Slashdot Mirror
Manhattan DA Pressures Google and Apple To Kill Zero Knowledge Encryption (thestack.com)
An anonymous reader writes: In a speech to the 6th Annual Financial Crimes and Cybersecurity Symposium, New York County District Attorney for Manhattan Cyrus Vance Jr. has appealed to the tech community — specifically citing Google and Apple — to "do the right thing" and end zero-knowledge encryption in mobile operating systems. Vance Jr. praised FBI director James Comey for his 'outspoken' and 'fearless' advocacy against zero knowledge encryption, and uses the recent attacks on Paris as further justification for returning encryption keys to the cloud, so that communications providers can once again comply with court orders.
Event the Old York Times had to pull its crap article about encryption.
A Manhattan DA is going after a California based company that has its manufacturing in China and most of its assets in Ireland. Yeah. Good luck with that.
Seven puppies were harmed during the making of this post.
but the terrorists in Paris seems to have used plain old unencrypted SMS, in French no less. http://arstechnica.com/tech-po...
- Henrik
- when the Shadows descend -
In a time when leaders are getting more stupid the issues are getting super complex. And that scares the shit out of me.
This particular anti-encryption movement isn't putting a gun to our economy's foot, it's putting a gun to our economy's head.
after-endless-demonization-encryption-police-find-paris-attackers-coordinated-via-unencrypted-sms
https://www.techdirt.com/artic...
If governments urge you not use a specific type of encryption, then you know you are using it right.
Freedom for safety... what could go wrong?
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
"Manhattan DA Pushes for Zero Knowledge Policy"
You're welcome.
Please provide verifiable numbers to support your position.
Zero-knowledge encryption? Sounds like they're trying to invent some new buzzword to try to make something almost no one could argue against, secured communications and records for banking, conversations & confidential information (medical records, personal matters, etc). It should also be noted that there is a really good reason for this move to decentralized encryption, the feds simply couldn't keep their hands out of the cookie jar. That and there are no indications that allowing the government full access to communications has any effect on terrorist activity, its pretty obvious that they were hoovering information before 9/11 and it didn't stop that, they've created massive data centers and tied in with ISPs throughout the globe and they didn't stop Paris, Metrojet Flight 9268, Boston or any of the other major attacks. I find it disturbing they can argue for ever increasing levels of surveillance when the massive levels they are already spending tens of billions of dollars and not stopping a few nuts chatting over text messages.
Is he related to Jimmy Carter's secretary of state Cyrus Vance? The one who had to resign after a botched attempt to save the US hostages in Iran in 1979?
The more power you accumulate in one place, the more that place will attract greedy psychopaths and power-mongers. Imbalance of information knowledge is power and the key to domination. Encryption while on the grid is one of the few ways we have to prevent an accumulation of power that can be abused by those attracted to it. It puts everyone closer to the same footing. Equality of power in each citizen is what made our country strong. If we want to save lives from devastation over the next couple of generations, maybe we should make encryption stronger and invalidate any secret courts and secret laws... because... you know... imbalance of information.
The "stupid" leaders you speak of have succeeded in creating the largest, most expensive, most powerful government AND world empire (with military bases in some 150 countries) in the entire history of mankind. In terms of business, this kind of growth is way beyond a home run -- even calling it a grand slam doesn't do it justice. This is a business achievement that simply cannot be topped, period.
... you were wondering what to do with those hundreds of billions of dollars of cash. Here's a good use for one of them.
It used to be in NYC you could see buildings and buses plastered with the images of the misfits - the troublemakers; Apple roared into its current success on those precepts. Now it's time for a massive pro-privacy campaign on the same or larger scale.
Fix this - it'll be a good investment for the shareholders.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
US Rep. Joe Barton Has a Plan To Stop Terrorists: Shut Down Websites
Manhattan DA Pressures Google and Apple To Kill Zero Knowledge Encryption
Both a negative story about dumb politician trying to overreach after the terror attacks in France. One has a name of politician in the headline and party affiliation in the summary while another doesn't include name of politician in headline and information on party affiliation isn't found in summary nor linked article. I guess it's time to play the classic game of Guess That Party!
Government is supposed to be a social contract. You cant take away people ability to protect themselves from data theft without a guarantee of payout.
I feel that my data is worth 150 billion dollars. You can have my encryption keys but if I suffer a data breach then you have to pay me out.
