Slashdot Mirror
Europol Chief Warns About Computer Encryption
An anonymous reader writes The law enforcement lobbying campaign against encryption continues. Today it's Europol director Rob Wainwright, who is trying to make a case against encryption. "It's become perhaps the biggest problem for the police and the security service authorities in dealing with the threats from terrorism," he explained. "It's changed the very nature of counter-terrorist work from one that has been traditionally reliant on having good monitoring capability of communications to one that essentially doesn't provide that anymore." This is the same man who told the European Parliament that Europol is not going to investigate the alleged NSA hacking of the SWIFT (international bank transfer) system. The excuse he gave was not that Europol didn't know about it, because it did. Very much so. It was that there had been no formal complaint from any member state.
Encryption isn't new so why are they crying about it now? It makes no sense unless they are trying to sneak another fast one by the rubes in the general public. Tell your elected officials to stop whining about encryption and embrace it. Also, tell them we're tired of all these invasions to our rights to privacy because of an existential threat.
No, encryption is NOT going away and you're not getting a back door. Eff off and get to work on something useful and stop playing games!
Europol not investigating is not strange. That is not their job. Cross border investigations are handled by the police in the memberstates, but with coordination from europol.
Whatever people believe, europol is not an european fbi. Although, it would probably improve things if they did become one...
As Tom Waits wondered, what's he building in there?
Someone flopped a steamer in the gene pool.
"It's changed the very nature of counter-terrorist work from one that has been traditionally reliant on having good monitoring capability of communications to one that essentially doesn't provide that anymore."
You backed us into a corner by monitoring non-suspects.
It's your fault.
Dickhead.
Stop-Prism.org: Opt Out of Surveillance
Of course, terrorists are well known as the most law abiding citizens on the planet.
Or maybe this guy thinks the universe will just make prime numbers and whatnot stop working because he doesn't like what they can do.
Both are equally likely to produce useful counter-terrorism results.
...then we have a problem with government.
What this world is coming to - is for you and me to decide.
Given the arrogance of the NSA and other national security agencies, they can expect encryption to increase radically. This is a natural consequence of their refusal to abide by due process as well as generally doing whatever the hell they want because they "can".
That attitude is a double edged sword. And they are just now feeling the bite of the other edge as the global community responds to their behavior.
Not only will the sophistication of encryption spread by it will go from being an option to being a default status quo. In the not too distant future, if they want access to data, they will need to get the cooperation of the owner of that data... or get nothing at all.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
Someone should make a query that extracts the Slashdot commentaries that have predicted this exact situation for a decade.
The prediction goes like this : "If you keep doing stupid shit like that, people will start encrypting their computers and communications to protect themselves from your unimportant shit and this will help the very few people who encrypt their computers and communications to hide serious crimes."
The more you turn everyone into a criminal, the harder it will be to find the actual criminals.
It's time to decriminalize the population, so people become once again able to distinguish between the guilty and the innocent.
Most government leaders are profoundly ignorant about technology.
For those of us who work with technology, it is difficult to understand how ignorant the leaders are, and what we could do to fix the problems ignorant leaders cause.
Sun Tzu almost 3000 years ago said he'd rather have 1 good spy than 10,000 good soldiers.
So what yields better results, spies you hire or machines who take no pay? Yeah, I know, spies are difficult, messy, and must be paid in cash.
My guess is what you catch with machines is bad guy wannabees. Real terrorists are probably already using unbreakable steganography. The chance of getting 500 bytes of info out of a 500 KB image, if you can figure out which image has hidden data in it, is next to none.
People haven't figured out the half of it. The Theoretical Computer Scientists are still trying to figure out if P equals NP, when there is both an easy solution (I've tried to submit one version of it, and have written another), and that when conditions of physical plausibility are introduced, it turns out to be the wrong problem anyway. Hard problems arise as soon as you need one more peek at a pile of data than you have. Then you have to guess, and you are at the mercy of the guess. If it is a genuine binary guess and nobody is in a position to force your random number source (and this is totally unrealistic) then you only have a 50% chance of being totally wrong. Things go downhill pretty fast from there. Trust me, my sanity has survived by playing these games in my head for the last decade or so, and there is only one sensible strategy, and it is built fundamentally on sensibly chooing friends you trust. Things then either turn into a lovely blissful world of total cooperation (and I'm still dreaming here), or else devolve into a downward spiral of ever decreasing trust, ever increasing suspicion, and total failure to justify that distrust given that when one determined person want to screw things up, he or she happens to be the 1/1000 that you didn't decide to label a 'madman' and lock up. The law enforcement systems they are demanding don't work even in dreams. They face too many decision processes, can't improve matters by adding more decision processes (and this is the mess that using computers to aid they really gets them), and they are demanding that their task is made artificially simple. Doesn't bloody work that way in our universe. Sorry. We live according to the laws of mathematics and physics, and if you find yourself on the wrong side of them, complaining to lawmakers won't make the problems go away, but can screw up a large number of lives in the attempt.
