Manhattan DA Pressures Google and Apple To Kill Zero Knowledge Encryption

An anonymous reader writes: In a speech to the 6th Annual Financial Crimes and Cybersecurity Symposium, New York County District Attorney for Manhattan Cyrus Vance Jr. has appealed to the tech community — specifically citing Google and Apple — to "do the right thing" and end zero-knowledge encryption in mobile operating systems. Vance Jr. praised FBI director James Comey for his 'outspoken' and 'fearless' advocacy against zero knowledge encryption, and uses the recent attacks on Paris as further justification for returning encryption keys to the cloud, so that communications providers can once again comply with court orders.

Except they used regular SMS

Event the Old York Times had to pull its crap article about encryption.

Re:Except they used regular SMS

[Richard_at_work]

Yes they did - but the message the Paris investigators found which led them to perform the raid on Wednesday was recovered from an unencrypted phone and not from traffic capture.

Don't get me wrong, I support zero knowledge encryption where possible, but having access to the phone contents reportedly did allow investigators to make headway in France.

Re:Except they used regular SMS

[unixisc]

While I'm ambivalent about Zero Knowledge Encryption, the above factoid - they used SMS - is tangential to the point in question. Yeah, the French Jihadis used SMS, but Jihadis everywhere else have been using whatever's out there - not just SMS.

I do oppose any attempts to ban this, since there is nothing stopping Jihadis from developing their own encryption codes and going totally dark on the authorities everywhere.

Re:Except they used regular SMS

[NotInHere]

since there is nothing stopping Jihadis from developing their own encryption codes and going totally dark on the authorities everywhere.

This is what they want to achieve, as when encryption is backdoored anywhere, its much easier to argue that everybody who uses non-backdoored encryption is a has something to hide and is a criminal suspect.

Re:Except they used regular SMS

[silas_moeckel]

Considering that unbreakable encryption that can be done by hand and used over any medium has been around forever. It's cumbersome to well.

Denying the public effective encryption does nothing to stop a terrorists from communicating it just lets the government pry into average citizens lives.

Re:Except they used regular SMS

[swillden]

While I'm ambivalent about Zero Knowledge Encryption

Personally, I'd really like to have an opinion on "zero knowledge encryption", but I can't figure out what the hell it is. From context I infer that he's using the term to describe device encryption, as done on Android and iOS. I know what that is, and wholeheartedly support it.

But I have no idea where this "zero knowledge encryption" label came from or what it's intended to actually mean. I know what zero-knowledge proofs are, and they're really cool, but they have nothing to do with device encryption.

I've got it! He's using the phrase "zero knowledge" to describe his understanding of encryption.

Re:Except they used regular SMS

They aren't actually after the terrorists. They're after everyone.

Re:Except they used regular SMS

[nine-times]

Still, the governments of the world have been asking us to give up on having any level of privacy so that they can "catch terrorists". I think they need to demonstrate some things before I can even think about accepting that idea.

1) There's oversight over the collection and storage of the data that guarantees that it's being used for that purpose. There's no possibility that it can be used for other law enforcement operations, for blackmail, or for looking at dick pics (thank you, John Oliver).
2) The program is effective. If you're collecting my SMS messages so that you can stop terrorist attacks, show me that you're catching terrorists that way. Don't collect SMS messages preemptively and then go, "Well after the fact, we found that the terrorists used SMS and we just didn't catch it. But after we caught people who were involved and found their cell phones, we thought it was kind of helpful to see those SMS messages."
3) Explain why the terrorists won't just change their methods. People say things like, "When guns are illegal, only criminals will have guns," and then the same people say, "We need to make it illegal to send encrypted messages that we can't break." It doesn't make sense.

That's just to start. I'll think about more questions when those can be answered.

Re:Except they used regular SMS

[mark-t]

They appear to be under the impression that the only reason one would have something to hide is because one has done something wrong.

Of course, nearly everyone has something to hide... and it is not because there is anything necessarily wrong. Does one wear clothes in public for example? Is there something wrong with their bodies that they feel they must do this, or do they do so simply because their bodies are private? Having something that you may feel is private or even something that you might feel somewhat embarrassed by if it were to be public does not mean that anything is amiss... it means you are human.

Re:Except they used regular SMS

[macs4all]

In other news law enforcement magically found multiple cells of terrorists in the aftermath of the Paris shootings. Yet they could not find these three suspects before they committed mayhem in the city? The government sat on intelligence hoping to be led to bigger fish instead of arresting the Paris shooters. I do not believe a damn thing the government says or the media reports. While Obama and Hollande twiddled their thumbs at least Putin struck back decisively against ISIS/ISIL in Syria.

This. This. A THOUSAND times This!

Meanwhile, we get "treated" to more and more Security Theater.

If the gummints would aggressively go after each and every of the credible leads they OBVIOUSLY have, the life of the Terrist on the ground would be seen as less and less "glamorous", and sooner, rather than later, the likes of ISIS/ISIL would start having "attrition" numbers, and lack of new recruits, that would start putting a severe damper on their plans for world domination.

And no, I don't believe that the "Martyr Effect" would work in their favor.

Re:Except they used regular SMS

[cfalcon]

> but having access to the phone contents reportedly did allow investigators to make headway in France

So, we have access to encryption (aka real encryption, aka zero knowledge encryption), and the terrorists were not using it. This then becomes an argument against real encryption. Of course, if the terrorists WERE using it, it would ALSO be a an argument against real encryption.

The story so far: Terrorists communicate without using Bibles, or encryption. Terrorists kill a bunch of people without using Bibles, or encryption. Later investigators find phones without Bibles, or encryption.

Nothing in this story involves Bibles, or encryption- if either one is inserted, it's because someone wants to take your Bible. Or more likely, your encryption.

