Slashdot Mirror
NSA Director Wants Legal Right To Snoop On Encrypted Data
jfruh writes: This may not come as a huge shock, but the director of the NSA doesn't believe that you have the right to encrypt your data in a way that the government can't access it. At a cybersecurity policy event, Michael Rogers said that the U.S. should be able to craft a policy that allows the NSA and law enforcement agencies to read encrypted data when they need to.
Go fuck yourself.
That is all.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
they'll be moving to places with more sensible security policies
...did having the legal right matter to the NSA? Or recent governments, for that matter...
--- Pork is not a verb.
Okay, if we receive the legal right to snoop on the NSA. Fair trade.
I mean, there are going to be some areas where we’re going to have different perspectives. That doesn’t bother me at all. One of the reasons why, quite frankly, I believe in doing things like this is that when I do that, I say, “Look, there are no restrictions on questions. You can ask me anything.”
Welcome to the new Amerika. Your possessions and money may be seized at any time via civil asset forfeiture, your communications are under constant surveillance, and now they want to make sure absolutely nothing can be kept private.
But, hey, so long as we're having "dialogue" (you'll do what you want anyways) and we have your permission to ask questions then it's all good.
Who really won the cold war?
It's called a subpoena.
What you want is a system that allows it, and if you have a backdoor, they have it too. Snowden's leaks didn't convince me that you were the all powerful octopus, it convinced me that you were the Keystone Cops of the Information Superhighway. I don't distrust you because of your bad intent. I don't trust you because of your incompetence.
Ok, lets assume they are right and the government **should** be allowed to access encrypted data (not that I agree with this).
Its going to be an absolutely impossible for them to implement technically it without significantly increasing the risk an unauthorized 3rd party can.
The non-technical way (give me your password) has constitutional issues.
This falls into two categories.
1.) Lawful investigation (warrant and all). In this case, encryption has been regarded as a 'locked box' they can seize and search your gun safe but they can not ask you to give up the combination. If they get past that, there are other legal hurdles....The Government cannot compel you to incriminate yourself (give up the key) (5th Amendment).....If that doesn't work, who says you can recall the password or didn't lose the key--This could be fun and I don't know the law.....
2.) We will call it "Creative Surveillance". Well, thats a whole can of 4th amendment.
I was just thinking the rest of the world should have the legal right to kick anybody from the NSA in the nuts.
These people are assholes who don't give a crap about civil liberties and human rights.
Mauled by bears would be too good for them.
Lost at C:>. Found at C.
The rest of the world don't want products with official US backdoors though. So you'll have a very hard time selling anything US made abroad and you'd have to ban foreign imports that don't comply with your backdoor policy. Probably also all second hand private imports like eBay. And open source. If the NSA didn't cost the US enough money already, it will after that. I remember a time when you had to fight to get non-crippled crypto out of the US, only 40 bits for us schmucks. I guess now you'll have to fight to get non-crippled crypto back in...
Live today, because you never know what tomorrow brings
Back in the cold war era so many of our American leaders criticized the totalitarianism and lack of human rights in China and the Soviet bloc nations. Now fifty some years later we are gradually becoming just like them.
If I thought it was OK for them to read my messages, I wouldn't fucking encrypt them.
The problem is secret courts and that they have been caught spying on everyone multiple times already.
If he was arguing that they should be able to get a court order at a NORMAL court not the FISA one and with probably cause have the right to decrypt the data and only the data covered by the search warrant then I would support him.
Computer modeling for biotech drug manufacturing is HARD!
It's hilarious. For a moment I wondered if the transcript is even real. This makes Eliza look sophisticated.
He seems to believe, "I think we can work through this" is an acceptable answer to a simple yes/no question. The guy doesn't even have a coherent answer to one of the most basic and obvious questions he could possibly be asked. I thought Comey did a poor job of explaining his position but this takes it to a whole other level.
