’t allow for real-time bulk decryption, the fact that it might take them a little bit longer to get around to decrypting everything they scooped up doesn’t make it any better or acceptable.

Anonymoussays:

Re: Re: Re:4 Re: Re: Re: Re: Re: Re:

If you’ve got one person saying ‘I don’t think it’s a smart idea to play russian roulette’, and another person saying ‘I think it is a smart idea to play russian’ roulette, there is no room for compromise.

Oh come on, Russian Roulette is perfectly safe, on average. Can’t we just compromise and say that it’s “usually” a good idea?

Anonymoussays:

Re: Re: Re: Re: Re: Re:

And your baddy baddy Russkie/Chinese/ hacker won’t be able to use that same “second public key” that all phones got now, of course.

Because that “second public key” will realize that they are evil guys, and won’t let herself be used. She’ll die before letting herself be violated.

Anonymoussays:

I think what the government ultimately wants is a “digital TSA” of sort – or in other words, “digital security theater” – especially going after their “golden/master key” talk (TSA’s own master key was only recently exposed for everyone to copy).

They want everyone to see the HTTPS lock and everything and think their conversations are kept safe from “cyber criminals and cyber terrorists”, when in fact the government as well as those cyber hackers or anyone else who cares can get past those weak defenses made just for show.

Anonymoussays:

The issue, again, is that what they’re really asking for is “can you make a technology where only “good” people can use it safely, and everyone else cannot?” And the answer to that question is to point out how absolutely astoundingly stupid the question is. Because there’s no way to objectively determine who is “good” and who is “bad” and thus the only possible response is to create code that really things everyone is “bad.” And to do that, you have to completely undermine basic security practices.

You’ve fallen into their framing trap, Mike. All decent crypto already assumes everyone is “bad” except the sender and the intended recipient(s). Clinton et al. want to mandate their way into the “good” list.

annonymousesays:

When it comes to “good guys” and “Bad guys” it pretty much boils down to, if what you want to do is what the bad guys do that means you are a bad guy.

The bad guy we know is bad and we can prepare for their antics but if the those who are supposed to protect us betray us then they broke trust and are far worse and need to be appropriately dealt with in the harshest way possible.

Jes Lookinsays:

It's all in the ownership

Another bad name for the media to latch on to – like ‘global warming’. The intent is to have ownership of some super-techo-thing that can decrypt the bad guys on the fly. The only problem is that only the people who design, fabricate, assemble, and control the technology can do that – and that isn’t the US. For nuc stuff it was, but we can even make the components for that anymore.

Ryunosukesays:

Meanwhile.....

Over at Juniper Networks,

“A major breach at computer network company Juniper Networks has U.S. officials worried that hackers working for a foreign government were able to spy on the encrypted communications of the U.S. government and private companies for the past three years” — CNN

So hey, how about that backdoor encryption “only for good guys”

Anonymoussays:

Anyone can build encryption...

The other major issue here is that anyone with a years with of math and programing education can build a suitable uncrackable encryption software if necessary.
So even if we end up forcing Google, Apple and the other major tech companies to build in back doors for the government all it it would do is let them spy on all the regular law abiding citizens while anyone who actually want to use real encryption would do so.
This is also so damn obvious to anyone with the smallest amount of sense that one have to assume this is their true goal….

That One Guysays:

Re: Re: Anyone can build encryption...

Well, clearly banning effective encryption is only the first step. The next step is to make not using crippled encryption a criminal offense, since clearly criminals are always careful to obey the laws, especially the ones that make it easier for the authorities to catch and prosecute them.

Anonymoussays:

Re: Re: Anyone can build encryption...

As always, perfect is the enemy of good. Just because a perfect solution can’t be found, doesn’t mean that a good solution (from the perspective of law enforcement) isn’t available. I think a reasonable compromise would be for Apple and Google to encrypt the device keys with a second public/private pair – one belongs to the user, the other belongs to Apple or Google.

