Slashdot Mirror
James Comey: the Man Who Wants To Outlaw Encryption
Patrick O'Neill writes: "There has not been a tradeoff between liberty and security in our response to terrorism in this country and in our efforts to offer security to the people of the United States," said James Comey, now the director of the FBI. Comey was the number two man in the Department of Justice during the Bush years when NSA and law enforcement surveillance of Americans grew to unprecedented heights. Now he's pushing to stop encryption by default on Apple and Android devices.
And this guy is the director of the FBI...for real? :-/
More and more surveillance of Americans instead of the supposed enemies. This is the US after 9/11 and the Boston bombing. Welcome to 1984.
liberare massarum ex ignorantia, clausa descendit molestie.
Correct, there has not been a tradeoff between liberty and security in our response to terrorism in this country and in our efforts to offer security to the people of the United States. What there has been is a complete and utter disregard for liberty and destruction of individual rights. Forget tradeoffs, the Constitution was abolished, that is what happened.
You can't handle the truth.
False, although mostly true so far. Notably, the intrusiveness of airport security has gone way up, for the big example on the false side.
Mostly what there's been so far has been a tradeoff between *privacy* and security. As in none of the former.
I feel for the guy--his job is to prevent another 9/11. He gets the call if a city blows up. And he probably really cares about defending liberty.
But unfortunately, pervasive surveillance without amazingly well-engineered procedural oversight and security will inevitably lead to tyranny. Anyone who doesn't see that isn't stepping far enough back. He's concerned about the next five years; I'm concerned about the next twenty or fifty.
I suppose there's an AI issue, too--a singularity is going to get into this data in a few decades. I can't predict what an AI a hundred times smarter than any of us might do with it.
This guy is wasting his time. He should maybe get a technological tutor to explain him how it isn't possible.
A zip file is encryption. Byte order is encryption. Unicode is encryption. Binary is encryption. Video codecs are encryption. Mime types are encryption.
Its as silly as demanding molecules not be made of atoms.
Patrick O'Neill: victim of bush derangement syndrome
Obama made him FBI director. Ya silly yutz.
From TFA: Comey said in an Oct. 2014 speech "Justice may be denied because of a locked phone or an encrypted hard drive." I can somewhat understand that from an investigator's perspective.
But my take is that lots of people are constantly attacking my devices, from the petty skript kiddies to corporations wanting secrets to the NSA who wants everything. Most of the attacks never see justice, they are never prosecuted. There is no justice in most cases, only criminals who break in.
If my devices are properly hardened in advance, I don't need to wait for the government to apply "justice".
//TODO: Think of witty sig statement
Yeah, but the reason he wants the default of 'no' is to make it easier to monitor communications. He doesn't give a shit about the 4th, naturally. The government shouldn't be dictating the default setting either, which is what he wants.
Good book explaining how since WWII bureaucrats like Comey have slowly usurped democracy. Congress doesn't run the country. Comey and his buds do.
https://firstlook.org/theintercept/2015/01/09/democracy-people-dont-know-government/
http://www.ft.com/cms/s/0/c30784c6-a225-11e4-bbb8-00144feab7de.html
https://www.kirkusreviews.com/book-reviews/scott-horton/lords-of-secrecy/
http://www.democracynow.org/blog/2015/1/5/scott_horton_lords_of_secrecy_the
because we might need to look in your house for terrorists. Also get rid of locks on car doors because we might want to randomly search your car
First step to banning encryption all together? Why does this guy strike me as a "The internet is a series of pipes" kind of guy?
And I would like some evidence that this default "gather up and record everything" mode of spying has paid off, I don't believe I've seen any hard evidence it's stopped anything, in fact I have seen several articles that state it hasn't stopped any attack.
Personally I believe Apple, Microsoft and Google (along with others) will have something in place to aid the decryption, I see the tech giants, the NSA, FBI, as the digital portion of the MIC.
They work together, and the only concern of the corps is that they have deniability if discovered, you know like Apple's got fail SSL error.
