The FBI's War On Encryption Is Personal, According To Comey's New Book
from the fight-for-the-future dept
A recently-released Inspector General’s report shows the FBI didn’t try as hard as it could to find a way into the San Bernardino shooter’s locked iPhone. It appears FBI officials were more interested in obtaining a favorable court ruling than seeking technical assistance from anyone other than Apple, despite the DOJ’s courtroom claims about time being of the essence.
This had a lot to do with the current FBI leadership. James Comey made fighting encryption his personal crusade — one that has been carried forward by both the DOJ and the FBI’s new director, Christopher Wray. Comey’s new book about his government career — one that came to an unceremonious end when President Trump fired him — provides a few more details about his crusade against math and personal security.
A passage in Comey’s new book briefly discusses his initial reaction to the news smartphone manufacturers would be moving to default encryption. Comey claims the Snowden leaks prompted a worldwide shift to encrypted communications before moving on to Apple and Google.
In September 2014, after a year of watching our legal capabilities diminish, I saw Apple and Google announce that they would be moving their mobile devices to default encryption. They announced it in such a way as to suggest — at least to my ears — that making devices immune to judicial orders was an important social value. This drove me crazy. I just couldn’t understand how smart people could not see the social costs to stopping judges, in appropriate cases, from ordering access to electronic devices.
There’s more to it than this, but this is from Comey’s perspective. Part of the move to device encryption was due to pressure from legislators that phone companies “do more” to protect customers whose devices had been stolen. And some of it was probably backlash to the flow of Snowden leaks, showing the government had assembled a massive surveillance apparatus following the 9/11 attacks, turning tech companies into unwitting accomplices of the surveillance state.
As Comey sees it, the tech sector fails to comprehend the consequences of encrypted communications and devices because it only deals with the positive side of human connections.
The leaders of tech companies don’t see the darkness the FBI sees. Our days are dominated by the hunt for people planning terrorist attacks, hurting children, and engaging in organized crime. We see humankind at its most depraved, day in and day out…
I found it appalling that the tech types couldn’t see this. I would frequently joke with the FBI “Going Dark” team assigned to seek solutions, “Of course the Silicon Valley types don’t see the darkness — they live where it’s sunny all the time and everybody is rich and smart.” Theirs was a world where technology made human connections and relationships stronger.
Conversely, the FBI views any communications it can’t see as suspect. It ignored solutions to engage in a courtroom battle over a phone that ultimately held nothing of interest. The FBI continues to push for a government solution to the problem — a mandate it can wield in every situation. Under Comey’s command, the FBI has shown it is unable to honestly hold an “adult” conversation about the issues. If officials like Comey feel tech companies are being deliberately obtuse, they cannot honestly argue the FBI isn’t acting the same way.
Filed Under: encryption, fbi, going dark, james comey
Comments on “The FBI's War On Encryption Is Personal, According To Comey's New Book”
And I find that the desire to spy on everyone and anyone even more appalling. The risk of becoming involved in terrorist violence is small, but the risks of governments abusing spying capacities to protect their own interests, rather than societies interests is extremely high.
Re: risks of governments
“…risks of governments abusing spying capacities to protect their own interests, rather than societies interests is extremely high.”
— not just “abusing spying capacities”, but abusing all powers entrusted to them.
Such is the fundamental nature of government. Government is not an inherently benign social construct, but an inherently risky system of some people arbitrarily ruling the lives of many other people. Current FBI abusive outlook and conduct is highly consistent & predictable from its long documented history.
Why would educated Americans be surprised that: “FBI views any communications it can’t see as suspect.”
Re: Re: risks of governments
Again with this!!
Okay, what would you replace "government" with?
Re: Re: risks of governments
“…of some people arbitrarily ruling the lives of many other people.”
Historically it is most people. Dictatorial or tyrannical systems seem to be the norm. We have to fight those who push for Stasi levels of surveillance. They are a clear and present danger to all of our rights.
The FBI, like all government agencies, exists to perpetuate itself. So it shouldn’t be a surprise that the FBI wants even more power in its ever-expanding role as the nation’s (self-appointed) preeminent guardian.
Funnily enough, it’s not as if the data was out of the FBI’s hands. The same tech types Comey thinks are in the darkness are also responsible for retaining all that information the FBI can use to shake down anyone. And it’s not like the methods to get that data don’t exist either; they do – but as we later found out the FBI was pissed as all hell that the solution was known to exist before they could get a judge to give them a universal "go fuck yourself" order to have any phone unlocked without proving a need to.
