Slashdot Mirror

← Back to Stories (view on slashdot.org)

The NSA Wants Tech Companies To Give It "Front Door" Access To Encrypted Data

Posted by samzenpus on from the let-us-in dept.

An anonymous reader writes The National Security Agency is embroiled in a battle with tech companies over access to encrypted data that would allow it to spy (more easily) on millions of Americans and international citizens. Last month, companies like Google, Microsoft, and Apple urged the Obama administration to put an end to the NSA's bulk collection of metadata. "National Security Agency officials are considering a range of options to ensure their surveillance efforts aren't stymied by the growing use of encryption, particularly in smartphones. Key among the solutions, according to The Washington Post, might be a requirement that technology companies create a digital key that can open any locked device to obtain text messages or other content, but divide the key into pieces so no one group could use it without the cooperation of other parties."

16 of 212 comments (clear)

  1. Right up until... by Anonymous Coward · · Score: 5, Insightful

    A government body gets the whole key and then has it stolen from them and we're all left with our trousers down in a changing room made of glass.

    No. If there is an EASY way to decrypt information, then that data is NOT SAFE and the encryption is useless.

    1. Re:Right up until... by Anonymous Coward · · Score: 5, Insightful

      A government body gets the whole key and then has it stolen from them and we're all left with our trousers down in a changing room made of glass.

      No. If there is an EASY way to decrypt information, then that data is NOT SAFE and the encryption is useless.

      Yep. In the meantime, one of the few advantages US companies have - software and web services - will be made completely worthless. If I am a bank, healthcare company, or whatever (it really doesn't matter) , I demand my data be secure. An NSA back door, front door, trap door, barn door means that there is a built-in insecurity.

      Right now, I do not think any American made software is secure enough for my business. We have achieved a state where business and government concerns are in direct conflict.

      I think a lot of it has to do with this Big Data fad. They seem to think that the more data they have, the more computing power they have, and the less security we have allows them to "get their guy". We have an out of control security bureaucracy.

      But as the US slips more and more into a police state (I was just ordered last week to hand over my license at a road block - they were stopping everyone. Papers please! actually it was "hand it over, now!), I just have to wonder with our freedoms and privacy being eroded everyday, just what does the US stand for anymore?

    2. Re:Right up until... by Anonymous Coward · · Score: 5, Insightful

      You can bet that if Snowden could get access then there are hundreds of NSA employees and contractors that are trading on this information. No domestic or foreign corporation or state wants the NSA to have unfettered access to their data like this, because such access will be and is being abused.

      Put it this way, say you are trying to get a contract where General Electric is a competitor. And someone in the NSA is tapping all of your salesmen's communications and documents and passing them to the GE's sales team....

    3. Re:Right up until... by Endymion · · Score: 4, Insightful

      Well said.

      I find it unlikely that the NSA doesn't know how this will affect the US software/tech industry. Which means they are deliberatly trying to undermine an entire sector of the US economy. I call this treason. Many of these traitors took an oath to defend the constitution, yet they publicly announce how their desire to do the exact opposite.

      I know some of you are thinking that this is a crazy idea, because the US definition of trason is a difficult standard to meet due to the requirement to show that the traitor is "making war" against the countyr. Well, what else do you call the deliberate undermining of the most profitalbe sector in our economy? Modern weapons of war include a wide variety of tools, not just rifles and tanks. More importantly, this is exactly the kind of type of methods the CIA has used to "destabalize" other countries.

      --
      Ce n'est pas une signature automatique.
    4. Re:Right up until... by ruir · · Score: 3, Insightful

      Microsoft was born due to Bills family being influential in washington, and has been in bed with the establishment ever since. In the past we also had strong hints they had a NSA backdoor. Cisco is also known to have backdoors. The industry has been undermining itself quite alone. Foreign people who use American software for industrial or political purposes are morons.

    5. Re:Right up until... by Anonymous Coward · · Score: 2, Insightful

      But they're not protecting the people any more.

      They are now protecting the state. They have been for many years, they just tell you they're protecting the people.

      That was what the Soviet government was doing, too.

    6. Re:Right up until... by davester666 · · Score: 3, Insightful

      It's an emergency, because we are being overrun by terrorists and child molesters.

      That makes it ok.

