Obama Administration To Offer Full Position On Encryption By End of Year

blottsie writes with this story from The Daily Dot that the President met with encryption advocates on Thursday and is expected to make a statement on his official stance before the end of the year. From the story: "The Obama administration plans to clarify its stance on strong encryption before Washington shuts down for the holidays. Administration officials met Thursday with the civil-society groups behind a petition urging the White House to back strong, end-to-end encryption over the objections of some law-enforcement and intelligence professionals. Kevin Bankston, director of New America's Open Technology Institute and the coalition's organizer, told the Daily Dot that it was a 'very hopeful meeting.'"

If he says its OK

[ickleberry]

That means the NSA can easily crack it

Re:If he says its OK

[Joce640k]

Will it make a difference? The horse has already bolted. Encryption exists.

Not that it's needed, I can say "The fish is in the wolf" on national TV and the FBI won't know when the attack will happen.

Nope. This is just about not letting encryption happen by default on all our messaging. It's espionage, it's political control, it's subversion of democracy.

(ie. the people in power know what's trending after last night's presidential speech, the opposition doesn't).

Re:If he says its OK

[Joce640k]

If the NSA controls the chain of cryptographic certificates (eg. Verisign) then they don't need to crack anything. Nothing can be authenticated. They can simply impersonate people and perform man-in-the-middle attacks. Most of the world's encryption is wide open to them.

Do they control that certification chain? You can be pretty sure they do. It's such an obvious target.

Re:If he says its OK

[Ravaldy]

I honestly think there's some level of paranoia, because as techies we know what they can actually do. Whether they do it or not is where I start justifying the use of the word paranoia. As simpletons there's not much the authorities want to know about us and wasting resources to find out that we eat 3 meals a day and that are bowels are consistent or not does is just a waste of resources. After all, getting to all this information and deciphering it isn't a piece a cake and requires man hours and technical know how to accomplish.

My 2 cents.

Re:If he says its OK

[wyHunter]

People tend to forget that...years back, perhaps even in the 1990s, Mrs. Clinton said "Oh all encryption should be breakable. The government can hold that key."

Re:If he says its OK

[Joce640k]

According to the Snowdon leaks, they're tapped into just about everything. They've also probably gotten into Intel chips to weaken the RNG, etc. (https://www.schneier.com/blog/archives/2013/09/surreptitiously.html)

They've got the budget to waste time/resources. You only have to crack a communications system once, after that you can read ALL the messages with no manpower needed.

I'm not a conspiracy theorist but there's just too much evidence to think they aren't doing anything they can possibly do to set up a spying network. What do they use it for? I dunno, but it's definitely there.

Re:If he says its OK

[mstefanro]

Even if they did, they could not use it for mass surveillance. Signing certs on-the-fly would be detected
by most browsers on most relevant websites (through HSTS).

Even for targeted attacks, they would have to have performed MITM forever (i.e. since the victim's OS was installed) to
get away with it.

Re:If he says its OK

[Thelasko]

Nope. This is just about not letting encryption happen by default on all our messaging. It's espionage, it's political control, it's subversion of democracy.

Good point! This could result in Watergate all over again, but no one will get caught.

Re:If he says its OK

I am not a conspiracy theorist. I am a conspiracy acceptor. Conspiracies have happened in the past, are happening now, and will happen in the future. Those in power do not care about law, only power. And will do any deed to maintain their perceived power.

Re:If he says its OK

[Ravaldy]

I understand that they tapped directly into communication lines but that's like looking for a needle in a haystack. I also get that algorithms can help with that but considering we can barely get computers to understand sentences it's hard to believe they would be able to accurately assess even 1% of the data.

Re:If he says its OK

[mstefanro]

I call bullshit

Does it matter?

Does it matter what his position is? Its not like he can outlaw it and enforce it, its not like Congress is going to work with him after all the name calling he has directed at them over the years. Even if he does come up with something "reasonable" why would anyone else care at this point? His administration lies constantly and he has shown the NSA can't be trusted.