Comment removed based on user account deletion
The encryption drive was caused by the NSA and others not obeying due process when they went after information. They used little legal loopholes or just broke the law outright as it suited them. And of course that being known people are going to take steps to protect themselves.
The damage the NSA has done will take a generation to repair and that would be a generation with the NSA not actively doing damage the entire time. Absent that, we're not going back to the way things were... possibly ever.
And that means the NSA should get used to running into encrypted brick walls. They had all the trust. Companies would openly brag that their security had been vetted by the NSA. Now, no one says that because there is always the fear that the NSA saw a flaw and intentionally kept it secret so they could exploit it or worse they might have even injected a backdoor in themselves.
The trust is gone and they have only themselves to blame.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
There are multiple problems with your statement. Lets look at them all, shall we:
No. The trigger for this isn't that companies are holding data...it's that users have data, and the NSA wants to force the companies to keep/get access their users data even if the company doesn't want to, so that the NSA can access it also. This is a *very* different proposition. If Apple doesn't want to hold its user's data, why should the NSA force them to just so that the NSA can read it? That seems to be the NSA's problem, not Apple's.
Saying "encryption" does not make the data magical, but it also doesn't entitle the NSA to special treatment. If they can break it, fine. If they can't, there is no valid reason for me to make it easy for them.
Attacking RSA/DSA/AES/etc is the NSA's job. If they can do that, fine. Deliberately weakening an existing system to make it *easier* for them to do those attacks isn't our job, or our problem. If they want to beat their heads against AES, go for it. But that's not a valid reason for country-wide key escrow.
Lastly, on the specialness of America: Do we really believe that the US is the only one who has the "right" to access any backdoor/golden-key/whatever? That's absolute nonsense. If the US forces Apple, Google, MS, etc to build key escrow into their devices so that the NSA can read the data on them, then that key will be used by every government on the earth. If you really believe that the NSA will manage to keep exclusive control of a master key for all encryption for a given major vendor, then I'm going to call you delusional.
In theory you are right. The problem is that laws change and I cannot predict in what fashion.
What you do today and what is perfectly legal may well be illegal tomorrow. Take, say, smoking. Maybe you're smoking. Now let's imagine smoking gets banned. Well, tobacco is addictive. And if you're known to be a smoker, maybe you should be monitored whether you heed that ban or whether you engage in some illegal activity now that your addictive substance is banned.
And should you have dared to criticize the government in a way that has caused enough waves, this just might serve as the excuse needed to make you disappear behind some bars where you cannot reach those that like to listen to you. And hopefully soon you'll be forgotten and life will go on.
There are some countries, and I'm far from talking third world dictatorships, that are on the verge of heavy unrest. I don't want to say civil war, we're far from that, but there's a LOT of very unhappy and very disillusioned people in many countries that we'd consider first world countries.
All it takes is someone to gather behind. And that's to be avoided at all cost if you're a government, interested in preserving the status quo as long as you can.
So anything to get rid of such people is a good excuse. And having access to data is one way to find something. In case you ever wondered what purpose all those unexectuable laws we're seeing popping up could possibly serve, this pretty much is it. But if you need to construct dirt about someone, you need to have access to his documents.
Everyone breaks the law. Daily. Multiple times. All it takes is access to the proof.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
> ... to illegally access everyone's communications, especially that of their own citizens to solidify power, or serve corporate/elite/shadowy overlords ...
But this is what is happening, no ? And this is what people in power positions are requesting access for - ability to read ANYONE's communications. Snowden revelations clearly listed massive dragnet surveillance on own US citizens.
They don't whine that they can't read Iran's / North Korea's communications, or even Germany's or France's. They whine that they can't read EVERYBODY's communications, including those of political opponents (remember Nixon ? or own NSA's lack of legislative/judicial oversight ?).
So what's shocking is not that they were reading's US enemy's communications - that was expected; not even that they recorded US citizens on US soil, although you were labeled a conspiratard if you voiced your opinion.
