Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Tech Giants Ask Obama Not To Compromise Encryption

Posted by Soulskill on from the beholden-to-shareholders-vs.-beholden-to-voters dept.

An anonymous reader writes: Two industry bodies which represent Microsoft, Apple, Facebook, IBM, and others, have written to President Obama urging that the U.S. government not seek to legislate "official back doors" into encryption techniques. The Software and Information Industry Association and the Information Technology Industry Council sent the "strongly worded" letter on Monday, saying, "Consumer trust in digital products and services is an essential component enabling continued economic growth of the online marketplace. Accordingly, we urge you not to pursue any policy or proposal that would require or encourage companies to weaken these technologies, including the weakening of encryption or creating encryption 'work-arounds.'" The letter is the latest salvo in a public battle for secure communications, one that has reached the public eye in a way that few security stories do.

11 of 108 comments (clear)

  1. Re:Easier for US gov to call them ISPs? by Anonymous Coward · · Score: 4, Insightful

    After the last renewal of the Patriot act, wouldn't it just be easiest for the US government to name each of these companies an "ISP" so they'd be compelled to collect information on their (unencrypted) servers?

    And when they ("they" being industry, in a continued response to this attack on privacy) discover the government has done this maneuver and start encrypting said servers/services end-to-end, what will be deemed an acceptable configuration for ISPs then?

    The entire point of industry here is there should be no middle ground when it comes to weakening privacy. Justify your access through proper (read: Constitutional) channels, or piss off. You haven't proven that the abuse of this power is effective at doing anything but crushing consumer confidence.

  2. Back doors = Security Weaknesses by StandardCell · · Score: 4, Insightful

    No matter how well intentioned the government may be in requesting a crypto back door, all it does is open up a hole for potential criminals and state actors to steal information from individuals and corporations alike. Unless the government was somehow able to indemnify and protect all parties involved, there should be no back doors. End of story.

    1. Re:Back doors = Security Weaknesses by Anubis+IV · · Score: 5, Insightful

      Regardless of if the government was somehow able to indemnify and protect all parties involved, there should be no back doors. End of story.

      FTFY.

    2. Re:Back doors = Security Weaknesses by Anonymous Coward · · Score: 3, Insightful

      Well intentioned? Even if it worked perfectly so only the government had access, WHO THE FUCK TRUSTS these 'good guys'!

      NSA/CIA spies on Senate and nobody is prosecuted, FBI does bulk tracking wiretapping, and nobody prosecuted. Obama asks court to ignore legal rulings, we're heading into Presidential elections where every candidate has a big NSA file on him, and an out of control General capable of leaking it if they voice opposition to the spy machine.

      No good guys there.

      Even if it was for law enforcement only ...
      In the last few days alone, we've had policeman shoot a man in the back at close range with a kill shot, simply because he had headphones on and didn't hear an order to take his hands out of his pockets. We've had another attack kids at a pool party, luckily they stopped him before he killed one of them. Another in a long long long list of people shot, choked, or killed in dubious or illegal circumstance, with police officers acting as executioners.

      Who the fuck trusts the good guys because the police have killed far more innocent people than terrorists, and the spy machine has undermined democracy far more than China or Russia.

      Even a perfect backdoor is a bad backdoor if it lets the police (statistically more likely to kill you than a terrorist), access to your private data.

    3. Re: Back doors = Security Weaknesses by Anonymous Coward · · Score: 3, Insightful

      Especially when government can't keep its own data safe. Someone will break in and steal the private keys in days... rendering encryption useless worldwide.

  3. The Folly of Government by tmosley · · Score: 5, Insightful

    Wow, these idiots actually think that they will be the only ones with access to these back doors? They'd be hacked in minutes, and every secret that every American company had would be in the hands of the Chinese, Russians, and independent hackers.

    These idiot authoritarians need to be taught that their idiocy KILLS American business. But then, I guess they don't care. They think they can just print their way to prosperity.

  4. Not much the US can do. by bytesex · · Score: 4, Insightful

    Most of the recently proposed crypto algorithms aren't American. The cat is out of the bag - crypto is an academic subject now, and everyone's participating.

    --
    Religion is what happens when nature strikes and groupthink goes wrong.
  5. Weak encryption = No encryption. No exceptions. by sjbe · · Score: 4, Insightful

    Weak encryption is effectively the same as no encryption. Encryption has no value unless it cannot be broken. You cannot make encryption only weak for the "good" guys. It simply doesn't work that way and wishing will not make it otherwise. Any government official that argues in favor of weak encryption is either ignorant of how encryption works or is corrupt/self-serving and just wants their job to be easier without regard to the consequences.

    Yes I am fully aware that "bad" guys having access to strong encryption presents certain challenges. However weakening your own encryption to the government can spy on the populace will not EVER solve that problem.

  6. Ask Obama? by xdor · · Score: 5, Insightful

    What is this, the Third Reich?

  7. Back doors are weak for everyone by sjbe · · Score: 2, Insightful

    Are you saying that backdoor'ed encryption is a mathematical impossibility, or that it won't work in practice because the backdoor key will eventually leak due to hacking, rogue employees, etc?

    It is almost certainly a practical impossibility and I'm confident it is a mathematical impossibility too. A key is either possible to crack in a reasonable amount of time or it isn't. There is no middle ground. You can hand a key to whomever you like but if you create the backdoor by weakening the encryption then it is weak for everyone who would be interested in cracking said encryption. If the NSA can figure it out, so can others. Furthermore, each additional party you had a key to creates another vector for attack which is the practical problem. Even if the encryption were somehow secure we know from experience that keeping the systems that store the keys secure presents some security challenges that we are in no danger of solving.

  8. Re:TPP by koan · · Score: 3, Insightful

    Shenanigans like this wouldn't be happening if a Democrat were in office.

    You're joking right?
    R or D, new boss same as the old boss, no one gets into any position of power without being vetted and beholden to the status quo.
    There's literally no point in voting.

    --
    "If any question why we died, Tell them because our fathers lied."