I can't think of a policy position on anything that will have less impact than this will.

Re:Does it matter?

If the President says something is "common-sense", it isn't.

Re:Does it matter?

[thaylin]

yea, I mean look at how bad it was when they tried to work together to replace the awful no child left behind bill, oh wait, that worked well.

Just because you are a conspiracy nut does not mean the rest of us are.

Re:Does it matter?

[Joce640k]

Call me when Microsoft adds provably secure messaging to Windows by default (ie. no man-in-the-middle attack possible).

When that happens I'll believe the USA has relaxed its position on encryption.

Until then? It's all just hot air and political posturing.

Re:Does it matter?

He's going to draw a thick red line between strong encryption and ROT-13 and don't you dare cross that line or there'll be comprehensive consequences.

Re:Does it matter?

[Thelasko]

...its not like Congress is going to work with him after all the name calling he has directed at them over the years.

If congress won't work with him, how did he get his massive education reform bill passed this week?

Re:Does it matter?

[mstefanro]

Even "provably secure" algorithms (which doesn't mean what you think is does) can have weak implementations.

Relying on closed-source (or open-source with non-repeatable builds) software for high cryptography needs is insufficient.

Re:Does it matter?

[SeaFox]

Does it matter what his position is?

Not really. He'll only be the President for one more year anyway.

Re:Does it matter?

[Lotharus]

Not to mention his administration is OVER in another year.

expect a meaningful response.

[nimbius]

"Our official position on encryption is either in your handshake protocol as an intentionally watered down cipher, or alongside a trusted and suepr friendly NIST ephemeral prime."

Re:expect a meaningful response.

ephemeral prime

ephemeral prime? Is that like a number that is prime right now, at this very moment, but it won't be prime for long?

I guess that could make for interesting cryptography.

Re: expect a meaningful response.

[chaboud]

Ephemeral primes are prime numbers (typically in pairs), used to establish persistent keys (e.g. DH, J-Pake).

So, even though you went AC to mock this commenter, you should really check your self before exposing ignorance.

That said, the Dual_EC_DRBG trick used by the NSA involved specially crafted primes that, effectively, gave the NSA a back door by which pseudorandom sequences could be inferred with comparatively little effort. It's a brutally clever bit of math, though I'm not sure it would qualify as an ephemeral prime. They seem more like static primes to me.

Full position?

Where's the goatse URL when you need it? "Open wide, America!!"

This administration has been a sad, pitiful disappointment on civil liberties, constitutional rights, and even intelligible economic and foreign policy. They've been so busy getting "consensus" on everything they've only succeeded in not being as bad as Shrub.

Re:Full position?

[robinsonne]

I never thought I could say that goatse was relevant to a discussion here, but I think that sums up the government's stance on encryption fairly well.

I can't wait

I don't think I have anything to contribute to the discussion, but I'm waiting for our President, Barack Hussein Obama, to let us know what his stance is on this important argument so that I may follow. I understand those are very hard and complicated matters and that we citizens cannot possibily expect to have the scope and understanding to do anything but being led, and we are grateful for President Obama's leadership. I have never been, I am not and I will never be a malcontent and I have never and will never utter a word that could be perceived as seditious or treasonous against this Great Nation and its Great Leader.

Re: I can't wait

[tshawkins]

You do realise that if an algorythm running in some gov datacenter farts in the wrong direction whilst processing your email, becuase no goverment code ever ever contains bugs, then all that could be taken away from you with increasingly less and less due process. We are building the machinery of the ultimate totalitarian state.

Re: I can't wait

[wyHunter]

But that's because, for some very odd reason, Americans seem to want to be slaves. It crosses political boundaries, though it feels to me (unscientific, gut feel) that about 55% of right wingers want this, and 85% of left wingers do. I don't understand it.