There’s darkness, all right, and it’s not in the tech world. I fear the darkness in the FBI where they choose when to fight darkness as they define it, and only when doing so happens to be most convenient for them.
I think I see your problem right here...
“They announced it in such a way as to suggest — at least to my ears — that making devices immune to judicial orders was an important social value. “
No they thought that making devices immune to warrantless searches (and difficult for criminal types to hack) was an important social value. In this, they are (and were) in line with established constitutional law.
“at least to my ears”
At least he has that much self-awareness. The FBI’s values no longer align with the citizens they serve.
Re: Re:
Have they ever? I mean, the FBI tried to goad Martin Luther King, Jr. into committing suicide.
Re: Re: Re:
Only because they judged it to be an "appropriate case" to do so, I’m sure. /s
“I just couldn’t understand how smart people could not see the social costs to stopping judges, in appropriate cases, from ordering access to electronic devices.”
It’s very simple. Smart people weigh the costs of them having too ready access to data, and the other risks that leaving backdoors, etc. entail, and have found that the public’s interest is greater than the judge’s/FBI’s/etc. Smart people have looked at all the data and decided against your wishes. You have never had ready access to all available data and every piece of personal information at any point in law enforcement, you don’t need it now.
If you have a problem with this, the trick is to work with them to get realistic solutions. Not tell them that they have to violate the rights of their customers or come up with magical solutions like a “secure backdoor”, you have done so far. Demanding miracles and then whining when they don’t sell out the population of the country/world to you is clearly not working.
“The leaders of tech companies don’t see the darkness the FBI sees”
Or, they do, and realise that the darkness that may be created by the things you demand is greater than the realistic threat faced by most of them in regards to terrorism.
“We see humankind at its most depraved, day in and day out…”
Which is perhaps why your viewpoint is rather skewed. Step back and look at the bigger picture – where, for example, the average person is far, far more at risk from criminals exploiting an FBI-demanded back door in encryption than they are from a terrorist attack.
“Of course the Silicon Valley types don’t see the darkness — they live where it’s sunny all the time and everybody is rich and smart.”
If you think the damn weather has anything to do with it and not, say, Silicon Valley types knowing a lot more about the tech than you do, might I suggest booking a holiday somewhere you can clear your head? You clearly need one.
Just ignore that Snowden revealed that we, the government, were illegally snooping on domestic and international communications of our citizens without a warrant. Oh and pay no attention to the fact that we already have technical means to unlock certain encrypted devices we obtain through Constitutionally questionable, if technically legal, means.
This is personal! It’s offending my sense of The Order of Things! This must end because anyone that asserts a right to privacy automatically has something criminal to hide! And those that resist our reasonable requests for intrusion in their daily lives are unpatriotic at best, and likely treasonous!
You must ignore that many of the drafters of the Constitution and their constituents viewed that same argument with the utmost suspicion or contempt. They never should have enacted that problematic and poorly conceived Bill of Rights preventing Proper Order!
Re: Just ignore that Snowden revealed
Seems like they succeeded at that didn’t they? These days more people, including most former anti-war liberals are FOR government spying and wholeheartedly believe anything the CIA feeds the media, all because “Muh Trump Russia!”
The FBI and the darkness
Comey has it backwards.
The leaders of the tech companies, and their customers, look at the FBI and see the darkness. As only one example I will point out Aaron Swartz.
And it has gone on a long time. And not just the FBI. Go back to the early 1990s, look on Wikipedia for: "Steve Jackson Games, Inc. v. United States Secret Service". This was partly responsible for the founding of the EFF (Electronic Frontier Foundation).
Even in the early 1990s there was an ongoing War On Encryption. Encryption was classified as a munition and could not be exported. People wondered if you bought a book at Borders Bookstore on Encryption, and carried such a book with you out of the country, if it would be seen as a munition. It was pointed out that this was perhaps the best way to "export" crypographic technology. Also, if the US was to mandate weakened encryption, or the famous "Clipper chip" (government escrow decryption keys) that the rest of the world would move on to secure encryption, and US companies would be at a competitive disadvantage. Eventually, the government came partly to its senses and simply limited exported encryption to use short weak keys.