I'll probably use the payout to fund an independant open source "zero knowledge encryption" standard with an easy open free distribution.
Oh, and hand them to use on a silver plate.
And pay us 7 digits a year.
And we want a pony too!
What? It makes our citizens LESS safe and more likely to get ripped off?
FUCK THEM! As long as we're getting our sheckel, hookers, blow, and a big check for no actual work, we don't give a fuck!
Chas - The one, the only.
THANK GOD!!!
I guess that means we're on our own to find a solution.
“He’s not deformed, he’s just drunk!”
Wow, the ghost of Christmas past comes back to haunt us, sending their kid to do their dirty work. Do we have any fresh blood in this business? Over and over again we see the same old names.
Eh, regardless, I know it's a pipe dream, but let's hope some backlash will spring up out of this.
“He’s not deformed, he’s just drunk!”
What we really need is fewer Zero Knowledge DAs.
Pre-broken encryption is as bad as it sounds.
The encryption is genie is already out of the bottle - there are already apps available to facilitate encrypted communications. The government seems to think that if they add encryption backdoors to newer apps/services that the terrorists will be dumb enough to use them instead of what's available now.
... and yeah.. then nobody else would develop it. This method is so freaking effective.
Do the right thing is to have strong unbreakable encryption with no back doors. That Manhattan DA needs to get his head out of his ass and do some friggin' research. He should know first of all that all this spying by NSA has produce ZERO results--no terrorists have ever been caught by this kind of spying. Second, the Paris attacks used unencrypted SMS.
Having zero knowledge about encryption's really not effective anyway. Advocating for there to be education about it is wonderful!
[/sarcasm]
I wish...
If you want your freedom, tell your elected representatives to stop importing terrorists and the populations that they hide in.
It seems to be that we can pick not more than two from the set (Security, Freedom, Multiculturalism).. Find me another culture, anywhere on the planet, that respects freedom the way we do, or at least once did, and I'll reconsider. Until then, I'm sticking with the evidence at hand.
We have freedom, and we have multiculturalism, and people are realizing that we don't have security. We want security, so we need to choose. Do we get rid of the people that hate us? Or do we get rid of our freedom?
(And yes, I'm aware that "get rid of the people that hate us" includes a lot of people that don't hate us, but are otherwise indistinguishable. Some may be willing to trade their freedom or security for them, but I suspect that most will not.)
See that "Preview" button?
When are all these idiots going to realize that if WE the people don't have strong encryption, then TERRORISTS and CRIMINALS will be able to get at OUR vital information to get US?
Security vulnerabilities put the general population at FAR MORE risk of harm than it puts terrorists at risk of being captured!
Even a "government only" back door is just one leak or discovery away from being everyone's security vulnerability.
--PeterM
Putin's, peace be upon him, strikes against ISIS are, at best, half-hearted and at worst a sham. He is not fighting against ISIS, he is fighting for Assad — a decades-long client of the USSR/Russia. Because of Russia's strikes against anti-Assad fighters, ISIS was, actually, been able to gain ground in Syria on several occasions.
Considering the post-tragedy rise of Le Pen and other European nationalists, who tend to be Putin's, peace be upon him, clients themselves, one may argue, Putin had a hand in the Paris-attack himself. Whether that's true or not, the sentiment such as yours certainly illustrates, how he benefited from it.
I have no love the Nobel Peace Prize winner we are saddled with — his foreign policy is as destructive as the internal ones — but praising Putin seems outright dumb. Obama will be gone in a year, Putin will remain a menacing danger for as long as he lives — and the asshole is fit, hale and healthy...
In Soviet Washington the swamp drains you.
When guns (or encryption!) are outlawed, then only outlaws will have guns (or use encryption)!
Why can't you understand that!? FIND ANOTHER WAY!
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
What is being danced around here is the fact that, messages that are encrypted are almost assuredly already given a higher "score" in the SIGINT world than non-encrypted messages.
That is likely one of the reasons the Terrists in Paris used UNENCRYPTED SMS to communicate. So the "signal" gets lost in the "noise" of a gazillion other SMS messages-per-second, instead of creating a "Sore Thumb" by being "encrypted".
And it is a foregone conclusion that another staple of SIGINT, the "connections" and frequency-of-communications between one known bad guy and others is often as important, and sometimes even more important, as knowing the CONTENTS of the messages themselves. And that kind of "signal" is much harder to eliminate.