Hell he might be bitching about it just to get people to think it actually works, and make them complacent again, like most were prior to Snowden.
"If any question why we died, Tell them because our fathers lied."
then you and government and military can't have any either.
I never understand why people consider it news when someone takes a position that is 100% predictable given who they are.
Sheesh, evil *and* a jerk. -- Jade
" They only want backdoorsâ"to break encryption, but just for the good guys."
And
"âoeThe FBI makes this proposal to look like theyâ(TM)re looking for a simple law to add a simple feature,â says Robert Graham, CEO at Errata Security. âoeBut when you look into it, what theyâ(TM)re really asking for is dramatic, itâ(TM)s a huge thing. Theyâ(TM)d need to outlaw certain kinds of code. Possessing crypto code would become illegal.â
But that boat has sailed, just ask Zimmerman.
09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
so they can have access to and control your life. Fuck those who want to control anyone with laws that go above natural and common sense laws.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
So everyone willingly turning encryption on is deem suspicious and give them appropriable cause to fuck their life up. Great idea, fucktard.
What an ass.
When they pry it from my cold, dead fingers!
Ooogoooo boooga
The government has all the power here. They can easily OFAC the crap out of any security chip that can't be owned by side channel attacks. Judging from laptop TPM scene where vendors have gone as far as enumerating list of vectors they don't even try to defend against... seems to me like open season for anyone with the resources to pull it off.
Anything protected directly by user entry into a smart phone is bound to have no usable entropy by itself anyway.
Failing this we have baseband processors with full read write access to OS memory to reduce material costs. I would be surprised if there was a consumer baseband on the planet without capability of being field "upgraded" by Agent Smith... at least from various accounts of ancient feature phones being turned into bugs.
While I don't doubt encryption will make things more difficult if/when it catches on you can bet the feds will invest in beating it and they will win at least for the subset of people who don't really care about security.
I have a feeling the bigger issue with ubiquitous encryption for TLAs is that when everyone uses encryption then the ability to use the fact that encryption was used to justify suspicion evaporates... that's what I think they are really afraid of.
A law that will affect innocent citizens and dumb criminals. The criminals the FBI is after will probably be aware of it and manually turn on encryption.
I wouldn't want just anyone to know my bank password for example. Even if the feds weren't going to do anything malicious with it, if *THEY* can see it, then so can people with less honorable intentions.
File under 'M' for 'Manic ranting'
"The FBI makes this proposal to look like they're looking for a simple law to add a simple feature," says Robert Graham, CEO at Errata Security. "But when you look into it, what they're really asking for is dramatic, it's a huge thing. They'd need to outlaw certain kinds of code. Possessing crypto code would become illegal."
FTFY
Fuck Comey and all the Americans who want the rest of the world submit their lives to the US government.
> "There has not been a tradeoff between liberty and security in our response to terrorism in this country and in our efforts to offer security to the people of the United States," said James Comey, now the director of the FBI. Comey was the number two man in the Department of Justice during the Bush years when NSA and law enforcement surveillance of Americans grew to unprecedented heights. Now he's pushing to stop encryption by default on Apple and Android devices.
Asshole.
James Comey is
BWgSZ9ZYLw5I kmoBvJiRvnO7uQU9x6NoYlKBOaO vmb3df8lNwkgeFc30rNPB9kh09Fr61CxW24IkH3YWKRe8H YdTd8YHzpRBMQJcwyxn+O3cUPQ4sP2dN4GEA/9v17IipHz12Bon8o7dc0o8UaOj3tl Pr19cq3meoufARx7PLJ0SKclb3LG7SxW+GTISS1cRGpDRr d0NvdC8lHHkfyDx5YGnIp DUgQa9lMCpQbHSln40 LCosKrQamj4Ni27wIbikaSWV+IiDsn jyfc7eLKlq QSOgCFzMsBglGzC2+j9HifrKU/z9Fzc8HZ3UiaQahMiOj EnohZdYQqCdPAmeZlEkK/qaZBtwA13A BLrbolhR0C/NSgvA hPZzh7oj33/LHPY8tC TP7zXULYP/RsccmOc aS88VzbzOAaRwEf9KCu1YtKICdVyGlYhn5IN4q vM80+vNtkc0QiRUdKW
And I'll tell him that again to his FACE!