Re: I can't wait

[david_thornley]

Damn, I wish this was the land of the free and the home of the brave. A large number of my fellow citizens have turned craven.

Who cares what the fuck he says?

[jcr]

First amendment, motherfucker. If the government doesn't want me to use strong encryption, they can go pound sand up their asses.

-jcr

Re:Who cares what the fuck he says?

[Merk42]

Wouldn't the first amendment just be that they couldn't stop you from posting shit about the government?
If anything, you mean Fourth amendment.

Re:Who cares what the fuck he says?

[Nidi62]

First amendment, motherfucker. If the government doesn't want me to use strong encryption, they can go pound sand up their asses.

-jcr

No, the real reason it doesn't matter is because we will have a new president 14 months from now who will most likely have a completely different position on encryption.

Re:Who cares what the fuck he says?

[Richard_at_work]

How did the first amendment prevent the ban on exporting strong encryption back in the 1990s (when those of us outside the US using Netscape and IE had to make do with 40bit https encryption)? Why would it be any more effective today?

Re:Who cares what the fuck he says?

[Impy+the+Impiuos+Imp]

The encrypted speech is, independently, also speech, and thus protected.

Re:Who cares what the fuck he says?

Over 20 years ago, the government declared encryption to be a munition.

So not only does encryption get First and Fourth Amendment protection, it gets Second Amendment protection as well.

Re:Who cares what the fuck he says?

[PopeRatzo]

No, the real reason it doesn't matter is because we will have a new president 14 months from now who will most likely have a completely different position on encryption.

Nonsense. Whoever is president 14 months from now will have exactly the same position on encryption. And the same position on the Middle East and the same position on Afghanistan and Iraq and "free trade" and...

Re:Who cares what the fuck he says?

[Merk42]

Only from the government preventing you from saying it, not from the government doing what it can to 'hear' it.

Re:Who cares what the fuck he says?

[jcr]

The first amendment argument is that I have the right to communicate in a language of my choosing, which may include a sequence of numbers that the government can't understand.

-jcr

Re:Who cares what the fuck he says?

[VTEX]

The first amendment does apply to the publishing of encryption algorithms, as has been ruled by the Ninth Circuit in Bernstein v. United States and upheld in Junger v. Daley by the Sixth Circuit.

If you think these politicians can't destroy cryptography though, think again. They can, and will if you don't fight back and defend your rights. A good read that was published in acmqueue is "More Encryption Is Not the Solution", which outlines some of the practical issues involved, and why winning this political fight is very important.

The government needs full access...trust us

[NotDrWho]

Trust us to not misuse the data.
Trust us to act according to the Constitution, even though there is absolutely no oversight to make us.
Trust us to secure the data so it can't be hacked.
Trust us to never use any of it as evidence against you, since it was obtained without a warrant.
Trust us to never use it to blackmail you.

Trust us, we're your government.

Re:The government needs full access...trust us

[erapert]

Trust us to act according to the Constitution, even though there is absolutely no oversight to make us.

This is why we have the Second Amendment.

YOU are the oversight.

YOU are expected to vote in the polls, pay taxes, fight in the wars, and enforce constitutional limits on your government. That's the price of freedom. And damned grateful that you have the opportunity to pay it instead of being a tyrant's slave.

Re:The government needs full access...trust us

[david_thornley]

First, the US military has things like artillery and tanks and helicopters that will easily defeat an army relying on semi-automatic rifles.

Second, the experiment of putting high-morale individuals against poorly armed, poorly trained, and poorly led regular infantry was tried in Yugoslavia in WWII. The regulars win.

There's no freaking way a bunch of citizens with rifles can defeat the US Army.

Re:The government needs full access...trust us

[erapert]

There's no freaking way a bunch of citizens with rifles can defeat the US Army.

Vietnam, Iraq, Afghanistan, and Syria are all proof to the contrary. Rebels don't necessarily fold easily against even a modern tyrant's army.