If bad guy "A" communicates with bad guy "B", who then communicates with bad guys "C", "D" and "E", who then communicates with unknown guys "F" through "AA", even without knowing the contents of those communications, we have gathered enough intelligence to start actually surveilling some or all of those people, which WILL, in short order, reveal what is being planned, and by whom.
So, if we outlaw all "cipher-based" encryption, the real baddies will simply build "codes" that ARE cleartext, and APPEAR to be innocent "what's up? Wanna do lunch?"-LOOKING messages; but are in fact, messages of a far more nefarious sort. And so in the end, the terrists continue to have the jump on law enforcement, and all of us regular citizens lose the ability to have private, encrypted communications with business partners, friends and family, or just because we don't particularly like writing our emails on postcards.
Imagine if the DA went around saying, "we need to have a key to your bathroom door." With a bathroom door it sounds hilarious, but that's basically what he's saying.
I believe you're looking for Section 1008.1.9.5.1 of the International Building Code:
Closet and bathroom doors in Group R-4 occupancies.
In Group R-4 occupancies, closet doors that latch in the closed position shall be openable from inside the closet, and bathroom doors that latch in the closed position shall be capable of being unlocked from the ingress side.
Stupid? HA! "They're wonderful excuses" is what they think.
The only stupid people are those thinking the same people clamoring day and night for the removal of human rights would do anything but smile inwardly and capitalize on so useful an occasion as a a few dozen or hundred corpses of folks that don't matter and a nebulous "enemy'. This is their chance to nip that filthy technological privacy in the bud, before their nonstop plundering and corruption lands them in a popular revolt arranged beneath their noses through high-tech means that even their heavily armed 'peacekeepers' can no longer easily contain.
Have gnu, will travel.
That is terrorism by definition.
Send him strait to Gitmo NOW!
Sent from my ASR33 using ASCII
Legal ethics? Isn't that an oxymoron like Government Intelligence?
This post is a perfect example of why social conservatism is stupid.
You want to oppose importing terrorists eh? How do you go about doing that, pray tell? First of all, just in case you weren't aware: all of the successful terrorist attacks that happened in France weren't caused by Syrian refugees. They were carried out by people who emigrated years prior, who'd been setup as sleeper cells until the time was right to strike. So what do you do to prevent them from entering the country? Prevent anyone who looks vaguely Arabic from entering? That's millions of people you're suddenly blocking there to prevent 0.01% of them (if that) from entering.
But that's not all, is it? There are already millions of them on your soil. Do you kick them out too? People who might've been here for generations, who have families, friends, a job and are perfectly normal citizens? Because if you don't, that leaves hundreds of possible sleeper cells around.
And then, that's not even solving the issue fully. There have been terrorist acts carried out by converted Westerners too. How do you go about preventing that? Ban Islam entirely? That's again millions of people, some of whom have been here for so many generations they're an integral part of your country's history. Plus, it won't really help, since those converted people know how to act "normally" since they've been raised that way and were only converted later on.
But no matter, even if you fixed that miraculously, you'd still have school shootings and crazies like Anders Breivik who are literally indistinguishable from the rest of your population and who can carry out atrocities just as well as that horrible Muslim you're so scared of.
Here's the funny thing too: regardless of where you stop in this dangerous trend, you've still created two classes of people: those who can live in your country and those who can't. You've removed their freedom to "protect" yours. You've failed to achieve what you set out to do, unless you are so egotistical to only care about yourself. And if you're American (which is a pretty good guess from the tone of your post and the website it was posted on), you've also gone against the one thing that made it into what it is: that everyone stands equal and everyone has a chance. Now you don't stand a chance if your skin is brown. Welcome to the Confederacy.
TL;DR: Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.
Just the audacity of them makes me pissed off.
I'm a good cook. I'm a fantastic eater. - Steven Brust
Comment removed based on user account deletion
Here's the funny thing too: regardless of where you stop in this dangerous trend, you've still created two classes of people: those who can live in your country and those who can't. You've removed their freedom to "protect" yours.
It's a little worse than that.
However you go about deciding which people to exclude, you still have to solve the practical problem of how to effectively keep them out while allowing the privileged class to enter. This means gates, guards and ID checks, which in turn require processes to identify people and issue ID documentation, and creates opportunities for errors and abuse. All of which means that the privileged class must also sacrifice some amount of their own freedom in order to build the filter and make it work.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
He resigned before the attempt.
