Slashdot Mirror
Former FBI Chief Keeps Up Anti-Crypto Campaign
ganns.com writes "Former FBI director Louis Freeh is urging lawmakers to limit encryption products that don't include backdoors for government surveillance." Still urging, that is.
← Back to Stories (view on slashdot.org)
Ive got pig latin, paper and pencil, and too much free time on my hands. Lets see them decrypt my mail. Even I cant read my damn handwriting.
All Troll + "offtopic" mods are meta moderated as "Unfair", because you abused the system.
Still only urging, for now. I'm sure at some point one of our fine elected officials will introduce some 'anti-terrorism' bill that mandates government backdoors in crypto, in the interest of 'national security' and 'definding against terrorists', of course.
This has been a test. Had this been a real emergency, we would have fled in terror and you would not have been informed.
It should definitely not be illegal to encrypt messages; however I think the US government should start a public-information campaign to educate the world about appropriate use.
For example; personal, non-secret, communication should not be encrypted. The less encrypted traffic there is on the internet then the easier it will be for the US government to track terrorists using encryption.
Seriously! What? It's like he lost the password to his encrypted pr0n archive, and ever since then he's just been bitter. Or maybe he's just jealous that the NSA could crack everything and his agency never could.
One piece at a time, the DOJ (which oversees the FBI) is pulling privacy and our rights out from beneath us.
When crypto is outlawed, only outlaws will have crypto.
Freeh needs to find a whipping boy for the failures of correlating the various peices intelligence datum, which occurred on his watch. Restricting legal access to crypto will only assist in the illicit observation of constitutionally protected speech by private individuals, and destroy what little competitive advantage is enjoyed by U.S. software industries over their counterparts in Israel and India.
The algorithms and the source will not go "back in the can."
Louis Freeh is responsible, in a large part, for the biggest intelligence failure in modern recollection. None of the failure in this effort was for lack of access to encrypted communications, but from standard failures of organization and communications within the concerned agencies.
The Heritage Foundation - not normally critical of the FBI's mission - has this to say:
Encryption wasn't used in this instance. No evidence for it has ever been found. Freeh has a broader, more insidious agenda here, involving free speech and civil liberties. Unfortunately, the record shows that deep, analytical thinking about these issues is outside the grasp of the majority of America's elected representatives."Flyin' in just a sweet place,
Never been known to fail..."
As a practical matter, basic encryption needs to be part of a lot of emerging systems. There is so much going on in digital wireless, and it isn't going to stop soon. With processors getting faster each year, you have to up the number of bits in your encryption just to stay ahead of what can be broken with commodity hardware and dumb software (brute force).
The government will always have access to the means to decrypt codes that wouldn't be practical for anyone else. The question becomes whether it makes any sense to limit most uses of crypto to a level between what is easy, and what the government can decrypt with some effort. They don't seem to be doing too well catching people who aren't using any crypto, so what's the point.
IMHO, the only thing that can be accomplished is to hurt commerce and individual privacy. It is often just a matter of setting parameters to set the length of keys and such, and they are going to make companies who do anything with encryption do extra paperwork and such to track it. And god forbid you want to user GnuPG for anything. I'm sure they want to outlaw that completely.
Hey, if Freeh managed to get a law enforcement backdoor into every crypto device and it applied to Palladium and other DRM systems implemented in hardware, then those systems would be considerably more vulnerable!
Maybe Freeh isn't so bad after all. :-)
I have posted similar comment a couple of times before - the logic is undeniable. Nobody has ever gave reasoned argument against it:
Ask Security Services in the US, UK or Indonesia (Bali) to deny this:
Internet surveillance, using Echelon, Carnivore or back doors in encryption, will not stop terrorists communicating by other means - most especially face to face or personal courier.
Terrorists will have to do that, or they will be caught.
Perhaps using mobile when absolutely essential, saying - Meet you in the pub Monday (human bomb to target A), or Tuesday (target B) or Sunday (abort).
The Internet has become a tool for government to snoop on their people - 24/7.
The terrorism argument is a dummy - bull*.