      --
      Sleep your way to a whiter smile...date a dentist!
  2. The NSA requests you stop sealing envelopes by mtrachtenberg · · Score: 5, Insightful

    As you all know, our country is subject to terrible terrorist threats. It has come to the attention of your friends at the National Security Agency ("we put the security in the national") that terrorists have, under certain circumstances, used the United States Postal Service, United Parcel Service, and Federal Express in order to facilitate their terrorist doings. Therefore, we would appreciate it if, effective immediately, you stop sealing your parcels and envelopes, to make inspection easier.

    This is for your protection. Please don't object, or we'll have to illegally open your items and lie about it. Thank you.

  3. Disturbing this is even being openly discussed by JoeyRox · · Score: 5, Insightful

    The fact that the NSA thinks it can achieve this shows how far our civil liberties have fallen.

  4. All your eggs in one basket. by Jaywalk · · Score: 4, Insightful

    Wow. And how long do they think their magical key will remain secret? If a single key can open all the doors, finding that key will become more important and the resourced dedicated to discovering it will be increased. The secrets that are being protected are not only -- or even primarily -- the secrets of criminals. There are millions of bank accounts and private medical records along with political dissidents.

    Every weakening of security aids not only law enforcements but criminals as well.

    --
    ===== Murphy's Law is recursive. =====
    1. Re:All your eggs in one basket. by R3d+M3rcury · · Score: 3, Insightful

      ...and if you only have part of the key, why should you devote resources to protecting it? Let the other guy worry about that.

      Kind of like immunization...

  5. Ok. by Anonymous Coward · · Score: 3, Insightful

    While we're asking for stuff we want, I want one billion dollars a year of NSA funding redirected to me. I'll spend it all on providing college scholarships.

    I believe my idea is better than theirs: educated, autonomous individuals make for a better society than fear and authoritarianism. Who's with me?

  6. one key, eh? by Anonymous Coward · · Score: 2, Insightful

    One (partitioned) Key to rule them all, One Key to find them,
    One Key to bring them all and in the darkness bind them

    need anyone say more?

  7. Re:First for Systemd!!! by Anonymous Coward · · Score: 2, Insightful

    That's the wrong attitude to take. The attitude you SHOULD take is to become one of the data controllers holding part of the key...which you simply delete.

    Problem fucking solved.

  8. Well, that's a load of horseshit by Hizonner · · Score: 4, Insightful

    There's no "centuries-old social compact" or whatthefuck ever, let alone one around warrants.

    • There's no problem getting data access using warrants, no matter how much encryption you have. It's just that you have to get the data from the person who owns them, rather than sneaking through a third party. If the owner doesn't cooperate, you have a process to compel them. You know, just like warrants and other court orders have worked for hundreds of years. It's really unprecedented to be able to get access to somebody's personal papers without that person even knowing it.
    • There's no long-established ability to get access to people's ephemeral communications without physically following them around. That wasn't even possible until the telephone came along. For hundreds of years before that, you had to actually engage and gain people's individual confidence to spy on them.
    • Rogers' agency (the NSA) has never used warrants, not ever. It was given warrantless powers it probably should not have been given, arguably illegally because you can't do it under the constitution. It has then repeatedly gone beyond those already excessive powers over the entire course of its existence. It takes a lot of gall for somebody like Rogers to whine about lawful authority to do anything, let alone about warrants.

    What a sack of shit.

    And, yeah, the idea that you're going to have this magic key that only good guys can use is also technically and operationally impossible... as every single person in the NSA or anywhere else in the federal intelligence or law enforcement agencies knows damned well. I assume they want to create it so that they can steal it and use it for mass attacks. If they don't want me to believe that, well, they need to overcome their decades-long pattern of established behavior.

  9. A matter of priorities by plsuh · · Score: 3, Insightful

    The US government has lost sight of the larger issue here. The tail (NSA and law enforcement) is wagging the dog.

    The NSA and law enforcement agencies want to be able to intercept anything, since it makes their jobs easier. However, this runs counter to the larger national interest of the United States.

    Which country has the highest level of connectedness and dependence on the Internet? Which country would be worst hurt if a sophisticated attacker was able to penetrate and conduct malicious actions using the systems connected to the Internet? The US, that's who. It is by far in the US's overall national interest to properly secure the Internet and communications infrastructure. Eavesdropping on everyone else is a secondary benefit, in comparison.

    The proper role of the President and the Attorney General is to separate the desire of the NSA and law enforcement to make their jobs easier from the greater benefit to the country as a whole. They need to tell the ambitious underlings "NO" in unequivocal terms, then bitch slap them if they keep whining about it.

    --Paul