John_Chalisque
"Lobbying" ... it's just some dude saying stuff. Yeah, encryption makes it hard for people to read messages, that is the whole point. I agree it's kinda ridiculous but they're trying to say "hey, we can better help you if we can read all your data."
First off: anybody using encryption with unwholesome motives is probably not going to heed to your "public appeal"
>(Second %)
[To my dated field-knowledge] Encryption has yet to find a way that is time-proof. With enough hints and enough computing power, all is possible, saideth the lord unto his peoples of siliconia. And there was much rejoycing, yei. (Although, elliptic curve cryptography [still] seems to be the best solution.)
Dear European Law Enforcement:
Communication is a part of freespeech. Just because tools have become a fundamental aspect of our lifestyles does not mean we want everything scrutinized for "safety" We would rather curb the likelihood that everything we do becomes the digital equivalent of "shouting from rooftop to rooftop"
Basically, "any organization that has zero oversight or transparency becomes a risk" is your argument. Not at all Ironic?
Encryption ain't going away, and people are going to turn it on. That's what happens in the digital age. All communication should be safe end-to-end. We should strive more on bringing the human element back to the digital era by being better people. All our actions ring out into the universe, so whatever you do, do it for the love of humanity.
You are more likely to die by crossing the street, falling down the stairs, heart attack, or cancer than by terrorism.
[encryption] has become perhaps the biggest problem for the police (...)
He is right. Eavesdropping everyone everywhere in all possible ways without any ethical limit made everyone aware of
- the privacy intrusion risks posed by non encrypted communication
- the privacy intrusion risks posed by weakly encrypted communication
- the privacy intrusion risks depending on the communication media being utilized.
Slashdot, fix the reply notifications... You won't get away with it...
Maybe if law enforcement types didn't keep banging on about how useful encryption is for terrorists, fewer terrorists would actually hear about it in the first place.
systemd is Roko's Basilisk.
Consumers must obviously not be allowed any secrets because, well, think of the children.
Our corporate overlords are OTOH _encouraged_ to lock down every piece of equipment so that consumers should be relieved of the temptation to use it for anything but, well, sit still consuming.
'mkay!
My ism, it's full of beliefs.
If yours truly and another law-abiding citizen encrypt communication, how is that going to hamper counter-terrorist work ? I pay my tax, he pays his tax, and the worst we do is getting drunk in his or my home on saturday evening, or screwing the occasional whore. Could it that Europol has been touched by the arrogance that comes from wielding too much unchecked, or at least badly checked, power for too long ?
Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
The cat is out of the bag. Crypto and its application is an academic subject now, with plenty of companies and open-source projects using the fruit of the work. That is to say, for another ten-fifteen years or so. Then, quantum will start taking it all apart. The amateurs will not have the resources to follow there.
Religion is what happens when nature strikes and groupthink goes wrong.
But that would be too easy. After all, the majority of the white population took to the streets fifty years ago, demanding that we open our borders and allow in the dregs of humanity, right?
True, "when every citizen is a potential terrorist then we have a problem with government", proven mainly in the socialist/communist Europe - BUT... your correct generalized statement can be improved if specialized as: "when every European MUSLIM citizen -or illegal immigrant- is a potential terrorist but those under oppression are the people who specialize correct statements... then we have a problem with government"!
* I am Greek - my statement is illegal in Greece and most of Europe...
Ischemia deaths in Sweden by age you can compare that to the graph for traffic accidents with stationary objects
Here is a solution which is equally as sane as the one being proposed by law enforcement. On average, 3% of people have criminal tendencies and/or may be terrorists (see that number there, the one I just pulled out of my ass??) Therefore, when someone does something bad we should randomly select 3% of people and have them killed. When everyone is dead the problem is solved.