But here we are again. It is the same issues. And for the same reasons. The government wants to be able to abuse power, snoop on anything, anywhere, without a warrant, or any kind of supervision. Comey’s talk about judicial warrants is disingenuous at best.
Re: The FBI and the darkness
Censorship did NOT start with the FBI.
In fact you are a couple of thousand years late.
For a history US of per-internet censorship look a a history of the US Postal System and censorship.
https://en.wikipedia.org/wiki/Postal_censorship
Re: Re: The FBI and the darkness
I guess that all makes it okay for the FBI to do it since it’s been done before.
However, I wasn’t talking about censorship. Rather, about snooping, and other abuses that lead to distrust of government TLAs.
So… if there was something on that phone that could have prevented something in the future or actually had additional evidence on it, they didn’t really care.
“making devices immune to judicial orders was an important social value”
The man is twisted. That’s the problem with a self absorbed organization. Everything is about THEM. It wasn’t apple making it’s users safer it was an assault on them.
in 2014 it wasn’t returning to the normal order of things and adhering to Constitutional values from the 9/11 power grab it was: “In September 2014, after a year of watching our legal capabilities diminish”
The guy is so full of lies in his own words:
“I just couldn’t understand how smart people could not see the social costs to stopping judges, in appropriate cases, from ordering access to electronic devices.”
How did Apple enabling encryption prevent judges from from ordering access? They can still order the search but if its encrypted then they need alternative means, which apparently are readily available.
Comey is full of shit. Always.
“Our days are dominated by the hunt for people planning terrorist attacks, hurting children, and engaging in organized crime.”
Always.
Re: Re:
Shouldn’t that be dominated by the creations of terrorist attacks for us to stop?
Re: Re:
It strikes me as someone who’s gotten so close to the dark side of humanity that he can’t distinguish himself as someone protecting good people, which is the majority.
All people are suspect, all humans are flawed, so they can’t believe that humans can be trusted. You can see it in their eyes: because of the things they’ve done to “protect” people they don’t even trust themselves anymore.
It’s the most cynical and brutal kind of observation of human nature. If we don’t believe in the capacity for humans to civilize themselves, and maybe even to come back from the dark, why should we trust anybody?
I feel sorry for them, but not enough to put up with how those beliefs will make laws that make even more people paranoid and afraid.
Trust ... I aint got none
Why does no one trust the FBI or the U.S. government in particular? They have shown over and over again that they are not trustworthy.
Comey shortened up the FBI daily to-do list
“Our days are dominated by the hunt for people planning terrorist attacks, hurting children, and engaging in organized crime.”
What he really meant to say:
“What we typically tell the media is that our days are dominated by the hunt for people planning terrorist attacks, hurting children, and engaging in organized crime. Yadda, yadda, yadda.
And when we cannot find a legit terrorist we coerce US citizens into terrorism using mentally unstable people. They are usually quick wins for the FBI. Umm, what else .. asset forfeiture. We are really big into that. HUGE cash cow for us and really all of law enforcement because citizens are at a complete disadvantage in the courts.
But it is not all work. Parallel reconstruction is an enjoyable past time at the FBI that we enjoy. What we did is we put a giant “Price Is Right” (I love that show .. Bob Barker is the best) wheel in and each square has a mostly legal probable cause that we use to start with. An agent spins the wheel and we work backwards from there. What we have seen is that it helps take the burden of finding probable cause off of the agents and as a result moral has improved.
Fun fact. We used asset forfeiture to pay for the wheel. So its a win-win.”
*sigh*
With apologies to Aaron Sorkin and Jack Nicholson...
You can’t handle the truth! Son, we live in a world that has walls, and those walls have to be guarded by men with [subpoenas]. Who’s gonna do it? You? I have a greater responsibility than you can possibly fathom. You weep for [Apple users] and you curse the [FBI]. You have that luxury. You have the luxury of not knowing what I know, that [access mandates], while tragic, probably saved lives. And my existence, while grotesque and incomprehensible to you, saves lives! You don’t want the truth, because deep down in places you don’t talk about at parties, you want me on that wall. You need me on that wall. We use words like [“going dark,” “terrorism,” and “higher loyalty.”] We use these words as the backbone of a life spent defending something. You use them as a punchline. I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very freedom that I provide, and then questions the manner in which I provide it! I would rather you just said “thank you”, and went on your way. Otherwise, I suggest you pick up a [badge], and [demand a backdoor]. Either way, I don’t give a damn what you think you are entitled to!