Paris terrorists used regular SMS

[Henriok]

but the terrorists in Paris seems to have used plain old unencrypted SMS, in French no less. http://arstechnica.com/tech-po...

Re:Paris terrorists used regular SMS

but the terrorists in Paris seems to have used plain old unencrypted SMS, in French no less.
http://arstechnica.com/tech-po...

Irrelevent. Terrorism is the boogyman the government has forever linked to their justification for unlimited access to our private communications. It doesn't matter whether they use it or not, the government wants everyone to be scared into giving up more of their freedoms. Facts just get in the way of that.

scary

[MickyTheIdiot]

In a time when leaders are getting more stupid the issues are getting super complex. And that scares the shit out of me.

This particular anti-encryption movement isn't putting a gun to our economy's foot, it's putting a gun to our economy's head.

Re:scary

[gstoddart]

Not just the economy ... your privacy, your personal digital security, your freedom of association.

When these clowns say this kind of stuff, what they're really saying is "we need to be able to spy on everybody to make sure we can find the bad guys, if you're not a bad guy you'll be fine".

This is basically saying "if you have nothing to hide you have nothing to fear", and pretty much only fascists and tyrants say shit like this.

Western democracies, and the people who claim to be protecting us, are devolving into entities who claim they need to undermine our freedoms in order to protect them. They act like the old state police of the communist countries we spent 50 years in a cold war with.

They get these sweeping powers which are incompatible with our rights, claim they'll only use them for terrorists, and then come up with shit like "parallel construction" to commit perjury and lie about how they got it so they can make more mundane criminal charges stick. And, make no mistake, it's perjury -- it's a deliberate attempt to take evidence which would be inadmissible in court and obfuscate where it came from, including that it was technically illegally obtained.

So now they want to outlaw all forms of encryption they can't break so they can monitor everything. And then they'll inevitably take that information, pass it on to law enforcement.

There simply is no good outcome for citizens when government insist we not be able to have privacy from them, and then they can take everything we ever do and then retroactively decide we've broken a law.

This is about FAR more than your economy. This is attacking the very underlying premises of our societies.

When a fucking DA says shit like this, it says "we no longer give a damn about the law and your rights, it's far more convenient if we can just spy on everything everybody does and then decide who we need to round up".

And if he's stupid enough to not understand that if they can break it, the other bad guys can as well, then he's too fucking stupid to continue to hold his job.

so it must be good

If governments urge you not use a specific type of encryption, then you know you are using it right.

This is new, and somehow patriotic sounding...

[rmdingler]

Governors use a high profile, tragic terrorist attack to implement some freedom-strangling legislation.

Freedom for safety... what could go wrong?

New Headline

[PvtVoid]

"Manhattan DA Pushes for Zero Knowledge Policy"

You're welcome.

"zero-knowledge encryption"?

[Dereck1701]

Zero-knowledge encryption? Sounds like they're trying to invent some new buzzword to try to make something almost no one could argue against, secured communications and records for banking, conversations & confidential information (medical records, personal matters, etc). It should also be noted that there is a really good reason for this move to decentralized encryption, the feds simply couldn't keep their hands out of the cookie jar. That and there are no indications that allowing the government full access to communications has any effect on terrorist activity, its pretty obvious that they were hoovering information before 9/11 and it didn't stop that, they've created massive data centers and tied in with ISPs throughout the globe and they didn't stop Paris, Metrojet Flight 9268, Boston or any of the other major attacks. I find it disturbing they can argue for ever increasing levels of surveillance when the massive levels they are already spending tens of billions of dollars and not stopping a few nuts chatting over text messages.

Zero Knowledge DAs

[AnotherBlackHat]

What we really need is fewer Zero Knowledge DAs.

Pre-broken encryption is as bad as it sounds.

Terroism

[Anne+Thwacks]

This guy IS a terrorist. He is attempting to deprive the ordinary citizen of privacy by inciting fear.

That is terrorism by definition.

Send him strait to Gitmo NOW!

Re:Praise be to Putin

[unixisc]

at least Putin struck back decisively against ISIS/ISIL in Syria.

Putin's, peace be upon him, strikes against ISIS are, at best, half-hearted and at worst a sham. He is not fighting against ISIS, he is fighting for Assad — a decades-long client of the USSR/Russia. Because of Russia's strikes against anti-Assad fighters, ISIS was, actually, been able to gain ground in Syria on several occasions.

Considering the post-tragedy rise of Le Pen and other European nationalists, who tend to be Putin's, peace be upon him, clients themselves, one may argue, Putin had a hand in the Paris-attack himself. Whether that's true or not, the sentiment such as yours certainly illustrates, how he benefited from it.

I have no love the Nobel Peace Prize winner we are saddled with — his foreign policy is as destructive as the internal ones — but praising Putin seems outright dumb. Obama will be gone in a year, Putin will remain a menacing danger for as long as he lives — and the asshole is fit, hale and healthy...

This was true before that Russian airliner went down in the Sinai, and ISIS so helpfully claimed responsibility. Putin, as well as Beijing, back Assad b'cos that's their lone surviving customer for Soviet era weapons. Previously, Moscow had Saddam, Gadaffi and Assad all. First Saddam was toppled, then Gadaffi, and now both Russia and China risk losing their last customer of weaponry - Syria. Which is why they are fighting tooth and nail to save him.

However, ISIS is no ally of Russia, and in fact, Russia has a dim view of Sunni Jihadis - like the Chechens, the Islamic movement of Turkestan and other Jihadi movements in Russia, like the Tatars. So Russia is more than happy to take out ISIS. It's just that w/ al Nusra and the FSA being closer to Damascus than ISIS was, they were a higher priority for Putin, but now, w/ this Russian plane going down, ISIS kicked themselves up in the scheduler list.