Artillery, tanks, helicopters, and drones don't hold territory. They must be used very judiciously in a civil war lest the government piss off the very citizens that it's fighting for control over.

But beyond all that: what do you propose? Just lay down and die?

Not everyone wants to be a tyrant's slave, even at the price of death.

The FBI director should go first.

If the FBI director would like to put a halt to the availability of strong encryption, then he should set an example. Let's give the man a phone with all the encryption protections disabled. Setup a proxy for his web browser that will give him unencrypted access to encrypted web sites. Remove the Wi-Fi passwords from his office and home Wi-Fi. Get his bank to do all of his transactions in the clear... and so on.

He'd learn two things quickly: ripping encryption out of existing infrastructure and technology is a BIG ask. Second, his bank accounts would empty, his credit cards would max out, and his porn habits would hit Fox News so fast it'd make his head spin.

Re:The FBI director should go first.

[Impy+the+Impiuos+Imp]

Encryption for me but not for thee, one of the legs of the panopticon. Others are Eye in the Sky (go listen to Radiolab podcast on it), and omnipresent cameras with facial recognition, license plate recognition, and so on, dumping into a database where you can look up where anyone is at any given moment. Oh and tracking who calls who, when, and the ability to listen in with no technological barriers if you don't get a warrant.

Oh goodie, a politician has made a promise!

[Vermonter]

Now taking bets for what will be our "answer" in January: A: The Obama administration gives a vague answer that answers nothing. B: The Obama administration kicks the can down the road 6 months, saying they have not reached a conclusion yet. C: The Obama administration will do nothing, pretending this promise was never made.

Re:Oh goodie, a politician has made a promise!

[jandersen]

Whatever - if Obama was to declare that Christmas falls in December, there would be a storm of protests from so-called freedom advocates. He could probably push through a complete ban on encryption by declaring that it is a human right to encrypt things.

Re:Oh goodie, a politician has made a promise!

D: Obama cites a 2,859 page document written entirely in legalese that he describes as "sensible encryption policy." Actual skilled former lawyers who take the effort to parse the entire mess describe an incoherent collection of mutually contradictory statements. Prosecutors insist that the law is "a good start, but needs more restrictions." News reporters claim that anyone who disagrees with "President Obama's simple encryption guidelines" is a terrorist and worse than Hitler. Congressional Republicans officially declare that "Obama has gone too far with this legislation, we will immediately begin choosing the committee to set the committee that will debate how to amend this document to be more Constitutional." Congressional Democrats officially declare that the Congressional Republicans are obstructionist and their committee formation plan is killing children. Trump calls everyone involved "losers" during a rant that makes it clear he doesn't actually know what encryption is, but he's sure it's delicious.

Re:Oh goodie, a politician has made a promise!

[wyHunter]

This is the same President who has expanded NSA surveillance. Your donkiness is showing.

Re:Oh goodie, a politician has made a promise!

[phantomfive]

Whatever - if Obama was to declare that Christmas falls in December, there would be a storm of protests from so-called freedom advocates.

Huh.....now I kind of want him to do that, just to see the fallout.

Re:Oh goodie, a politician has made a promise!

[Voyager529]

Whatever - if Obama was to declare that Christmas falls in December, there would be a storm of protests from so-called freedom advocates.

That's because Jesus was born in August, you insensitive clod!

Re:Oh goodie, a politician has made a promise!

[Vermonter]

See, when you act like a third grader and use childish terms like that, no one takes you seriously, and you look like a drooling moron who believes whatever (insert news network here) tells you to believe.

Re:Oh goodie, a politician has made a promise!

[david_thornley]

I want Obama to come out fully and completely supporting oxygen, and Trump to the same with water. The survivors should be much more reasonable.

Mass Internet Surveillance is Useless

[GameboyRMH]

Terrorist attacks not stopped by mass internet surveillance:

Boston Bombers. Downloaded a terrorist publication containing bomb plans from the Internet, tweeted about upcoming attacks in coded language.

