Slashdot Mirror

← Back to Stories (view on slashdot.org)

Manhattan DA Pressures Google and Apple To Kill Zero Knowledge Encryption (thestack.com)

Posted by timothy on from the crisis-exploitation dept.

An anonymous reader writes: In a speech to the 6th Annual Financial Crimes and Cybersecurity Symposium, New York County District Attorney for Manhattan Cyrus Vance Jr. has appealed to the tech community — specifically citing Google and Apple — to "do the right thing" and end zero-knowledge encryption in mobile operating systems. Vance Jr. praised FBI director James Comey for his 'outspoken' and 'fearless' advocacy against zero knowledge encryption, and uses the recent attacks on Paris as further justification for returning encryption keys to the cloud, so that communications providers can once again comply with court orders.

13 of 291 comments (clear)

  1. Except they used regular SMS by Anonymous Coward · · Score: 5, Informative

    Event the Old York Times had to pull its crap article about encryption.

    1. Re:Except they used regular SMS by NotInHere · · Score: 5, Insightful

      since there is nothing stopping Jihadis from developing their own encryption codes and going totally dark on the authorities everywhere.

      This is what they want to achieve, as when encryption is backdoored anywhere, its much easier to argue that everybody who uses non-backdoored encryption is a has something to hide and is a criminal suspect.

    2. Re:Except they used regular SMS by swillden · · Score: 5, Funny

      While I'm ambivalent about Zero Knowledge Encryption

      Personally, I'd really like to have an opinion on "zero knowledge encryption", but I can't figure out what the hell it is. From context I infer that he's using the term to describe device encryption, as done on Android and iOS. I know what that is, and wholeheartedly support it.

      But I have no idea where this "zero knowledge encryption" label came from or what it's intended to actually mean. I know what zero-knowledge proofs are, and they're really cool, but they have nothing to do with device encryption.

      I've got it! He's using the phrase "zero knowledge" to describe his understanding of encryption.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    3. Re:Except they used regular SMS by Anonymous Coward · · Score: 5, Insightful

      They aren't actually after the terrorists. They're after everyone.

    4. Re:Except they used regular SMS by nine-times · · Score: 5, Insightful

      Still, the governments of the world have been asking us to give up on having any level of privacy so that they can "catch terrorists". I think they need to demonstrate some things before I can even think about accepting that idea.

      1) There's oversight over the collection and storage of the data that guarantees that it's being used for that purpose. There's no possibility that it can be used for other law enforcement operations, for blackmail, or for looking at dick pics (thank you, John Oliver).
      2) The program is effective. If you're collecting my SMS messages so that you can stop terrorist attacks, show me that you're catching terrorists that way. Don't collect SMS messages preemptively and then go, "Well after the fact, we found that the terrorists used SMS and we just didn't catch it. But after we caught people who were involved and found their cell phones, we thought it was kind of helpful to see those SMS messages."
      3) Explain why the terrorists won't just change their methods. People say things like, "When guns are illegal, only criminals will have guns," and then the same people say, "We need to make it illegal to send encrypted messages that we can't break." It doesn't make sense.

      That's just to start. I'll think about more questions when those can be answered.

    5. Re:Except they used regular SMS by macs4all · · Score: 5, Insightful

      In other news law enforcement magically found multiple cells of terrorists in the aftermath of the Paris shootings. Yet they could not find these three suspects before they committed mayhem in the city? The government sat on intelligence hoping to be led to bigger fish instead of arresting the Paris shooters. I do not believe a damn thing the government says or the media reports. While Obama and Hollande twiddled their thumbs at least Putin struck back decisively against ISIS/ISIL in Syria.

      This. This. A THOUSAND times This!

      Meanwhile, we get "treated" to more and more Security Theater.

      If the gummints would aggressively go after each and every of the credible leads they OBVIOUSLY have, the life of the Terrist on the ground would be seen as less and less "glamorous", and sooner, rather than later, the likes of ISIS/ISIL would start having "attrition" numbers, and lack of new recruits, that would start putting a severe damper on their plans for world domination.