HA! I just wasted some of your bandwidth with a frivolous sig!
Apparently, James Comey has never read a single news article. Well, news tend to cause anxiety so the fire-the-civil-rights-violation-and-forget-it-ever-happened is the low stress way of surviving the work day.
... or will he just keep it on his own private server and then wipe that before we can see anything, like his administration colleague Hillary did with HER government emails? The private server trick kept all Hillary's stuff from all lawful FOIA requests and/or subpoenas (as government work product, that stuff was government property UNLIKE OUR E-MAIL). Some of us are apparently "more equal" than others of us.
Several points everybody should remember:
1. Banning encryption for Americans will do NOTHING to prevent terrorists from using encryption; it's EXACTLY like the gun control arguments - the only people who obey are the people who were not gonna do the crimes anyway and the people who are out to do mass murder are not going to blink at violating a gun registration or encryption ban law.
2. Even though they've been snooping on everybody's e-mails, web browsing, and phone calls, these very same feds failed to prevent a pair of jihadi freaks from going to Garland Texas last week to attack a "draw Muhammad" event which was [A] an event known to draw homicidal jihad outrage [B] at a fixed and publicized location [C] at a publicized date, [D] at a publicized time, [E] was created by a woman on jihadi kill lists, and [F] had a publicized guest known to be on a list of people every jihadi should try to murder. If we are trading liberty for security, we are being ripped-off
3. When our founders wrote the 4th Amendment ("The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.") they did NOT include a clause that said "oops, unless the government is on the lookout for an enemy". The US had enemies at the time. They would NEVER have tolerated a government going through all their travel plans and all their mail secretly and without warrants!!!!!!. George Washington used encryption to communicate with his spies and you can be absolutely certain he would have disapproved of the British being enabled to crack HIS encryption.
Our current crop of dirtbag leaders should all be brought before a tribunal of citizens, convicted of treason, stripped of their citizenship, and deported. ..... not a damn one of them is upholding the Constitution they swore an oath to uphold - and that goes for the judges too. As for such a tribunal being un-Constitutional, well "turn-about is fair play"; if THEY don't have to obey the Constitution, then neither do the Citizens. Until such time as the public becomes so outraged as to stand up together, the next best thing for individuals to do is to get on federal juries and nullify, nullify, nullify (your absolute Constitutional right, but which lawyers for both sides AND the lawyer in robes at the front of the room all want to fool you into thinking is not allowed, so you'll play their little Constitution-distorting games)
Lol, are you drunk? Most people are not going to pick up their guns an revolt against the government unless one thing happens: The government comes into THEIR town, and tries to take THEIR house/car/money/loved ones. Nobody is going to grab an AK-47 and march on Washington because the feds are reading their e-mail to grandma.
And the feds probably know it too, or else they wouldn't be doing it....
HA! I just wasted some of your bandwidth with a frivolous sig!
To have freedom citizens and government have to work hard every day. This guy wants all the benefits without working for freedom.
Every academic becomes a suspect because FERPA requires us to encrypt hard drives with student data and university policy requires us to safeguard research (especially patentable research). Doctors and other health care professionals are screwed.
All this BS from gun nuts about needing firearms to protect citizens from government wouldn't be such a pile if they would actually do it once in a while.
This is why we need encryption to be ON by default. So we don't let these idiots use that argument. The peasant public will always fall for it, it's for the children after all.
No matter how wrong they are they will always argue that encryption is suspicious until it is always activated by default. And with Snowden's revelation that is far from unreasonable to expect that from our software.
I live in a country [self censored] where my internet is monitored, STARTTLS is blocked, port 22 outgoing is blocked and I can be imprisoned for 15 years if I say the wrong thing. They started requiring ID cards to get a prepay SIM now too, they fear anonymous speech. It's a military dictatorship since last year after they [self censored].