Anders Breivik: Discussed violent extremist leanings online

November 2015 France attackers: Spoke freely about their plans in plaintext SMS

2015 San Bernadino Shooters: Met and discussed jihadist leanings through various social media.

Even if you put the horrendous privacy issues aside, this shit clearly doesn't work. Shut it down.

Re:Mass Internet Surveillance is Useless

[GameboyRMH]

The problem with this theory is that under it, we can't tell the difference between the effectiveness of mass surveillance and that of a magic terrorist-repelling rock.

Re:Mass Internet Surveillance is Useless

[dgatwood]

You're apparently operating under the mistaken impression that the purpose of government is to keep you safe. In fact, government is principally a jobs program to reduce the number of unemployed people so that they don't rise up against the elite class, coupled with a handout program to fund various friends of whichever administration is in power at the time.

Re:Mass Internet Surveillance is Useless

[wyHunter]

The purpose of government, any longer, is to perpetuate its own power at any cost.

Re:Mass Internet Surveillance is Useless

[david_thornley]

Except that we know what surveillance is giving us without encryption, and it doesn't look worthwhile. The Boston Marathon bombers were reported by Russia, via official channels, as terrorists. Surveillance with back-doored ciphers would be no better than what we have in these cases, since the terrorists didn't use crypto. Not to mention that, when you outlaw decent crypto, only outlaws have decent crypto. It's as easy to use good crypto as bad, and terrorists are not known for their scrupulous attention to obeying the law.

You're thinking of Constitutional process.

[raymorris]

When you talk about the president needing Congress to pass laws, you're thinking of the old system, the Constitutional process. The Constitution is now just "an old piece of paper".

This president has already unilaterally changed immigration law after Congress denied his request and the news today is that he plans to issue new gun laws within the next few days.

Even before he was elected president, he pointed out that a law was unconstitutional- just before he voted to pass it. Meaning he knowingly, intentionally voted to pass a law that he knew to be unconstitutional. The Constitution is meaningless under this administration.

Re:You're thinking of Constitutional process.

can we have a credible source for the last one?

Re:You're thinking of Constitutional process.

NOWHERE in the constitution does it say being a FELON prevents anyone from owning a firearm. IN FACT, the Second Amendment provides that EVERY AMERICAN has the RIGHT to KEEP and BEAR ARMS. It is very clear.

Welcome America... home of the COWARDS and SECRET STASI WATCHLISTS and GOVT MINDERS.

You better get up off your ass and fight this shit.

Re:You're thinking of Constitutional process.

[lsatenstein]

When you talk about the president needing Congress to pass laws, you're thinking of the old system, the Constitutional process. The Constitution is now just "an old piece of paper".

This president has already unilaterally changed immigration law after Congress denied his request and the news today is that he plans to issue new gun laws within the next few days.

Even before he was elected president, he pointed out that a law was unconstitutional- just before he voted to pass it. Meaning he knowingly, intentionally voted to pass a law that he knew to be unconstitutional. The Constitution is meaningless under this administration.

I thought that the reason for guns was the founding fathers desire to insure the British or others could not attack and destroy the new country. Today, that need rests with the army. Civilians taking up arms against tanks, airplanes, submarines and nuclear bombs seems to suggest that the Gun Laws should be extended to allow civilians to purchase said types of armoured vehicles for their personal protection.

The more things change...

[sjbe]

No, the real reason it doesn't matter is because we will have a new president 14 months from now who will most likely have a completely different position on encryption.

It's adorable that you really seem to believe that. Hail to the new boss, same as the old boss.

Re:If you like your encryption, you can keep it

[Joce640k]

http://ciphersaber.gurus.org/

Obama being Obama

[operagost]

He has to take a few weeks to check with his handlers. He shouldn't have to check with his handlers. After all, we're told he's a Constitutional scholar. The answer is, "I will neither propose nor sign any legislation prohibiting or regulating encryption for the same reason I won't sign any regulating safes or locks. 'The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be infringed.' This is not just idealism, but the American way of life."

