Slashdot Mirror
Justice Department: Default Encryption Has Created a 'Zone of Lawlessness'
Jason Koebler writes: Leslie Caldwell, an assistant attorney general at the Justice Department, said Tuesday that the department is "very concerned" by the Google's and Apple's decision to automatically encrypt all data on Android and iOS devices.
"We understand the value of encryption and the importance of security," she said. "But we're very concerned they not lead to the creation of what I would call a 'zone of lawlessness,' where there's evidence that we could have lawful access through a court order that we're prohibited from getting because of a company's technological choices.
"We understand the value of encryption and the importance of security," she said. "But we're very concerned they not lead to the creation of what I would call a 'zone of lawlessness,' where there's evidence that we could have lawful access through a court order that we're prohibited from getting because of a company's technological choices.
"We understand the value of encryption and the importance of security,"
It is not just security, it is privacy. It is the freedom from governments and others snooping through my life.
Well, if it worked for Cardinal Richelieu...
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Incorrect, if they want access to your encrypted information they may get a warrant, you can then defend yourself against said warrant by contesting it, a judge might hold you in contempt for not giving up the keys (that is a contempt to try and make you comply not a punitive one so is only supposed to be until they figure out your not going to). This is not what they seem to be worried about.
They are worried about not being able to just take or use secret courts to access whatever they want. Pervasive encryption means they can no longer get all the info they want from the middle men who tend not to fight back much, use national security letters when even the secret courts wont give them a warrant. Having to use actual warrants served to the people effected who might fight them and use the media to shame them means they better have a good reason vs just fishing. You can also devise hardware and protocols that put a time limit on being able to decypt things that would limit the time held in contempt (simple one is a chip that holds the keys and erases them if it does not get a passcode every so often or looses power a basic extension on existing TMP).
In short you can have secure encryption that the government could force you to let them access. It's messy, time consuming, and does not always work.
No sir I dont like it.
Has anyone considered looking at this from a Second amendment perspective? If we are not to pass laws prohibiting the right to bear arms in order to establish a proper militia, has it not been considered that the command and control of said militia would also be as equally important? If so, then would it not be fair to assume that military grade encryption standards (read: non-exportable encryption) would by nature also be protected weapons systems? Granted, I know that arms exports has a litany of laws and the average Joe American can't just walk down the street buy an over the shoulder rocket launcher, but one would think that the ability to communicate securely for defensive purposes would in and of itself constitute protection under the Second Amendment? Or am I just reaching here?
Select from tblFriends where interesting >= 4;
Yep. We have so many byzantine laws and regulations (which, by the way, WE are expected to know them all, ignorance is no defense, but the GOVERNMENT doesn't, ignorance is a defense for THEM violating our rights) that no one person can possibly know, THOUSANDS MORE a year are added.
Everyone probably commits at least one felony a week without knowing it.
The solution is that EVERY LAW AND REGULATION should have a SUNSET DATE. To keep them active they should have to be re-authorized at least every 4 years. If the government had to do that only the most NECESSARY laws would remain on the books. Inherent government laziness would then work on the side of Liberty.
Corporatism != Free Market
Yup, this is going to come back and bite them. Their "only criminals, security agencies, and banks encrypt everything" attitude means that anyone who encrypts everything they possibly can is a person of interest. As more and more people begin encrypting by default, they're gonna need a bigger net in order to catch all of that data, and the SNR just keeps getting lower and lower.
My old laptop, which crapped out last week, had no trouble keeping up with me, I never found myself waiting for it, and I'm not a gamer, so when I ended up with a new machine that was roughly 20% faster, I decided to enable FileVault on it. I figured, worst case, it'll slow the new laptop back down to what I'm used to. And now, if my laptop is every analyzed by a law enforcement agency, I'll just become another bit of noise the NSA has to filter out.
And Apple has made FileVault a "checked by default" option when setting up a new Mac, so the same class of user who would end up with every toolbar and fake anti-virus in Windows (e.g. average or below average) will have FileVault enabled on their Mac. if Microsoft takes the same route (I haven't installed Windows 8 or newer recently, so I don't know, they may have already), we're looking at something like 2/3 of computer users with file encryption enabled by default, without even knowing it, and some portion of the remaining 1/3 who enabled it purposefully.
I can imagine the high-ranking NSA official who instituted the "record all encrypted data we find" policy, on the basis that only people with something to hide would bother, is sweating right now, as his colleagues are starting to realize he's just made all of their jobs that much more difficult; it has come to pass that only a handful of criminals, and no known terrorists, have made effective use of encryption, but they're still having to sift through all of the metadata recorded along with all of that encrypted data.
Also, before someone else makes the joke: "only criminals, security agencies, and banks" is redundant.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Osama bin Laden managed to hide in plain sight for 6 years by doing something similar.
The basic approach of senior Al Qaeda figures was to use laptops but never connect them to the internet. Everything was based on thumb drives, which were moved around by trusted couriers. You couldn't plant a mole in there, because they basically didn't trust anyone they hadn't known for several generations.
He was eventually tracked down because his most trusted courier was on the phone with a friend being pestered about what he was doing, and the CIA happened to be listening.
You joke, but take a look at the 2002 Millenium Challenge navy exercise.
The Red team, using old school tactics, dealt a staggering blow to the Blue team. (The exercise was then reset, with the Red team required to "follow the rules"). Quoting:
#insert observations/law/drferris.h
(preprocessed for your convenience)
"Did you really think we want those laws observed?" said Dr. Ferris. "We want them to be broken. You'd better get it straight that it's not a bunch of boy scouts you're up against... We're after power and we mean it... There's no way to rule innocent men. The only power any government has is the power to crack down on criminals. Well, when there aren't enough criminals one makes them. One declares so many things to be a crime that it becomes impossible for men to live without breaking laws. Who wants a nation of law-abiding citizens? What's there in that for anyone? But just pass the kind of laws that can neither be observed nor enforced or objectively interpreted â" and you create a nation of law-breakers â" and then you cash in on guilt. Now that's the system, Mr. Reardon, that's the game, and once you understand it, you'll be much easier to deal with.â
My opinions are my own, and do not necessarily represent those of my employer.
Interesting story. One of the things I find most reassuring about the police service* in the UK is that they have long maintained, great consistency and at almost any rank, that good community relations are the heart of good policing. Officers who go out on patrol** have consistently and overwhelmingly said they do not want to routinely carry firearms, because that goes against the basic principle of policing by consent, and instead they tend to assume that the solution to local problems often starts with trying to improve those relations if they are failing. Concerns are also raised often by the police themselves about the balance between having officers patrolling in vehicles for rapid response and having officers literally walking the beat and actually making contact with the public. I get the feeling that police officers in certain other parts of the world have a very, very different attitude to their relationship with the public.
*I remember well that when the local police schools liaison officer visited us, he made a point of saying he didn't like the term "police force" because it had the wrong connotations before you even started to look at what the police did.
**It's curious how often police officers and politicians in some places refer to officers "on the front line", this being about as overt a military metaphor as I can think of (short of being "on the front line in the war against $ABSTRACT_NOUN" I suppose).
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.