I think that he, and alot of people, misunderstand...
The fact that everyone, including the tech-industry, have been so freaking lazy and incompetent in security in the past, does not make it right to insist that it remain so.
Frankly it is so incredible that it takes more than 20 years to incorporate any kind of minor standard in security…
One example – HTTPS: Invented in 1994 for NETSCAPE! Made to use TLS in 2000 and we still see too many sites without it.
That was a single example, but it is like that throughout our technology. We see it often here whenever someone is hacked.
I know that part of the blame is surely on the people who owns the services that hasn’t got proper security, but frankly I don’t see enough of a push to force progress in this area.
But – as I wrote in the beginning – it is not okay to make the little progression we have made into an excuse and I don’t care if they HAD access to every detail in my life at one point… those who want our data are getting more sophisticated in their methods and we need to keep going instead of moving backwards.
“Comey claims the Snowden leaks prompted a worldwide shift to encrypted communications”
He’s wrong. NSA’s and others’ illegal spying, including industrial espionage, is to blame.
“The leaders of tech companies don’t see the darkness the FBI sees. Our days are dominated by the hunt for people planning terrorist attacks, hurting children, and engaging in organized crime.”
1) Claim that FBI is the victim of technological companies.
2) Use terrorism, “helpless” children, and organized crime as an excuse to attack tech companies.
3) Repeat the “going dark” bullshit and keep whining.
Re: Re:
Like any other criminal gang, they always blame the snitch.
Idiot or grandstanding
When I heard about my segment my first thought was ‘Is he a complete technical idiot or is he trying to use his publicity to push for a disaster’?
Punctuation Matters
“I just couldn’t understand how smart people could not see the social costs to stopping judges, in appropriate cases, from ordering access to electronic devices.”
Period should go after, “I just couldn’t understand,” and the rest of the sentence can be dropped.
Surely apple could just access the data and hand it over without letting the police know how they unlocked the phone.
What people don’t seem to see is the FBI is using this singe case as an argument so they would be able to eavesdrop on almost everyone’s iPhone in the future, which is if they find anyone suspicious or is a politically targeted individual , or assumed to be a threat to national security because they know to much even when they are not a terrorist. Sometimes it makes you wonder that sometimes the terrorist hunters are also terrorists themselves. I hope Apple wins , the FBI can gather data from other sources , since they they should know where to look other than hound Apple for a backdoor… they just want to make their job easier basically, by using this individual case as an excuse to get in everyone’s iPhone.
i.e. he doesn’t see any problem with the government’s misconduct, only with the fact that they got caught.
While reading this article I was inspired to write the script at the bottom. It seemed to me that, posting the output should serve (IMHO) as an objection to this ‘war’ on encryption.
The resulting message should actually be encrypted, but any warrant for the keys is… pointless.
So without further ado:
3Kj6i+e8iCxfB1o981Aif1/xZjlKSU5AYYaABx7WqFJHtd5AL9xUCmqyhX+ZXxbslWRhORiS6dElS8YUOuDVB9I2W7IpjQ5GxBoTfwpkD8ySk+T1ZlUDBGdi3kSDgeV7YFSlZF72c6Yctc2Khi4Tjg==
#!/bin/bash
if [ “$(whoami)” = “root” ] ; then
echo “just… no please don’t”
exit 1
fi
KEY=$(dd if=/dev/urandom bs=32 count=1 2>/dev/null| xxd -c 32 -ps)
IV=$(dd if=/dev/urandom bs=16 count=1 2>/dev/null| xxd -c 32 -ps)
MSG=”$(dd if=/dev/urandom bs=96 count=1 2>/dev/null |base64)”
PAYLOAD=$(echo -n “$MSG” | base64 -d |openssl aes-256-cbc -K $KEY -iv $IV -base64 | tr ‘n’ ‘ ‘|sed -e ‘s/ +//g’)
echo $PAYLOAD
War on Encryption by Darren Chaker
By Darren Chaker : The only good thing that came out of the push to force Apple to get into the San Bernardino iPhone, is that it pushed forward the issue of privacy and how secure the phone is (as long as you don’t use bio-metric feature). Privacy serves both the good and the bad. It also protects our banking, corporate secrets, as well as photos while in Vegas! Privacy is a right and no one should be ashamed at using our right to it. Also, if back doors were implemented, all people would need to do is use Russian, Chinese, or other foreign encryption software.