But there's no thing as American exceptionalism, right? If the French are OK with the government being able to search through their papers at any time, why do we think we should be any different?

Re:Obama being Obama

[wyHunter]

Well, certainly, the left believe there is no American exceptionalism. They say it quite openly.

Re:Obama being Obama

[david_thornley]

As a leftist, there certainly isn't much American exceptionalism left. The US is a frequently warlike and belligerent power, bullies other countries, has a terrible health care system, and has a great deal other problems that first-world nations tend not to have. We used to be an inspiration to the world, a showcase of what a democracy could be like.

Strange days indeed...

[drunk_punk]

The question isn't,"Are you paranoid?"

The question is,"Are you paranoid enough."

Don't get your hopes up kids

[fredrated]

Obama talks the talk but doesn't walk the walk. He is beholden to the powers that be and takes orders from them.

It Won't Work

[JimSadler]

I simply can not understand how we have such cowards among us. The terror incidents simply do not justify radical precautions. At the point that we start to spend big money and change the basics of our nation terrorism has already won. And I have no doubt that the intercepts will be used for items other than antiterrorism. The temptation to sweep up more mundane criminals will be too strong for law enforcement to resist. And that points to a really serious problem. As a nation, we have out arrested ourselves. The entire legal system in the US could easily be collapsed. Right now if every person arrested simply refuses to post bail, the system can not deal with what will result. If every person arrested insists upon their right to a speedy trial the courts would totally collapse. Right now California can not go after people who rip up their traffic tickets. The problem is so huge that California dare not do much about it. In Miami, Fl. numerous people drive without a license or insurance. A few of them do a bit of jail time, but they seem willing to spend a few days in jail rather than buy insurance and pay for tickets. So now that we know we have a legal system that clearly can not handle the current load just what will happen if we start using intense spying, seeking not only for lawbreakers but also for people that we fear might do something in the future.

End of the year

[zmooc]

He's probably waiting until the end of the year because by then their shipment of D-Wave quantum computers will have arrived...

Guns and algorithms

[iamacat]

I find that my own positions on encryption mirror a lot of NRA positions on guns. A vast majority of encryption users are responsible and utilize technology for self defense from crime, as do a majority of gun users. On the other hand, guns can be used to commit crimes, as can encryption. Finally, both guns and encryption make it more difficult for an oppressive government to subjugate the population. Guns are more immediately dangerous, but on the other hand they protect people from getting murdered, not just from getting p0wned.

I sincerely believe that benefits of encryption to society outweigh the action of a few lunatics. Therefore I support citizens right to encryption, including military grade encryption with no limits on key size. I certainly do not want a federal database of encryption users.

Yet similar arguments ring hollow coming from NRA. I am not sure what to make of it. On one hand, I could be missing valid perspective of people living in rural or high crime areas, just like encryption opponents do not fully understand how widespread cyber crime and state espionage are.

On the other hand, perhaps I should support common sense legislation to keep strong crypto out of the hands of children and criminals. If you are a convicted pedophile, law can not keep you from encrypting your phone. But if we catch you with an encrypting phone, your parole can be revoked and whatever you are trying to hide stopped.

Or for children's devices, parents should have an escrow key to see if the kids are up to no good, are getting dangerously bullied on Facebook or are contacted by drug dealers/pedophiles. But leave a big banner describing that the device has been accessed, and which apps were used to discourage abuse BY parents.

Re:Guns and algorithms

[JoshWurzel]

I find that my own positions on encryption mirror a lot of NRA positions on guns...I am not sure what to make of it.

Did you hear about the toddler that found his parent's encryption in the closet and encrypted himself? Did you hear about Dick Cheney "accidentally" encrypting his friend in the face?