You can't have Liberty if you don't have privacy.
Secure by default should ALWAYS be the policy pursued in software. People are afraid to change the default setting and if that default setting compromises their safety, privacy or otherwise puts them at risk then the default sucks.
When it's your job to catch bad guys, everyone starts looking like a bad guy
Anyone who follows the above approach ain't not going to catch many crooks
You simply do not catch crooks by hammering everybody and their dogs
Top crime investigators throughout history don't treat everybody like criminal. Instead, they put themselves in the shoes of the criminals so that they can get to see what the criminals see, think what the criminals think, and understand what the criminals gonna do next ... and then all they have to do is to set a trap for those criminals
And in the case of this so-called 'chief' of FBI, all I can say that under his tutelage FBI ain't going to achieve anything meaningful
Muchas Gracias, Señor Edward Snowden !
That's just one of the next steps. If encryption is off by default, turning it on will in itself become a suspicious act in the eyes of law enforcement types like these. "If you have nothing to hide you have no reason to turn it on. So why did you turn it on?" For this reason I say that government should not be allowed to know who of us made a conscious choice to encrypt our data; that choice itself is data of a highly private nature. And I suspect that this data is of interest to law enforcement as well. If encryption is on by default, not only are people safer from wrongdoers by default, but those of us who actually care about encrypting our data can remain "hidden in the crowd", so to speak.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
It shows again and again how poorly educated are people from Bush era.
This man created scandal last months trying blame several European countries for Nazi Germany crimes. Later apology are not enough.
He should be removed from the post.
No encryption is the problem but people who are in charge of national security. They have no clue or elementary education.
In order to trade off some of A to get some of B, you have to actually get some of B. In this case, we've given a lot of A and gotten nothing for it
I have read many comments here and what you have said is so very true I just need to add to what you have written
I came from China
I left China back in the early 1970's, way back when the entire Chinese society was in a turmoil, where nobody can live in peace because the social contract between the government and the people had broken down
A political struggle at the top echelon resulted in a power-struggle at every level, and power grab was everywhere ... the so-called 'Red Guard' was a by-product of power-grabbing exercises, mostly at the local level
Anyway, people at large in China had no say --- they kept on losing their liberty, their livelihood, even their lives, --- with some driven into madness and many simply committed suicide since they couldn't take it anymore
To put it in simple terms, to the average Chinese citizens, what they had gone through in between the late 1950's and the early 1970's was that everything they had was taken away, just like that ... yep, without any tradeoff
Now that I am an American, I am alarmed at the current development within the United States of America
The people in the USA will be facing the same thing the people in China faced, if nothing is being done to stop TPTB
What happened back in China was that there was no one who could stop Mao. Zhou En Lai tried his best to slow Mao's incessant hunger for power but he just couldn't muster enough strength to halt Mao in his track. All Zhou could do was to do patchworks here and there
Even Zhou suffered greatly during the social turmoil. His own daughter was brutally slaughtered by Jiang Qin, that feisty wife of Mao, and even with his own daughter slaughtered, Zhou couldn't do anything
The experience from China should be a lesson to the Americans ... that is, even if you have someone who has conscience INSIDE the power structure, it is still NOT ENOUGH when TPTB turns ugly
And if the Americans don't do something now --- frankly, even now, it may be too late --- they and their children will eventually be facing a similar fate the Chinese faced some 50 years ago
I certainly don't wish that to America, my adopted country, but I am afraid that too many of the Americans are way too brainwashed to be able to comprehend what is going on and what is going to come
Muchas Gracias, Señor Edward Snowden !
That really about says it all. With all the self created terror plots hes foiled, WHY should we trust this twit? Fact is we have no reason to.
... with people like this in control of anything.
now we need to go OSS in diesel cars
The problem is clearly with people other than you (assuming you are a typical American), yet somehow, the solution is to attack your civil rights. Does that not immediately raise a giant red flag to anyone?