SURVEILLANCE WILL NOT BE ABLE TO STOP TERRORISTS - IT IS SPIN AND PROPAGANDA
This propaganda is for several reasons, including: a) making you feel safer b) that the government are doing something and c) the more malicious motive of privacy invasion.
Government say about surveillance - you've nothing to fear - if you are not breaking the law
This argument is made to pressure people into acquiescence - else appear guilty of hiding something.
It does not address the real reason why they want this information (which they will deny) - they want a surveillance society.
They wish to invade your basic human right to privacy. This is like having somebody watching everything you do - all your personal thoughts, hopes and fears will be open to them.
This is everything - including phone calls and interactive TV. Quote from CNET: "Whether you're just accessing a Web site, placing a phone call, watching TV or developing a Web service, sometime in the not to distant future, virtually all such transactions will converge around Internet protocols."
All your finances for them to scrutinize - heaven help you if you cannot account for every cent when they check on your taxes.
Do not believe the LIES of Government - even more of your money spent on these measures will not protect us from terrorists.
P.S. On the Domain Name System, big business steal words that belong to everybody - abridging what words you can use - violating the First Amendment. Corporations illegally abuse and expand their brand using domain names - above all smaller businesses who use similar words - violating Competition Law.
The authorities LIE - they know how to make these trademark domains unique and totally distinctive, as the LAW requires trademarks to be. They are aiding and abetting the pervertion of Law. Please visit the World Intellectual Piracy Organization - not connected with United Nations WIPO.org !
What's the point in encrypting anything if you leave a backdoor? wouldn't that be like building a HUGE S**TY wall around your town and leaving the gate shut without a lock. aren't any good crypto algo developed so that there's as little possibility as possible(zero) of that somebody finds a quick walk-around attack?(like just editing the header as i believe those pdf's cracked)
Wouldn't this only produce questionable algorithms? if the gov. can read it why wouldn't somebody else be able to read it too or just abuse the system(corp x says it's fbi connection there's a problem with individual y, fbi agent NOrman CLUE just pops out access for the corp x to y's keys.).
besides, the terrorists can either use already developed 'good' crypto soft or just code their own(oh well, maybe they're trying to turn coding into some thing only sanctioned guilds can do, wait a minute, that would be cool actually, if little perverse).
world was created 5 seconds before this post as it is.
Anything that helps the enemy while hurting the domestic front is typically called treason of some form or another. We know that it is logistically impossible for encryption to NOT fall into the hands of established terrorist groups. Therefore such regulations only weaken the ability of the US to defend its IT infrastructure from terrorist and/or beligerant activity. So that in mind, it is very logical IMO to argue that Freeh is not some "patriot" but rather an intellectual traitor to the US for arguing for the systematic weakening of critical US infrastructure.
I don't give a flying fuck what Louis Freeh urges, says, mandates, preaches, or invokes. I've got PGP, GPG, and several other crypto programs, as well as the full manuals and docs burned to high-quality CD-R in triplicate, stored in three geographically diverse locations.
Try to 'urge' those out of my possession.
Hey Taco! Looks like you're using the "infinite monkeys and typewriters" scheme to generate Ask Slashdots again...
~~~~~~~
"You are not remembered for doing what is expected of you." - Atul Chitnis
--he's a high level goon and is part of the problem. Various lower level fbi agents were slap right on with their investigations and got ordered to stand down and not investigate. This has happened with OKC attack as well. Their reports were ignored from official orders. Someplace in this government is a high level clique of traitors who allowed the attack to go down for political purposes. There is even a high level military officer at the defense language institute(number #2 person there IIRC) who was only two weeks from retirement and he was so concerned with what he found out that he went public saying there was some group in government allowing this to happen. Whether anyone wants to call this the new world order or not is irrelevant, it's happening, the people doing it are fascists. Backdoors into encryption are minor, they want a "backdoor" into your entire life and to control you. Heck with them I say.
a law that states basically...
.. M$ wanted this with sp3...
.. and the fbi uses this back door to get in .. and hacks the encryption .. is that a violation of the DCMA?