You’re right though – banning math is hard. Anybody with high school level mathematics knowledge can understand something like Diffie-Hellman key exchange (and it’s a magical idea, lots of fun).

DannyBsays:

Dear Hillary

For someone who has already had eight years experience running the country, I would expect you to understand something so simple.

You can have either:
1. A SECURE system. Secure against hackers, and secure against the government and law enforcement.
2. An INSECURE system. The government and law enforcement have access, but so do the Russians, the Chinese, Anonymous, Hackers and Criminals.

Please choose.

Anonymoussays:

The biggest issue...

The biggest issue is not the problem of politicians rattling off inane bullshit. That’s par for the course. The issue is that the common voter in the US is so mind numbingly stupid when it comes to anything dealing with those “magical computer TV boxes” that any sort of vague technical mumbo jumbo impresses them, so they’ll vote for the bullshit.

You want candidates to stop doing this shit? Educate the idiot masses.

Anonymoussays:

I still need an answer... but nobody seems to be asking the question.

So the US of A gets its not-backdoor backdoors and then what?
How can anyone assume that other governments around the world won’t be asking for the same prvilege?
How can anyone expect companies to deny access to anyone when the big can of worms has been opened?
Maybe we shouldn’t entertain the fantasy that it is actually possible, because the politicians will try to force the “best” solution through, and the best solution will be a bad solution, but here we assume that they get their wet dream fulfilled.
It is quite fitting to compare it to the Manhattan project, because even though it might have just been a question of time before somone else invented the nuke, we now live in a world with doomsday clocks where mutual annihilation starts as soon as some bastard in power, probably in a bunker somewhere, is insane enough to fire the first shot.

Davidsays:

Can someone explain to me?

Why do those politicians equate “good guys” with “the government”? Haven’t they heard of the Snowden files? Didn’t they get the memo about the NSA heads perjuring themselves before Congress? Have they forgotten the CIA spying on Senate staffers?

Didn’t they understand that the NSA is incapable of keeping their hands out of the cookie jar? They aren’t the good guys. They are the ones trying to undermine the Constitution. They are the ones trying to abolish the U.S.A. as defined by the Founding Fathers. And they are the worst enemies of the U.S.A. since they are the most likely to succeed.

Anonymoussays:

Intention

Even if you could find a method that would accurately identify an entity as good, how does that prevent the ‘good’ entity from doing something ‘bad’?
Are they suddenly a ‘bad guy’ based on their intention?

for bonus points, even in intentions are ‘good’, how do you determine that the result will be ‘good’.

Good people with good intentions can still do ‘bad’ things.

Anonymoussays:

Manhattan project?

Remember what happened with the first Manhattan Project? It worked… and then, because of spies, the Soviets had it within 4 years. For something like this, that’s probably optimistic.

There are so many problems with what they are trying to do. If you have a password or number or code that can decrypt a message, that password or number or code can be stolen. And if you put the means to decrypt EVERY message in one place, it almost certainly WILL be stolen.

But even if we found what the government thought was perfect encryption – easy to use, government access on demand, otherwise secure (including against foreign governments and in-government corruption), and everyone was somehow forced to use it – there is no possible way that we could force the bad guys to use it exclusively. They could encrypt their message using normal methods and then encrypt the encrypted message using the government-sponsored method, so when the government uses the magic key all they get is an encrypted message.

Robert Beckmansays:

Delayed-Escrow Encryption

There may actually be a way to get both a secure(ish) device and a way to decrypt it.

We’ve seen recently that there’s a way to break PGP through factoring of very large primes (which is what some people think the NSA’s Utah data center is for), but that it takes a huge amount of compute time.

If your iPhone uses a rolling set of encryption keys, but where the rolling refactoring could be stopped with physical possession of the device, then a nation-state could seize the phone and eventually decrypt it, since the rolling key would stop rolling.

Now the catch, of course, is that you’d need to keep the key size growing with Moore’s Law, so that even with physical possession it would still be a significant effort to break, essentially making it so that only in rare circumstances would it be worth breaking the encryption.