Even in a world without encryption (digital) people can communicate secrets, all one has to do is look to the past. WWII they used Radio Broadcast to communicate secretly. So the FBI will still have to work for it.
Dear Mr. Comey:
You first.
Sincerely, the internet.
No, he also wants that encryption to contain flaws which will be guaranteed to be found and exploited by more than just the "good" guys. Just as we have seen done with other backdoors that criminals have found and exploited.
Or how about we make it a capital crime to run any sort of US-focused SIGINT within any branch of the US Federal or State government without a specific warrant that notes a maximum period of time, the medium being monitored, the exact group of individuals allowed to observe or possess the intercept, and the date or event which will cause it to be destroyed. It's almost the same thing as Mr. Comey wants - only the exact opposite?
imagine a soft, buttery paw gently pressing down onto a sleeping soldier's face. forever.
We can play the word games too. Instead of "encryption", let us start calling that kind of computing a "baroque data formatting" or something else. I am very confident coders can play much better than lawyers.
If Comey wants me to show whats in my wallet, he should do it first.
"There has not been a tradeoff between liberty and security..."
We have no way of validating this. So, based on previous experience, it is a lie.
Prove anything by multiplying Huge Number times Tiny Number
Because if you can't decrypt the encryption (and clearly they can't or they wouldn't be trying to illegalize it) how do you know it's encrypted and not just gibberish?
What about speaking "private"/"invented" or otherwise unknown languages? Will that become illegal also? Will there become a legal requirement that I be able to speak an understood language and only speak understood languages?
Slippery slope, here we come.
He also wants to hire more pot smokers:
“I have to hire a great work force to compete with those cyber criminals, and some of those kids want to smoke weed on the way to the interview,” he said, according to an account in the Journal.
Someone at the conference asked Comey about a friend who was deterred from applying for a job because of the policy.
What the hell is with all of the partial/cut off comments?
I will always be able to enable encryption manually, I don't use it for nefarious purposes. I use my phone for work, and I work in an industry where there is a LOT of industrial espionage. Whether you're protecting trade secrets, customer lists, whatever, there is a perfectly sound reason for encrypting your phone/computer(s). That said, the fact that I have to manually turn it on really isn't a big deal to me. At the same time, my Mom really has no need for it. The FBI can look at the stuff on her phone all they want...they're not going to find anything fun.
The correct answer is 42.
Wanting something turned off by default isn't the same as wanting it outlawed.
The new U.S. Attorney General is behind the latest push to outlaw encryption.
At least with me, this has backfired. I have avoided encrypting my phone for years because I thought it was a hassle and a risk for data loss. But, with all these people telling us how "bad" encryption is, I have encrypted my phone.
I think it would be great to live in a world without secrets or lies. You first.
You fail to realize that peaceful democratic political change sometimes happens behind closed doors, like hopefully, the firing of you.
Read the U.S. Constitution and the Bill of Rights, and check again to see if what you are doing agrees, or if you should go somewhere else.
https://www.youtube.com/c/BrendaEM
Go suck an egg, Mr. Comey.
Play Command HQ online
We have begun encrypting everything and we are going to expand on that. It WILL NOT STOP, laws be damned.
The DOJ must be controlled by a bunch of females. They feel they HAVE to stick their noses in everyone’s business.
"There has not been a tradeoff between liberty and security in our response to terrorism in this country and in our efforts to offer security to the people of the United States,
Last night the parking-lot exit from one of the terminals at Dallas/Fort Worth Airport was flooded.
This meant there were now only 2 ways to get out of the terminal: walk through the rain, or take the tram that connects the terminals.
The tram was inside security and most passengers had already existed security, either to get their bags or for other reasons.
Prior to 9/11, they had the liberty to re-enter security, take the tram to another terminal, and arrange for their ride to pick them up there.
Thanks to a "tradeoff between liberty and security" they were forced to either sit in the terminal for several hours while the flood cleared or walk out in the rain to get to another terminal (the buses that connect the terminals couldn't operate due to the floods).