Create any software for any Os you want.. just make sure we have a key to get in it.. no one ealse...
hrmm
If i encrypt the contents of my Hdd
If you encrypt only the sensitive stuff, anyone watching you knows when you do it. If you routinely send encrypted traffic, no one is going to know when one of your messages actually contains something you'd rather not have divulged.
The military does this all the time. They blast all kinds of noise on the band, and only rarely send any actual message, thus keeping their stuff hidden in plain sight.
There was even (in keeping with the latest trend on /.) a science fiction story that used this as a plot vehicle, which told of messages being received from distant planets where usually there was stellar noise. I want to say it was "The Mote in God's Eye", but don't quote me on that.
Need a Linux consultant in New Orleans?
Cat's are already out of bag, and this silly bullshit that usa gov't says to defend backdoors
in encryption algorithms ( d'you remember clipper project?????)is totally irrational and without reason
TO PROTECT THE NATIONAL SECURITY!!!
TO THE HELL WITH THIS SHIT!!!!!
They'll get my copy of PGP when they take it out of my cold, dead hands!
When crypto is outlawed, only outlaws will have crypto!
While your inlaws become outlaws, just hope that outlaws won't become you inlaws!
Chief Concerns
The EFF's chief concerns with the USAPA include:
Expanded Surveillance With Reduced Checks and Balances. USAPA expands all four traditional tools of surveillance -- wiretaps, search warrants, pen/trap orders and subpoenas. Their counterparts under the Foreign Intelligence Surveillance Act (FISA) that allow spying in the U.S. by foreign intelligence agencies have similarly been expanded.
This means:
Be careful what you put in that Google search.
The government may now spy on web surfing of innocent Americans, including terms entered into search engines, by merely telling a judge anywhere in the U.S. that the spying could lead to information that is "relevant" to an ongoing criminal investigation. The person spied on does not have to be the target of the investigation. This application must be granted and the government is not obligated to report to the court or tell the person spied up what it has done.
Nationwide roving wiretaps.
FBI and CIA can now go from phone to phone, computer to computer without demonstrating that each is even being used by a suspect or target of an order. The government may now serve a single wiretap, FISA wiretap or pen/trap order on any person or entity nationwide, regardless of whether that person or entity is named in the order. The government need not make any showing to a court that the particular information or communication to be acquired is relevant to a criminal investigation. In the pen/trap or FISA situations, they do not even have to report where they served the order or what information they received. The EFF believes that the opportunities for abuse of these broad new powers are immense. For pen/trap orders, ISPs or others who are not named in the do have authority under the law to request certification from the Attorney General's office that the order applies to them, but they do not have the authority to request such confirmation from a court.
ISPs hand over more user information.
The law makes two changes to increase how much information the government may obtain about users from their ISPs or others who handle or store their online communications. First it allows ISPs to voluntarily hand over all "non-content" information to law enforcement with no need for any court order or subpoena. sec. 212. Second, it expands the records that the government may seek with a simple subpoena (no court review required) to include records of session times and durations, temporarily assigned network (I.P.) addresses; means and source of payments, including credit card or bank account numbers. secs. 210, 211.
New definitions of terrorism expand scope of surveillance.
One new definition of terrorism and three expansions of previous terms also expand the scope of surveillance. They are 1) 802 definition of "domestic terrorism" (amending 18 USC 2331), which raises concerns about legitimate protest activity resulting in conviction on terrorism charges, especially if violence erupts; adds to 3 existing definition of terrorism (int'l terrorism per 18 USC 2331, terrorism transcending national borders per 18 USC 2332b, and federal terrorism per amended 18 USC 2332b(g)(5)(B)). These new definitions also expose more people to surveillance (and potential "harboring" and "material support" liability, 803, 805).
Overbreadth with a lack of focus on terrorism.
Several provisions of the USAPA have no apparent connection to preventing terrorism. These include:
Government spying on suspected computer trespassers with no need for court order. Sec. 217.