      And no, I don't believe that the "Martyr Effect" would work in their favor.

  2. scary by MickyTheIdiot · · Score: 5, Insightful

    In a time when leaders are getting more stupid the issues are getting super complex. And that scares the shit out of me.

    This particular anti-encryption movement isn't putting a gun to our economy's foot, it's putting a gun to our economy's head.

    1. Re:scary by gstoddart · · Score: 5, Insightful

      Not just the economy ... your privacy, your personal digital security, your freedom of association.

      When these clowns say this kind of stuff, what they're really saying is "we need to be able to spy on everybody to make sure we can find the bad guys, if you're not a bad guy you'll be fine".

      This is basically saying "if you have nothing to hide you have nothing to fear", and pretty much only fascists and tyrants say shit like this.

      Western democracies, and the people who claim to be protecting us, are devolving into entities who claim they need to undermine our freedoms in order to protect them. They act like the old state police of the communist countries we spent 50 years in a cold war with.

      They get these sweeping powers which are incompatible with our rights, claim they'll only use them for terrorists, and then come up with shit like "parallel construction" to commit perjury and lie about how they got it so they can make more mundane criminal charges stick. And, make no mistake, it's perjury -- it's a deliberate attempt to take evidence which would be inadmissible in court and obfuscate where it came from, including that it was technically illegally obtained.

      So now they want to outlaw all forms of encryption they can't break so they can monitor everything. And then they'll inevitably take that information, pass it on to law enforcement.

      There simply is no good outcome for citizens when government insist we not be able to have privacy from them, and then they can take everything we ever do and then retroactively decide we've broken a law.

      This is about FAR more than your economy. This is attacking the very underlying premises of our societies.

      When a fucking DA says shit like this, it says "we no longer give a damn about the law and your rights, it's far more convenient if we can just spy on everything everybody does and then decide who we need to round up".

      And if he's stupid enough to not understand that if they can break it, the other bad guys can as well, then he's too fucking stupid to continue to hold his job.

      --
      Lost at C:>. Found at C.
  3. Re:Paris terrorists used regular SMS by Anonymous Coward · · Score: 5, Insightful

    but the terrorists in Paris seems to have used plain old unencrypted SMS, in French no less.
    http://arstechnica.com/tech-po...

    Irrelevent. Terrorism is the boogyman the government has forever linked to their justification for unlimited access to our private communications. It doesn't matter whether they use it or not, the government wants everyone to be scared into giving up more of their freedoms. Facts just get in the way of that.

  4. so it must be good by Anonymous Coward · · Score: 5, Insightful

    If governments urge you not use a specific type of encryption, then you know you are using it right.

  5. "zero-knowledge encryption"? by Dereck1701 · · Score: 5, Insightful

    Zero-knowledge encryption? Sounds like they're trying to invent some new buzzword to try to make something almost no one could argue against, secured communications and records for banking, conversations & confidential information (medical records, personal matters, etc). It should also be noted that there is a really good reason for this move to decentralized encryption, the feds simply couldn't keep their hands out of the cookie jar. That and there are no indications that allowing the government full access to communications has any effect on terrorist activity, its pretty obvious that they were hoovering information before 9/11 and it didn't stop that, they've created massive data centers and tied in with ISPs throughout the globe and they didn't stop Paris, Metrojet Flight 9268, Boston or any of the other major attacks. I find it disturbing they can argue for ever increasing levels of surveillance when the massive levels they are already spending tens of billions of dollars and not stopping a few nuts chatting over text messages.

  6. Zero Knowledge DAs by AnotherBlackHat · · Score: 5, Insightful

    What we really need is fewer Zero Knowledge DAs.

    Pre-broken encryption is as bad as it sounds.

  7. Terroism by Anne+Thwacks · · Score: 5, Insightful
    This guy IS a terrorist. He is attempting to deprive the ordinary citizen of privacy by inciting fear.

    That is terrorism by definition.

    Send him strait to Gitmo NOW!

    --
    Sent from my ASR33 using ASCII