Neither did I. That's the difference.

Re:Guns and algorithms

[david_thornley]

There's three big differences between guns and cryptography. First, a gun accident or impulsive action can easily kill, while encryption can't. Second, while it's hard to keep guns out of the hands of criminals, it's completely impossible to stop people from using encryption. Third, a gun is a fairly large chunk of metal, and can be checked for fairly easily, while it's not possible to see if someone is using an illegal cryptosystem without actually trying to decrypt it.

Re:Guns and algorithms

[iamacat]

On the other hand, a gun can easily save your life (mostly criminal getting scared off upon seeing your gun, or knowing that gun ownership is common in the area), while encryption can not. So the bar for denying someone this means of self defense seems to be much higher.

If we decide that some people (like minors or convicted felons) should not use unescrowed encryption, devices on their person or at their home can be examined by police/parents in suspicious circumstances. Skills and diligence needed to consistently avoid detection are not that different than being able to hide a physical object like a gun.

Re:Guns and algorithms

[iamacat]

I heard of plenty of teens who were groomed and lured away by an online pedophile or committed suicide after Facebook bullying. And I don't know of a single home invasion where a crook took a single look at PGP icon on owner's computer and ran away.

Re:Suite B and dogfooding

[Joce640k]

....and in which "stuff" do you use it to communicate with other people?

Re:Register for encryption

[Zontar+The+Mindless]

You'd trade one sort of backdoor for another? No, thanks.

Re:Encryption wasn't/isn't the problem

[Zontar+The+Mindless]

That's really plausible, considering that one of them didn't even come to the US until the middle of last year and they only met (in Saudi Arabia) about a year before that.

One meeting versus two thousand

[Etherwalk]

He's met with the privacy guys once or twice. He's met with the security guys probably two thousand times since he took office. This meeting was a political stunt to pretend that both sides were being listened to, and now he'll spin a lie about how it's possible to have encryption the government can look at with a warrant.

Here's the thing--even if you could make key escrow really secure, and as a practical matter you can't, it's still far too risky because of government abuse risk.

Our spies and federal law enforcement agencies have demonstrated again and again that they can't be trusted by Americans. They lie to Congress and they (understandably, as a matter of being human and having their jobs) don't care about consumer privacy. They're trying to prevent another 9/11, but we have to think about what the next guy could do with their job and lack of meaningful oversight. So long as they have demonstrated a total unwillingness to have real and meaningful oversight and accountability, they sure as hell shouldn't be trusted with this kind of power.

The White House is soliciting feedback - link:

[mtxmorph]

There was a previous "We the People" petition to the White House regarding encryption, and it got the required number of signatures to elicit a response. Rather than just putting out a useless blanket statement (as they do for a lot of the petitions), the White House is actually soliciting specific feedback before creating a position. You can send them comments regarding encryption through the White House website (links below). No idea if this will actually go anywhere (or get you put on some kind of watchlist!), but presumably it's better than just remaining quiet and letting them come to their own conclusions?

Links:
The petition and response
The form to send comments

Funnily enough, it's a secure website.. hmm..

Re:Suite B and dogfooding

[mstefanro]

I assume OP uses it for TLS, SSH and VPN, like most of us do.

Generate a CA certificate and sneakernet it

[tepples]

It depends on what you mean by "Windows" (client? server?) and "by default". You can generate a mail CA certificate using Windows Server and then sneakernet that certificate to the machines of your communication partners. In an era of compromised X.509 certificate authorities and compromised participants in the PGP web of trust, nothing short of sneakernet is provably free of MITM. By "by default" do you mean that Outlook should default to showing a Big Scary Warning when sending or receiving messages to or from anyone with whom you have not already performed such an out-of-band key exchange?

Re:Generate a CA certificate and sneakernet it

[tepples]

In an era of compromised X.509 certificate authorities

There is also S/MIME as well. I fetch a client cert from Symantec or another CA

That's what I was referring to. Symantec has been compromised, as have many other CAs.