Adding samples to DNA database for those convicted of "any crime of violence." Sec. 503. The provision adds collection of DNA for terrorists, but then inexplicably also adds collection for the broad, non-terrorist category of "any crime of violence."
Wiretaps now allowed for suspected violations of the Computer Fraud and Abuse Act. This includes anyone suspected of "exceeding the authority" of a computer used in interstate commerce, causing over $5000 worth of combined damage.
Dramatic increases to the scope and penalties of the Computer Fraud and Abuse Act. This includes: 1) raising the maximum penalty for violations to 10 years (from 5) for a first offense and 20 years (from 10) for a second offense; 2) ensuring that violators only need to intend to cause damage generally, not intend to cause damage or other specified harm over the $5,000 statutory damage threshold; 3) allows aggregation of damages to different computers over a year to reach the $5,000 threshold; 4) enhance punishment for violations involving any (not just $5,000) damage to a government computer involved in criminal justice or the military; 5) include damage to foreign computers involved in US interstate commerce; 6) include state law offenses as priors for sentencing; 7) expand definition of loss to expressly include time spent investigating, responding, for damage assessment and for restoration.
Allows Americans to be More Easily Spied Upon by US Foreign Intelligence Agencies. Just as the domestic law enforcement surveillance powers have expanded, the corollary powers under the Foreign Intelligence Surveillance Act have also been greatly expanded, including: General Expansion of FISA Authority. FISA authority to spy on Americans or foreign persons in the US (and those who communicate with them) increased from situations where the suspicion that the person is the agent of a foreign government is "the" purpose of the surveillance to anytime that this is "a significant purpose" of the surveillance.
Increased information sharing between domestic law enforcement and intelligence. This is a partial repeal of the wall put up in the 1970s after the discovery that the FBI and CIA had been conducting investigations on over half a million Americans during the McCarthy era and afterwards, including the pervasive surveillance of Martin Luther King in the 1960s. It allows wiretap results and grand jury information and other information collected in a criminal case to be disclosed to the intelligence agencies when the information constitutes foreign intelligence or foreign intelligence information, the latter being a broad new category created by this law.
FISA detour around federal domestic surveillance limitations; domestic detour around FISA limitations. Domestic surveillance limits can be skirted by the Attorney General, for instance, by obtaining a FISA wiretap against a US person where "probable cause" does not exist, but when the person is suspected to be an agent of a foreign government. The information can then be shared with the FBI. The reverse is also true.
"Flyin' in just a sweet place,
Never been known to fail..."
I've always believed the US laws on encryption (export) were a bit harsh (read dumb) but this Freeh really baffles me. Here's a person who has a paranoid distrust in people and a blatant disregard of their privacy in general.
You may have already heard of this, but in my country (The Netherlands), a guy named Volkert van der G. assasinated a leading political figure (Pim Fortuyn). The man was arrested, but he refuses to make any statement or to speak at all, so he cannot be put on trial and this is his right, according to our laws. Am I angry about this, do I think this is unfair? Of course I do, but I expect to have the same rights if I was ever brought in for questioning. You can't change the rights of people, just because the laws are against you, they apply equally well to all people.
Why does this Freeh-man think it is not my right to make sure absolutely no-one but the intended adressee can read my message? Why does he want to force me to place a trust in the government that they can keep the information confidential and the backdoor-keys in their sole posession, which is very unlikely? I'm sure his intentions are to catch bad guys, but bad guys should have the same rights as anyone else, like it or not. I don't want the government to treat me like a criminal just because I use encryption.
There are people who think encryption should not be used in case of personal non-secret communication, but I think that's a load of BS, because encryption is in my view not meant to hide (harmful/secret/sensitive) information, but to enable privacy (just a paradigmshift). So if I want to talk to my mother, and I think what I have to say is nobody else's beeswax, not even the government's, I have the right to use encryption and to be free of any suspicion, don't you think?
Freeh wants you to believe that anything you send over the internet or store on a computer is information the government should have access to, but encryption is the only tool that allows you to safely put your thoughts down. Don't let people like him rob you of this tool and your private thoughts, plead the fifth on encryption!