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
So . . . he's not out to tap my phone - just the phones of everyone not smart enough to check and enable encryption on their devices.
*Whew*.
If encryption were off by default, and they want to ask me why I was using encryption if I wasn't doing anything wrong, I would tell them, entirely matter-of-factly, that my reason for using encryption is so that people with less noble intentions than what the government might claim they have may not also be secretly monitoring my communication, with the intent of trying to gain access to important things that I feel I should take measures to keep secure, such as my finances. I would then ask them whether such concern on my part, even if they may hypothetically characterize me as paranoid (which I do not allege, but even if it did), somehow automatically make *me* a criminal as well.
File under 'M' for 'Manic ranting'
OR
You can have my encryption when you pry it from my cold dead hands.
OR
You actually think terrorists will obey anti-encryption laws? You're a special kind of stupid, aren't you?
Thank you, I'll be here all month. Try the veal.
It ain't what they call you. It's what you answer to. http://mylyceum.us/
Yes, I know RSA has been broken.
I've known a good number of FBI agents and career employees and none of them were sociopaths or bullies. TBH they were much nicer people than 50% of corporate middle managers.
Director Comey is a career prosecutor whose first connection to the FBI was having been politically appointed to run it.
If you want to monitor my communications, get a warrant. Otherwise, they're violating the 4th amendment. If they are going to argue that we should have nothing to hide if we are not doing anything wrong, I must ask why the government keeps secrets from its citizens - after all, we are also the "good guys". Any reason they have for not trusting citizens with access to their "secrets" would stand as a good reason why citizens would not trust these agencies with ours.
They probably already have the ability to get all the information they want/need regardless of encryption. This could just be a way to placate the public when this ridiculous idea is eventually shot down and declared "a victory for privacy". If this was really a thing, it seems likely that we would have heard about it pre-Snowden.
Just exploring the possibilities.
He's totally wrong about this issue. But this is the guy who stood up when Bush administration thugs (Card and Gonzales) tried to get the Justice Department to sign off on their warrantless wiretapping program. He refused, prevented them from going around him and later threatened to resign: http://www.washingtonpost.com/... You can disagree with him on encryption (and I do), but this is not a guy who has no respect for the Constitution.
Which goes to show that no one is applying discretion when enforcing these rules. Providing exceptions when the situation calls for it is required in many situations. Things like allowing people to use an emergency staircase while an escalator is under repair, or allowing drivers to cross the double yellow when there's a fallen tree blocking the lane for your direction of travel. In the case of DFW airport case they should have simply allowed people to re-enter security (provided they comply with all the rules, obviously you can't bring your checked baggage through if it contains things that cannot enter the secure area) would have been immensely helpful.
And they certainly could have. For years the only currency exchange in town was located in the secure area of the airport. Customers would go to a TSA office outside the secure area, provide ID, sign a log and be given a photo ID pass to enter the secure area for a short amount of time (I believe the default was an hour). The pass was to be handed to the TSA agent guarding the exit, and they would reconcile the returned passes with the sign in log. Not sure what happened to you if you forgot to return the pass, and wasn't particularly interested in finding out.
There has not been a tradeoff between liberty and security in our response to terrorism in this country and in our efforts to offer security to the people of the United States
is an attempt to take advantage of this:
http://en.wikipedia.org/wiki/S...
and the reason it will succeed is that those who are smart enough to know better than to make logic errors in public don't make them in error. They make them because they are selling something. And if they are selling it in the open, their sales pitch is just the tip of the iceberg.
Any guest worker system is indistinguishable from indentured servitude.
The greatest danger to people in law enforcement and related areas) is not the violence they face every day (directed at them or others) but in a warped view of the world. After dealing with so many criminals it's very easy to fall into the mindset that everyone is a criminal in some way or other. What the people see as protecting their rights and liberties these people all too often see as suspicious behaviour with probable criminal intent.
No. Never.
I also have a suggest as to how you could spend your next hour, but I suspect you will respond as I have responded to you!