Dishonorable discharge from state militia

[tepples]

I'm guessing that bans on gun ownership by convicted felons follow from a premise that felons have been less than honorably discharged from their otherwise implicit membership in a particular U.S. state's "well-regulated militia". Otherwise, what does "well-regulated" mean in the context of the Second Amendment?

Re:Dishonorable discharge from state militia

[cfalcon]

The right of the people to keep and bear arms shall not be infringed. It's a right of the people, not of a militia.

Re:Dishonorable discharge from state militia

[cayenne8]

The right of the people to keep and bear arms shall not be infringed. It's a right of the people, not of a militia.

This has been settled, that it applies to individual rights to bear arms by the Supreme Court .

Done deal....the Chicago and Dist. of Columbia cases have settled this.

Nothing to see here, please move on...

Re:Dishonorable discharge from state militia

[tepples]

So should felons be allowed to carry while in prison? (I'm mentioning an extreme position to begin bisection.)

Heil Trump

[tepples]

Hail to the new boss, same as the old boss.

And hopefully it won't be Heil to the new boss.

Oh, I'll wait with anticipation /sarcasm

[JeffOwl]

Who gives a rip what his position is? Even if he says encryption is good, back doors are bad, we will have no idea if that is the same direction being given to the NSA behind closed doors.

Telecom Immunity

[Okian+Warrior]

can we have a credible source for the last one?

That sounds like the telecom immunity bill.

I don't remember Obama pointing out that it was unconstitutional, but it otherwise fits the description.

Telecoms had been spying on American citizens at the request of law enforcement with no warrant and no oversight, and telecoms were simply handing over the data. Several lawsuits against telecoms were ongoing at the time, this legislation torpedoed them. It gave telecoms immunity for all past offenses.

It would have passed without his support, and after the vote he got a huge campaign donation from the telecoms.

Re:Encryption wasn't/isn't the problem

[Damarkus13]

No, that's not what he said.

Haney explained that if his work was allowed to continue, it could possibly have thwarted last week's attack.

Source: Fox News website , emphasis is mine.

May the Fourth Be With You

[Scarletdown]

The only position to be considered is already encapsulated in the 4th Amendment of the United States Constitution, specifically the first portion...

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated,

Your data, even though it is stored electronically, falls under the papers portion of the above line.

Keeps getting worse b/c people forget elections

[raymorris]

It seems each president sets a new precedent for how much they ignore the Constitution, so it keeps getting worse. As you said, when "your team" does it it's okay, because people forget that in a few years the other party will have that office. Whatever new power you allow Obama to take, Donald Trump may soon wield.

I sure -hope- Trump doesn't get elected - Rubio, Cruz and even Carson would all be better choices. Regardless, guaranteed someone I don't like will be elected to the Senate and/or presidency next November - and they'll start with all of the power that we let Obama and friends take.

Ban math

[TeknoHog]

Problem solved.

replied to the right post?

[raymorris]

Did you intend to reply to my post, or a different one? I'm not sure how your point relates to my post. I did mention that one area in which Obama is currently taking unilateral action, essentially making law in contravention of the Constitution , happens to be in regard to guns, but my point is that under the Constitution, the president wouldn't be making law at all. I suppose that fact that he does this in areas where the Congress most certainly would not make such a law, and such a law is repugnant to the second amendment, is somewhat relevant.

To respond directly to your point, the founders were -abundantly- clear that the purpose of the second amendment was to defend freedom against tyranny; "the right OF THE PEOPLE to keep and bear arms" may not be infringed because that is the ultimate check against the domestic government becoming tyrannical.

The examples of Vietnam, Afghanistan, etc demonstrate , however, that the local populace does NOT have to have tanks and missiles in order to resist military aggression. A million citizens with rifles and training as a very effective check against military rule.