We used this same paradigm for years with location information – the law evolved that having the police “tail” someone wasn’t an invasion of privacy, because anything you do in public isn’t private. But the paradigm in place meant that mass surveillance was impracticably expensive, so it was only used when it was really worth it. Now that mass surveillance is cheap, we’re stuck with a legal landscape that no longer yields the same relative privacy as before – where you were private simply due to the cost of breaking your privacy.

Professor Kerr explains this in his Equilibrium-Adjustment theory of the 4th Amendment, but the same principle could be applied to computer encryption – grow the keys steadily to make it hard to decrypt a phone you have physical possession of, but possible if it’s worth it.

This gets trickier with stored data (suck up everything, sit on it for 10 years until it’s easy to break, and then charge anyone you find with an ongoing conspiracy for whatever violation you find), but there may be solutions to this (extremely large keys on transmitted data, smaller rolling keys locally).

Of course, this would necessarily mean that older data could be decrypted, so the US Government would need to thing long and hard about whether it wants it to be practical to break US encryption standards for older data.

Robert Beckmansays:

Re: Re: Re: Re: Delayed-Escrow Encryption

That’s essentially it. I’m a data scientist, rather than a cryptographer, so I didn’t have the term of art (ephemeral keys). I’ve implemented a similar system for data processing, but what I see would be (essentially) a set of keys that time out where each section of storage gets slowly migrated from key to key, so that for any live system it will have a reasonably fresh key, but that when taken offline they become static.

This would necessarily mean a slightly higher overhead on the device (since it would always be encrypting a new volume), but it could also use smaller keys tied to the generally available compute power – similar to how bitcoin mining gets harder over time.

This sort of escalating encryption would obviously be harder to implement than a static key encryption, and harder to be sure no one planted a back door in it itself, but would have the advantage of maintaining the same relative level of protection over time for current devices.

The non-absurd argument for security is that sometimes they really do need to decrypt things, but as we’ve seen it’s far too often used now as an easy way to bypass other protections, rather than for extraordinary situations. Since we’ve been shown that we can’t trust the watchers on their own when there aren’t technical barriers, the alternative may be that practical barriers (total compute available) are a better alternative, like we had until recently due to scalability problems.

Anonymoussays:

It’s likely that none of the candidates expects golden keys to actually be implemented or work (not that they wouldn’t be thrilled). What they do expect is that, if elected, they have a golden scapegoat: anything bad that happens anywhere, anytime during their tenure will be blamed on the “uncooperative tech sector”. Terrorism? Apple’s fault. Pedophilia? Google’s to blame. Mass shootings? Call of Duty’s influence. Plaque and tartar build-up? Um… that Candy Crush thing.

Pavement View (looking up, from beyond the ropes)says:

Fool me once... Fool me a thousand times (naw, don't think so)

Hillary is really not an intelligent person, re: anything. She has connections, and that is what counts in this day and age of guvmint by crooks. That and appearances (O’Bummer has that down cold).

Making sense, even common sense, is not required.

We have two years of a clown show and then a charade of an elections (ditch rigged machines and bring back the smoke filled back rooms). The two-year theater serves TPTB to keep the attention of the masses diverted from their laws for bribes (and other considerations).

One thing H is good at is a posture of looking concerned.

What a life. This system is broke beyond hope (so much for hope and change Mr. Prez).

Anonymoussays:

It has become PAINFULLY OBVIOUS that the federal government is projecting the illusion that it’s “helpless” and cannot do what any reasonably minded individual KNOWS it can do – and that is decrypt encrypted messages with relative ease.

The arguments they’re using are simply to ludicrous and LOUD (public) to suggest anything else (it is here where any shill worth his/her salt would suggest mere “incompetence” is to blame… that tired falsehood fell apart years ago – they know what they’re doing, and you KNOW this to be the case.)

Wyrmsays:

"Trusted computing", does that ring a bell?

This is the exact same “computer security” that copyright lobbies have asked for a long time.