What's shocking is that they are reading and archiving EVERYBODY's communication, because they may be useful in the future. And then they come and say, when caught, not that they are sorry and destroy the archives, but that we have to actually bend over, spread the cheeks and say thank you.
The older I get, the more I see the wisdom in the saying, "It is very hard to get someone to understand something when their paycheck depends on them not understanding it." The truth is a bit more complicated and nuanced than this. It is not just paycheck, but power, prestige, fame, honor, and overall dominance that make a person's profession breed intellectual dishonesty. So, it is relevant. But you won't convince daveschroeder of this. It may be true that other people's profession affected their objectivity, but not daveschroder's! OMG, logical fallacy!
Join the IParty!
Once a back door exists, all power hungry countries will find the keys.
wow, I haven't seen so many shills in one place in quite a while. the reason you are being called out isn't because of your position but because you conveniently leave out details which completely invalidate your arguments.
1. secret courts - yes, the original intention was to make sure there was probable cause before the court was to issue a warrant. In reality, even statements by the court indicate that it has been not much more than a rubber stamp. Less that one percent of requests for warrants have actually been denied. The court is not protecting any citizens. It is protecting the impression of process and procedures so that the government cannot be sued for breaking fourth amendment protections.
2. Spying on everyone. - yes, we all know that the NSA director perjured himself when he said that only metadata was being collected. Within weeks, the rest of us learned about prism which collects not only metadata but content itself. The fact that you leave this out means to me that you know your argument is flawed and that you are trying to discount and minimize facts and evidence that has already been publicly disseminated.
blah blah blah. more bullshit about things being legal that in fact were not legal until unconstitutional laws were instituted to make them less illegal. Lets not even get into the fact that when these laws were passed, the senate intelligence committee did not even know about prism and other programs which were meant to "collect all data".
As for phone record metadata, this is the type of information that government and investigators used to need a warrant to get and they needed to request it from the phone company. Now you are implying that a warrant isn't needed because it's public information and therefore there is no expectation of privacy. FUCK YOU! If there is a reason to suspect someone of a crime, then there is cause to get a warrant. If there isn't, then you have no claim to that or any other information.
Blah blah blah. About the NSA and breaking laws. Laws have been created to make what the NSA is doing "legal". That does not in any way mean that it is constitutional. These things are not at all equivalent to how things were in 1979 or even before the patriot act. You are disingenuous to imply that these things are even remotely equivalent. In 1979, the intelligence infrastructure was even remotely set up to monitor the activities of normal American citizens.
Blah blah blah. terrorists use the same networks and such. You know there was a time when the intelligence services needed to actually do real investigative work. They didn't just get to treat everyone like a criminal until one committed a crime.
Freedom isn't free. It's difficult and expensive. Attempting to take away peoples privacy and autonomy to make the jobs at the NSA easier doesn't make us more free. It makes us less free. Being free without the freedom part of it is actually not being free. Even if some government officials are lying to you about how much freedom you actually have.
... I realize you think this isn't the case, and that all of your communications are being mined and monitored (illegally, no less), and since proving a negative is impossible, I won't be able to help in that regard.
While my thoughts on the general matter at hand fall somewhere between daveschroeder's and the AC, I feel it's a bit insincere to imply that all US communications are NOT being monitored at all unless a warrant is involved. As far as metadata goes, we *know* they are; Snowden leaks have shown it; it's been confirmed by multiple sources; it happening isn't really a question.
Are they logging the content of all communications, or monitoring it, or analyzing it, etc? I don't know. Maybe that's what you are referring to. AC will probably still argue with you, but being more accurate and honest about recent events would lend your argument a bit more credibility.
Every person has some data that should be secret, like credit card details. If your devices have a backdoor for government then criminals can use it too. Just matter of time before the way to use it leaks into criminal underground. Requiring mandatory backdoors for storage is as absurd as requiring a single mandatory government usable master key for all locks. You may be 100% sure that actual use it to catch criminals will be dwarfed by abuse by government officials for their own petty ends.