I live ze unknown. I love ze unknown. I am ze unknown.
They are doing this because, if they didn't, somebody else would offer apps to do it and then take over part of their ecosystem.
Heh. As one of the engineers at Google who builds Android device encryption, I'd say that we do it because that's how it should be. But it should surprise no one that engineers who gravitate to positions like mine are people think everything should be encrypted and that only the person who owns the data should have the keys.
And it would be fair to point out that people who share such privacy concerns do not gravitate to Google corporate management. For example they of course believe it is quite legitimate to scan people's emails so that advertising may be more accurately targeted. Your "we" as in "we do it because" refers more to your specific team members and less to Google in general. Google as an organization is no champion of privacy, it is a targeted advertising company after all.
Ok, but can we also do something about the zero knowledge politicians?
You're right and there's only one sure-fire solution. Kill Everyone. Without exception. Nuke the entire planet. Only after everyone is dead will we be safe.
If telephones are outlawed, then only outlaws will have telephones.
And it would be fair to point out that people who share such privacy concerns do not gravitate to Google corporate management.
I don't think that's at all true. It's certainly not consistent with those in my management chain with whom I've interacted (which is all of them except Sundar). It's also fairly irrelevant, since Google is a very bottom-up organization. Management decided to staff an Android security team, but they really don't tell us what to do.
For example they of course believe it is quite legitimate to scan people's emails so that advertising may be more accurately targeted.
Sure, as long as the people in question have agreed to it. I have no problem with that, at all. Personally, as long as it's relatively unobtrusive, I'd much rather pay for content with my eyeballs than my dollars, and if I have to see advertising I prefer that it's relevant, so Google's model is a win/win for me. Not everyone feels the same way, of course, which is why Google provides tools to enable opting out of analytics and targeted advertising. In most cases while still allowing opted-out users to use Google's services.
Google as an organization is no champion of privacy, it is a targeted advertising company after all.
Those things aren't inherently opposed. There's nothing anti-privacy about a business model based on users voluntarily providing information to enable targeted advertising, as long as the company takes due care to protect user data. The key word there is "voluntarily", obviously. As for "due care", Google does an outstanding job of protecting user data.
it is a targeted advertising company after all.
It really isn't. That may seem a strange claim about a company that derives 90+% of its revenue from advertising, but it's true nonetheless. Google's biggest current products are most effectively monetized with advertising, true, but Google as a whole really isn't focused on advertising, and isn't particularly even concerned about building stuff that drives advertising. The mandate is to build stuff that the whole world will want to use, and then we'll figure out later how to make money from it. In many cases, advertising fits the bill. In others, SaaS is better (that's mostly what has driven advertising from 100% to 90%). Increasingly, I expect Google's revenues to start coming from hardware sales.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
because terrorists that know about this (all of them) will somehow *not* go out of their way to use zero knowledge encryption systems that are already widely available when they become illegal? How would this prevent anything other than law-abiding citizens being kept from their privacy? Ugh.
Ask Israel how they did it, and how well it works.
Procedure:
1. Browse in mobile browser to https://mynewencryptingwebpage...
2. write "top secret message" into text area in my newly hosted encrypting web page,
3. Enter email address or phone number I will be sending to in second field.
4. Press (encrypt) button, cleverly labelled (Post) instead.
5. Copy encrypted ciphertext from https://mynewencryptingwebpage...
6. Send ciphertext by email or sms
7. Recipient procedure is left as an exercise for the reader.
Where are we going and why are we in a handbasket?
Fuck you and the spam bot you rode in on, APK. I'm trying to read a relatively sensible discussion and suddenly I have to scroll through a dozen screens full of your petty minded auto posted drivel. Absolutely nobody reads all the way through your rants. Nobody is going to see that and think "shit, you know what, he's right! Coren22 does have to eat his words! Thank you apk for making me see the light!". Do you know what everybody seeing your script sputum thinks? They think "oh for fuck's sake not this shit again" and scroll on by until the grown up conversation starts again.
Yup, let's get rid of all the White Christians in this countries. Not all of them are terrorists sure, but we have overwhelming evidence that they purposely were engaged in an ongoing campaign to kill the natives residents with guns and disease and import their barbaric eastern legal practices to replace the existing system of laws. Why should we trade our freedom away just so that these genocidal maniacs who hate us can go free?