– Security should be: when a third-party tries to access a resource, it needs authorization as configured by the user.
– “Security” as seen by all those: when a user tries to access a resource, it needs authorization as configured by a third-party. (Government, copyright group, etc.)

That’s a fundamental issue: they’re basically asking for computers (including smartphones and other mobile devices) to distrust its owner because of their own paranoia.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Report this ad??|??Hide Techdirt ads
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...
Older Stuff
12:25 Australian Privacy Commissioner Says 7-Eleven Broke Privacy Laws By Scanning Customers' Faces At Survey Kiosks (6)
10:50 Missouri Governor Doubles Down On 'View Source' Hacking Claim; PAC Now Fundraising Over This Bizarrely Stupid Claim (45)
10:45 Daily Deal: The All-in-One Microsoft, Cybersecurity, And Python Exam Prep Training Bundle (0)
09:43 Want To Understand Why U.S. Broadband Sucks? Look At Frontier Communications In Wisconsin, West Virginia (8)
05:36 Massachusetts College Decides Criticizing The Chinese Government Is Hate Speech, Suspends Conservative Student Group (71)
19:57 Le Tigre Sues Barry Mann To Stop Copyright Threats Over Song, Lights Barry Mann On Fire As Well (21)
16:07 Court Says City Of Baltimore's 'Heckler's Veto' Of An Anti-Catholic Rally Violates The First Amendment (15)
13:37 Two Years Later, Judge Finally Realizes That A CDN Provider Is Not Liable For Copyright Infringement On Websites (21)
12:19 Chicago Court Gets Its Prior Restraint On, Tells Police Union Head To STFU About City's Vaccine Mandate (158)
10:55 Verizon 'Visible' Wireless Accounts Hacked, Exploited To Buy New iPhones (8)
10:50 Daily Deal: The MacOS 11 Course (0)
07:55 Suing Social Media Sites Over Acts Of Terrorism Continues To Be A Losing Bet, As 11th Circuit Dumps Another Flawed Lawsuit (11)
02:51 Trump Announces His Own Social Network, 'Truth Social,' Which Says It Can Kick Off Users For Any Reason (And Already Is) (100)
19:51 Facebook AI Moderation Continues To Suck Because Moderation At Scale Is Impossible (26)
16:12 Content Moderation Case Studies: Snapchat Disables GIPHY Integration After Racist 'Sticker' Is Discovered (2018) (11)
13:54 Arlo Makes Live Customer Service A Luxury Option (8)
12:05 Delta Proudly Announces Its Participation In The DHS's Expanded Biometric Collection Program (5)
11:03 LinkedIn (Mostly) Exits China, Citing Escalating Demands For Censorship (14)
10:57 Daily Deal: The Python, Git, And YAML Bundle (0)
09:37 British Telecom Wants Netflix To Pay A Tax Simply Because Squid Game Is Popular (32)
06:41 Report: Client-Side Scanning Is An Insecure Nightmare Just Waiting To Be Exploited By Governments (35)
20:38 MLB In Talks To Offer Streaming For All Teams' Home Games In-Market Even Without A Cable Subscription (10)
15:55 Appeals Court Says Couple's Lawsuit Over Bogus Vehicle Forfeiture Can Continue (15)
13:30 Techdirt Podcast Episode 301: Scarcity, Abundance & NFTs (0)
12:03 Hollywood Is Betting On Filtering Mandates, But Working Copyright Algorithms Simply Don't Exist (66)
10:45 Introducing The Techdirt Insider Discord (4)
10:40 Daily Deal: The Dynamic 2021 DevOps Training Bundle (0)
09:29 Criminalizing Teens' Google Searches Is Just How The UK's Anti-Cybercrime Programs Roll (19)
06:29 Canon Sued For Disabling Printer Scanners When Devices Run Out Of Ink (41)
20:51 Copyright Law Discriminating Against The Blind Finally Struck Down By Court In South Africa (7)
More arrow