Watching the police state encroach deeper and deeper and the sheeple doing nothing but watching their reality shows and empty journalists blabbering the agenda on the evening news attempting to marginalize anyone with half a brain discussing the deeper implications regarding the slide towards totalitarian rule is a sad sad reality for someone who has seen the Berlin wall fall and who remembers the horror stories about STASI an organization that pales in comparison to the evils of intelligence services operating in todays so called free democracies. When will the people rise and object against the tyrannical powers laying their claws upon every soul walking this earth...
MS, ALS, Aphasia ? http://globability.org - Me http://einarpetersen.com
I am Greek
You're also a moron.
I am Greek
You're also a moron.
You have a point... more than i have - currently your comment has "Score:1" (even if you are an Anonymous Coward, as i -the Greek- am also)!
You choose the part from my comment where i state that i am a Greek to answer me that i am a moron, and your comment pleased the Slashdot moderators while mine displeased them:
True, "when every citizen is a potential terrorist then we have a problem with government", proven mainly in the socialist/communist Europe - BUT... your correct generalized statement can be improved if specialized as: "when every European MUSLIM citizen -or illegal immigrant- is a potential terrorist but those under oppression are the people who specialize correct statements... then we have a problem with government"!
* I am Greek - my statement is illegal in Greece and most of Europe...
Slashdot...
How incredibly likely... You are a fanatic willing to kill scores of innocents but won't use encryption because it's illegal? This has to be the most stupid idea in a long time!
BANNING ENCRYPTION WILL NOT PREVENT TERRORISTS FROM USING IT !!!
Sorry for shouting but it's so bleeding obvious!
The only people that will respect such a ban would be normal law-abiding people and they are not likely to be interesting to Europol and similar.
"For every complex problem, there is a solution that is simple, neat, and wrong." -- H.L. Mencken (1880-1956) --
Extreme measures have extreme disadvantages. After 9/11 pilots were given the ability to lock their cabin to prevent terrorists from taking a plane. The Germanwings incident show this locks out the good people as well. Preventing encryption will be celebrated by terrorists, they could gain much more knowledge from plain data in transmissions.
Because without good encryption, commerce will be WIDE OPEN to fraud as criminals acquire information required to steal money from people, like bank account numbers, passwords, locations of money, etc.
If we can't use encryption to protect our information from criminals itching to use it for fraud, then fraud will explode and we'll need LOTS of cops to track down all the criminals.
We should tell them to take a hike, because:
1) Cops will never catch fraud before it happens
2) Cops will never recover all the money stolen
3) Trust in banking will falter
4) Trust in using the internet for commerce will falter
Also, "key escrow" won't work.
I'm sorry, but if the US Government couldn't keep the HYDROGEN BOMB secret, how am I to trust ANY government to keep secrets WORTH TRILLIONS? (I.e., their escrowed keys secret from the criminal element?)
--PeterM
At the root of the law enforcement / state security argument seems to be one glaring fallacy that the only reason for using encryption is to hide wrong doing from the government. i.e. "If you are doing nothing wrong then you have nothing to hide." The reason we use encryption is overwhelmingly to hide our personal information from cyber criminals, identity thieves, cyber-stalkers, paedophiles, bullies, deranged lunatics and any other number of unsavoury characters and criminal organizations.
Their argument is analogous to saying that we must leave all doors unlocked so police can not be thwarted from raiding criminals... meanwhile the reason we have locks is to keep us from being victims of those very criminals.
What happened? Did he order an expensive full attack on an encrypted container with dozens of people and they got a shopping list after 2 years?
IF we cannot body scan you
IF we cannot read your emails
IF we cannot read your medical records
IF we cannot detect your location
IF we cannot determine your political beliefs
then one day that will become
The terrorists win IF we cannot read your mind
Because if you're innocent why would you want to hide anything right? because data collection agencies, corporations and the government have done such a stellar job making sure that information is handled ethically and protected privacy in an adequate manner, right?
How is that load of bullshit working so far? -when will draconian security measure applied without cause or reason be seen for what they are?
There is always be those that use violence to influence, no amount of snooping and big brother shit will ever change that.