Management decided to staff an Android security team, but they really don't tell us what to do.
Of course not, but senior management funded the Android project beyond an experimental phase because senior management had a plan on how to generate revenue. And advertising was a major component of that plan, of establishing control over a large portion of mobile advertising. Advertising was not an afterthought, it was a justification for the investment required to take the project to the scale of a major mobile device platform.
For example they of course believe it is quite legitimate to scan people's emails so that advertising may be more accurately targeted.
Sure, as long as the people in question have agreed to it. I have no problem with that, at all.
Things are not that simple. Google relies on the fact that people do not read terms of use agreements and do not change default settings. So the default is opt-in. Your argument would be far more credible if the default policy for Google products were opt-out. But default opt-out is not what an organization that is at its heart a targeted advertising company would do, default opt-out is something that a true technology company would do.
Google as an organization is no champion of privacy, it is a targeted advertising company after all.
Those things aren't inherently opposed. There's nothing anti-privacy about a business model based on users voluntarily providing information to enable targeted advertising, as long as the company takes due care to protect user data. The key word there is "voluntarily", obviously.
"Voluntary" in a legal sense, not a moral sense. The "moral sense" is lost by leveraging the ignorance and laziness of the average user. Again, default opt-out.
As for "due care", Google does an outstanding job of protecting user data.
That is not a completely altruistic move given that such user data is also a valuable business resource that Google would not want competitors or clients (advertisers) to have access too. Keeping a user's "profile information" private is absolutely required for Google's targeted advertising business. It must protect its position as the required middleman between customers (advertisers) and users.
it is a targeted advertising company after all.
It really isn't. That may seem a strange claim about a company that derives 90+% of its revenue from advertising, but it's true nonetheless. Google's biggest current products are most effectively monetized with advertising, true, but Google as a whole really isn't focused on advertising, ...
That is a pretty strong case of denial there. :-)
... and isn't particularly even concerned about building stuff that drives advertising. The mandate is to build stuff that the whole world will want to use, and then we'll figure out later how to make money from it. In many cases, advertising fits the bill.
Absolutely untrue. How to make money, and advertising being a large part of the answer, was determined *before* projects like Android, Gmail, etc received the funding necessary to take them from an experimental phase to a large scale project for the public. Do not think that the entrepreneurial like experimentation that is fostered at the "small" scale, and a long term focus rather than the quarterly report focus, is evidence of not being focused on advertising. Its evidence of being very smart and well run, which may be something novel in the advertising field but not mutually exclusive.
In others, SaaS is better (that's mostly what has driven advertising from 100% to 90%).
Diversification is good. And its an excellent domain to expand into, but this doesn't chang
When encryption is outlawed, only the terrorists will have encryption. We can't unlearn the maths. Banning it serves no purpose.
"Zero Knowledge" has a definite and clear meaning in cryptography: It applies to protocols where Alice can prove to Bob that she has a certain secret, without Bob learning anything about the secret itself. This has nothing at all to do with message encryption.
These people presume to lecture us about encryption, and they do not even get the very basics right?
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Simple: Just allow government agencies and their chosen representatives any and all uses of this data.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Obviously stupid posting is stupid.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
What you described above is true about the current president's father - Hafez al Assad. He was indeed a thug, and a terror ruler, rivalling both Saddam and Gadaffi. He backed Hamas, Islamic Jihad and Hizbullah. He engineered the assassination of several Lebanese leaders, particularly their president elect Bashir Gemayel. He massacred thousands of people in Homs in response to a Muslim Brotherhood uprising. During the Iran-Iraq war, he supported Iran, and during Operation Desert Storm, he supported the US, given his hatred for Saddam. He opposed Egypt's and Jordan's peace deals w/ Israel, and therefore caused the Golan Heights to get annexed by Israel. Just like Saddam remained in power by having control of his military and curbing the Shias and Kurds, Hafez Assad kept hold of things by curbing the Sunnis of his country.
His son, who succeeded him, is a completely different character. He started his reign like Gorbachyev, trying to bring in reforms. However, once the Arab Spring rebellion started, just like others in Tunisia, Libya, Egypt, Bahrein and Yemen, his hands were forced. Unlike the other Arab countries, which had largely monolithic Sunni Arab populations (except Bahrein and Yemen, one of which got occupied by Saudi troops and the other is now in a civil war), quitting was not an option w/ Assad, not just for his own safety, which could have meant him going the Gadaffi or Mubarak way, but also not an option for the Alawite led Baath coalition of Alawites, Druze and Christians. So the fact that there was a significant portion of the population ready to back him was what plunged Syria into a civil war.