A 'singular oddity' is an event that cannot be explained and only happens when you are alone.
If we use encryption your job is pointless?
"If any question why we died, Tell them because our fathers lied."
Tough shit. Nobody said it would be easy.
Never underestimate the power of stupid people in large groups.
When encryption is outlawed, only outlaws will have encryption. And the government, but then I'm being redundant.
His job is to point out things which cause them problems. If those things are valued by constitutions and lawmakers, they will not be listened to, and Europol (in this case) has to change its game to deal with it. If he kept quiet about every headache they deal with, he should be removed from his position. Instead, he does his job, and the technically literate people who can't understand what his job actually entails start moaning about how infeasible it is or how it tramples basic human rights.
Every post here complaining about this guy pointing out how bad encryption is for them has missed the point entirely, and is engaging in a knee-jerk moanfest. The people to get angry with are any politicians who try to enact this guy's suggestions.
It is OBVIOUS to the European population the REAL REASONS for CREATING A SOVIET STYLE POLICE STATE have NOTHINH TO DO WITH TERRORISM AND EVERYTHING TO DO WITH DOMINATING THE MASSES !!!
The EU IS A LOBBY DOMINATED, BIG BUSINESS CONTROLLED DISGRACE much more alien to the COMMON PEOPLE than Washington, as in EU YOU HAVE NO DIRECT REPRESENTATION, only "party choosen" proxies are ever allowed to be "electable" by a FARCE of a voting system.
UNLESS THE EUROPEAN PEOPLE WANT TO WAKE UP ONE DAY IN A NAZI-SOVIET STYLE SUPERSTATE TGEY MUST REJECT ANY CALLS TO LIMIT INDIVIDUAL FREEDOM BY SO CALLED "EUROPEAN LAW ENFORCEMENT".
I always hear that we can't catch anyone if phones are encrypted, or computers are encrypted. Evidently there were no police techniques available before 1995, and all criminals got off easy. All those police shows where people gathered non-cell-phone based evidence must have been something like science fiction, but for cops.
They abused the privilege, now they pay the price. I've no sympathy for any of the intel agencies out there who've claimed they're only interested in identifying endpoints and sessions, yet now are crying about the traffic content being encrypted. Encryption simply limits CSEC, GCHQ, NSA, et. al. to the endpoint identification they said they want.
It's too late to change your mind. I use RSA2048 exchange of AES256 keys, hard coded into all my applications. If you don't have the Java export-strength encryption enabled, I don't want to bother supporting your code. You're just begging to be intercepted without export-strength encryption.
I'm tired of being snooped on. I'll take my right to privacy seriously, thanks. I don't even trust pre-generated keys for the RSA2048 server encryption -- I generate them on the fly at server startup so that even the person running the server doesn't know what the keys are.
I do not fail; I succeed at finding out what does not work.
Governments are funny, they think they can just lay back sipping their slurpees while slurping down worlds data from room 641A. Even funnier they believe they are entitled to the current status quo for all of time. When people wise up and they are denied capability they pout and whine like two year olds about "going dark" all the while intrusive private and public data collection regimes continue to proliferate unbounded.
If you don't like the proliferation of encryption technology maybe you should have thought about that BEFORE you collectively gave the world reason to care.
All these various people in positions of authority relating to security want everyone to leave themselves open to the possiblity that every bad guy out there can intercept their communications, in order that the good guys can intercept the communications as well, in order to figure out who the bad guys are?
Why does everything have to be so goddamned complicated?
Europol Chief Warns About Door Locks and Window Shades.
We need to ban, not only digital computers, but also math. One can multiply big prime numbers and keep them secret using pen and paper.
As far as we know, not a single terrorist attack would have ever been averted if encryption had been breakable. This person is either terminally stupid or exceptionally dishonest. In either case he is a serious threat to society and should be removed from his position immediately.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
"Don't think for a second that they don't have an army of tech-savy advisors and specialists..."
How would someone who isn't technically knowledgeable know if someone IS technically knowledgeable? In fact, a lot of incompetent people want high-paying jobs. Incompetent people may sound wonderful to a manager.
After years of people communicating by postcards, someone invents the envelope, and the cops get all scared that they won't be able to fight crime any more. Or so they say.
There's no time like the present. Well, the past used to be.