I'm no fan of Putin, but I'm w/ the Russians on this one. In the early part of the civil war, before ISIS/ISIL became a big player, the US backed rebels - the Free Syrian Army - were guilty of ethnic cleansing of Allepo and Homs of Christians. Under the Assads, Christians lived relatively peacefully in Syria - like in Iraq, but unlike in Egypt or Lebanon. Once the US troops left Iraq, the new 'democratic' regime of Maliki and Haidari allowed pogroms against Christians, who then fled to Assad's Syria for safety. Once this civil war started, both Iraqi and Syrian Christians started fleeing to Lebanon, and then abroad. On one hand, the US doesn't want to discriminate b/w Muslim and Christian refugees from Syria, and yet, they're opposed to Vlad propping up the Assad regime. Well, they can't have it both ways.
Russian support to Syria is what has prevented a bigger bloodbath than there would have been. Going forward, it's hard to see Syria remain a single country. It was a bad model in Iraq, and remains one in Syria. A partition of the region along ethnic lines - w/ independent countries for the Kurds, the Druze, the Sunnis, the Alawites would probably be the best solution - for both Iraq and Syria.
All that said, Assad's regime is nowhere near those in Pyongyang or Havana in terms of brutality. What Syria has going on is a civil war not b/w the supporters and opponents of a government, but b/w the majority ethnic group - Sunni Arabs - vs the rest.
There is no "Zero Knowledge" encryption. The term "Zero Knowledge" stands for something else entirely in cryptography. These people do not even understand basic crypto terminology.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
You're conflating two completely different things.
Device encryption is one thing.
People using a free service _in exchange for advertisements_ is completely different.
Plus, isn't it true that corporate gmail DOESN'T do this type of scanning? I thought I had read that, or maybe it was only the educational version.
This is the same nonsense they tried to advocate in the 90s with the key escrow stuff. They're counting on people having short attention spans and short memories.
Well, the answer was "NO" then, and it is still "NO" now! Deal with it! Do you jobs! And stop being so goddamned lazy!
People using a free service _in exchange for advertisements_ is completely different.
Perhaps if it were a default opt-out system, but its not. The current default opt-in system leverages user ignorance and laziness.
Plus, isn't it true that corporate gmail DOESN'T do this type of scanning? I thought I had read that, or maybe it was only the educational version.
I think what Google clarified is that no humans are reading the email, that it is an automated process.
"Google’s ads use information gleaned from a user’s email combined with data from their Google profile as a whole, including search results, map requests and YouTube views, to display what it considers are relevant ads in the hope that the user is more likely to click on them and generate more advertising revenue for Google."
http://www.theguardian.com/tec...
To Google targeted advertising is a "feature" of their email scanning like spam and malware detection.
Plus, isn't it true that corporate gmail DOESN'T do this type of scanning? I thought I had read that, or maybe it was only the educational version.
Found more info, yes, Apps for Education is exempt, users may be minors and that is a touchy legal thing. As well as Government, which also has legal issues. However consumers, fair game.
http://www.pcworld.com/article...
If the court order demands you produce the data, and it's physically impossible for you to do it, that's not non-compliance. That's "hey retards, you DO realize you just demanded we do the impossible, go take a hike!".
There's absolutely nothing wrong (or unexpected) to do with refusing to do the impossible. Quit twisting words, the internet's pretty good at seeing through that crap.
I find it entirely gratifying to see companies that in the past have been getitng forced to cooperate with the government ignoring the people's rights finally being able to tell the criminals wearing the badges to get lost, without risk of arrest or prossicution.
I work for the Department of Redundancy Department.
....are to keep honest people out.
There is an assumption that with enough information we can foresee the future to avoid or stop these types of events.
Does anyone believe that?
And who cares whether encryption was used or not. Its a good tool with a useful and legal purpose. And nobody was harmed by the use of encryption. Criminals use all kinds of tools including, crowbars, phones, cars, running shoes... all of which assist them in the crime.
Apparently, ISIS twitter accounts were wishing their team in Paris good luck with their operations at least 72 hours before the attack. No need to spy on people. Just pay attention.
Only boring people are ever bored.